Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4164/03D92FD4919111EB89DDC35BC4F9AE02/C1CDF87253BB11EFAE25B421C4F9AE02.roa
File: C1CDF87253BB11EFAE25B421C4F9AE02.roa (raw, json)
Hash identifier: whmHHr/Ke0bRPseIHoQuK8pfWOHM4U+fostIxabr/EU=
Subject key identifier: CB:51:0E:0C:DC:25:3F:E9:2B:7B:CC:F6:A5:29:54:BF:99:AC:B2:57
Certificate issuer: /CN=A91D4164/serialNumber=FE8EAA5D78E0BE668C618604A629E2F7F3D5BCB3
Certificate serial: 05CC
Authority key identifier: FE:8E:AA:5D:78:E0:BE:66:8C:61:86:04:A6:29:E2:F7:F3:D5:BC:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_o6qXXjgvmaMYYYEpini9_PVvLM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D4164/03D92FD4919111EB89DDC35BC4F9AE02/C1CDF87253BB11EFAE25B421C4F9AE02.roa
Signing time: Tue 06 Aug 2024 06:18:55 +0000
ROA not before: Tue 06 Aug 2024 06:18:55 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137083
IP address blocks: 2402:8c0::/32 maxlen: 32
2402:8c0::/48 maxlen: 48
2402:8c0:1::/48 maxlen: 48
2402:8c0:2::/48 maxlen: 48
2402:8c0:3::/48 maxlen: 48
2402:8c0:4::/48 maxlen: 48
2402:8c0:5::/48 maxlen: 48
2402:8c0:6::/48 maxlen: 48
2402:8c0:7::/48 maxlen: 48
2402:8c0:8::/48 maxlen: 48
2402:8c0:9::/48 maxlen: 48
2402:8c0:a::/48 maxlen: 48
2402:8c0:b::/48 maxlen: 48
2402:8c0:c::/48 maxlen: 48
2402:8c0:d::/48 maxlen: 48
2402:8c0:e::/48 maxlen: 48
2402:8c0:f::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 13 Aug 2024 11:07:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1484 (0x5cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D4164/serialNumber=FE8EAA5D78E0BE668C618604A629E2F7F3D5BCB3
Validity
Not Before: Aug 6 06:18:55 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66b1c04e-439e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1b:b4:d0:d3:d9:e6:b4:a8:14:3c:ff:53:47:
ef:76:70:49:c1:f2:40:91:29:36:af:1e:3e:cd:08:
57:6c:60:fb:9b:1b:50:73:09:9f:16:e8:93:92:8c:
28:78:70:b3:93:2a:71:c2:19:22:a8:58:da:ad:1d:
6b:2a:54:a8:9b:dd:4a:9a:d3:28:19:62:73:b0:5f:
2e:08:ba:2c:b2:bf:3b:e2:ef:ea:41:12:9c:46:86:
f8:69:07:b9:03:b6:dd:25:ec:e2:0e:14:fb:4a:2b:
18:d4:b2:3d:5f:f5:13:41:af:0f:ae:e1:7f:7f:c7:
15:2e:98:16:36:5d:1f:c9:79:b3:52:07:89:29:7a:
3e:95:42:eb:91:72:ac:88:36:b9:44:5f:68:81:a4:
c9:3e:d9:63:08:d9:bb:c6:72:bb:26:b6:49:0e:aa:
cb:03:e9:f6:ab:5b:a8:63:fc:80:73:ae:e3:2b:25:
d5:42:be:51:a3:7f:1b:05:5c:94:61:ad:f5:d0:49:
e4:46:a0:5c:e5:d4:b6:e2:05:1b:56:c2:80:d3:87:
14:36:c4:e7:b7:bb:54:3f:62:66:c3:3d:39:c1:32:
f0:40:f9:d9:72:1c:5d:8d:2d:35:28:79:8b:a9:06:
de:ce:d1:2a:20:92:1b:08:de:a5:41:2c:50:02:ee:
07:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:51:0E:0C:DC:25:3F:E9:2B:7B:CC:F6:A5:29:54:BF:99:AC:B2:57
X509v3 Authority Key Identifier:
keyid:FE:8E:AA:5D:78:E0:BE:66:8C:61:86:04:A6:29:E2:F7:F3:D5:BC:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D4164/03D92FD4919111EB89DDC35BC4F9AE02/_o6qXXjgvmaMYYYEpini9_PVvLM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_o6qXXjgvmaMYYYEpini9_PVvLM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4164/03D92FD4919111EB89DDC35BC4F9AE02/C1CDF87253BB11EFAE25B421C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:8c0::/32
Signature Algorithm: sha256WithRSAEncryption
07:7d:f2:79:00:62:9c:58:b2:ed:37:d4:23:43:55:7d:94:5b:
23:f7:6a:53:9d:c9:5d:c6:56:18:07:e5:af:4c:38:ec:e6:14:
e3:67:23:63:e0:83:97:bc:8d:0d:ff:d2:0b:28:fb:c2:06:45:
16:a4:9b:b7:5f:d5:a3:cd:23:ec:24:7b:75:e4:58:cf:1b:ef:
a3:0e:93:2b:1b:aa:08:1a:37:77:42:7d:c6:f4:7e:8a:58:e8:
f6:75:6e:5a:d3:a1:1c:73:68:02:75:95:10:a4:d4:b2:a3:2e:
9d:f6:80:91:58:14:cb:79:2a:1c:89:9b:85:ee:ac:0d:f4:98:
89:6b:16:b7:97:68:d7:18:81:3f:f1:5d:cd:c2:8b:44:53:e5:
dc:d4:da:51:03:fa:97:01:11:6e:25:02:e5:80:69:95:dc:fe:
ec:62:69:70:fd:0e:dc:ea:62:65:78:88:82:cb:8f:3e:95:e5:
6d:f3:a7:c9:69:59:0b:c7:3e:8a:f4:a3:39:e4:02:37:85:26:
b3:99:2c:85:9c:cf:a5:45:18:3c:6a:d3:bc:cc:4d:06:06:7f:
a8:34:4d:5d:72:db:3d:3b:cf:55:e3:26:08:d4:19:e4:81:40:
99:08:53:91:04:34:73:a0:79:4d:5d:82:7e:0c:32:45:f5:b8:
44:53:b4:6f
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICBcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQxNjQxMTAvBgNVBAUTKEZFOEVBQTVENzhFMEJFNjY4QzYxODYwNEE2MjlFMkY3
RjNENUJDQjMwHhcNMjQwODA2MDYxODU1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIxYzA0ZS00MzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5Ru00NPZ5rSoFDz/U0fvdnBJwfJAkSk2rx4+zQhXbGD7mxtQcwmfFuiTkowo
eHCzkypxwhkiqFjarR1rKlSom91KmtMoGWJzsF8uCLossr874u/qQRKcRob4aQe5
A7bdJeziDhT7SisY1LI9X/UTQa8PruF/f8cVLpgWNl0fyXmzUgeJKXo+lULrkXKs
iDa5RF9ogaTJPtljCNm7xnK7JrZJDqrLA+n2q1uoY/yAc67jKyXVQr5Ro38bBVyU
Ya310EnkRqBc5dS24gUbVsKA04cUNsTnt7tUP2Jmwz05wTLwQPnZchxdjS01KHmL
qQbeztEqIJIbCN6lQSxQAu4HwQIDAQABo4ICljCCApIwHQYDVR0OBBYEFMtRDgzc
JT/pK3vM9qUpVL+ZrLJXMB8GA1UdIwQYMBaAFP6Oql144L5mjGGGBKYp4vfz1byz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDE2NC8wM0Q5MkZENDkx
OTExMUVCODlEREMzNUJDNEY5QUUwMi9fbzZxWFhqZ3ZtYU1ZWVlFcGluaTlfUFZ2
TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19vNnFYWGpndm1hTVlZWUVwaW5pOV9QVnZMTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQxNjQvMDNEOTJGRDQ5MTkxMTFFQjg5RERDMzVCQzRGOUFFMDIvQzFDREY4NzI1
M0JCMTFFRkFFMjVCNDIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAgjAMA0GCSqGSIb3DQEBCwUAA4IBAQAHffJ5AGKcWLLt
N9QjQ1V9lFsj92pTncldxlYYB+WvTDjs5hTjZyNj4IOXvI0N/9ILKPvCBkUWpJu3
X9WjzSPsJHt15FjPG++jDpMrG6oIGjd3Qn3G9H6KWOj2dW5a06Ecc2gCdZUQpNSy
oy6d9oCRWBTLeSociZuF7qwN9JiJaxa3l2jXGIE/8V3NwotEU+Xc1NpRA/qXARFu
JQLlgGmV3P7sYmlw/Q7c6mJleIiCy48+leVt86fJaVkLxz6K9KM55AI3hSazmSyF
nM+lRRg8atO8zE0GBn+oNE1dcts9O89V4yYI1BnkgUCZCFORBDRzoHlNXYJ+DDJF
9bhEU7Rv
-----END CERTIFICATE-----
Generated at Tue Aug 13 13:15:28 2024 by rpki-client on console-fra.rpki-client.org