Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/75B648D801D411EFB2DE3D3EC4F9AE02.roa
File: 75B648D801D411EFB2DE3D3EC4F9AE02.roa (raw, json)
Hash identifier: 1aPoLo+2OwxehEUkL1IGiPtZfAh5XCicv9eCtrdXdiA=
Subject key identifier: 10:74:09:A3:D4:E0:35:AB:26:A0:3B:3E:6D:87:CA:06:5B:8A:D9:6C
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 3582
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/75B648D801D411EFB2DE3D3EC4F9AE02.roa
Signing time: Wed 24 Apr 2024 00:49:09 +0000
ROA not before: Wed 24 Apr 2024 00:49:09 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 138195
IP address blocks: 49.128.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 May 2024 06:53:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13698 (0x3582)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Validity
Not Before: Apr 24 00:49:09 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=66285705-c15a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9a:2a:89:ea:7b:0c:7b:41:e6:f2:61:2e:73:
28:39:66:31:ea:a6:40:5f:15:c7:39:5b:e4:e7:1a:
c2:8c:8b:d3:48:a8:ef:34:57:1e:aa:a7:fc:db:62:
6e:e7:50:3c:3b:38:01:ff:11:c6:c0:8b:ea:96:0b:
f5:bb:af:9c:a0:0e:87:0e:4a:41:cf:2f:2c:5c:8a:
8d:8c:24:4c:ef:e0:cc:01:57:f3:07:47:39:ea:68:
78:01:57:dc:2b:53:bf:6e:e1:db:81:e2:dc:d8:94:
d3:ae:ae:54:a7:19:b4:32:18:8a:ba:e6:6d:57:4a:
d3:40:46:d9:f3:d4:5f:15:6d:4b:83:89:1a:cd:a1:
bb:d5:59:75:bc:3d:11:a9:ca:5d:8f:1a:1f:71:32:
52:96:07:dd:0e:bb:68:bd:45:49:ef:6d:4b:7b:28:
0d:96:f4:e2:d5:42:96:ea:22:02:7b:e3:84:ca:2f:
6a:5f:76:c6:fa:36:50:7f:b3:42:d6:c2:55:3e:35:
87:c2:ea:a3:a5:43:28:db:a6:5f:2d:0b:57:61:3d:
d5:e1:ca:50:56:9c:72:7e:f6:e8:24:a8:98:e2:00:
21:56:d4:cf:0f:df:54:9e:cd:fd:a0:af:9a:70:9f:
4a:9a:69:49:9e:ba:82:75:d0:80:f8:d4:cb:ce:c8:
38:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:74:09:A3:D4:E0:35:AB:26:A0:3B:3E:6D:87:CA:06:5B:8A:D9:6C
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/75B648D801D411EFB2DE3D3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.128.219.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:a1:63:54:05:c0:b7:55:ff:b9:49:71:47:78:c7:6c:b5:e9:
d4:97:f5:6b:1f:af:79:cd:ce:49:e1:e9:65:27:b1:69:56:ff:
0b:09:bb:18:d7:95:d2:02:30:1c:ef:81:1d:e4:e6:93:bf:a4:
07:63:38:62:02:68:11:64:cb:e0:7e:82:c1:9e:32:9a:15:62:
b4:ff:50:19:d1:18:a7:eb:93:d1:5c:e2:60:ca:4d:31:9e:dd:
ae:a8:23:50:cd:b6:31:c2:8a:c9:df:94:a2:bb:e4:77:84:73:
c6:23:07:c2:68:30:a8:e4:b9:d5:32:ce:19:c1:7a:0a:1f:5b:
00:d5:89:36:1e:b1:f9:f3:d4:24:50:a6:10:d4:8c:00:be:e8:
cc:b7:91:fd:4f:8f:61:78:d2:69:c3:e1:4a:ca:c5:ee:2e:19:
7f:60:84:10:df:87:3f:98:01:a9:f4:c6:2c:8a:0d:8e:67:a1:
cc:bd:42:9e:7d:a4:90:2b:0d:dc:9c:21:f1:56:de:f5:2d:8d:
da:5e:f3:f2:d9:8d:01:03:31:9b:d1:36:35:76:ce:64:15:ac:
c1:55:cb:dc:5a:77:5c:57:c2:41:fd:cf:03:b2:c9:96:08:6b:
dc:c0:1e:41:93:e6:cd:95:0d:bc:7c:c5:eb:4d:cd:c8:6b:35:
27:b1:08:e7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjQwNDI0MDA0OTA5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI4NTcwNS1jMTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs5oqiep7DHtB5vJhLnMoOWYx6qZAXxXHOVvk5xrCjIvTSKjvNFceqqf822Ju
51A8OzgB/xHGwIvqlgv1u6+coA6HDkpBzy8sXIqNjCRM7+DMAVfzB0c56mh4AVfc
K1O/buHbgeLc2JTTrq5Upxm0MhiKuuZtV0rTQEbZ89RfFW1Lg4kazaG71Vl1vD0R
qcpdjxofcTJSlgfdDrtovUVJ721LeygNlvTi1UKW6iICe+OEyi9qX3bG+jZQf7NC
1sJVPjWHwuqjpUMo26ZfLQtXYT3V4cpQVpxyfvboJKiY4gAhVtTPD99Uns39oK+a
cJ9KmmlJnrqCddCA+NTLzsg4UQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBB0CaPU
4DWrJqA7Pm2HygZbitlsMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvNzVCNjQ4RDgw
MUQ0MTFFRkIyREUzRDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAxgNswDQYJKoZIhvcNAQELBQADggEBAMChY1QFwLdV/7lJ
cUd4x2y16dSX9Wsfr3nNzknh6WUnsWlW/wsJuxjXldICMBzvgR3k5pO/pAdjOGIC
aBFky+B+gsGeMpoVYrT/UBnRGKfrk9Fc4mDKTTGe3a6oI1DNtjHCisnflKK75HeE
c8YjB8JoMKjkudUyzhnBegofWwDViTYesfnz1CRQphDUjAC+6My3kf1Pj2F40mnD
4UrKxe4uGX9ghBDfhz+YAan0xiyKDY5nocy9Qp59pJArDdycIfFW3vUtjdpe8/LZ
jQEDMZvRNjV2zmQVrMFVy9xad1xXwkH9zwOyyZYIa9zAHkGT5s2VDbx8xetNzchr
NSexCOc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org