Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/4C0D06380BDD11EC99F6A975C4F9AE02.roa
File: 4C0D06380BDD11EC99F6A975C4F9AE02.roa (raw, json)
Hash identifier: QFW8b2Q20cVrbdyP33hI9t1tFOWhTUW3xPQ96xM9thA=
Subject key identifier: 24:DF:F3:FE:A6:4F:2B:C1:F9:E7:3C:25:D1:9E:BC:45:08:75:45:8D
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 264C
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/4C0D06380BDD11EC99F6A975C4F9AE02.roa
Signing time: Sun 06 Aug 2023 16:13:24 +0000
ROA not before: Sun 06 Aug 2023 16:13:24 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 4842
IP address blocks: 45.249.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 15:04:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9804 (0x264c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Aug 6 16:13:24 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64cfc6a4-6c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ec:62:b8:7f:17:37:73:d9:43:d9:ce:c1:20:
01:7a:ee:b0:cd:a6:ce:4b:bc:44:92:2d:9f:e9:ce:
3e:fa:8d:37:16:14:27:04:c5:ca:75:df:b3:7f:73:
61:eb:1d:f9:05:76:8e:5f:16:ba:70:f0:09:9b:4d:
ab:d1:20:e0:85:6e:07:12:1d:90:5d:89:16:bd:79:
5c:17:2e:17:46:84:fb:92:42:c8:a2:b9:8a:cd:35:
d8:e3:58:78:10:87:37:36:f2:9b:3a:33:7b:f4:99:
86:7b:d1:63:41:e7:0b:df:6e:04:73:07:94:0b:88:
3b:c6:c8:8a:ff:80:63:b1:8f:c9:2b:49:64:c2:ad:
73:37:24:d7:a3:36:4f:94:5e:25:f9:d0:2b:1f:f2:
b6:8f:83:08:2f:19:24:8c:e8:ad:dd:1d:26:93:e2:
ab:a7:f8:fb:30:e8:ca:68:6c:eb:8b:32:33:f4:8d:
cc:fe:a4:1d:35:95:8d:95:57:8b:9a:8a:61:4b:09:
19:66:02:ed:cd:46:16:b0:d7:b2:80:c9:ce:bc:3c:
33:62:1a:ba:1c:bb:33:7f:d9:2d:1a:86:53:27:00:
01:29:be:35:f0:61:27:99:66:c1:6a:82:08:d2:29:
27:1c:8a:60:54:97:3c:57:15:78:26:40:af:c7:5e:
38:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DF:F3:FE:A6:4F:2B:C1:F9:E7:3C:25:D1:9E:BC:45:08:75:45:8D
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/4C0D06380BDD11EC99F6A975C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.88.0/24
Signature Algorithm: sha256WithRSAEncryption
48:76:60:dc:54:bd:87:11:1a:79:de:60:38:28:bb:45:47:18:
c0:91:cc:55:c4:0f:78:dd:d9:a2:9f:3c:65:19:34:99:cd:42:
29:c1:bf:c5:a6:a1:3e:63:b8:e9:19:ac:b2:26:79:2b:78:a9:
7e:7c:e4:1b:d4:22:7e:93:f2:91:c9:7c:5d:9c:77:6d:2b:a3:
cf:44:97:4d:55:a2:c3:6a:9c:1f:82:8a:bf:d9:57:ec:7c:8e:
a6:1a:23:09:21:b0:e6:36:06:39:ca:98:91:67:93:cc:a1:46:
fa:cc:e8:83:cf:bc:77:f0:b0:a7:e8:5a:1c:7e:4e:56:97:40:
a0:90:1c:c9:d2:3b:ef:9a:b0:bb:e8:70:ae:0c:5a:4f:5c:0c:
67:75:cf:4e:77:86:c3:04:5a:08:c5:c0:1b:8b:d9:ac:7f:d8:
21:a9:cb:82:75:5c:49:45:85:db:c6:59:ad:f9:88:f7:81:8c:
79:0e:2f:b1:5a:d4:a8:c3:49:15:1f:33:f1:ae:3d:dd:74:cc:
9e:e6:d9:ef:25:47:9e:bb:8a:21:ac:d3:95:b2:c3:a6:f1:f5:
04:ac:86:bb:e6:1b:80:74:35:a0:eb:fc:b3:da:43:bc:72:ad:
cb:48:b6:c0:19:7e:eb:f9:6f:dc:93:e2:46:d5:4c:61:26:22:
33:0a:65:4d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJkwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjMwODA2MTYxMzI0WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNmYzZhNC02Yzg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn+xiuH8XN3PZQ9nOwSABeu6wzabOS7xEki2f6c4++o03FhQnBMXKdd+zf3Nh
6x35BXaOXxa6cPAJm02r0SDghW4HEh2QXYkWvXlcFy4XRoT7kkLIormKzTXY41h4
EIc3NvKbOjN79JmGe9FjQecL324EcweUC4g7xsiK/4BjsY/JK0lkwq1zNyTXozZP
lF4l+dArH/K2j4MILxkkjOit3R0mk+Krp/j7MOjKaGzrizIz9I3M/qQdNZWNlVeL
mophSwkZZgLtzUYWsNeygMnOvDwzYhq6HLszf9ktGoZTJwABKb418GEnmWbBaoII
0iknHIpgVJc8VxV4JkCvx144dQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCTf8/6m
TyvB+ec8JdGevEUIdUWNMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvNEMwRDA2Mzgw
QkREMTFFQzk5RjZBOTc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAt+VgwDQYJKoZIhvcNAQELBQADggEBAEh2YNxUvYcRGnne
YDgou0VHGMCRzFXED3jd2aKfPGUZNJnNQinBv8WmoT5juOkZrLImeSt4qX585BvU
In6T8pHJfF2cd20ro89El01VosNqnB+Cir/ZV+x8jqYaIwkhsOY2BjnKmJFnk8yh
RvrM6IPPvHfwsKfoWhx+TlaXQKCQHMnSO++asLvocK4MWk9cDGd1z053hsMEWgjF
wBuL2ax/2CGpy4J1XElFhdvGWa35iPeBjHkOL7Fa1KjDSRUfM/GuPd10zJ7m2e8l
R567iiGs05Wyw6bx9QSshrvmG4B0NaDr/LPaQ7xyrctItsAZfuv5b9yT4kbVTGEm
IjMKZU0=
-----END CERTIFICATE-----
Generated at Tue Mar 19 17:58:37 2024 by rpki-client on console-ams.rpki-client.org