Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2D777B3C654D11EFA864A058C4F9AE02.roa
File: 2D777B3C654D11EFA864A058C4F9AE02.roa (raw, json)
Hash identifier: qdFIVEEgHaOUqBwnjtYBay7lY+T/cQqLDBFp4RKchy4=
Subject key identifier: 04:BD:2E:5A:19:DC:E8:3D:BC:19:56:F2:9A:90:47:B6:E0:30:A7:36
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 06B9
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2D777B3C654D11EFA864A058C4F9AE02.roa
Signing time: Tue 01 Oct 2024 08:57:35 +0000
ROA not before: Tue 01 Oct 2024 08:57:35 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 55740
IP address blocks: 14.195.78.0/24 maxlen: 24
14.195.79.0/24 maxlen: 24
14.195.91.0/24 maxlen: 24
49.203.213.0/24 maxlen: 24
49.249.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Oct 2024 11:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1721 (0x6b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Oct 1 08:57:35 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66fbb97f-7fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2c:08:f1:59:5a:e6:eb:17:8b:bc:fe:b6:ab:
68:47:16:ea:4d:59:a3:03:ff:0c:ca:0e:68:43:9b:
a3:fa:98:9e:13:eb:40:15:53:83:86:a4:55:14:56:
78:99:2a:e6:7c:a3:49:55:8a:49:4d:55:1c:1e:e3:
41:a9:9f:7c:a4:0e:76:d0:71:8c:dc:d2:63:81:84:
14:00:4b:42:0d:77:8e:97:5d:be:a8:8a:ab:f6:d9:
4e:56:a6:9b:bf:5a:a0:16:ea:79:21:7d:a9:3e:f2:
71:2e:d2:76:1f:8c:93:31:37:7a:46:84:9a:3f:5b:
a6:4a:09:09:86:20:ea:72:7d:8c:8f:2b:b5:e3:ba:
31:99:6c:a9:99:d5:c7:c0:8b:0b:7e:63:6c:c6:87:
53:72:3e:30:2a:f7:83:fc:29:7b:2b:c3:b3:c2:d6:
46:da:39:a6:cf:44:fc:30:d5:a5:f6:82:e4:3b:68:
d4:1b:7d:33:b3:f3:53:42:e9:b5:ce:5c:5f:ab:4f:
c9:bf:5c:30:dc:50:18:e8:7e:14:a7:6b:68:a4:f4:
7e:76:bb:34:06:dd:f1:ca:21:44:2d:4e:73:db:b1:
4f:d3:55:49:14:20:89:08:a8:b8:5e:f7:b7:88:3f:
75:5f:70:c4:72:59:f4:da:7c:37:9b:bf:18:ae:0f:
1f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:BD:2E:5A:19:DC:E8:3D:BC:19:56:F2:9A:90:47:B6:E0:30:A7:36
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/2D777B3C654D11EFA864A058C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.195.78.0/23
14.195.91.0/24
49.203.213.0/24
49.249.1.0/24
Signature Algorithm: sha256WithRSAEncryption
50:cc:46:0b:6e:be:bc:5c:47:97:cb:35:84:73:ea:cc:f9:5e:
a7:ce:49:c4:32:c0:3e:9f:ce:69:f9:e0:47:57:fd:a1:e0:b4:
71:6e:e5:12:9a:1f:4f:34:4f:e2:c9:9c:f4:ad:61:55:74:b5:
b5:c8:f9:4a:70:f6:7b:e1:5b:26:a8:70:92:54:10:48:bf:d8:
4e:64:e5:d4:80:46:b4:64:ff:90:e4:d5:d5:20:48:91:6a:07:
7e:cd:dd:70:a0:78:98:94:43:40:46:18:f1:e5:71:2f:d7:8c:
34:96:ee:ab:ba:79:fa:86:23:78:cf:e0:ef:b9:3d:d4:db:33:
6b:e5:f4:33:91:35:34:67:e1:5b:33:35:52:07:bd:59:3f:87:
b9:3a:13:67:c1:d3:42:0f:be:1b:be:5a:56:ea:41:8d:73:81:
82:2e:73:a5:e4:21:f5:1a:d2:cf:63:94:13:d9:be:b9:c7:e0:
24:fd:e3:f9:b1:2c:8c:27:9e:28:cb:b4:85:42:d4:f4:9f:16:
07:72:86:d6:54:11:e4:ce:19:14:b5:ad:85:5c:88:0f:fd:19:
42:13:6c:6b:49:58:cc:b0:97:d2:45:07:f9:a4:b3:58:9b:2e:
77:24:7f:05:04:9d:68:00:54:1d:61:a7:45:7c:17:ea:10:7f:
2b:32:7c:5c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBrkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjQxMDAxMDg1NzM1WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZiYjk3Zi03ZmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsywI8Vla5usXi7z+tqtoRxbqTVmjA/8Myg5oQ5uj+pieE+tAFVODhqRVFFZ4
mSrmfKNJVYpJTVUcHuNBqZ98pA520HGM3NJjgYQUAEtCDXeOl12+qIqr9tlOVqab
v1qgFup5IX2pPvJxLtJ2H4yTMTd6RoSaP1umSgkJhiDqcn2Mjyu147oxmWypmdXH
wIsLfmNsxodTcj4wKveD/Cl7K8OzwtZG2jmmz0T8MNWl9oLkO2jUG30zs/NTQum1
zlxfq0/Jv1ww3FAY6H4Up2topPR+drs0Bt3xyiFELU5z27FP01VJFCCJCKi4Xve3
iD91X3DEcln02nw3m78Yrg8fLwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFAS9LloZ
3Og9vBlW8pqQR7bgMKc2MB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvMkQ3NzdCM0M2
NTREMTFFRkE4NjRBMDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAEOw04DBAAOw1sDBAAxy9UDBAAx+QEwDQYJKoZIhvcNAQEL
BQADggEBAFDMRgtuvrxcR5fLNYRz6sz5XqfOScQywD6fzmn54EdX/aHgtHFu5RKa
H080T+LJnPStYVV0tbXI+Upw9nvhWyaocJJUEEi/2E5k5dSARrRk/5Dk1dUgSJFq
B37N3XCgeJiUQ0BGGPHlcS/XjDSW7qu6efqGI3jP4O+5PdTbM2vl9DORNTRn4Vsz
NVIHvVk/h7k6E2fB00IPvhu+WlbqQY1zgYIuc6XkIfUa0s9jlBPZvrnH4CT94/mx
LIwnnijLtIVC1PSfFgdyhtZUEeTOGRS1rYVciA/9GUITbGtJWMywl9JFB/mks1ib
LnckfwUEnWgAVB1hp0V8F+oQfysyfFw=
-----END CERTIFICATE-----
Generated at Fri Oct 4 17:15:46 2024 by rpki-client on console-fra.rpki-client.org