Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/596C86EC170F11EF89246C29C4F9AE02.roa
File: 596C86EC170F11EF89246C29C4F9AE02.roa (raw, json)
Hash identifier: arlfjuopmDz+13NjAXQwi6uUsmQmFzXQaNUM2Oj6USc=
Subject key identifier: 78:05:ED:5B:77:FF:06:EF:E9:5C:F9:45:48:4B:FC:72:40:68:A2:F2
Certificate issuer: /CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Certificate serial: 9A
Authority key identifier: D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/596C86EC170F11EF89246C29C4F9AE02.roa
Signing time: Tue 21 May 2024 01:13:36 +0000
ROA not before: Tue 21 May 2024 01:13:36 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 135883
IP address blocks: 2403:1a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 May 2024 06:25:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154 (0x9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Validity
Not Before: May 21 01:13:36 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=664bf540-42e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:49:c5:4e:43:8d:3b:e7:65:8d:ff:fa:80:93:
8b:18:5a:51:f2:e9:f6:fb:5c:52:ba:4b:87:a8:75:
6e:64:99:b4:fa:35:5a:28:de:2d:7e:2b:c7:55:e7:
57:76:0e:da:51:be:85:1b:26:e4:51:ca:ba:23:98:
80:df:7d:91:ac:4b:f2:c2:eb:47:53:85:6e:3d:da:
bf:af:ea:37:cd:9e:f5:1b:55:62:ae:e0:92:f4:44:
a9:b1:f4:00:aa:c2:fc:51:79:79:2a:74:14:4a:5e:
2a:2a:ac:3f:5b:7b:8e:55:68:e7:53:6f:71:75:c0:
38:2f:81:4b:e1:8f:4e:55:b7:dd:6e:33:f5:1e:a7:
b3:03:65:a1:79:ba:bc:10:e3:08:4c:8a:49:67:91:
9d:c9:ec:1e:ae:88:2c:52:88:da:46:bb:d2:61:43:
8d:4b:48:d8:36:34:b3:d8:72:36:96:ac:4e:0a:a0:
6c:aa:85:4f:23:21:2d:51:ba:c6:99:35:3b:d9:3f:
88:f1:48:95:31:44:6b:76:d8:54:ee:61:17:31:b3:
fe:27:bc:a5:de:26:e7:17:06:4b:fe:52:e6:1b:c1:
81:3b:3e:50:0b:89:98:55:32:0b:8b:2d:34:ed:1c:
19:7e:d8:a7:08:dc:97:70:c5:a4:58:3d:85:e9:bf:
d0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:05:ED:5B:77:FF:06:EF:E9:5C:F9:45:48:4B:FC:72:40:68:A2:F2
X509v3 Authority Key Identifier:
keyid:D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/1DEGkNzrfuShjaNXmsrRdIGGRqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/596C86EC170F11EF89246C29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:1a40::/32
Signature Algorithm: sha256WithRSAEncryption
0d:4f:34:0c:60:41:04:e6:d5:3e:5a:cc:6d:f6:80:97:44:74:
fc:9c:eb:19:a1:f0:cb:98:05:bd:1b:6d:fc:d4:9d:1f:41:7d:
ed:da:0d:98:83:a9:a5:ce:be:ab:ba:aa:0e:95:b1:13:5d:99:
77:a3:23:50:70:a5:91:2a:bc:82:06:df:cb:d7:d1:5d:f9:bf:
14:1f:c2:46:b5:92:e2:1b:b8:f6:1a:22:61:8e:c7:cc:bd:c6:
57:84:bc:77:55:a3:92:43:06:4e:f7:9c:2e:3b:ff:74:4b:cd:
58:74:15:5c:23:5d:21:b4:90:44:0a:a9:f2:ac:08:1e:d1:87:
6a:a4:70:49:4d:df:87:cf:6b:b7:25:3a:c4:8e:60:cb:23:95:
31:ef:52:a3:49:b7:fe:d6:f9:f5:d4:7d:56:3a:ad:16:19:e7:
5d:3d:22:c6:ff:e7:ee:5d:a2:3c:10:70:c1:af:c2:86:b9:48:
4a:1a:28:ee:ab:e4:f1:ec:29:50:0c:bb:7e:1e:74:c5:da:1e:
2d:0c:e1:f2:9a:8b:b3:39:e9:d2:72:e8:6d:2b:f0:df:d1:38:
aa:cf:c7:c6:c9:da:c4:b4:3b:49:c3:33:18:65:d4:8c:72:42:
15:25:de:9e:e6:e9:ad:43:cd:00:f1:d9:72:1f:22:dd:81:32:
ca:eb:0c:7c
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICAJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkIwN0QxMTAvBgNVBAUTKEQ0MzEwNjkwRENFQjdFRTRBMThEQTM1NzlBQ0FEMTc0
ODE4NjQ2QTMwHhcNMjQwNTIxMDExMzM2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRiZjU0MC00MmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0EnFTkONO+dljf/6gJOLGFpR8un2+1xSukuHqHVuZJm0+jVaKN4tfivHVedX
dg7aUb6FGybkUcq6I5iA332RrEvywutHU4VuPdq/r+o3zZ71G1ViruCS9ESpsfQA
qsL8UXl5KnQUSl4qKqw/W3uOVWjnU29xdcA4L4FL4Y9OVbfdbjP1HqezA2Whebq8
EOMITIpJZ5GdyewerogsUojaRrvSYUONS0jYNjSz2HI2lqxOCqBsqoVPIyEtUbrG
mTU72T+I8UiVMURrdthU7mEXMbP+J7yl3ibnFwZL/lLmG8GBOz5QC4mYVTILiy00
7RwZftinCNyXcMWkWD2F6b/QAwIDAQABo4ICljCCApIwHQYDVR0OBBYEFHgF7Vt3
/wbv6Vz5RUhL/HJAaKLyMB8GA1UdIwQYMBaAFNQxBpDc637koY2jV5rK0XSBhkaj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjA3RC9FOUI0ODUzQzRB
QzQxMUVFOTgzOTM4NkZDNEY5QUUwMi8xREVHa056cmZ1U2hqYU5YbXNyUmRJR0dS
cU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFERUdrTnpyZnVTaGphTlhtc3JSZElHR1JxTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkIwN0QvRTlCNDg1M0M0QUM0MTFFRTk4MzkzODZGQzRGOUFFMDIvNTk2Qzg2RUMx
NzBGMTFFRjg5MjQ2QzI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAxpAMA0GCSqGSIb3DQEBCwUAA4IBAQANTzQMYEEE5tU+
Wsxt9oCXRHT8nOsZofDLmAW9G2381J0fQX3t2g2Yg6mlzr6ruqoOlbETXZl3oyNQ
cKWRKryCBt/L19Fd+b8UH8JGtZLiG7j2GiJhjsfMvcZXhLx3VaOSQwZO95wuO/90
S81YdBVcI10htJBECqnyrAge0YdqpHBJTd+Hz2u3JTrEjmDLI5Ux71KjSbf+1vn1
1H1WOq0WGeddPSLG/+fuXaI8EHDBr8KGuUhKGijuq+Tx7ClQDLt+HnTF2h4tDOHy
mouzOenScuhtK/Df0Tiqz8fGydrEtDtJwzMYZdSMckIVJd6e5umtQ80A8dlyHyLd
gTLK6wx8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org