Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/2AC04D9EC4C411EE98B3511DC4F9AE02.roa
File: 2AC04D9EC4C411EE98B3511DC4F9AE02.roa (raw, json)
Hash identifier: /aOeQJ2jQFVir/lNJ5oN+UNg1WYcs8DsO57122YjZk0=
Subject key identifier: 80:EB:DF:5E:5F:B8:15:9C:C8:8F:22:AB:10:8A:93:3D:E7:E6:42:EE
Certificate issuer: /CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Certificate serial: FF
Authority key identifier: D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/2AC04D9EC4C411EE98B3511DC4F9AE02.roa
Signing time: Tue 06 Feb 2024 07:48:51 +0000
ROA not before: Tue 06 Feb 2024 07:48:51 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 149196
IP address blocks: 45.127.193.0/24 maxlen: 24
45.127.194.0/24 maxlen: 24
45.127.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 10:43:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 255 (0xff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Validity
Not Before: Feb 6 07:48:51 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65c1e462-567f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:37:9e:30:70:66:4f:b5:6f:de:dd:ae:98:ea:
c9:50:7b:e4:2a:aa:dd:e9:b6:8e:fc:f4:bd:48:08:
a7:b8:7a:d9:ae:c2:2a:ec:fb:c1:f0:c4:00:97:0a:
b1:b1:25:4c:0a:94:8e:f2:f8:6d:fe:16:3e:43:99:
5f:ba:bb:71:06:fb:e4:7c:1f:25:19:7a:2a:e6:bc:
1d:ca:2b:53:cd:f0:03:9b:e3:47:f7:6a:98:fa:0c:
18:1f:dc:6e:43:bc:5d:12:00:9c:72:ab:55:ef:7a:
64:5a:3a:cc:ba:dd:34:f6:52:5f:5a:20:50:11:19:
42:bf:34:01:c9:94:30:de:3d:5c:a8:60:f2:a3:ba:
3f:9b:d3:77:31:ac:ea:c7:a3:99:f0:e3:0a:70:61:
0e:2c:56:58:63:18:5e:ef:05:a1:3a:7a:f2:ba:9b:
d7:38:0c:22:ad:62:04:7d:c0:cf:b8:7d:ed:71:6f:
44:31:ae:32:b7:13:1a:65:71:27:fa:6f:a6:67:6c:
b1:08:48:ab:d0:85:ee:de:ee:9e:5a:38:9b:82:5e:
e9:bb:39:e5:86:97:98:89:39:53:34:87:0b:29:bf:
77:b2:7d:31:52:0e:ad:0b:62:8e:2b:e1:5c:27:b3:
76:3a:77:ad:0e:7a:e2:28:b8:9d:c4:e5:77:79:ae:
95:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:EB:DF:5E:5F:B8:15:9C:C8:8F:22:AB:10:8A:93:3D:E7:E6:42:EE
X509v3 Authority Key Identifier:
keyid:D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/0bjmcZc1WQIPhwPRfc2JJpLmQKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/2AC04D9EC4C411EE98B3511DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.193.0-45.127.195.255
Signature Algorithm: sha256WithRSAEncryption
06:1d:fe:28:af:fb:7a:bc:76:7a:87:ad:70:4d:aa:4c:e8:42:
2a:4a:15:4e:80:b2:51:c8:a2:4e:d5:7c:c2:0e:3b:17:d9:59:
85:59:87:be:e5:4d:10:20:c5:61:28:41:ad:3a:b1:7b:3a:64:
30:2a:cf:93:83:36:0a:5e:fd:2f:54:32:3b:fa:37:6a:8e:63:
8f:f9:4b:0c:02:49:51:a1:df:20:cd:79:95:ed:1d:56:11:7a:
2d:72:1d:da:77:b5:b9:fb:62:8f:a9:4b:09:fe:49:91:e3:89:
76:c6:15:7e:dc:b7:10:40:6b:30:f6:1e:8f:07:e3:f8:ef:ea:
9c:e0:f3:af:06:f5:04:18:8c:2b:d5:76:81:3a:70:a1:d5:53:
9e:47:52:95:14:f3:26:ef:6b:b0:b1:85:e0:19:ed:6e:1b:b0:
72:fd:3d:9d:69:f7:7c:87:2f:08:db:69:16:7a:f7:ea:93:68:
7d:b0:e2:15:9c:56:63:ff:9b:42:dd:22:cf:38:60:e3:dc:88:
bc:d5:40:91:b6:39:ab:6f:3b:9c:42:28:26:5a:47:45:cc:44:
e0:e0:07:1c:87:9e:da:bc:d7:d7:7d:52:8a:ad:10:33:2d:3c:
4c:07:fd:88:23:6e:cc:96:a6:9b:c8:c6:e7:99:cf:fa:4d:15:
81:c7:ed:81
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVDMDgxMTAvBgNVBAUTKEQxQjhFNjcxOTczNTU5MDIwRjg3MDNEMTdEQ0Q4OTI2
OTJFNjQwQTIwHhcNMjQwMjA2MDc0ODUxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWMxZTQ2Mi01NjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArzeeMHBmT7Vv3t2umOrJUHvkKqrd6baO/PS9SAinuHrZrsIq7PvB8MQAlwqx
sSVMCpSO8vht/hY+Q5lfurtxBvvkfB8lGXoq5rwdyitTzfADm+NH92qY+gwYH9xu
Q7xdEgCccqtV73pkWjrMut009lJfWiBQERlCvzQByZQw3j1cqGDyo7o/m9N3Mazq
x6OZ8OMKcGEOLFZYYxhe7wWhOnryupvXOAwirWIEfcDPuH3tcW9EMa4ytxMaZXEn
+m+mZ2yxCEir0IXu3u6eWjibgl7puznlhpeYiTlTNIcLKb93sn0xUg6tC2KOK+Fc
J7N2OnetDnriKLidxOV3ea6VDQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFIDr315f
uBWcyI8iqxCKkz3n5kLuMB8GA1UdIwQYMBaAFNG45nGXNVkCD4cD0X3NiSaS5kCi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUMwOC84MTJBMkM1ODdE
M0IxMUVEOThCRjlFNDhDNEY5QUUwMi8wYmptY1pjMVdRSVBod1BSZmMySkpwTG1R
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBiam1jWmMxV1FJUGh3UFJmYzJKSnBMbVFLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVDMDgvODEyQTJDNTg3RDNCMTFFRDk4QkY5RTQ4QzRGOUFFMDIvMkFDMDREOUVD
NEM0MTFFRTk4QjM1MTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAC1/wQMEAi1/wDANBgkqhkiG9w0BAQsFAAOCAQEABh3+
KK/7erx2eoetcE2qTOhCKkoVToCyUciiTtV8wg47F9lZhVmHvuVNECDFYShBrTqx
ezpkMCrPk4M2Cl79L1QyO/o3ao5jj/lLDAJJUaHfIM15le0dVhF6LXId2ne1ufti
j6lLCf5JkeOJdsYVfty3EEBrMPYejwfj+O/qnODzrwb1BBiMK9V2gTpwodVTnkdS
lRTzJu9rsLGF4Bntbhuwcv09nWn3fIcvCNtpFnr36pNofbDiFZxWY/+bQt0izzhg
49yIvNVAkbY5q287nEIoJlpHRcxE4OAHHIee2rzX131Siq0QMy08TAf9iCNuzJam
m8jG55nP+k0VgcftgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org