Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA851/95A6119CB9DF11EE94B4242AC4F9AE02/9EF7D736BAAB11EEB7381655C4F9AE02.roa
File: 9EF7D736BAAB11EEB7381655C4F9AE02.roa (raw, json)
Hash identifier: s39ccp7/ds05CPDzroEFOVcDGbcDgidEX/pU20jREIg=
Subject key identifier: 6E:52:3F:14:4D:48:1A:A4:F6:F1:9B:E8:45:1E:B7:1F:21:E7:63:68
Certificate issuer: /CN=A91FA851/serialNumber=B9250FDE3FABD59FA5608230FEA7A23C4B4C8968
Certificate serial: 03
Authority key identifier: B9:25:0F:DE:3F:AB:D5:9F:A5:60:82:30:FE:A7:A2:3C:4B:4C:89:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uSUP3j-r1Z-lYIIw_qeiPEtMiWg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FA851/95A6119CB9DF11EE94B4242AC4F9AE02/9EF7D736BAAB11EEB7381655C4F9AE02.roa
Signing time: Wed 24 Jan 2024 11:27:56 +0000
ROA not before: Wed 24 Jan 2024 11:27:56 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 138548
IP address blocks: 2401:7960::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 Jan 2024 18:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FA851/serialNumber=B9250FDE3FABD59FA5608230FEA7A23C4B4C8968
Validity
Not Before: Jan 24 11:27:56 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65b0f43c-2369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1c:69:7c:88:3d:26:1b:55:d0:16:ff:61:db:
e9:a7:ee:37:d5:64:8f:18:f9:d9:03:40:a7:67:f7:
ee:b5:f9:8a:db:0e:63:f4:a0:55:a7:8e:ab:2a:0f:
0e:32:78:48:d6:a2:09:ed:61:9e:83:46:3d:d2:fd:
bc:d3:de:8e:e8:c6:04:f4:fa:a0:1c:63:ef:95:db:
40:0e:ba:42:cc:df:2f:f4:d3:1d:18:84:23:7d:cb:
c6:9d:f1:ba:0f:e1:1b:bb:9e:41:db:4e:56:42:ed:
76:7b:fb:e7:f9:da:93:22:96:b7:1f:bc:0a:1c:15:
c2:72:12:81:8e:a0:30:67:ed:a0:e6:b1:4a:d4:1a:
0a:4f:bf:7f:4c:35:d6:ce:ee:19:06:e8:d1:73:7b:
f7:43:ff:bd:14:bd:dd:7b:15:58:9d:b8:cf:e2:c7:
ac:7c:46:2d:bb:3f:98:55:45:de:02:2e:68:c3:da:
42:57:51:15:b2:a3:46:47:e9:d1:1d:7d:8f:e1:4a:
ca:7a:8d:2b:3e:12:43:b1:af:82:55:13:bc:da:32:
b1:26:52:5c:92:fa:61:45:fa:cf:31:e7:92:ab:3e:
55:f9:58:99:a0:57:2b:07:55:e3:2c:93:d3:ed:9b:
23:63:98:e2:73:75:10:ad:b7:43:69:83:ec:92:a0:
e0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:52:3F:14:4D:48:1A:A4:F6:F1:9B:E8:45:1E:B7:1F:21:E7:63:68
X509v3 Authority Key Identifier:
keyid:B9:25:0F:DE:3F:AB:D5:9F:A5:60:82:30:FE:A7:A2:3C:4B:4C:89:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FA851/95A6119CB9DF11EE94B4242AC4F9AE02/uSUP3j-r1Z-lYIIw_qeiPEtMiWg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uSUP3j-r1Z-lYIIw_qeiPEtMiWg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA851/95A6119CB9DF11EE94B4242AC4F9AE02/9EF7D736BAAB11EEB7381655C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:7960::/32
Signature Algorithm: sha256WithRSAEncryption
5c:91:f1:ea:a9:2c:f1:d3:54:f5:02:01:28:b8:7b:9d:fe:2c:
ae:fa:2c:77:18:59:d7:71:18:4b:b4:dd:80:59:25:df:36:4c:
20:24:a9:b6:81:9d:28:25:16:68:c4:ba:7d:79:55:f1:a8:b2:
cc:cb:00:aa:c9:9d:fd:62:6d:0e:04:18:60:34:17:9a:7a:87:
93:7b:93:5e:9b:97:2b:5b:02:44:f7:0d:0d:ae:dd:e5:6c:9c:
44:c9:6f:7c:84:f1:33:d0:43:d9:20:e8:36:04:fe:93:15:f9:
d0:20:cc:93:1e:d9:5f:a5:3b:63:63:13:72:49:14:df:9f:2c:
61:25:f4:3c:94:62:40:de:ca:52:e3:c6:4b:f1:37:b8:02:3f:
0e:18:b8:96:9b:08:f6:66:97:8d:5d:77:48:d7:06:d0:3b:e3:
87:ff:b4:c8:6f:cb:55:2a:36:dd:3d:5a:d5:17:09:01:f2:ad:
48:a0:7e:78:7e:f2:e2:ee:e4:1b:62:99:43:3c:22:af:66:86:
ef:e0:08:68:da:bf:d3:7d:9b:b6:6c:11:27:b6:63:0a:8b:5a:
e5:88:7a:d9:f1:17:45:b2:6f:5d:d0:66:74:df:cb:f5:18:95:
87:dc:ce:03:09:4d:8a:c1:53:59:22:77:41:93:d3:30:df:7c:
0b:a7:3a:4b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QTg1MTExMC8GA1UEBRMoQjkyNTBGREUzRkFCRDU5RkE1NjA4MjMwRkVBN0EyM0M0
QjRDODk2ODAeFw0yNDAxMjQxMTI3NTZaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YjBmNDNjLTIzNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdHGl8iD0mG1XQFv9h2+mn7jfVZI8Y+dkDQKdn9+61+YrbDmP0oFWnjqsqDw4y
eEjWogntYZ6DRj3S/bzT3o7oxgT0+qAcY++V20AOukLM3y/00x0YhCN9y8ad8boP
4Ru7nkHbTlZC7XZ7++f52pMilrcfvAocFcJyEoGOoDBn7aDmsUrUGgpPv39MNdbO
7hkG6NFze/dD/70Uvd17FViduM/ix6x8Ri27P5hVRd4CLmjD2kJXURWyo0ZH6dEd
fY/hSsp6jSs+EkOxr4JVE7zaMrEmUlyS+mFF+s8x55KrPlX5WJmgVysHVeMsk9Pt
myNjmOJzdRCtt0Npg+ySoOBVAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUblI/FE1I
GqT28ZvoRR63HyHnY2gwHwYDVR0jBBgwFoAUuSUP3j+r1Z+lYIIw/qeiPEtMiWgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBODUxLzk1QTYxMTlDQjlE
RjExRUU5NEI0MjQyQUM0RjlBRTAyL3VTVVAzai1yMVotbFlJSXdfcWVpUEV0TWlX
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdVNVUDNqLXIxWi1sWUlJd19xZWlQRXRNaVdnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QTg1MS85NUE2MTE5Q0I5REYxMUVFOTRCNDI0MkFDNEY5QUUwMi85RUY3RDczNkJB
QUIxMUVFQjczODE2NTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBeWAwDQYJKoZIhvcNAQELBQADggEBAFyR8eqpLPHTVPUC
ASi4e53+LK76LHcYWddxGEu03YBZJd82TCAkqbaBnSglFmjEun15VfGosszLAKrJ
nf1ibQ4EGGA0F5p6h5N7k16blytbAkT3DQ2u3eVsnETJb3yE8TPQQ9kg6DYE/pMV
+dAgzJMe2V+lO2NjE3JJFN+fLGEl9DyUYkDeylLjxkvxN7gCPw4YuJabCPZml41d
d0jXBtA744f/tMhvy1UqNt09WtUXCQHyrUigfnh+8uLu5BtimUM8Iq9mhu/gCGja
v9N9m7ZsESe2YwqLWuWIetnxF0Wyb13QZnTfy/UYlYfczgMJTYrBU1kid0GT0zDf
fAunOks=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org