Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/B172FC2CA69A11ED83470E12C4F9AE02.roa
File: B172FC2CA69A11ED83470E12C4F9AE02.roa (raw, json)
Hash identifier: U55Zauq8la8zLSTkpkvq3SkYSyGc3n4qxjLGq3C3n4I=
Subject key identifier: 61:AD:89:1A:35:4F:3D:93:EA:22:35:B8:EA:FC:3B:93:BD:84:72:AA
Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101
Certificate serial: 054F
Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/B172FC2CA69A11ED83470E12C4F9AE02.roa
Signing time: Wed 04 Oct 2023 23:41:19 +0000
ROA not before: Wed 04 Oct 2023 23:41:19 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 9790
IP address blocks: 131.203.0.0/16 maxlen: 20
131.203.29.0/24 maxlen: 24
131.203.48.0/24 maxlen: 24
131.203.49.0/24 maxlen: 24
131.203.78.0/24 maxlen: 24
131.203.79.0/24 maxlen: 24
158.140.224.0/20 maxlen: 24
158.140.240.0/21 maxlen: 24
158.140.248.0/22 maxlen: 24
161.29.0.0/16 maxlen: 20
161.65.0.0/19 maxlen: 20
161.65.64.0/18 maxlen: 20
161.65.128.0/19 maxlen: 19
161.65.192.0/18 maxlen: 20
Validation: Failed, certificate revoked on Thu 16 Nov 2023 20:59:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1359 (0x54f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101
Validity
Not Before: Oct 4 23:41:19 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651df81f-b870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c7:28:e7:d5:9e:d7:4b:d8:77:81:23:3e:17:
44:f7:7d:a4:75:db:ac:b4:01:f4:66:09:d4:75:84:
29:5d:7e:9f:69:a5:0d:e0:89:06:dc:be:d4:bb:f2:
b7:0e:a0:bc:e2:55:7e:b4:48:75:6e:eb:9b:bf:4c:
d4:44:5b:fc:df:6b:36:b1:5e:66:d5:e2:a6:a1:c4:
70:b9:fd:00:de:2c:61:af:3e:6d:49:18:67:98:4b:
ba:44:ac:5b:fe:94:fc:57:0a:96:39:10:18:6c:23:
d6:70:7e:55:fd:73:2f:72:c3:ae:ea:dc:21:03:45:
23:3e:13:f6:d9:d6:82:31:0e:94:3b:d3:c5:df:90:
8a:15:4a:85:3e:2e:4e:ee:be:24:b2:50:86:36:0c:
ac:3a:5e:dd:e0:a7:b2:1a:b5:1c:94:8c:71:9c:07:
a0:70:a1:01:e9:75:ec:b0:7a:d1:94:b8:0e:44:cd:
3d:2e:ba:92:27:fd:15:20:2b:5a:75:f1:7a:07:ba:
26:64:0d:39:bf:8f:89:a6:60:e0:6f:7d:fa:5f:78:
82:ea:d8:59:98:61:56:d7:91:ca:92:3e:56:e2:db:
2a:71:30:c9:2f:87:5f:be:45:73:87:3e:c1:8e:8d:
40:02:98:79:3d:ee:d8:ae:32:93:1d:a6:e5:06:4b:
dd:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:AD:89:1A:35:4F:3D:93:EA:22:35:B8:EA:FC:3B:93:BD:84:72:AA
X509v3 Authority Key Identifier:
keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/B172FC2CA69A11ED83470E12C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
131.203.0.0/16
158.140.224.0-158.140.251.255
161.29.0.0/16
161.65.0.0/19
161.65.64.0-161.65.159.255
161.65.192.0/18
Signature Algorithm: sha256WithRSAEncryption
52:08:7c:aa:00:8d:43:b7:24:fa:5a:34:90:98:3c:1d:d0:41:
29:8f:5f:5b:a5:7e:c4:17:8e:7d:4e:ed:74:3d:ee:b8:46:a7:
a3:a5:42:25:d2:1b:f5:be:7a:71:28:44:a3:08:af:9d:7f:9e:
34:3a:a9:ed:c9:ac:48:31:a8:fb:83:8a:74:83:0f:52:47:3c:
98:fa:af:1e:f6:c6:a9:f0:5b:26:16:1e:0d:af:13:cf:3c:fb:
f6:6d:b8:e4:c3:6a:33:8b:90:10:a2:c7:2b:ec:e4:48:b2:c0:
33:0c:74:c6:6e:c1:74:51:6a:8f:4e:17:bf:b1:c4:3f:96:16:
0c:5e:25:93:ea:7e:0d:d2:bc:6e:45:a9:a9:58:05:93:c4:2a:
c4:53:34:f9:3e:fa:0d:d6:db:02:a9:43:d9:fc:8f:42:e8:b5:
2b:02:0f:b6:52:ab:f9:8e:47:ee:a9:8e:76:28:d0:1e:23:3f:
14:a2:c9:e4:68:a4:0a:58:4d:76:9c:52:8b:3d:a3:df:07:86:
ba:25:ef:8f:a5:7b:a6:19:a9:81:1f:d7:53:fd:c7:e0:f3:d3:
7c:db:09:9c:6c:90:22:d9:df:50:33:5a:ca:10:95:21:9e:59:
f7:b9:69:61:eb:e2:20:2c:75:76:20:2c:03:8d:4e:f0:ff:c9:
07:c5:7e:e1
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICBU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG
QkNCMDAxMDEwHhcNMjMxMDA0MjM0MTE5WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkZjgxZi1iODcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAscco59We10vYd4EjPhdE932kddustAH0ZgnUdYQpXX6faaUN4IkG3L7Uu/K3
DqC84lV+tEh1buubv0zURFv832s2sV5m1eKmocRwuf0A3ixhrz5tSRhnmEu6RKxb
/pT8VwqWORAYbCPWcH5V/XMvcsOu6twhA0UjPhP22daCMQ6UO9PF35CKFUqFPi5O
7r4kslCGNgysOl7d4KeyGrUclIxxnAegcKEB6XXssHrRlLgORM09LrqSJ/0VICta
dfF6B7omZA05v4+JpmDgb336X3iC6thZmGFW15HKkj5W4tsqcTDJL4dfvkVzhz7B
jo1AAph5Pe7YrjKTHablBkvd8wIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFGGtiRo1
Tz2T6iI1uOr8O5O9hHKqMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB
UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvODY1OEU0NjY4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvQjE3MkZDMkNB
NjlBMTFFRDgzNDcwRTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MDgEAgABMDIDAwCDyzAMAwQFnozgAwQCnoz4AwMAoR0DBAWhQQAwDAMEBqFB
QAMEBaFBgAMEBqFBwDANBgkqhkiG9w0BAQsFAAOCAQEAUgh8qgCNQ7ck+lo0kJg8
HdBBKY9fW6V+xBeOfU7tdD3uuEano6VCJdIb9b56cShEowivnX+eNDqp7cmsSDGo
+4OKdIMPUkc8mPqvHvbGqfBbJhYeDa8Tzzz79m245MNqM4uQEKLHK+zkSLLAMwx0
xm7BdFFqj04Xv7HEP5YWDF4lk+p+DdK8bkWpqVgFk8QqxFM0+T76DdbbAqlD2fyP
Qui1KwIPtlKr+Y5H7qmOdijQHiM/FKLJ5GikClhNdpxSiz2j3weGuiXvj6V7phmp
gR/XU/3H4PPTfNsJnGyQItnfUDNayhCVIZ5Z97lpYeviICx1diAsA41O8P/JB8V+
4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org