Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/2D00A51089AC11EFAAA86161C4F9AE02.roa
File: 2D00A51089AC11EFAAA86161C4F9AE02.roa (raw, json)
Hash identifier: g6NlJo+mgypyzk9bvwxdAIs2y5WNRQ4MvateFBNyoIA=
Subject key identifier: 65:1B:17:C0:AA:11:6F:F2:DC:FF:D3:63:BC:A9:86:A8:7F:CE:81:5F
Certificate issuer: /CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4
Certificate serial: 013D
Authority key identifier: B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/2D00A51089AC11EFAAA86161C4F9AE02.roa
Signing time: Sun 13 Oct 2024 21:43:43 +0000
ROA not before: Sun 13 Oct 2024 21:43:43 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 214536
IP address blocks: 2401:b60:37::/48 maxlen: 48
2401:b60:38::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 17 Oct 2024 17:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317 (0x13d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE03B
Validity
Not Before: Oct 13 21:43:43 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=670c3f0f-c636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:b3:30:0a:e0:8a:6e:0f:db:8a:5b:51:dd:24:
55:90:8a:4d:c9:d9:a8:22:bf:e1:ad:f4:b3:a8:30:
2e:db:d7:26:1d:51:4b:9f:0d:d9:a3:91:3a:32:10:
db:30:87:2f:12:66:eb:b1:ae:5b:f5:6b:2d:82:02:
ec:b0:32:0b:aa:86:d9:67:4b:1c:6d:fa:79:6f:95:
cc:c9:00:bd:bb:28:96:ad:5c:f7:da:3d:84:09:da:
63:00:2a:df:a0:1e:b1:0c:f7:5e:e1:2a:47:f2:9d:
e8:72:76:9c:62:60:8a:72:7a:41:a3:65:0e:1a:b9:
11:ed:2b:52:59:0e:da:4c:76:c0:fe:a4:c8:6d:5a:
9e:01:80:8f:a8:68:80:7c:ef:6f:5f:29:65:7a:b0:
1d:74:fd:18:fe:b0:bf:01:b8:c4:ef:ec:c0:72:b7:
27:41:79:87:7c:72:0a:12:e1:40:80:fc:6b:16:71:
9d:68:eb:4d:02:86:db:7c:29:4e:7c:3d:b2:3c:47:
8b:82:aa:0e:21:ab:5b:20:30:a9:c2:17:57:e6:c9:
4e:0b:68:7b:94:e8:87:e7:9e:29:32:d5:1c:2b:75:
af:83:06:d2:61:29:79:47:7a:b9:63:01:6e:e0:a5:
48:b2:1a:83:30:a6:f1:54:b6:ca:0e:57:63:fe:be:
6d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1B:17:C0:AA:11:6F:F2:DC:FF:D3:63:BC:A9:86:A8:7F:CE:81:5F
X509v3 Authority Key Identifier:
keyid:B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/2D00A51089AC11EFAAA86161C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:b60:37::-2401:b60:38:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
85:07:fa:94:24:88:a5:24:ad:33:86:72:d9:9a:86:55:7c:1d:
79:1f:d2:23:14:bb:51:e0:0a:59:b7:fb:6d:75:d0:96:90:94:
e5:45:22:fe:b4:98:2c:5f:63:58:6b:72:c9:46:31:03:b2:0e:
51:a7:7a:c9:47:9b:9e:a1:f0:e0:3d:91:53:39:a3:ac:eb:52:
2b:1e:6e:8e:42:b4:71:c2:7e:c5:28:11:e5:c9:40:16:22:69:
ae:cd:f0:cf:0e:ff:ca:73:ae:ae:f2:e7:ee:c9:58:b3:3c:3c:
73:7c:3b:bf:2c:d5:4c:97:90:d1:64:99:25:7e:c2:2a:dd:bf:
b8:c4:2e:cf:d4:45:0c:77:b1:b4:a7:cf:6d:2d:d9:de:46:cd:
b9:b1:ec:b9:4d:60:c6:0e:df:0a:13:29:4c:75:4b:79:ee:1b:
d1:2a:71:45:48:81:76:87:84:ee:9a:f9:43:c2:6a:be:33:96:
58:1a:99:13:01:77:c1:82:78:58:e5:af:5b:92:73:1a:97:75:
14:c1:a2:31:c6:9b:9e:9a:0f:94:00:d9:dd:77:be:ce:f3:79:
9c:e4:41:ba:15:e4:4a:30:e5:34:47:df:0f:c8:05:c1:81:1a:
43:51:7b:0d:23:96:b8:4e:37:9b:07:ac:57:06:6f:62:b6:1c:
18:8b:f2:3a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICAT0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUUwM0IxMTAvBgNVBAUTKEI5RTYwQ0YxNzlGNEVBQ0JEQjk0OTJCQTVGN0NBQ0Y0
NTIzOUNDRjQwHhcNMjQxMDEzMjE0MzQzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzBjM2YwZi1jNjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA57MwCuCKbg/biltR3SRVkIpNydmoIr/hrfSzqDAu29cmHVFLnw3Zo5E6MhDb
MIcvEmbrsa5b9WstggLssDILqobZZ0scbfp5b5XMyQC9uyiWrVz32j2ECdpjACrf
oB6xDPde4SpH8p3ocnacYmCKcnpBo2UOGrkR7StSWQ7aTHbA/qTIbVqeAYCPqGiA
fO9vXyllerAddP0Y/rC/AbjE7+zAcrcnQXmHfHIKEuFAgPxrFnGdaOtNAobbfClO
fD2yPEeLgqoOIatbIDCpwhdX5slOC2h7lOiH554pMtUcK3WvgwbSYSl5R3q5YwFu
4KVIshqDMKbxVLbKDldj/r5tjQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFGUbF8Cq
EW/y3P/TY7yphqh/zoFfMB8GA1UdIwQYMBaAFLnmDPF59OrL25SSul98rPRSOcz0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTAzQi9BRjk2NzE2NjBC
NkUxMUVFQjI5QkIxNzBDNEY5QUUwMi91ZVlNOFhuMDZzdmJsSks2WDN5czlGSTV6
UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VlWU04WG4wNnN2YmxKSzZYM3lzOUZJNXpQUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUUwM0IvQUY5NjcxNjYwQjZFMTFFRUIyOUJCMTcwQzRGOUFFMDIvMkQwMEE1MTA4
OUFDMTFFRkFBQTg2MTYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgACMBQwEgMHACQBC2AANwMHACQBC2AAODANBgkqhkiG9w0BAQsFAAOC
AQEAhQf6lCSIpSStM4Zy2ZqGVXwdeR/SIxS7UeAKWbf7bXXQlpCU5UUi/rSYLF9j
WGtyyUYxA7IOUad6yUebnqHw4D2RUzmjrOtSKx5ujkK0ccJ+xSgR5clAFiJprs3w
zw7/ynOurvLn7slYszw8c3w7vyzVTJeQ0WSZJX7CKt2/uMQuz9RFDHextKfPbS3Z
3kbNubHsuU1gxg7fChMpTHVLee4b0SpxRUiBdoeE7pr5Q8JqvjOWWBqZEwF3wYJ4
WOWvW5JzGpd1FMGiMcabnpoPlADZ3Xe+zvN5nORBuhXkSjDlNEffD8gFwYEaQ1F7
DSOWuE43mwesVwZvYrYcGIvyOg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:51 2025 by rpki-client