Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8579/017603FCCEB211ECAE001823C4F9AE02/35359F1ED4D811EC91F7B71EC4F9AE02.roa
File: 35359F1ED4D811EC91F7B71EC4F9AE02.roa (raw, json)
Hash identifier: hWoDZLeOuF/awGKUoDckNA5rRX44xLw8nu868WRac7s=
Subject key identifier: D9:C7:0C:B2:7E:6D:81:D4:5F:1B:13:66:64:86:C4:98:6F:0D:89:2A
Certificate issuer: /CN=A91F8579/serialNumber=C7EDFB757F594BDF23ADD7121F5DBE3D25AE00FC
Certificate serial: 01C7
Authority key identifier: C7:ED:FB:75:7F:59:4B:DF:23:AD:D7:12:1F:5D:BE:3D:25:AE:00:FC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x-37dX9ZS98jrdcSH12-PSWuAPw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8579/017603FCCEB211ECAE001823C4F9AE02/35359F1ED4D811EC91F7B71EC4F9AE02.roa
Signing time: Thu 03 Aug 2023 03:02:58 +0000
ROA not before: Thu 03 Aug 2023 03:02:58 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 137443
IP address blocks: 2401:89c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 07 Oct 2023 11:24:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 455 (0x1c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8579/serialNumber=C7EDFB757F594BDF23ADD7121F5DBE3D25AE00FC
Validity
Not Before: Aug 3 03:02:58 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64cb18e1-ff83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f7:da:0d:80:d8:d7:14:b1:23:83:33:d2:85:
df:f4:88:c7:cf:c6:ef:36:97:ee:e2:65:0a:84:71:
16:f7:a9:0e:ef:23:ed:f6:ae:06:ab:53:56:da:d6:
2d:24:14:4d:05:33:e1:49:cf:2e:07:78:84:7a:a9:
74:cc:c4:78:b4:06:55:91:16:87:9c:59:17:6f:97:
55:41:f1:b1:09:eb:5b:d3:1d:d2:5e:a6:d0:3e:5a:
8d:c4:6f:b1:45:ce:32:68:24:a5:c4:d9:14:a3:f9:
48:13:e7:64:80:1a:9c:e8:ed:35:52:f4:0a:d1:35:
43:75:0b:8a:4a:c4:0e:06:4f:36:80:38:b4:35:e8:
5f:87:ab:59:9d:5d:20:e7:e8:98:3b:47:3e:56:58:
a8:2f:6a:99:d3:10:a7:48:be:87:69:5f:ca:c7:3d:
e4:01:c8:50:d9:6d:40:b1:2f:9d:4b:0e:10:8c:e6:
ce:c1:92:f6:96:1d:37:e7:30:8c:5c:b8:fd:65:20:
62:6c:04:0f:0f:58:3b:2d:44:fa:0b:f1:5c:8d:36:
f9:33:d4:ab:66:47:df:38:2d:4c:af:3c:0a:4d:96:
8d:1b:a4:b9:c7:56:a7:cf:5e:da:72:98:ef:b3:82:
e5:0d:29:5b:96:4a:9f:59:23:22:ed:ba:a7:e5:48:
c6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C7:0C:B2:7E:6D:81:D4:5F:1B:13:66:64:86:C4:98:6F:0D:89:2A
X509v3 Authority Key Identifier:
keyid:C7:ED:FB:75:7F:59:4B:DF:23:AD:D7:12:1F:5D:BE:3D:25:AE:00:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8579/017603FCCEB211ECAE001823C4F9AE02/x-37dX9ZS98jrdcSH12-PSWuAPw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x-37dX9ZS98jrdcSH12-PSWuAPw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8579/017603FCCEB211ECAE001823C4F9AE02/35359F1ED4D811EC91F7B71EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:89c0::/48
Signature Algorithm: sha256WithRSAEncryption
d4:70:76:47:75:95:b4:6e:b9:5f:f4:7e:76:83:54:15:e8:5f:
9e:6c:70:e6:bc:5f:13:7d:9c:a1:ec:e6:16:24:c2:51:1f:93:
f1:e5:23:00:98:e2:03:a4:1f:d7:69:1b:2c:ac:ef:a7:0b:f9:
b9:9b:e9:7c:30:61:b0:44:aa:b0:e2:78:b5:0f:83:72:49:9e:
70:87:dc:ef:f5:c4:0d:79:d8:43:a4:40:69:b5:91:60:ce:96:
c8:fe:3e:dc:b7:84:4a:09:3d:bb:a5:d0:ba:c0:1b:27:9b:b6:
1d:c1:fe:5d:d3:a6:75:2c:de:05:bc:7f:c5:d1:34:9b:f0:fd:
84:db:b9:f4:0b:a0:41:05:ad:fa:5c:2f:30:fa:dd:ef:78:70:
a4:b3:ec:34:51:45:34:19:76:09:f9:e1:30:1b:43:84:51:46:
d1:73:a2:50:f5:55:cf:88:0b:cc:ec:6a:4f:d5:9d:12:50:1a:
00:a2:43:51:3a:d1:a4:20:e3:ba:d2:30:f1:82:3b:9f:54:d4:
4c:bd:44:92:75:e2:dc:87:9d:70:c8:55:3a:c2:1d:f4:72:30:
84:68:21:73:4d:a7:fd:e9:20:b5:e5:86:3e:e9:48:0b:2e:8e:
e7:54:e5:79:56:46:6d:98:43:73:d8:d2:c8:70:23:d8:87:90:
30:2d:d1:3a
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg1NzkxMTAvBgNVBAUTKEM3RURGQjc1N0Y1OTRCREYyM0FERDcxMjFGNURCRTNE
MjVBRTAwRkMwHhcNMjMwODAzMDMwMjU4WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNiMThlMS1mZjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoffaDYDY1xSxI4Mz0oXf9IjHz8bvNpfu4mUKhHEW96kO7yPt9q4Gq1NW2tYt
JBRNBTPhSc8uB3iEeql0zMR4tAZVkRaHnFkXb5dVQfGxCetb0x3SXqbQPlqNxG+x
Rc4yaCSlxNkUo/lIE+dkgBqc6O01UvQK0TVDdQuKSsQOBk82gDi0Nehfh6tZnV0g
5+iYO0c+VlioL2qZ0xCnSL6HaV/Kxz3kAchQ2W1AsS+dSw4QjObOwZL2lh035zCM
XLj9ZSBibAQPD1g7LUT6C/FcjTb5M9SrZkffOC1MrzwKTZaNG6S5x1anz17acpjv
s4LlDSlblkqfWSMi7bqn5UjGqwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNnHDLJ+
bYHUXxsTZmSGxJhvDYkqMB8GA1UdIwQYMBaAFMft+3V/WUvfI63XEh9dvj0lrgD8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODU3OS8wMTc2MDNGQ0NF
QjIxMUVDQUUwMDE4MjNDNEY5QUUwMi94LTM3ZFg5WlM5OGpyZGNTSDEyLVBTV3VB
UHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3gtMzdkWDlaUzk4anJkY1NIMTItUFNXdUFQdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjg1NzkvMDE3NjAzRkNDRUIyMTFFQ0FFMDAxODIzQzRGOUFFMDIvMzUzNTlGMUVE
NEQ4MTFFQzkxRjdCNzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAYnAAAAwDQYJKoZIhvcNAQELBQADggEBANRwdkd1lbRu
uV/0fnaDVBXoX55scOa8XxN9nKHs5hYkwlEfk/HlIwCY4gOkH9dpGyys76cL+bmb
6XwwYbBEqrDieLUPg3JJnnCH3O/1xA152EOkQGm1kWDOlsj+Pty3hEoJPbul0LrA
Gyebth3B/l3TpnUs3gW8f8XRNJvw/YTbufQLoEEFrfpcLzD63e94cKSz7DRRRTQZ
dgn54TAbQ4RRRtFzolD1Vc+IC8zsak/VnRJQGgCiQ1E60aQg47rSMPGCO59U1Ey9
RJJ14tyHnXDIVTrCHfRyMIRoIXNNp/3pILXlhj7pSAsujudU5XlWRm2YQ3PY0shw
I9iHkDAt0To=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:51 2024 by rpki-client on console-fra.rpki-client.org