Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/C48E0A1C152B11EFAEB3917EC4F9AE02.roa
File: C48E0A1C152B11EFAEB3917EC4F9AE02.roa (raw, json)
Hash identifier: 0x+BFtxazKOCR+DSsrAJBf1zWaA4QTnOJfG2WGN6BZI=
Subject key identifier: 5F:F6:FE:6E:F7:F5:DF:F4:B3:FE:99:2B:20:46:24:4D:89:51:39:F3
Certificate issuer: /CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Certificate serial: 212A
Authority key identifier: 53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/C48E0A1C152B11EFAEB3917EC4F9AE02.roa
Signing time: Sat 18 May 2024 15:32:52 +0000
ROA not before: Sat 18 May 2024 15:32:52 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 180.210.221.0/24 maxlen: 24
180.210.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 10:42:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8490 (0x212a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Validity
Not Before: May 18 15:32:52 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6648ca24-752a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b8:88:98:6b:94:1b:20:56:7e:93:b7:31:f8:
33:71:4a:23:42:05:37:3f:6b:96:99:be:4a:bb:52:
90:76:71:f1:e7:fa:87:5a:00:a2:d4:a3:2c:9e:cc:
4c:5c:e0:7b:bf:14:63:cd:f9:5d:ef:29:52:f4:f2:
37:6d:81:9a:90:78:28:62:55:02:80:54:c4:2f:d8:
44:5a:a8:b8:82:6a:a8:ab:ed:3c:db:fb:e1:d0:e1:
5a:51:de:12:e6:2d:a0:e8:f9:ea:50:1d:c7:61:50:
2b:ca:23:32:32:d6:68:78:30:4a:c5:fa:56:bf:9d:
1b:97:31:91:2b:db:00:1e:1d:08:1f:fd:56:a9:ac:
e3:e6:a0:66:e0:77:c9:17:50:85:24:91:f1:a7:f2:
2f:e1:92:1e:d2:1c:d6:57:e8:88:76:f1:a6:97:99:
6b:32:64:23:54:83:e8:76:f5:20:63:5e:c4:0e:fa:
31:82:2f:be:48:0e:aa:af:4a:7f:f5:18:38:0a:ef:
fd:15:54:bc:ba:b1:0b:43:10:7d:2d:25:d9:c5:18:
02:22:00:49:ea:f9:a6:09:58:a0:35:e3:ed:82:fc:
24:04:27:c2:94:88:ca:d5:ea:5d:9e:d5:7e:73:6b:
56:4c:b3:68:c5:86:41:51:e6:f7:d1:16:cb:3f:94:
d8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F6:FE:6E:F7:F5:DF:F4:B3:FE:99:2B:20:46:24:4D:89:51:39:F3
X509v3 Authority Key Identifier:
keyid:53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/U78N14DbA47OFNQEWbq5xo9phTs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/C48E0A1C152B11EFAEB3917EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.210.221.0/24
180.210.223.0/24
Signature Algorithm: sha256WithRSAEncryption
af:09:7a:56:6b:5b:68:9a:d5:69:70:41:17:b1:5f:19:2c:9c:
d8:a1:38:49:58:d1:0a:f1:d6:34:ee:89:a2:de:da:45:15:65:
6e:e1:53:a1:6d:f0:7f:82:6d:bd:12:f0:80:b6:c6:c9:10:c4:
9c:dc:fe:32:a2:79:47:9f:fe:5e:ee:79:e0:85:16:88:89:35:
3c:0a:6e:2f:be:58:4c:3c:e7:27:ba:33:bf:9e:f2:c5:9e:fb:
95:d8:90:d0:28:52:e4:ea:22:6f:cb:bd:87:bb:b3:a3:95:ff:
60:94:c0:3b:bd:13:fb:36:a4:32:ad:35:f1:82:47:f5:d0:b1:
48:ce:2c:5a:8b:1a:d0:0d:57:38:92:2e:21:09:11:69:8f:d6:
ce:4f:6f:ae:5c:b8:35:b4:5f:00:26:4a:aa:76:88:a2:b8:a4:
c9:f9:b8:d0:01:99:4a:08:7a:34:39:74:c6:f0:f7:28:02:06:
d0:b3:93:23:bf:50:68:b6:ec:8e:fe:75:6e:f6:6a:dc:26:0f:
c1:0c:6d:0e:98:a2:0b:37:e8:22:52:ae:d2:a4:81:68:3f:a7:
6a:3b:18:cd:3a:d4:da:e7:ac:09:43:8c:e3:ed:d7:7a:0c:b8:
b0:aa:80:a6:b8:9c:16:90:f9:ae:a1:08:18:bd:31:03:49:e4:
b5:d2:c3:09
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICISowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDRDYxMTAvBgNVBAUTKDUzQkYwREQ3ODBEQjAzOEVDRTE0RDQwNDU5QkFCOUM2
OEY2OTg1M0IwHhcNMjQwNTE4MTUzMjUyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ4Y2EyNC03NTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzriImGuUGyBWfpO3MfgzcUojQgU3P2uWmb5Ku1KQdnHx5/qHWgCi1KMsnsxM
XOB7vxRjzfld7ylS9PI3bYGakHgoYlUCgFTEL9hEWqi4gmqoq+082/vh0OFaUd4S
5i2g6PnqUB3HYVAryiMyMtZoeDBKxfpWv50blzGRK9sAHh0IH/1Wqazj5qBm4HfJ
F1CFJJHxp/Iv4ZIe0hzWV+iIdvGml5lrMmQjVIPodvUgY17EDvoxgi++SA6qr0p/
9Rg4Cu/9FVS8urELQxB9LSXZxRgCIgBJ6vmmCVigNePtgvwkBCfClIjK1epdntV+
c2tWTLNoxYZBUeb30RbLP5TYZwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFF/2/m73
9d/0s/6ZKyBGJE2JUTnzMB8GA1UdIwQYMBaAFFO/DdeA2wOOzhTUBFm6ucaPaYU7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkNENi8xRTlFMUFBQ0Qy
RUExMUU1QUZCMUUyNENDNEY5QUUwMi9VNzhOMTREYkE0N09GTlFFV2JxNXhvOXBo
VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3OE4xNERiQTQ3T0ZOUUVXYnE1eG85cGhUcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDRDYvMUU5RTFBQUNEMkVBMTFFNUFGQjFFMjRDQzRGOUFFMDIvQzQ4RTBBMUMx
NTJCMTFFRkFFQjM5MTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAC00t0DBAC00t8wDQYJKoZIhvcNAQELBQADggEBAK8JelZr
W2ia1WlwQRexXxksnNihOElY0Qrx1jTuiaLe2kUVZW7hU6Ft8H+Cbb0S8IC2xskQ
xJzc/jKieUef/l7ueeCFFoiJNTwKbi++WEw85ye6M7+e8sWe+5XYkNAoUuTqIm/L
vYe7s6OV/2CUwDu9E/s2pDKtNfGCR/XQsUjOLFqLGtANVziSLiEJEWmP1s5Pb65c
uDW0XwAmSqp2iKK4pMn5uNABmUoIejQ5dMbw9ygCBtCzkyO/UGi27I7+dW72atwm
D8EMbQ6Yogs36CJSrtKkgWg/p2o7GM061NrnrAlDjOPt13oMuLCqgKa4nBaQ+a6h
CBi9MQNJ5LXSwwk=
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:51 2024 by rpki-client on console-fra.rpki-client.org