Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/9EB3FF6CAA1A11EE819E056BC4F9AE02.roa
File: 9EB3FF6CAA1A11EE819E056BC4F9AE02.roa (raw, json)
Hash identifier: LeedPzfnHxCx5h4p9tBPj2IBUANhfe7prtG7moNBcho=
Subject key identifier: 8B:D0:E8:57:AF:60:5A:C4:AD:CF:35:B3:D8:FD:AB:0B:CC:09:93:D4
Certificate issuer: /CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Certificate serial: 032E
Authority key identifier: 45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/9EB3FF6CAA1A11EE819E056BC4F9AE02.roa
Signing time: Wed 03 Jan 2024 09:29:40 +0000
ROA not before: Wed 03 Jan 2024 09:29:40 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2001:df0:45c4::/46 maxlen: 48
2001:df0:45c8::/45 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:24:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 814 (0x32e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Validity
Not Before: Jan 3 09:29:40 2024 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=65952904-d519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6e:94:f2:97:87:fa:17:b2:53:ca:94:92:f0:
23:bb:ee:5a:78:35:c4:f5:02:4b:52:b8:d7:ce:dd:
3b:13:c6:8c:bd:a5:73:b1:51:1b:a7:d2:56:28:d4:
ef:5d:60:89:19:17:f5:37:fe:b6:aa:cf:03:82:f3:
d5:27:5e:fe:0a:dd:4f:a2:d2:1b:50:57:c7:d8:38:
a2:4f:ae:9c:2b:55:8b:69:e0:24:86:95:32:b4:49:
60:4b:95:02:a1:2c:68:79:d5:1c:07:a0:96:df:50:
e9:59:3e:27:aa:c6:06:86:1f:79:5e:1f:07:60:ed:
71:0f:55:bd:47:bd:21:43:85:f7:c5:3c:d0:49:b6:
37:28:77:24:e4:25:18:f4:ec:38:62:74:13:6c:6b:
d8:60:3e:61:27:af:da:11:0e:f5:11:cc:5a:0a:e4:
c9:a4:6c:65:9e:70:1f:50:ee:ae:39:ec:0a:32:40:
49:65:27:68:cf:e8:4b:6d:28:d7:61:fa:74:6f:e1:
7d:d6:4b:bc:89:30:b0:ac:6c:58:f7:95:40:d7:fa:
b2:f2:bc:3b:f7:db:49:50:57:db:44:1d:13:17:cf:
9f:34:b5:38:82:eb:39:4d:ec:00:df:7a:dc:f5:1a:
ae:43:13:33:e6:00:3a:fd:6f:da:6c:a4:5e:e6:8d:
ce:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D0:E8:57:AF:60:5A:C4:AD:CF:35:B3:D8:FD:AB:0B:CC:09:93:D4
X509v3 Authority Key Identifier:
keyid:45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/RYSuojlMRtaTTmPtaIfUcm_fehM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/9EB3FF6CAA1A11EE819E056BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:45c4::-2001:df0:45cf:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b5:11:22:0a:f9:e7:54:48:0a:e6:bf:ba:19:00:18:17:25:4c:
29:8d:cc:b9:21:ef:71:9f:16:83:b0:6b:b4:b2:f1:55:11:76:
75:63:a5:8f:7e:e0:6b:a8:4e:6a:c8:0b:66:c0:59:19:d6:b9:
45:c6:34:a7:c9:3e:f2:1b:35:3d:08:30:f1:4b:f6:c1:6f:42:
62:ff:a9:a7:ba:76:07:0b:98:d8:f4:eb:7a:97:72:9d:8e:15:
1d:d2:11:aa:3b:1a:8f:36:5f:ee:8f:84:e9:49:ae:23:e6:ab:
ee:28:38:29:87:c0:1b:5b:b0:23:b4:3d:b8:9e:a5:fd:c4:dd:
43:3c:de:cd:d3:b8:27:f2:19:1e:ed:2b:0f:54:6b:30:54:83:
a6:37:92:88:49:c9:4c:7f:0e:55:9f:2d:9e:c4:39:67:c7:8d:
7f:e7:f4:08:18:ab:d3:75:cb:e5:e3:29:08:02:9f:85:b9:20:
05:4c:e0:55:f8:10:64:18:6c:54:e1:bf:e5:ec:35:33:12:1c:
d7:53:de:5f:53:21:14:6a:e9:27:a3:6e:5f:ed:d7:c8:7a:bd:
0e:28:31:1d:64:0d:99:93:a2:52:73:21:ee:1d:64:fb:52:af:
1c:62:2b:33:f3:a3:0e:5b:34:ab:d4:ee:f2:11:b3:1c:67:b2:
45:a1:e8:7d
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICAy4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFBRjUxMTAvBgNVBAUTKDQ1ODRBRUEyMzk0QzQ2RDY5MzRFNjNFRDY4ODdENDcy
NkZERjdBMTMwHhcNMjQwMTAzMDkyOTQwWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk1MjkwNC1kNTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxm6U8peH+heyU8qUkvAju+5aeDXE9QJLUrjXzt07E8aMvaVzsVEbp9JWKNTv
XWCJGRf1N/62qs8DgvPVJ17+Ct1PotIbUFfH2DiiT66cK1WLaeAkhpUytElgS5UC
oSxoedUcB6CW31DpWT4nqsYGhh95Xh8HYO1xD1W9R70hQ4X3xTzQSbY3KHck5CUY
9Ow4YnQTbGvYYD5hJ6/aEQ71EcxaCuTJpGxlnnAfUO6uOewKMkBJZSdoz+hLbSjX
Yfp0b+F91ku8iTCwrGxY95VA1/qy8rw799tJUFfbRB0TF8+fNLU4gus5TewA33rc
9RquQxMz5gA6/W/abKRe5o3OMwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFIvQ6Fev
YFrErc81s9j9qwvMCZPUMB8GA1UdIwQYMBaAFEWErqI5TEbWk05j7WiH1HJv33oT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUFGNS9FOTlGNTIzQTZF
QzQxMUVDQUZEMjczMzFDNEY5QUUwMi9SWVN1b2psTVJ0YVRUbVB0YUlmVWNtX2Zl
aE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JZU3VvamxNUnRhVFRtUHRhSWZVY21fZmVoTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFBRjUvRTk5RjUyM0E2RUM0MTFFQ0FGRDI3MzMxQzRGOUFFMDIvOUVCM0ZGNkNB
QTFBMTFFRTgxOUUwNTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgACMBQwEgMHAiABDfBFxAMHBCABDfBFwDANBgkqhkiG9w0BAQsFAAOC
AQEAtREiCvnnVEgK5r+6GQAYFyVMKY3MuSHvcZ8Wg7BrtLLxVRF2dWOlj37ga6hO
asgLZsBZGda5RcY0p8k+8hs1PQgw8Uv2wW9CYv+pp7p2BwuY2PTrepdynY4VHdIR
qjsajzZf7o+E6UmuI+ar7ig4KYfAG1uwI7Q9uJ6l/cTdQzzezdO4J/IZHu0rD1Rr
MFSDpjeSiEnJTH8OVZ8tnsQ5Z8eNf+f0CBir03XL5eMpCAKfhbkgBUzgVfgQZBhs
VOG/5ew1MxIc11PeX1MhFGrpJ6NuX+3XyHq9DigxHWQNmZOiUnMh7h1k+1KvHGIr
M/OjDls0q9Tu8hGzHGeyRaHofQ==
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:03 2024 by rpki-client on console.sobornost.net