Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/48475B20FA6111E78D59AD37C4F9AE02.roa
File: 48475B20FA6111E78D59AD37C4F9AE02.roa (raw, json)
Hash identifier: LWfIkFR3TS+i9RKB3YhkTr6gkOn445uOM6DY3EKmHXg=
Subject key identifier: 4B:7B:C9:13:67:8E:AE:E2:D1:DE:77:B2:55:D8:FB:A9:1F:81:26:53
Certificate issuer: /CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C
Certificate serial: 1607
Authority key identifier: CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/48475B20FA6111E78D59AD37C4F9AE02.roa
Signing time: Tue 14 Feb 2023 17:44:26 +0000
ROA not before: Tue 14 Feb 2023 17:44:26 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 137410
IP address blocks: 2402:28c0:eee0::/44 maxlen: 44
2402:28c0:fffa::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5639 (0x1607)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C
Validity
Not Before: Feb 14 17:44:26 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63ebc87a-63b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b3:07:a2:52:85:58:f2:a9:fc:d5:03:73:92:
20:d8:32:2e:a2:01:84:c6:1f:25:ee:88:29:74:09:
79:79:cd:ce:a4:9d:d2:ea:45:7e:50:99:24:98:1e:
f6:a3:e4:c2:07:ff:fe:54:27:3c:ac:71:ec:11:c5:
3c:56:f8:49:e3:e4:93:f3:af:21:24:c3:a3:22:2c:
db:8d:8c:21:4f:3c:4e:54:40:2e:65:b1:21:d5:4f:
ca:7d:dc:b6:0d:88:3f:c7:ce:31:ea:3e:1d:57:f7:
f5:d4:29:b6:d4:03:9d:df:4a:c2:c4:bb:94:b7:36:
db:eb:ea:ef:ac:24:46:19:7f:92:37:d2:30:8a:d3:
da:ec:e2:04:a9:e2:36:f2:04:96:95:bc:22:e7:11:
30:f8:89:39:16:5c:01:01:07:6e:70:bf:70:45:f2:
ea:bf:5d:6a:78:1e:ee:8d:61:24:89:11:97:95:fd:
49:ba:4e:c9:ae:2c:d5:a2:29:1c:8a:5c:55:de:d8:
73:73:37:d9:d5:c9:fe:ab:f2:d1:c6:54:f5:d2:0f:
ce:89:1e:56:8c:1a:60:e4:f9:cd:71:68:16:36:90:
64:b5:d5:4e:0b:86:23:68:bb:2a:71:4c:0b:e8:32:
1b:98:e6:17:98:89:36:c7:31:53:dc:bf:07:13:bd:
c4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7B:C9:13:67:8E:AE:E2:D1:DE:77:B2:55:D8:FB:A9:1F:81:26:53
X509v3 Authority Key Identifier:
keyid:CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/zpBWtMZd44V9TQ4dsAI9YLb30ww.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/48475B20FA6111E78D59AD37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:28c0:eee0::/44
2402:28c0:fffa::/48
Signature Algorithm: sha256WithRSAEncryption
12:04:e7:76:d3:33:97:fe:11:f9:29:a2:a5:63:7a:79:66:7d:
e2:e6:be:a2:34:e5:85:f1:28:0b:ed:9a:04:8b:28:64:b5:23:
d2:93:f7:11:03:10:42:9a:e0:74:34:23:66:0f:99:c7:99:3c:
5b:7e:1d:54:69:a1:23:c4:3e:12:27:55:a3:0b:ae:58:f7:7d:
a9:e6:99:e9:54:ed:ef:c2:46:a2:b4:fb:5e:b5:b1:83:53:c7:
b4:6f:37:c2:92:00:0a:03:86:24:3b:58:09:8d:13:1b:8d:b4:
cb:24:56:c9:0a:0a:a8:ef:82:ca:03:a7:1c:67:24:b0:f7:7d:
6a:c1:c2:dc:3c:46:cf:62:14:28:04:8e:9f:52:7c:44:e2:f4:
de:fb:67:99:55:f1:e4:18:0f:a5:70:cb:7c:77:5d:f0:be:d3:
9f:5e:27:34:53:2b:4c:e1:30:a6:2c:43:8b:a1:d1:02:d2:0b:
9c:cd:0f:df:c1:e1:ac:e3:38:86:88:3c:1b:c6:3e:7b:b2:6d:
97:f8:fe:e7:05:44:f4:f4:7c:ce:16:4e:d1:ae:f5:cf:47:c1:
94:d7:9e:45:3a:5f:12:7a:1b:d5:f4:2a:f6:ce:d7:a0:3a:a1:
b2:43:87:e6:3d:fa:8d:1b:f1:e9:26:f4:b5:66:03:e8:45:07:
36:8b:08:fe
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICFgcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQxMjUxMTAvBgNVBAUTKENFOTA1NkI0QzY1REUzODU3RDREMEUxREIwMDIzRDYw
QjZGN0QzMEMwHhcNMjMwMjE0MTc0NDI2WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ViYzg3YS02M2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2LMHolKFWPKp/NUDc5Ig2DIuogGExh8l7ogpdAl5ec3OpJ3S6kV+UJkkmB72
o+TCB//+VCc8rHHsEcU8VvhJ4+ST868hJMOjIizbjYwhTzxOVEAuZbEh1U/Kfdy2
DYg/x84x6j4dV/f11Cm21AOd30rCxLuUtzbb6+rvrCRGGX+SN9IwitPa7OIEqeI2
8gSWlbwi5xEw+Ik5FlwBAQducL9wRfLqv11qeB7ujWEkiRGXlf1Juk7JrizVoikc
ilxV3thzczfZ1cn+q/LRxlT10g/OiR5WjBpg5PnNcWgWNpBktdVOC4YjaLsqcUwL
6DIbmOYXmIk2xzFT3L8HE73E9QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFEt7yRNn
jq7i0d53slXY+6kfgSZTMB8GA1UdIwQYMBaAFM6QVrTGXeOFfU0OHbACPWC299MM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDEyNS83QTE0MkQwMEQ5
NUUxMUU3ODdBMUE3NjZDNEY5QUUwMi96cEJXdE1aZDQ0VjlUUTRkc0FJOVlMYjMw
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pwQld0TVpkNDRWOVRRNGRzQUk5WUxiMzB3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQxMjUvN0ExNDJEMDBEOTVFMTFFNzg3QTFBNzY2QzRGOUFFMDIvNDg0NzVCMjBG
QTYxMTFFNzhENTlBRDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwQkAijA7uADBwAkAijA//owDQYJKoZIhvcNAQELBQADggEB
ABIE53bTM5f+EfkpoqVjenlmfeLmvqI05YXxKAvtmgSLKGS1I9KT9xEDEEKa4HQ0
I2YPmceZPFt+HVRpoSPEPhInVaMLrlj3fanmmelU7e/CRqK0+161sYNTx7RvN8KS
AAoDhiQ7WAmNExuNtMskVskKCqjvgsoDpxxnJLD3fWrBwtw8Rs9iFCgEjp9SfETi
9N77Z5lV8eQYD6Vwy3x3XfC+059eJzRTK0zhMKYsQ4uh0QLSC5zND9/B4azjOIaI
PBvGPnuybZf4/ucFRPT0fM4WTtGu9c9HwZTXnkU6XxJ6G9X0KvbO16A6obJDh+Y9
+o0b8ekm9LVmA+hFBzaLCP4=
-----END CERTIFICATE-----
Generated at Thu Dec 14 23:55:07 2023 by rpki-client on console-ams.rpki-client.org