Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/F84DF4120E8C11EE89A0B128C4F9AE02.roa
File: F84DF4120E8C11EE89A0B128C4F9AE02.roa (raw, json)
Hash identifier: vzRcvU26t6pM9TX7jixNRhU0a87b4yz9peGC5cm/y/U=
Subject key identifier: C0:30:E8:BC:C5:12:93:8A:0C:9C:1F:F6:D5:BB:3D:92:39:E2:0A:5C
Certificate issuer: /CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Certificate serial: 0B8F
Authority key identifier: 34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/F84DF4120E8C11EE89A0B128C4F9AE02.roa
Signing time: Thu 04 Apr 2024 20:28:55 +0000
ROA not before: Thu 04 Apr 2024 20:28:55 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 49532
IP address blocks: 101.99.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 07:54:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2959 (0xb8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Validity
Not Before: Apr 4 20:28:55 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660f0d87-f940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:3d:4f:76:64:94:85:0a:99:67:e5:5a:19:da:
f1:c9:1a:bf:55:17:38:e5:77:ea:72:6c:54:5f:bd:
f0:09:ca:3e:63:9d:92:78:d8:71:24:43:a8:29:02:
fb:68:bc:62:3a:07:23:d2:36:7d:20:7b:2c:0c:b8:
6a:6b:e5:4c:92:3a:1d:8e:14:8b:9a:d3:27:00:ce:
97:92:ff:6a:f6:87:5f:fd:01:88:72:fe:81:3b:18:
c5:a1:2d:c8:5b:14:4e:16:3d:1d:78:36:ec:cc:12:
32:22:68:8c:51:9a:ea:86:f9:97:6e:44:55:73:38:
f2:87:c8:8b:32:b6:e7:77:95:ca:dd:58:90:db:43:
5d:7e:8a:42:07:5b:72:ee:62:72:31:c4:0b:1d:54:
28:f5:b8:88:52:b4:96:99:1a:6a:4b:43:29:06:8b:
f5:fb:dc:ea:c1:1c:03:e1:73:93:5f:32:16:80:cf:
82:ca:7f:d4:b9:b8:43:21:b8:7b:4a:b8:fc:19:f6:
55:e8:06:33:f5:8f:0d:e2:1a:f1:f5:34:06:9a:df:
07:40:4b:d2:b5:cd:49:61:49:3f:b0:65:78:45:88:
66:9c:e5:f3:6a:1c:f2:31:aa:1f:bd:66:de:ec:6f:
03:42:7b:41:58:7a:fb:81:28:98:8b:eb:da:ec:01:
dc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:30:E8:BC:C5:12:93:8A:0C:9C:1F:F6:D5:BB:3D:92:39:E2:0A:5C
X509v3 Authority Key Identifier:
keyid:34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/F84DF4120E8C11EE89A0B128C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.99.92.0/24
Signature Algorithm: sha256WithRSAEncryption
42:74:ac:be:37:0c:13:07:8d:a6:a7:c5:0a:74:ca:fa:95:cb:
56:1f:ca:98:13:b1:df:24:9d:c1:95:c7:73:ab:52:b0:ce:6e:
0c:b7:12:46:a9:f9:5e:05:ae:02:fc:f5:2e:dd:2d:6f:1f:21:
ee:a3:8e:e9:3c:29:59:e0:d0:43:80:05:75:54:9f:dd:34:ad:
1d:b0:04:c5:4e:82:ba:6d:ed:c8:21:99:9d:ab:75:36:90:29:
77:50:8b:ba:cf:23:b1:ed:f4:4e:d2:e6:1e:d7:06:52:15:0d:
f1:a1:e9:fe:39:6c:00:9f:3f:fd:58:c8:38:33:5f:43:7d:f0:
b7:2c:64:75:60:f2:af:78:0e:a9:30:9e:cb:13:86:77:89:3f:
48:fc:50:d2:9d:67:e4:2a:3d:d2:07:7d:d5:1d:69:5c:ef:87:
a7:14:8f:53:b8:74:b7:ef:6d:7d:9a:5a:90:59:ca:10:29:8d:
d3:e6:b7:27:e4:d4:26:57:53:93:5a:43:e5:01:bc:a5:f0:86:
f8:be:89:11:4a:93:03:16:5a:74:20:c4:4c:fe:b9:0f:b2:ed:
88:0b:f4:bb:c1:88:e3:b2:ba:b5:11:ba:7d:db:06:28:39:b5:
a6:53:1c:a7:5f:30:d7:f0:bd:5c:d2:b3:ec:64:a6:50:c0:d9:
04:e0:49:e1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJEMDgxMTAvBgNVBAUTKDM0REMyMDEyOUVBRDZGNDFBN0NBMkQ5OUM5QkQzRTdF
NjAzM0NCODgwHhcNMjQwNDA0MjAyODU1WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBmMGQ4Ny1mOTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+T1PdmSUhQqZZ+VaGdrxyRq/VRc45XfqcmxUX73wCco+Y52SeNhxJEOoKQL7
aLxiOgcj0jZ9IHssDLhqa+VMkjodjhSLmtMnAM6Xkv9q9odf/QGIcv6BOxjFoS3I
WxROFj0deDbszBIyImiMUZrqhvmXbkRVczjyh8iLMrbnd5XK3ViQ20NdfopCB1ty
7mJyMcQLHVQo9biIUrSWmRpqS0MpBov1+9zqwRwD4XOTXzIWgM+Cyn/UubhDIbh7
Srj8GfZV6AYz9Y8N4hrx9TQGmt8HQEvStc1JYUk/sGV4RYhmnOXzahzyMaofvWbe
7G8DQntBWHr7gSiYi+va7AHcfwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMAw6LzF
EpOKDJwf9tW7PZI54gpcMB8GA1UdIwQYMBaAFDTcIBKerW9Bp8otmcm9Pn5gM8uI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkQwOC9GOUMzMzM5MjFE
ODcxMUVBQTlDNUIxNzBDNEY5QUUwMi9OTndnRXA2dGIwR255aTJaeWIwLWZtQXp5
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Od2dFcDZ0YjBHbnlpMlp5YjAtZm1Benk0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTJEMDgvRjlDMzMzOTIxRDg3MTFFQUE5QzVCMTcwQzRGOUFFMDIvRjg0REY0MTIw
RThDMTFFRTg5QTBCMTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABlY1wwDQYJKoZIhvcNAQELBQADggEBAEJ0rL43DBMHjaan
xQp0yvqVy1YfypgTsd8kncGVx3OrUrDObgy3Ekap+V4FrgL89S7dLW8fIe6jjuk8
KVng0EOABXVUn900rR2wBMVOgrpt7cghmZ2rdTaQKXdQi7rPI7Ht9E7S5h7XBlIV
DfGh6f45bACfP/1YyDgzX0N98LcsZHVg8q94DqkwnssThneJP0j8UNKdZ+QqPdIH
fdUdaVzvh6cUj1O4dLfvbX2aWpBZyhApjdPmtyfk1CZXU5NaQ+UBvKXwhvi+iRFK
kwMWWnQgxEz+uQ+y7YgL9LvBiOOyurURun3bBig5taZTHKdfMNfwvVzSs+xkplDA
2QTgSeE=
-----END CERTIFICATE-----
Generated at Wed Nov 13 10:57:09 2024 by rpki-client on console-fra.rpki-client.org