Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/56FDB94CD15211EEB3B57D20C4F9AE02.roa
File: 56FDB94CD15211EEB3B57D20C4F9AE02.roa (raw, json)
Hash identifier: GwcoX9vvkgkfaa1QPomzCNa8O3xRGPvQsakzRLwg4Sk=
Subject key identifier: CF:44:D0:8B:F6:BF:72:73:24:85:00:25:95:82:56:4D:12:98:38:36
Certificate issuer: /CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Certificate serial: 0366
Authority key identifier: F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/56FDB94CD15211EEB3B57D20C4F9AE02.roa
Signing time: Wed 24 Apr 2024 14:23:05 +0000
ROA not before: Wed 24 Apr 2024 14:23:05 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 133410
IP address blocks: 116.204.140.0/24 maxlen: 24
116.204.141.0/24 maxlen: 24
116.204.142.0/24 maxlen: 24
2400:c7c0::/48 maxlen: 48
2400:c7c0:4000::/34 maxlen: 34
2400:c7c0:4000::/40 maxlen: 40
2400:c7c0:4000::/48 maxlen: 48
2400:c7c0:43c0::/43 maxlen: 43
2400:c7c0:43c0::/48 maxlen: 48
2400:c7c0:43e0::/43 maxlen: 43
Validation: Failed, certificate revoked on Thu 06 Jun 2024 08:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 870 (0x366)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Validity
Not Before: Apr 24 14:23:05 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=662915c8-8885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:42:f0:65:94:6e:32:d6:b9:83:2c:fe:f3:f8:
6b:42:05:5d:1b:33:a7:c2:00:00:ca:8b:9e:a4:eb:
76:58:44:be:bf:b9:89:21:c3:a5:fc:34:be:c2:f0:
d5:9a:91:4e:ea:28:10:3a:7d:85:97:53:4b:d6:f4:
90:66:b1:69:92:75:63:a5:98:23:0b:b0:d3:79:fd:
8a:c3:21:a7:c0:ae:00:1d:47:51:b9:9e:6f:10:a0:
d9:f1:97:9d:fb:3e:6e:ee:ff:d4:33:89:2b:bc:aa:
1e:41:ea:f9:ce:24:86:d0:9f:dd:2c:cd:00:aa:81:
d8:64:89:81:cc:61:0f:bb:3d:7d:e9:1c:1d:94:f1:
ee:15:88:7a:f6:00:1d:fa:14:73:4f:e2:f3:40:85:
3a:71:70:84:aa:41:8f:f5:c5:5e:90:43:52:79:95:
4d:d3:ef:bf:84:d0:7c:1c:79:74:ce:38:14:4d:85:
1b:ed:e8:59:ad:b3:c8:73:23:c0:25:95:4c:6a:2f:
a7:2b:ad:80:3e:f7:d8:ae:d9:bf:55:50:1a:46:e0:
74:2d:5e:17:29:b8:28:ea:4c:b3:53:6b:4c:cf:2d:
b1:97:9b:b7:47:72:e0:2e:b4:81:a7:92:f0:45:31:
87:97:26:e2:1e:f7:56:32:1d:b0:50:66:86:87:be:
cb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:44:D0:8B:F6:BF:72:73:24:85:00:25:95:82:56:4D:12:98:38:36
X509v3 Authority Key Identifier:
keyid:F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/56FDB94CD15211EEB3B57D20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.204.140.0-116.204.142.255
IPv6:
2400:c7c0::/48
2400:c7c0:4000::/34
Signature Algorithm: sha256WithRSAEncryption
6f:f8:41:45:4b:bd:65:d3:31:27:c8:5d:27:99:78:ff:a8:66:
b3:bf:5e:fc:2f:27:4b:ee:e4:d7:ad:d2:7f:a1:83:40:ac:0b:
72:81:85:2f:fb:ca:79:82:2a:fc:e9:db:9f:fa:90:38:7c:ae:
01:c0:a6:f2:56:4f:8e:c9:74:58:78:bb:e5:09:c2:7f:d4:5a:
e0:f6:f9:84:f5:1c:b1:95:61:94:14:b9:06:ee:fd:f3:60:ab:
6d:41:e6:53:d1:b2:e6:03:67:62:55:b7:2e:3d:80:ca:b3:86:
f4:08:ec:31:66:e4:5d:72:17:a1:dc:5d:53:33:08:af:8b:ab:
40:00:4c:c3:e6:3b:ce:77:07:e7:6c:ea:8f:ae:92:57:60:2c:
f3:0d:6d:25:c8:93:f9:28:49:7f:c7:b4:42:77:f9:d7:97:c5:
61:c8:c3:56:16:b4:d0:b0:51:f5:d2:16:93:b7:2e:28:e3:a4:
0e:96:bc:73:5d:d5:e7:00:74:7c:3d:13:e2:da:4e:d9:a9:4d:
fb:d6:6c:25:f9:69:6d:9b:7a:33:f0:ea:56:05:4d:f3:f3:2d:
ba:71:22:ee:b4:28:02:16:e7:fd:f6:8c:82:43:18:ee:25:3c:
2a:11:8b:72:3e:0a:5c:35:1f:cc:06:43:0b:8e:c3:20:fb:ea:
9c:18:52:4f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICA2YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM2MUIxMTAvBgNVBAUTKEY1MzkyOTE5MTlDREUxNDRCMDM0RUYyODhCMEE2MzQ3
ODNFODJDN0YwHhcNMjQwNDI0MTQyMzA1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI5MTVjOC04ODg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsULwZZRuMta5gyz+8/hrQgVdGzOnwgAAyouepOt2WES+v7mJIcOl/DS+wvDV
mpFO6igQOn2Fl1NL1vSQZrFpknVjpZgjC7DTef2KwyGnwK4AHUdRuZ5vEKDZ8Zed
+z5u7v/UM4krvKoeQer5ziSG0J/dLM0AqoHYZImBzGEPuz196RwdlPHuFYh69gAd
+hRzT+LzQIU6cXCEqkGP9cVekENSeZVN0++/hNB8HHl0zjgUTYUb7ehZrbPIcyPA
JZVMai+nK62APvfYrtm/VVAaRuB0LV4XKbgo6kyzU2tMzy2xl5u3R3LgLrSBp5Lw
RTGHlybiHvdWMh2wUGaGh77LZQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFM9E0Iv2
v3JzJIUAJZWCVk0SmDg2MB8GA1UdIwQYMBaAFPU5KRkZzeFEsDTvKIsKY0eD6Cx/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzYxQi81MUVGRkEzMDgy
NjkxMUVDQUQyRTk1MjRDNEY5QUUwMi85VGtwR1JuTjRVU3dOTzhvaXdwalI0UG9M
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlUa3BHUm5ONFVTd05POG9pd3BqUjRQb0xIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM2MUIvNTFFRkZBMzA4MjY5MTFFQ0FEMkU5NTI0QzRGOUFFMDIvNTZGREI5NENE
MTUyMTFFRUIzQjU3RDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMBQEAgABMA4wDAMEAnTMjAMEAHTMjjAXBAIAAjARAwcAJADHwAAAAwYGJADH
wEAwDQYJKoZIhvcNAQELBQADggEBAG/4QUVLvWXTMSfIXSeZeP+oZrO/XvwvJ0vu
5Net0n+hg0CsC3KBhS/7ynmCKvzp25/6kDh8rgHApvJWT47JdFh4u+UJwn/UWuD2
+YT1HLGVYZQUuQbu/fNgq21B5lPRsuYDZ2JVty49gMqzhvQI7DFm5F1yF6HcXVMz
CK+Lq0AATMPmO853B+ds6o+ukldgLPMNbSXIk/koSX/HtEJ3+deXxWHIw1YWtNCw
UfXSFpO3LijjpA6WvHNd1ecAdHw9E+LaTtmpTfvWbCX5aW2bejPw6lYFTfPzLbpx
Iu60KAIW5/32jIJDGO4lPCoRi3I+Clw1H8wGQwuOwyD76pwYUk8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org