Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/269FC4FC60FF11EEB92D8749C4F9AE02.roa
File: 269FC4FC60FF11EEB92D8749C4F9AE02.roa (raw, json)
Hash identifier: d1JSfid0YoflRh8T7CyKsvf3WMYg5sAOWa47p5NNk3s=
Subject key identifier: FA:CE:D3:D7:18:AC:88:1B:56:2C:BC:F1:E3:EA:22:F8:A0:3A:6D:67
Certificate issuer: /CN=A91CE558/serialNumber=B36B971724A3BABD890B754598933720F972FEAF
Certificate serial: 09C0
Authority key identifier: B3:6B:97:17:24:A3:BA:BD:89:0B:75:45:98:93:37:20:F9:72:FE:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/269FC4FC60FF11EEB92D8749C4F9AE02.roa
Signing time: Wed 04 Oct 2023 09:17:01 +0000
ROA not before: Wed 04 Oct 2023 09:17:01 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 15830
IP address blocks: 2404:4f01::/32 maxlen: 32
2404:4f01:7000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 23 Oct 2023 08:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2496 (0x9c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE558/serialNumber=B36B971724A3BABD890B754598933720F972FEAF
Validity
Not Before: Oct 4 09:17:01 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=651d2d8d-fb05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:45:ea:23:08:5b:bf:68:d6:e1:38:e5:7b:cb:
a9:44:91:e2:72:e6:e0:49:db:a9:fb:83:66:66:6d:
d6:3e:25:d2:b8:1c:06:f3:0b:57:d0:45:28:74:98:
97:47:c6:21:1f:59:0f:a9:04:c2:35:b1:82:78:ff:
26:09:35:09:01:4c:ee:99:43:f9:3e:0a:eb:f9:7c:
be:3d:a9:20:7c:67:63:45:c4:44:e3:0d:c9:9f:74:
f1:d1:7a:c3:ef:af:fd:de:e8:c0:ed:a3:0d:79:c8:
72:76:28:8b:64:f3:80:c8:62:d4:86:4b:eb:7f:63:
1a:02:5e:70:26:5f:aa:23:17:42:5a:78:dc:a0:a8:
01:92:9a:18:31:af:80:0d:eb:2a:42:a1:f7:2e:4b:
66:b8:98:96:a8:cc:4c:ce:f3:4c:00:45:90:7b:73:
ae:b0:72:aa:0c:54:ea:41:29:27:2c:f0:4b:82:7b:
2b:93:1c:ce:70:28:96:ba:49:a6:f3:c2:6d:bd:ce:
be:64:31:00:39:a0:8b:1b:73:45:f3:33:0c:33:35:
dc:bc:2f:ee:6d:ab:03:4a:95:aa:f3:3a:42:96:40:
4f:be:e4:6b:16:fd:1b:72:96:07:40:8d:af:68:21:
f0:fa:7d:bb:80:86:8f:17:e4:9a:2a:f5:96:c4:b0:
9d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:CE:D3:D7:18:AC:88:1B:56:2C:BC:F1:E3:EA:22:F8:A0:3A:6D:67
X509v3 Authority Key Identifier:
keyid:B3:6B:97:17:24:A3:BA:BD:89:0B:75:45:98:93:37:20:F9:72:FE:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/269FC4FC60FF11EEB92D8749C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:4f01::/32
Signature Algorithm: sha256WithRSAEncryption
77:7d:85:92:a3:29:bb:07:b1:0f:83:66:81:d5:9b:54:9e:6f:
96:23:80:75:8f:86:b6:04:7b:70:ba:eb:d0:24:7c:59:39:51:
9c:b7:61:e3:5b:30:86:21:04:2f:9a:1a:7c:42:7e:aa:86:c7:
a0:68:76:48:d4:65:b6:f7:da:ec:44:bf:77:48:a1:c1:39:64:
c6:52:d9:68:54:25:53:44:97:1d:22:9d:4a:44:4a:60:a1:93:
fe:54:46:3a:99:6c:2e:a9:7c:b5:d9:f8:a9:67:5e:b1:83:6c:
77:61:81:17:6a:45:86:ea:de:6c:2f:b5:7b:03:aa:6d:4c:22:
7a:35:07:fd:5c:84:b2:39:dc:8b:57:96:65:19:32:f8:21:12:
60:4a:92:d6:7b:3a:b5:2e:2f:0c:90:eb:ff:e2:ee:6d:85:98:
05:bc:1f:8a:88:14:47:91:0d:ba:fe:4f:a8:c0:db:63:91:e0:
19:a0:ae:38:fd:1e:93:5a:8d:df:4a:9a:a2:61:9f:21:fd:06:
f6:ef:67:47:77:5c:17:24:d0:1a:74:e0:2e:0e:c5:09:32:bf:
ba:33:d2:41:ad:db:21:22:22:73:60:3c:25:d5:20:40:d5:e7:
0a:42:84:65:51:2d:8e:57:48:e0:36:da:d4:34:50:8c:d5:dc:
ef:c4:8e:cf
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICCcAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U1NTgxMTAvBgNVBAUTKEIzNkI5NzE3MjRBM0JBQkQ4OTBCNzU0NTk4OTMzNzIw
Rjk3MkZFQUYwHhcNMjMxMDA0MDkxNzAxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkMmQ4ZC1mYjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAukXqIwhbv2jW4Tjle8upRJHicubgSdup+4NmZm3WPiXSuBwG8wtX0EUodJiX
R8YhH1kPqQTCNbGCeP8mCTUJAUzumUP5Pgrr+Xy+PakgfGdjRcRE4w3Jn3Tx0XrD
76/93ujA7aMNechydiiLZPOAyGLUhkvrf2MaAl5wJl+qIxdCWnjcoKgBkpoYMa+A
DesqQqH3LktmuJiWqMxMzvNMAEWQe3OusHKqDFTqQSknLPBLgnsrkxzOcCiWukmm
88Jtvc6+ZDEAOaCLG3NF8zMMMzXcvC/ubasDSpWq8zpClkBPvuRrFv0bcpYHQI2v
aCHw+n27gIaPF+SaKvWWxLCdTwIDAQABo4ICljCCApIwHQYDVR0OBBYEFPrO09cY
rIgbViy88ePqIvigOm1nMB8GA1UdIwQYMBaAFLNrlxcko7q9iQt1RZiTNyD5cv6v
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTU1OC8zREYxNEYwODUz
OTQxMUVBQkY2QjRGNUZDNEY5QUUwMi9zMnVYRnlTanVyMkpDM1ZGbUpNM0lQbHlf
cTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3MydVhGeVNqdXIySkMzVkZtSk0zSVBseV9xOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U1NTgvM0RGMTRGMDg1Mzk0MTFFQUJGNkI0RjVGQzRGOUFFMDIvMjY5RkM0RkM2
MEZGMTFFRUI5MkQ4NzQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBE8BMA0GCSqGSIb3DQEBCwUAA4IBAQB3fYWSoym7B7EP
g2aB1ZtUnm+WI4B1j4a2BHtwuuvQJHxZOVGct2HjWzCGIQQvmhp8Qn6qhsegaHZI
1GW299rsRL93SKHBOWTGUtloVCVTRJcdIp1KREpgoZP+VEY6mWwuqXy12fipZ16x
g2x3YYEXakWG6t5sL7V7A6ptTCJ6NQf9XISyOdyLV5ZlGTL4IRJgSpLWezq1Li8M
kOv/4u5thZgFvB+KiBRHkQ26/k+owNtjkeAZoK44/R6TWo3fSpqiYZ8h/Qb272dH
d1wXJNAadOAuDsUJMr+6M9JBrdshIiJzYDwl1SBA1ecKQoRlUS2OV0jgNtrUNFCM
1dzvxI7P
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org