Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/B8E9588E1CEE11ECA21F9310C4F9AE02.roa
File: B8E9588E1CEE11ECA21F9310C4F9AE02.roa (raw, json)
Hash identifier: F27tmIqPBiNtA6FE1VvbXGdfoXjjJPawNgocmhTzN44=
Subject key identifier: 72:97:74:16:B6:3D:8F:C7:AB:28:EB:61:60:91:6F:F8:89:FE:7D:A4
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 34D6
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/B8E9588E1CEE11ECA21F9310C4F9AE02.roa
Signing time: Tue 26 Sep 2023 14:30:17 +0000
ROA not before: Tue 26 Sep 2023 14:30:17 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 131884
IP address blocks: 1.18.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 07:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13526 (0x34d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Validity
Not Before: Sep 26 14:30:17 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6512eaf9-bff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:08:34:e5:ac:6c:e0:3b:01:84:e3:0a:30:77:
16:61:21:ba:ee:ff:77:46:95:c9:00:cc:fb:00:4c:
9e:15:38:ba:0a:68:5f:c7:8e:f3:bb:a4:97:35:00:
50:c3:9b:7e:90:50:b9:55:86:bb:12:b7:37:51:85:
51:92:07:2f:f1:3a:fe:c9:9e:45:39:d5:dd:96:1e:
a7:8b:58:d0:ba:db:95:77:ca:42:08:a2:c0:52:b1:
cd:76:28:dc:3e:cc:4c:6b:5b:f6:7e:a8:d1:e9:01:
3b:a1:49:72:b0:90:57:d2:8a:32:56:71:bc:22:e6:
e8:55:a1:db:4f:86:be:d5:e0:8e:b1:33:63:09:49:
ee:06:c4:be:c7:71:48:40:61:65:0a:d2:5e:77:1d:
c2:13:02:52:fd:f2:01:88:45:82:7a:01:2d:d4:1b:
b9:29:50:b6:cb:13:d2:49:91:89:7d:4a:40:9d:9a:
7a:a7:27:e4:5e:a3:8e:ab:2f:90:a5:a5:37:fd:57:
53:77:d2:a2:96:d1:c1:06:d6:3b:7e:32:00:77:35:
f7:3e:78:be:9a:4a:bb:09:75:6c:1b:11:36:d2:81:
25:62:52:b0:a7:72:ac:91:df:98:83:b5:4e:e0:a2:
a6:25:c0:bf:de:85:0b:cb:0e:64:16:60:7d:5b:a4:
45:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:97:74:16:B6:3D:8F:C7:AB:28:EB:61:60:91:6F:F8:89:FE:7D:A4
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/B8E9588E1CEE11ECA21F9310C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.18.121.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:a6:bd:2f:bd:3e:32:bc:a7:66:d7:c1:ed:e0:99:0b:2f:a7:
2a:76:a5:da:a6:3c:43:e8:b8:ed:21:e8:ea:fb:aa:43:eb:85:
51:94:2b:ca:9f:0d:29:f9:0f:15:91:91:6a:5d:35:1b:db:3c:
1b:8e:ef:83:c8:9b:93:21:bf:5d:1b:bc:65:e7:37:6a:fc:76:
f7:99:af:ce:28:5b:53:c5:35:67:df:91:90:ff:fb:53:a7:14:
bd:68:47:f6:d5:14:95:d7:1c:56:2b:39:9b:d2:9d:86:4b:2e:
39:9e:3f:88:6f:dc:f3:b6:97:3c:4d:dc:0e:2e:f8:88:5e:ca:
14:f9:46:1d:78:3f:53:9e:fe:c8:3c:94:5f:9a:47:19:cf:fe:
e5:2f:2f:8d:83:4e:f2:74:45:42:5f:73:d4:cd:f6:54:a4:b6:
b3:e9:16:9f:00:31:3b:02:90:72:46:e8:03:ba:86:5f:25:c9:
92:13:79:cb:82:a0:94:f8:b3:34:50:1f:d9:8c:f0:26:84:1c:
21:19:67:de:85:3e:b2:8b:e1:3f:1e:10:6d:37:a6:be:8b:ed:
1f:ed:43:f5:39:9b:bb:b8:56:da:9a:63:81:9a:c6:81:9d:1c:
7b:a2:4a:17:04:14:48:3d:79:94:8a:79:d0:c3:2e:19:25:16:
00:26:5e:8f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNNYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjMwOTI2MTQzMDE3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEyZWFmOS1iZmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Ag05axs4DsBhOMKMHcWYSG67v93RpXJAMz7AEyeFTi6Cmhfx47zu6SXNQBQ
w5t+kFC5VYa7Erc3UYVRkgcv8Tr+yZ5FOdXdlh6ni1jQutuVd8pCCKLAUrHNdijc
PsxMa1v2fqjR6QE7oUlysJBX0ooyVnG8IuboVaHbT4a+1eCOsTNjCUnuBsS+x3FI
QGFlCtJedx3CEwJS/fIBiEWCegEt1Bu5KVC2yxPSSZGJfUpAnZp6pyfkXqOOqy+Q
paU3/VdTd9KiltHBBtY7fjIAdzX3Pni+mkq7CXVsGxE20oElYlKwp3Kskd+Yg7VO
4KKmJcC/3oULyw5kFmB9W6RFXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHKXdBa2
PY/HqyjrYWCRb/iJ/n2kMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvQjhFOTU4OEUx
Q0VFMTFFQ0EyMUY5MzEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAABEnkwDQYJKoZIhvcNAQELBQADggEBAK6mvS+9PjK8p2bX
we3gmQsvpyp2pdqmPEPouO0h6Or7qkPrhVGUK8qfDSn5DxWRkWpdNRvbPBuO74PI
m5Mhv10bvGXnN2r8dveZr84oW1PFNWffkZD/+1OnFL1oR/bVFJXXHFYrOZvSnYZL
LjmeP4hv3PO2lzxN3A4u+IheyhT5Rh14P1Oe/sg8lF+aRxnP/uUvL42DTvJ0RUJf
c9TN9lSktrPpFp8AMTsCkHJG6AO6hl8lyZITecuCoJT4szRQH9mM8CaEHCEZZ96F
PrKL4T8eEG03pr6L7R/tQ/U5m7u4VtqaY4GaxoGdHHuiShcEFEg9eZSKedDDLhkl
FgAmXo8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org