Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/AF84D20EF23F11EE9CC9C846C4F9AE02.roa
File: AF84D20EF23F11EE9CC9C846C4F9AE02.roa (raw, json)
Hash identifier: aEU5aV/563HwrklF9WqrqBn5KgGadHsBPRsYBxlkoXs=
Subject key identifier: 33:A3:C4:D9:A0:C3:D5:71:CF:B7:1E:31:D0:58:83:21:55:C8:84:2E
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 35FA
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/AF84D20EF23F11EE9CC9C846C4F9AE02.roa
Signing time: Fri 16 Aug 2024 14:40:32 +0000
ROA not before: Fri 16 Aug 2024 14:40:32 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 400395
IP address blocks: 115.71.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 23:52:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13818 (0x35fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Validity
Not Before: Aug 16 14:40:32 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66bf64e0-7a55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ab:c6:c1:0b:a2:3b:cf:42:a7:14:55:10:99:
20:97:fc:8f:a6:f7:f6:31:22:e8:a0:ff:bc:5d:ea:
b3:ff:0d:ec:e7:9c:79:6c:a7:09:c4:53:67:d0:10:
3e:e2:87:cb:5c:4b:e8:80:76:db:bd:74:c9:79:3b:
ca:2c:81:4d:3f:19:e1:36:22:34:a6:fa:a0:f2:09:
e2:29:c6:d7:aa:7e:3c:f2:9b:3d:09:61:8a:a9:43:
db:82:a9:1e:a3:40:30:cc:1d:5c:2e:4b:9c:06:44:
e6:e3:49:a4:8d:2e:0a:f3:7b:26:48:06:5c:36:af:
ce:a5:0e:3d:a1:33:cd:9b:d3:11:80:75:9d:1f:80:
99:82:08:16:34:d3:d5:10:d4:37:e5:c8:10:7f:78:
49:06:6c:27:84:ef:38:42:5f:a6:08:da:44:29:3e:
2a:1b:a0:48:23:ab:06:38:5c:27:0a:1d:e5:8d:4d:
fb:6a:cc:d8:85:19:47:fc:5a:03:97:af:e6:1c:be:
15:1c:2f:72:1f:a4:bc:2f:ca:57:e1:6f:4d:63:50:
61:a0:37:a0:51:dc:a4:15:7e:a8:f3:b4:58:48:9f:
b5:02:b2:4f:34:a9:0f:f6:09:8b:18:55:df:f4:4d:
7c:db:c4:76:09:d2:41:90:14:38:55:ae:dc:5b:b3:
28:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A3:C4:D9:A0:C3:D5:71:CF:B7:1E:31:D0:58:83:21:55:C8:84:2E
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/AF84D20EF23F11EE9CC9C846C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.71.26.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:99:69:2a:70:fb:93:8b:82:30:37:d0:80:4f:b0:2a:e5:bf:
88:33:01:12:6f:85:2c:a3:3c:03:bf:ed:d6:c4:0e:5a:65:5c:
98:2f:4e:7f:76:7f:3d:1c:02:04:95:3f:24:f4:52:df:82:0d:
0a:e3:a5:a8:a8:fa:06:f1:84:04:e3:20:6c:af:b8:94:d3:2c:
b2:79:67:c0:05:90:f2:c5:83:67:a7:dc:ff:47:42:eb:6a:ad:
14:61:34:d3:cf:ec:99:44:06:78:db:51:30:df:62:33:c4:6c:
2a:7d:f7:50:d7:4f:64:f1:fe:5f:51:af:11:5b:89:12:a4:d1:
90:71:cd:a9:eb:cc:6c:ca:b1:12:0a:2c:cc:78:50:1b:67:6e:
47:65:97:30:c3:b0:9c:64:78:96:8e:a9:b1:d4:01:9b:5f:8b:
fa:e8:73:af:80:2f:4e:4e:fd:95:10:56:24:d4:7a:14:f5:15:
9f:f8:1d:52:57:29:8f:13:0b:38:5c:9f:af:cf:34:c9:04:e8:
1c:ff:90:56:30:51:4c:ef:5e:57:2c:e6:8a:67:ba:a0:9a:17:
6d:04:bd:1a:a1:62:3d:9f:61:9d:82:b4:28:72:3b:15:c0:43:
89:88:6f:59:34:0f:24:9c:77:1c:40:30:80:4e:4a:3b:d1:86:
dc:4e:10:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjQwODE2MTQ0MDMyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJmNjRlMC03YTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs6vGwQuiO89CpxRVEJkgl/yPpvf2MSLooP+8Xeqz/w3s55x5bKcJxFNn0BA+
4ofLXEvogHbbvXTJeTvKLIFNPxnhNiI0pvqg8gniKcbXqn488ps9CWGKqUPbgqke
o0AwzB1cLkucBkTm40mkjS4K83smSAZcNq/OpQ49oTPNm9MRgHWdH4CZgggWNNPV
ENQ35cgQf3hJBmwnhO84Ql+mCNpEKT4qG6BII6sGOFwnCh3ljU37aszYhRlH/FoD
l6/mHL4VHC9yH6S8L8pX4W9NY1BhoDegUdykFX6o87RYSJ+1ArJPNKkP9gmLGFXf
9E1828R2CdJBkBQ4Va7cW7MopQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDOjxNmg
w9Vxz7ceMdBYgyFVyIQuMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvQUY4NEQyMEVG
MjNGMTFFRTlDQzlDODQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABzRxowDQYJKoZIhvcNAQELBQADggEBAOGZaSpw+5OLgjA3
0IBPsCrlv4gzARJvhSyjPAO/7dbEDlplXJgvTn92fz0cAgSVPyT0Ut+CDQrjpaio
+gbxhATjIGyvuJTTLLJ5Z8AFkPLFg2en3P9HQutqrRRhNNPP7JlEBnjbUTDfYjPE
bCp991DXT2Tx/l9RrxFbiRKk0ZBxzanrzGzKsRIKLMx4UBtnbkdllzDDsJxkeJaO
qbHUAZtfi/roc6+AL05O/ZUQViTUehT1FZ/4HVJXKY8TCzhcn6/PNMkE6Bz/kFYw
UUzvXlcs5opnuqCaF20EvRqhYj2fYZ2CtChyOxXAQ4mIb1k0DyScdxxAMIBOSjvR
htxOEPA=
-----END CERTIFICATE-----
Generated at Tue Nov 19 02:45:13 2024 by rpki-client on console-ams.rpki-client.org