Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/2639043AA9E211ED84CB9F11C4F9AE02.roa
File: 2639043AA9E211ED84CB9F11C4F9AE02.roa (raw, json)
Hash identifier: Oxvpe1f2rtJlusyLNrIbaqYOWFWAuX8How6sBnzvmhM=
Subject key identifier: 8F:2D:63:7C:80:F6:67:6E:84:E9:29:64:FA:68:72:3B:67:20:6C:1E
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 34D5
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/2639043AA9E211ED84CB9F11C4F9AE02.roa
Signing time: Wed 10 Apr 2024 11:28:29 +0000
ROA not before: Wed 10 Apr 2024 11:28:29 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 7029
IP address blocks: 175.29.128.0/21 maxlen: 24
203.76.152.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 18:22:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13525 (0x34d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Apr 10 11:28:29 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=661677dd-5cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:02:52:27:dc:3c:4c:f1:c7:27:24:48:2b:8a:
5e:df:69:fb:29:2a:24:19:ae:a5:b1:d5:e0:3d:cf:
76:50:02:b5:83:32:34:cc:67:ce:3a:50:90:62:59:
ab:0b:62:b6:1f:06:23:27:8f:17:b2:5c:2c:58:48:
ed:91:20:68:8b:d0:fc:93:ba:f8:d2:21:82:f0:a9:
e2:7c:ba:f0:af:1b:9d:9b:1f:7d:24:4c:40:b1:d2:
b9:60:c1:99:63:24:9d:f6:09:84:7d:f4:2e:37:5b:
52:01:59:89:ac:27:2c:5f:3a:eb:da:4c:6d:d6:96:
4d:5a:94:d3:fb:2c:4e:08:24:e5:66:ef:e0:bb:1d:
ff:fe:1a:36:65:f4:63:3d:03:7c:a9:74:f9:74:d9:
d1:bd:02:4a:2c:4a:1b:a2:f5:44:54:01:a1:6e:50:
c0:59:9b:96:c9:0d:6c:0e:e6:23:80:44:e7:24:4f:
e0:b7:71:8a:bf:fc:fa:97:4f:98:3b:b4:62:c4:c7:
bd:4c:0e:47:58:b1:c3:31:68:05:f3:ce:05:7e:ce:
a0:13:eb:17:e6:00:48:e3:da:be:f2:71:dc:6f:28:
4a:31:69:13:50:7f:b0:03:49:d8:1b:17:e6:47:1f:
96:25:0f:c9:81:48:b8:7a:a4:b2:25:5f:08:d2:8c:
22:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2D:63:7C:80:F6:67:6E:84:E9:29:64:FA:68:72:3B:67:20:6C:1E
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/2639043AA9E211ED84CB9F11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.128.0/21
203.76.152.0/21
Signature Algorithm: sha256WithRSAEncryption
44:17:81:6a:0e:4e:c1:79:32:14:df:49:ed:cf:d1:65:9b:59:
3a:1a:c0:aa:59:99:e3:88:08:8d:ec:15:e5:0d:99:84:d6:c4:
18:20:dc:93:be:cc:26:b8:a0:98:2f:56:d6:de:20:29:22:89:
86:36:a1:5e:5f:bb:72:7c:8a:92:fc:59:80:87:8c:ec:b8:8a:
8d:41:eb:bd:6b:ef:ca:db:2f:e6:e0:f2:de:b9:51:8c:02:a1:
9d:4b:b1:5b:f4:38:ff:fa:a1:e2:12:8f:e8:12:5c:2c:2e:6d:
8b:af:78:63:04:d8:9e:7f:47:7b:d6:52:6e:3f:f4:f3:f8:bf:
ae:5b:00:82:4d:ba:e7:3f:ae:f5:13:30:ba:82:bd:f9:00:1b:
b7:46:ea:df:b9:d9:fb:77:6f:8b:98:71:a9:a6:87:d7:08:75:
7b:3b:04:df:8a:ae:68:48:9a:48:2a:a9:62:fb:67:da:02:c0:
f5:63:75:7f:0b:f8:5e:d1:63:46:0c:6d:f0:9e:94:df:88:7b:
ea:11:8c:ed:dc:2a:f6:a8:ec:c0:c0:40:0f:43:e1:ac:8f:b8:
2a:e4:ff:f0:0b:b8:a4:c8:5e:59:a4:f4:e8:f7:8f:cb:c9:a7:
89:e2:d7:c2:16:8e:ac:36:0b:1f:e8:ec:ac:07:f8:80:af:16:
1d:b8:56:9c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNNUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjQwNDEwMTEyODI5WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE2NzdkZC01Y2YzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlwJSJ9w8TPHHJyRIK4pe32n7KSokGa6lsdXgPc92UAK1gzI0zGfOOlCQYlmr
C2K2HwYjJ48XslwsWEjtkSBoi9D8k7r40iGC8KnifLrwrxudmx99JExAsdK5YMGZ
YySd9gmEffQuN1tSAVmJrCcsXzrr2kxt1pZNWpTT+yxOCCTlZu/gux3//ho2ZfRj
PQN8qXT5dNnRvQJKLEobovVEVAGhblDAWZuWyQ1sDuYjgETnJE/gt3GKv/z6l0+Y
O7RixMe9TA5HWLHDMWgF884Ffs6gE+sX5gBI49q+8nHcbyhKMWkTUH+wA0nYGxfm
Rx+WJQ/JgUi4eqSyJV8I0owidwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFI8tY3yA
9mduhOkpZPpocjtnIGweMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvMjYzOTA0M0FB
OUUyMTFFRDg0Q0I5RjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAOvHYADBAPLTJgwDQYJKoZIhvcNAQELBQADggEBAEQXgWoO
TsF5MhTfSe3P0WWbWToawKpZmeOICI3sFeUNmYTWxBgg3JO+zCa4oJgvVtbeICki
iYY2oV5fu3J8ipL8WYCHjOy4io1B671r78rbL+bg8t65UYwCoZ1LsVv0OP/6oeIS
j+gSXCwubYuveGME2J5/R3vWUm4/9PP4v65bAIJNuuc/rvUTMLqCvfkAG7dG6t+5
2ft3b4uYcammh9cIdXs7BN+KrmhImkgqqWL7Z9oCwPVjdX8L+F7RY0YMbfCelN+I
e+oRjO3cKvao7MDAQA9D4ayPuCrk//ALuKTIXlmk9Oj3j8vJp4ni18IWjqw2Cx/o
7KwH+ICvFh24Vpw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-ams.rpki-client.org