Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F83DC/A397A3E426ED11EFB4C9BA28C4F9AE02/999C4A8826EE11EF990FA32AC4F9AE02.roa
File: 999C4A8826EE11EF990FA32AC4F9AE02.roa (raw, json)
Hash identifier: e9wk7oSTl7ItkJcJ/4DtlrvVfG4k9uc9ccKVLe7X188=
Subject key identifier: 76:B8:10:EE:C7:2D:8A:BA:A6:71:8C:87:09:00:FF:73:A7:5F:A2:18
Certificate issuer: /CN=A91F83DC/serialNumber=09C36BC65DE72A04147F9D7220BDBA8D525D1564
Certificate serial: 02
Authority key identifier: 09:C3:6B:C6:5D:E7:2A:04:14:7F:9D:72:20:BD:BA:8D:52:5D:15:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CcNrxl3nKgQUf51yIL26jVJdFWQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F83DC/A397A3E426ED11EFB4C9BA28C4F9AE02/999C4A8826EE11EF990FA32AC4F9AE02.roa
Signing time: Mon 10 Jun 2024 05:59:29 +0000
ROA not before: Mon 10 Jun 2024 05:59:29 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 152906
IP address blocks: 2401:a5a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Jun 2024 11:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F83DC/serialNumber=09C36BC65DE72A04147F9D7220BDBA8D525D1564
Validity
Not Before: Jun 10 05:59:29 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66669641-571b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:31:b3:32:c9:fd:21:5f:f3:ae:fa:81:0a:2b:
8c:57:c3:39:e4:10:d9:93:35:b7:3f:86:cd:02:6c:
e4:70:df:53:9a:4e:c8:90:55:22:33:f2:5b:40:6c:
da:82:cd:04:79:da:de:0c:65:bd:f0:75:4a:bd:63:
ef:cd:cf:03:11:30:dd:7e:bc:d5:c6:9c:a2:ca:92:
af:4c:66:c0:ef:fa:e3:7a:e9:6c:9a:c1:cb:4d:29:
f7:48:87:07:71:79:b3:83:5b:37:2b:ff:bf:b8:61:
cb:ff:e3:5a:a6:92:49:78:de:73:1b:99:94:c1:4f:
f4:99:b6:6c:74:60:74:db:17:c1:d9:4d:b9:7c:eb:
51:93:ce:1c:97:ab:b6:58:11:cd:f5:4f:16:69:a1:
a7:ea:46:38:6d:a5:91:3a:51:2f:fc:c8:7e:75:02:
82:2c:5c:13:20:18:8d:2c:53:28:c9:92:7e:a5:3c:
26:4f:04:cf:33:c7:f3:3a:ab:8f:e5:a8:73:84:ac:
0f:93:ae:36:16:1f:b9:60:c1:e7:fa:62:01:5f:bb:
03:e5:d2:7b:67:eb:21:e9:3a:a3:54:f0:42:58:ab:
56:f4:70:21:78:31:e9:ea:95:03:65:e5:0c:20:fa:
88:78:b6:6f:32:62:50:80:75:0e:98:5d:7a:f2:00:
d8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B8:10:EE:C7:2D:8A:BA:A6:71:8C:87:09:00:FF:73:A7:5F:A2:18
X509v3 Authority Key Identifier:
keyid:09:C3:6B:C6:5D:E7:2A:04:14:7F:9D:72:20:BD:BA:8D:52:5D:15:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F83DC/A397A3E426ED11EFB4C9BA28C4F9AE02/CcNrxl3nKgQUf51yIL26jVJdFWQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CcNrxl3nKgQUf51yIL26jVJdFWQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F83DC/A397A3E426ED11EFB4C9BA28C4F9AE02/999C4A8826EE11EF990FA32AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:a5a0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:ae:71:4c:32:9b:ab:2e:24:54:a2:38:c5:9e:0e:3d:74:54:
7a:b5:b6:27:71:1e:da:0d:f5:de:e2:e0:70:a6:9c:0f:45:0f:
29:b2:e6:f3:13:cc:07:04:21:ab:c2:bd:31:44:37:f7:68:59:
da:7c:c2:bf:de:6d:6c:29:23:f7:0a:a3:da:7c:b8:8a:25:15:
98:3c:01:23:5a:a9:e0:f3:44:1a:9b:30:83:3f:29:d1:86:27:
7e:22:e1:b6:5c:d6:07:4d:03:5f:f7:06:fc:08:46:83:06:ce:
06:20:02:1a:64:29:db:72:e2:48:e8:a5:29:09:12:f8:e6:b2:
c1:f3:82:03:60:d8:57:82:50:3b:6e:ad:d5:c4:84:62:a3:d3:
b9:e5:d2:0c:cb:d7:66:d5:09:70:fd:e4:c7:b5:00:da:5d:43:
db:62:59:e5:3a:a8:87:fc:5c:43:d0:b2:4d:10:59:34:cd:19:
39:4a:8c:00:c0:e1:ed:4f:ac:9a:4f:ed:15:f2:aa:25:31:5e:
70:4b:bf:22:cc:ec:dd:fc:07:69:f1:38:5c:01:a4:85:da:16:
ec:44:ba:bf:9a:48:15:3f:a6:9d:0e:c1:f1:46:4a:b0:bd:8d:
2d:77:a9:3a:a0:06:78:34:16:38:7c:4e:cb:80:7a:63:b6:b0:
3f:8f:58:32
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
ODNEQzExMC8GA1UEBRMoMDlDMzZCQzY1REU3MkEwNDE0N0Y5RDcyMjBCREJBOEQ1
MjVEMTU2NDAeFw0yNDA2MTAwNTU5MjlaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NjY5NjQxLTU3MWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmMbMyyf0hX/Ou+oEKK4xXwznkENmTNbc/hs0CbORw31OaTsiQVSIz8ltAbNqC
zQR52t4MZb3wdUq9Y+/NzwMRMN1+vNXGnKLKkq9MZsDv+uN66WyawctNKfdIhwdx
ebODWzcr/7+4Ycv/41qmkkl43nMbmZTBT/SZtmx0YHTbF8HZTbl861GTzhyXq7ZY
Ec31TxZpoafqRjhtpZE6US/8yH51AoIsXBMgGI0sUyjJkn6lPCZPBM8zx/M6q4/l
qHOErA+TrjYWH7lgwef6YgFfuwPl0ntn6yHpOqNU8EJYq1b0cCF4MenqlQNl5Qwg
+oh4tm8yYlCAdQ6YXXryANirAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUdrgQ7sct
irqmcYyHCQD/c6dfohgwHwYDVR0jBBgwFoAUCcNrxl3nKgQUf51yIL26jVJdFWQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4M0RDL0EzOTdBM0U0MjZF
RDExRUZCNEM5QkEyOEM0RjlBRTAyL0NjTnJ4bDNuS2dRVWY1MXlJTDI2alZKZEZX
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ2NOcnhsM25LZ1FVZjUxeUlMMjZqVkpkRldRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
ODNEQy9BMzk3QTNFNDI2RUQxMUVGQjRDOUJBMjhDNEY5QUUwMi85OTlDNEE4ODI2
RUUxMUVGOTkwRkEzMkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBpaAwDQYJKoZIhvcNAQELBQADggEBAI6ucUwym6suJFSi
OMWeDj10VHq1tidxHtoN9d7i4HCmnA9FDymy5vMTzAcEIavCvTFEN/doWdp8wr/e
bWwpI/cKo9p8uIolFZg8ASNaqeDzRBqbMIM/KdGGJ34i4bZc1gdNA1/3BvwIRoMG
zgYgAhpkKdty4kjopSkJEvjmssHzggNg2FeCUDturdXEhGKj07nl0gzL12bVCXD9
5Me1ANpdQ9tiWeU6qIf8XEPQsk0QWTTNGTlKjADA4e1PrJpP7RXyqiUxXnBLvyLM
7N38B2nxOFwBpIXaFuxEur+aSBU/pp0OwfFGSrC9jS13qTqgBng0Fjh8TsuAemO2
sD+PWDI=
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:06 2024 by rpki-client on console-fra.rpki-client.org