Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/85C41F1A758611EDBFFB872AC4F9AE02.roa
File: 85C41F1A758611EDBFFB872AC4F9AE02.roa (raw, json)
Hash identifier: 8H24UhLFZrIPUSDLPIkAAiQ4Wv9D9CbTyHDr7iU+hEY=
Subject key identifier: 46:C4:11:AA:48:09:21:37:15:0D:7B:DA:A7:2D:85:62:8E:38:43:B6
Certificate issuer: /CN=A916B837/serialNumber=F5522DE313844E96E3EBF38034ECA09BE2AA0AD5
Certificate serial: 01DC
Authority key identifier: F5:52:2D:E3:13:84:4E:96:E3:EB:F3:80:34:EC:A0:9B:E2:AA:0A:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9VIt4xOETpbj6_OANOygm-KqCtU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/85C41F1A758611EDBFFB872AC4F9AE02.roa
Signing time: Sat 27 May 2023 05:43:48 +0000
ROA not before: Sat 27 May 2023 05:43:48 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 201801
IP address blocks: 2400:70e0:bab::/48 maxlen: 48
2400:70e0:a000::/44 maxlen: 48
2400:70e0:b000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 476 (0x1dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B837/serialNumber=F5522DE313844E96E3EBF38034ECA09BE2AA0AD5
Validity
Not Before: May 27 05:43:48 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64719894-d159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:14:36:a5:ef:fd:54:d9:d6:ab:79:35:fb:5a:
eb:9c:77:27:d5:ab:e1:9e:28:8d:73:9d:1d:7b:7e:
0d:c8:06:75:65:a4:d1:5d:6e:8c:3b:87:d3:e7:ee:
7e:7b:bb:6a:0a:b9:05:0d:d7:1d:3a:50:9f:d0:f9:
e7:e6:c9:2e:1b:b9:6b:89:5d:3b:6a:d5:7b:00:c2:
ce:40:d4:5f:13:17:d5:21:b7:ba:23:01:06:a3:ee:
3d:41:49:3e:00:02:bb:c6:48:7f:69:63:9c:20:9c:
31:db:08:80:7f:33:dc:f1:27:0a:f3:8f:81:d3:ef:
47:06:9e:c8:7a:76:fa:cb:b7:8a:94:d7:44:64:73:
57:6c:e3:69:60:1d:ab:2b:fa:55:00:b1:09:7b:32:
35:dc:48:df:79:4e:ae:50:4a:2b:15:08:9a:c5:0a:
67:42:ba:f1:75:0f:3e:37:9e:24:4f:a6:21:06:16:
a3:ff:f4:8a:1c:fd:3f:41:54:72:1a:58:d1:24:bf:
66:b9:d6:8e:aa:ef:5b:4c:1d:b2:90:f2:ee:10:bc:
b2:5e:df:60:48:ea:9c:a9:3e:be:dc:44:fb:6a:9d:
b5:44:5c:23:a6:03:97:8b:bc:13:1f:f3:73:95:70:
cc:6d:fe:41:f1:6d:70:3f:5f:fe:d0:7c:8b:65:f7:
49:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C4:11:AA:48:09:21:37:15:0D:7B:DA:A7:2D:85:62:8E:38:43:B6
X509v3 Authority Key Identifier:
keyid:F5:52:2D:E3:13:84:4E:96:E3:EB:F3:80:34:EC:A0:9B:E2:AA:0A:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/9VIt4xOETpbj6_OANOygm-KqCtU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9VIt4xOETpbj6_OANOygm-KqCtU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/85C41F1A758611EDBFFB872AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:70e0:bab::/48
2400:70e0:a000::/44
2400:70e0:b000::/48
Signature Algorithm: sha256WithRSAEncryption
5a:3c:04:88:18:ca:fd:64:6d:cd:b8:3b:e1:f6:ca:92:d8:39:
a2:ad:06:16:fb:82:73:1e:b0:9c:16:bc:fb:02:20:b1:1b:28:
24:4d:ed:38:90:38:c3:55:2a:46:31:d0:21:2f:b0:5d:ea:14:
d8:7b:bc:5b:2e:db:63:ee:9a:97:c5:64:33:61:cc:a6:58:f5:
05:de:d5:86:88:7f:54:bb:33:b4:71:dd:c0:b3:8b:12:f1:92:
8c:86:88:d9:85:ef:08:dd:4e:31:d7:6e:6f:12:70:c9:8e:9f:
79:57:90:40:90:b6:51:90:f7:ef:49:0e:fc:26:c3:26:5a:d0:
0f:27:17:38:db:34:8b:46:fd:21:8b:bd:32:dd:f4:c5:49:a3:
0f:fa:50:9e:6d:4f:98:ee:f5:12:2c:7e:e4:98:8e:b5:46:75:
49:82:92:46:7d:90:0c:fb:65:95:0e:f1:f6:e2:49:7a:fb:d9:
eb:91:a9:5b:c6:12:fe:da:fb:17:b2:aa:b8:59:db:ab:c0:81:
4e:2d:3d:d3:d5:6f:ad:b2:09:bd:86:c4:9c:3e:df:80:2d:43:
9d:ba:a0:59:2e:dc:2c:f3:54:86:0e:a2:1d:05:48:f5:ca:14:
9b:76:ee:a7:22:e5:d1:94:e7:84:ff:29:25:59:16:47:00:eb:
0f:53:11:df
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAdwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkI4MzcxMTAvBgNVBAUTKEY1NTIyREUzMTM4NDRFOTZFM0VCRjM4MDM0RUNBMDlC
RTJBQTBBRDUwHhcNMjMwNTI3MDU0MzQ4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDcxOTg5NC1kMTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmhQ2pe/9VNnWq3k1+1rrnHcn1avhniiNc50de34NyAZ1ZaTRXW6MO4fT5+5+
e7tqCrkFDdcdOlCf0Pnn5skuG7lriV07atV7AMLOQNRfExfVIbe6IwEGo+49QUk+
AAK7xkh/aWOcIJwx2wiAfzPc8ScK84+B0+9HBp7Ienb6y7eKlNdEZHNXbONpYB2r
K/pVALEJezI13EjfeU6uUEorFQiaxQpnQrrxdQ8+N54kT6YhBhaj//SKHP0/QVRy
GljRJL9mudaOqu9bTB2ykPLuELyyXt9gSOqcqT6+3ET7ap21RFwjpgOXi7wTH/Nz
lXDMbf5B8W1wP1/+0HyLZfdJjwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEbEEapI
CSE3FQ172qcthWKOOEO2MB8GA1UdIwQYMBaAFPVSLeMThE6W4+vzgDTsoJviqgrV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjgzNy85RDkwQUI2MkMx
NUExMUVDQTQ0RjUzNjBDNEY5QUUwMi85Vkl0NHhPRVRwYmo2X09BTk95Z20tS3FD
dFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlWSXQ0eE9FVHBiajZfT0FOT3lnbS1LcUN0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkI4MzcvOUQ5MEFCNjJDMTVBMTFFQ0E0NEY1MzYwQzRGOUFFMDIvODVDNDFGMUE3
NTg2MTFFREJGRkI4NzJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMCEEAgACMBsDBwAkAHDgC6sDBwQkAHDgoAADBwAkAHDgsAAwDQYJKoZIhvcN
AQELBQADggEBAFo8BIgYyv1kbc24O+H2ypLYOaKtBhb7gnMesJwWvPsCILEbKCRN
7TiQOMNVKkYx0CEvsF3qFNh7vFsu22PumpfFZDNhzKZY9QXe1YaIf1S7M7Rx3cCz
ixLxkoyGiNmF7wjdTjHXbm8ScMmOn3lXkECQtlGQ9+9JDvwmwyZa0A8nFzjbNItG
/SGLvTLd9MVJow/6UJ5tT5ju9RIsfuSYjrVGdUmCkkZ9kAz7ZZUO8fbiSXr72euR
qVvGEv7a+xeyqrhZ26vAgU4tPdPVb62yCb2GxJw+34AtQ526oFku3CzzVIYOoh0F
SPXKFJt27qci5dGU54T/KSVZFkcA6w9TEd8=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:32 2023 by rpki-client on console.sobornost.net