Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/9EB3FF6CAA1A11EE819E056BC4F9AE02.roa
File: 9EB3FF6CAA1A11EE819E056BC4F9AE02.roa (raw, json)
Hash identifier: 6bfguZoReLx52nW+xeKSmHs97bl3UoW8f79d1m04MMI=
Subject key identifier: 94:89:45:E0:20:64:A2:B5:31:06:FD:06:99:1A:48:3C:E2:3D:B9:BE
Certificate issuer: /CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Certificate serial: 0343
Authority key identifier: 45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/9EB3FF6CAA1A11EE819E056BC4F9AE02.roa
Signing time: Sat 03 Feb 2024 02:35:09 +0000
ROA not before: Sat 03 Feb 2024 02:35:09 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2001:df0:45c4::/46 maxlen: 48
2001:df0:45c8::/45 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:12:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 835 (0x343)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Validity
Not Before: Feb 3 02:35:09 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65bda65c-469b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4f:dc:0a:a0:ce:b4:d5:be:4c:22:54:32:d0:
1b:39:6d:fc:d9:25:84:c5:f2:d0:8d:df:d3:a0:a0:
8f:d4:e1:0a:8c:d5:9a:04:9d:52:ff:41:fa:34:5c:
7f:f5:28:a4:e3:89:2c:c4:b7:93:20:ab:6e:75:8f:
9c:33:8a:10:2b:78:81:80:27:59:ef:70:53:dc:be:
56:59:87:cb:9c:10:ba:de:34:d5:f5:31:54:05:94:
05:dd:b0:bf:ac:80:d5:43:19:b3:1e:02:23:38:06:
19:3a:f4:19:78:2a:bb:a4:78:9f:59:8d:86:b0:c5:
1f:3f:25:cf:0a:ce:46:94:e2:7f:94:8e:51:7c:dc:
c0:c7:4f:d2:90:52:d8:72:99:46:a5:a2:af:a8:0a:
16:15:2f:64:b7:1f:25:1d:cf:27:e4:4e:1c:7d:78:
87:fb:a6:91:f6:ad:45:77:c6:20:96:c6:d6:ef:65:
1b:39:76:3f:ef:9b:e9:8a:ff:fe:7f:80:6b:04:99:
f7:19:80:ad:d5:24:0c:63:21:7c:01:e7:8a:6f:05:
9d:97:4e:bd:26:bb:08:c4:53:6d:2f:39:75:c0:97:
53:52:cc:3f:dc:ca:21:78:e0:18:38:10:74:49:0e:
9d:3a:2e:3d:3e:ab:61:6d:58:73:9a:5f:f2:b0:bc:
a8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:89:45:E0:20:64:A2:B5:31:06:FD:06:99:1A:48:3C:E2:3D:B9:BE
X509v3 Authority Key Identifier:
keyid:45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/RYSuojlMRtaTTmPtaIfUcm_fehM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/9EB3FF6CAA1A11EE819E056BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:45c4::-2001:df0:45cf:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8c:a0:7e:5d:87:ba:78:be:0c:c4:64:c0:c2:d8:ac:9f:05:2d:
77:2c:1f:17:32:02:2e:66:78:b6:51:04:bd:b8:9c:90:d4:3b:
df:4a:c6:16:db:c4:15:65:f9:c7:e2:7b:56:02:5e:b2:f3:05:
7e:7f:60:6c:c0:51:78:c0:90:60:2e:ae:a6:ae:04:25:94:0b:
74:d4:65:01:7d:aa:79:0e:67:95:d4:3c:9d:63:ca:50:10:c5:
2f:15:3d:9e:3f:fb:17:7b:22:26:59:28:fa:db:7d:d7:1d:1a:
96:56:9d:c1:60:61:68:94:87:de:1f:98:b8:e4:e0:a8:99:38:
b1:ab:60:7c:0b:5d:83:57:ab:70:7e:56:92:01:9b:15:2d:05:
6b:7b:bf:ff:4b:8c:5f:8d:c8:ee:44:bb:80:ee:34:bd:1b:45:
02:94:a7:78:0f:3e:af:96:06:bc:5a:6e:0f:5f:14:19:07:9d:
40:b9:21:a2:da:20:b7:fc:d1:df:04:74:2c:2d:53:f2:25:df:
95:7f:aa:aa:22:7c:59:34:42:c2:f2:bc:2b:62:6d:4b:e8:3e:
c0:32:e5:7d:a2:13:c0:e2:08:6f:c8:f3:80:0d:d8:3a:5d:f6:
3c:ea:24:86:20:aa:36:fa:a9:9b:22:dc:f3:40:6a:99:43:fa:
69:ce:32:25
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICA0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFBRjUxMTAvBgNVBAUTKDQ1ODRBRUEyMzk0QzQ2RDY5MzRFNjNFRDY4ODdENDcy
NkZERjdBMTMwHhcNMjQwMjAzMDIzNTA5WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJkYTY1Yy00NjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzE/cCqDOtNW+TCJUMtAbOW382SWExfLQjd/ToKCP1OEKjNWaBJ1S/0H6NFx/
9Sik44ksxLeTIKtudY+cM4oQK3iBgCdZ73BT3L5WWYfLnBC63jTV9TFUBZQF3bC/
rIDVQxmzHgIjOAYZOvQZeCq7pHifWY2GsMUfPyXPCs5GlOJ/lI5RfNzAx0/SkFLY
cplGpaKvqAoWFS9ktx8lHc8n5E4cfXiH+6aR9q1Fd8YglsbW72UbOXY/75vpiv/+
f4BrBJn3GYCt1SQMYyF8AeeKbwWdl069JrsIxFNtLzl1wJdTUsw/3MoheOAYOBB0
SQ6dOi49PqthbVhzml/ysLyoOQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFJSJReAg
ZKK1MQb9BpkaSDziPbm+MB8GA1UdIwQYMBaAFEWErqI5TEbWk05j7WiH1HJv33oT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUFGNS9FOTlGNTIzQTZF
QzQxMUVDQUZEMjczMzFDNEY5QUUwMi9SWVN1b2psTVJ0YVRUbVB0YUlmVWNtX2Zl
aE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JZU3VvamxNUnRhVFRtUHRhSWZVY21fZmVoTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFBRjUvRTk5RjUyM0E2RUM0MTFFQ0FGRDI3MzMxQzRGOUFFMDIvOUVCM0ZGNkNB
QTFBMTFFRTgxOUUwNTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgACMBQwEgMHAiABDfBFxAMHBCABDfBFwDANBgkqhkiG9w0BAQsFAAOC
AQEAjKB+XYe6eL4MxGTAwtisnwUtdywfFzICLmZ4tlEEvbickNQ730rGFtvEFWX5
x+J7VgJesvMFfn9gbMBReMCQYC6upq4EJZQLdNRlAX2qeQ5nldQ8nWPKUBDFLxU9
nj/7F3siJlko+tt91x0alladwWBhaJSH3h+YuOTgqJk4satgfAtdg1ercH5WkgGb
FS0Fa3u//0uMX43I7kS7gO40vRtFApSneA8+r5YGvFpuD18UGQedQLkhotogt/zR
3wR0LC1T8iXflX+qqiJ8WTRCwvK8K2JtS+g+wDLlfaITwOIIb8jzgA3YOl32POok
hiCqNvqpmyLc80BqmUP6ac4yJQ==
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:40:45 2024 by rpki-client on console-fra.rpki-client.org