Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/DB3F283C0E9611EEBE4A8A4BC4F9AE02.roa
File: DB3F283C0E9611EEBE4A8A4BC4F9AE02.roa (raw, json)
Hash identifier: 8Er2Ssac2fcKbozf2T38vakbaiT7zDn+//8b5k7O4ik=
Subject key identifier: 07:A1:55:EE:FA:93:19:51:ED:19:EE:31:CD:0F:13:85:38:99:A9:F1
Certificate issuer: /CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4
Certificate serial: 014F
Authority key identifier: B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/DB3F283C0E9611EEBE4A8A4BC4F9AE02.roa
Signing time: Fri 01 Nov 2024 12:30:50 +0000
ROA not before: Fri 01 Nov 2024 12:30:50 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 202662
IP address blocks: 2401:b60::/48 maxlen: 48
2401:b60:1::/48 maxlen: 48
2401:b60:2::/48 maxlen: 48
2401:b60:3::/48 maxlen: 48
2401:b60:4::/48 maxlen: 48
2401:b60:5::/48 maxlen: 48
2401:b60:8::/48 maxlen: 48
2401:b60:9::/48 maxlen: 48
2401:b60:10::/48 maxlen: 48
2401:b60:11::/48 maxlen: 48
2401:b60:12::/48 maxlen: 48
2401:b60:13::/48 maxlen: 48
2401:b60:14::/48 maxlen: 48
2401:b60:15::/48 maxlen: 48
2401:b60:16::/48 maxlen: 48
2401:b60:17::/48 maxlen: 48
2401:b60:18::/48 maxlen: 48
2401:b60:19::/48 maxlen: 48
2401:b60:20::/48 maxlen: 48
2401:b60:21::/48 maxlen: 48
2401:b60:22::/48 maxlen: 48
2401:b60:23::/48 maxlen: 48
2401:b60:24::/48 maxlen: 48
2401:b60:25::/48 maxlen: 48
2401:b60:26::/48 maxlen: 48
2401:b60:27::/48 maxlen: 48
2401:b60:28::/48 maxlen: 48
2401:b60:29::/48 maxlen: 48
2401:b60:30::/48 maxlen: 48
2401:b60:31::/48 maxlen: 48
2401:b60:32::/48 maxlen: 48
2401:b60:33::/48 maxlen: 48
2401:b60:34::/48 maxlen: 48
2401:b60:35::/48 maxlen: 48
2401:b60:36::/48 maxlen: 48
2401:b60:39::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 08 Nov 2024 19:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 335 (0x14f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE03B
Validity
Not Before: Nov 1 12:30:50 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6724c9fa-1eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:71:5a:72:ab:c5:06:e2:9c:16:fc:d3:4f:5b:
58:f8:da:9c:31:d8:d2:cc:5c:1f:5a:76:94:32:a6:
f1:6a:95:c2:20:f5:b2:12:3d:39:8d:06:49:66:1c:
83:21:86:31:4e:e1:3e:d9:1d:0d:0c:16:bb:3d:11:
60:71:32:95:06:bd:4e:29:3b:47:22:8c:59:3b:a7:
42:7f:c7:6f:b5:91:73:39:f7:db:ac:2d:76:70:07:
27:cc:87:ea:bc:23:47:5e:f9:31:d9:c3:c5:62:66:
e3:e7:e1:c3:a9:9e:1d:46:70:c7:3b:92:a5:c8:59:
d5:9a:f0:58:8d:bd:bc:66:59:6b:98:11:7a:60:c5:
ad:45:71:b2:a4:3b:09:27:fe:41:87:5e:1d:74:1c:
61:c5:58:ff:d6:0c:53:e8:9b:bb:0e:29:8a:5c:68:
c9:78:ca:b5:76:0c:7e:bd:09:98:01:2f:04:74:e3:
2e:93:fd:fe:bd:4d:c3:12:ee:30:d0:75:bc:ba:b9:
12:f6:1b:85:b4:dc:af:97:bf:9d:bd:3f:33:97:93:
de:05:18:41:6f:fa:f1:ed:ef:c5:82:6b:2c:63:ea:
54:3c:20:3e:a5:39:d4:37:a8:6d:ac:c0:4b:87:c4:
cb:fa:61:eb:36:0c:42:5c:09:bd:89:12:ab:65:28:
7e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:A1:55:EE:FA:93:19:51:ED:19:EE:31:CD:0F:13:85:38:99:A9:F1
X509v3 Authority Key Identifier:
keyid:B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/DB3F283C0E9611EEBE4A8A4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:b60::-2401:b60:5:ffff:ffff:ffff:ffff:ffff
2401:b60:8::/47
2401:b60:10::-2401:b60:19:ffff:ffff:ffff:ffff:ffff
2401:b60:20::-2401:b60:29:ffff:ffff:ffff:ffff:ffff
2401:b60:30::-2401:b60:36:ffff:ffff:ffff:ffff:ffff
2401:b60:39::/48
Signature Algorithm: sha256WithRSAEncryption
98:95:39:dd:c5:76:7a:b3:05:8c:6c:4e:d6:95:e6:be:71:ef:
3f:81:6b:95:17:7c:a1:d3:25:73:97:19:a4:6b:3d:2d:f0:f0:
59:25:6e:40:e8:11:da:f9:a5:bb:a0:88:d4:53:fe:be:4b:2f:
22:8d:59:60:8a:60:14:31:42:95:a7:f5:a2:7b:1b:73:7c:f9:
93:22:81:40:a5:f1:9d:5d:38:d0:74:ad:2d:fc:b7:4c:3d:bd:
7e:7f:6c:32:a8:2c:fe:c5:83:c8:27:7c:30:62:43:bd:6b:35:
87:2d:68:70:b1:64:2c:fa:90:26:39:9c:2d:83:d5:d6:78:aa:
c2:53:d3:fe:98:44:5a:6a:bd:39:0a:16:4a:6c:89:1c:2f:39:
ab:57:0b:f9:2f:25:00:a0:94:e7:02:d1:04:d9:e8:fe:ce:1c:
5a:57:86:b8:57:1e:66:08:f6:0c:05:41:78:aa:e3:2c:64:0f:
c2:fd:59:86:e8:8e:69:3e:8a:6c:f1:c6:49:b9:33:dd:68:9c:
cf:e3:f1:89:62:75:c9:e1:9c:db:ff:14:ef:1b:02:29:f6:de:
21:a0:3d:f6:3d:cc:8f:5e:12:38:df:e7:f0:43:18:d1:fc:10:
a9:bd:2e:bb:bd:63:2c:48:09:e8:5b:cd:db:95:4d:85:8a:0a:
d9:58:95:05
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgICAU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUUwM0IxMTAvBgNVBAUTKEI5RTYwQ0YxNzlGNEVBQ0JEQjk0OTJCQTVGN0NBQ0Y0
NTIzOUNDRjQwHhcNMjQxMTAxMTIzMDUwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI0YzlmYS0xZWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0nFacqvFBuKcFvzTT1tY+NqcMdjSzFwfWnaUMqbxapXCIPWyEj05jQZJZhyD
IYYxTuE+2R0NDBa7PRFgcTKVBr1OKTtHIoxZO6dCf8dvtZFzOffbrC12cAcnzIfq
vCNHXvkx2cPFYmbj5+HDqZ4dRnDHO5KlyFnVmvBYjb28ZllrmBF6YMWtRXGypDsJ
J/5Bh14ddBxhxVj/1gxT6Ju7DimKXGjJeMq1dgx+vQmYAS8EdOMuk/3+vU3DEu4w
0HW8urkS9huFtNyvl7+dvT8zl5PeBRhBb/rx7e/FgmssY+pUPCA+pTnUN6htrMBL
h8TL+mHrNgxCXAm9iRKrZSh+1wIDAQABo4IC7zCCAuswHQYDVR0OBBYEFAehVe76
kxlR7RnuMc0PE4U4manxMB8GA1UdIwQYMBaAFLnmDPF59OrL25SSul98rPRSOcz0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTAzQi9BRjk2NzE2NjBC
NkUxMUVFQjI5QkIxNzBDNEY5QUUwMi91ZVlNOFhuMDZzdmJsSks2WDN5czlGSTV6
UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VlWU04WG4wNnN2YmxKSzZYM3lzOUZJNXpQUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUUwM0IvQUY5NjcxNjYwQjZFMTFFRUIyOUJCMTcwQzRGOUFFMDIvREIzRjI4M0Mw
RTk2MTFFRUJFNEE4QTRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwweQYIKwYBBQUHAQcBAf8E
ajBoMGYEAgACMGAwEAMFBSQBC2ADBwEkAQtgAAQDBwEkAQtgAAgwEgMHBCQBC2AA
EAMHASQBC2AAGDASAwcFJAELYAAgAwcBJAELYAAoMBIDBwQkAQtgADADBwAkAQtg
ADYDBwAkAQtgADkwDQYJKoZIhvcNAQELBQADggEBAJiVOd3FdnqzBYxsTtaV5r5x
7z+Ba5UXfKHTJXOXGaRrPS3w8FklbkDoEdr5pbugiNRT/r5LLyKNWWCKYBQxQpWn
9aJ7G3N8+ZMigUCl8Z1dONB0rS38t0w9vX5/bDKoLP7Fg8gnfDBiQ71rNYctaHCx
ZCz6kCY5nC2D1dZ4qsJT0/6YRFpqvTkKFkpsiRwvOatXC/kvJQCglOcC0QTZ6P7O
HFpXhrhXHmYI9gwFQXiq4yxkD8L9WYbojmk+imzxxkm5M91onM/j8YlidcnhnNv/
FO8bAin23iGgPfY9zI9eEjjf5/BDGNH8EKm9Lru9YyxICehbzduVTYWKCtlYlQU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:02 2025 by rpki-client