Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/566B53D296AF11EEB267B015C4F9AE02.roa
File: 566B53D296AF11EEB267B015C4F9AE02.roa (raw, json)
Hash identifier: Z/0ISJ0CjqcJqp+ighaEQzD6RjFtZRy66cTzuaUG6ds=
Subject key identifier: 69:9A:17:8A:60:65:D6:77:B8:6C:3E:F9:F5:19:2F:DE:B5:58:FD:F6
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 34F5
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/566B53D296AF11EEB267B015C4F9AE02.roa
Signing time: Sat 09 Dec 2023 16:23:51 +0000
ROA not before: Sat 09 Dec 2023 16:23:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 111.88.138.0/24 maxlen: 24
111.88.139.0/24 maxlen: 24
111.88.168.0/24 maxlen: 24
111.88.169.0/24 maxlen: 24
111.88.170.0/24 maxlen: 24
111.88.171.0/24 maxlen: 24
111.88.236.0/24 maxlen: 24
111.88.237.0/24 maxlen: 24
111.88.238.0/24 maxlen: 24
111.88.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Dec 2023 16:26:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13557 (0x34f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Dec 9 16:23:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65749497-2e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6c:88:b8:e9:96:af:d2:2c:67:3f:7b:96:aa:
e9:e9:fe:4d:01:d7:f0:91:93:95:f6:71:8a:ae:b7:
48:47:d2:3f:49:d6:b9:20:e0:83:3c:8b:3b:78:a1:
16:17:37:14:a1:8d:4d:a1:dc:47:68:bf:0e:68:37:
72:2a:5a:f6:d7:e9:00:6a:90:bf:53:65:36:ae:d4:
0e:8c:d0:46:96:45:e2:8b:f5:b8:c9:8f:51:10:cb:
dd:f7:b1:03:ba:f4:6e:a7:2b:fc:b6:a8:9c:e7:8f:
5b:78:8e:29:13:b2:dc:e8:bf:48:ac:38:5c:54:56:
30:09:0f:b6:3d:f8:95:01:9c:39:9a:5e:2a:d9:5f:
47:ae:15:84:3b:7b:26:28:c2:67:35:0b:68:99:2b:
74:c1:47:7b:44:08:54:43:a7:ce:5b:71:97:7a:26:
44:ce:27:68:1b:11:3b:49:d8:d0:ab:79:6f:f0:6a:
4a:41:a9:06:f4:65:65:10:34:e5:ef:e1:5b:b2:1d:
09:9e:80:bd:b5:84:5d:1c:d0:6c:6b:ea:19:26:69:
94:09:5d:2c:04:a0:5d:9a:3a:59:66:f9:2a:e4:bf:
57:5d:24:f6:d5:e2:30:f9:13:ef:9b:4f:dd:92:ea:
5a:23:49:d1:dd:c8:37:67:cf:38:9c:23:e3:95:aa:
57:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9A:17:8A:60:65:D6:77:B8:6C:3E:F9:F5:19:2F:DE:B5:58:FD:F6
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/566B53D296AF11EEB267B015C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.138.0/23
111.88.168.0/22
111.88.236.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:b9:06:93:bc:ff:da:e4:06:ef:8b:00:b2:6a:46:58:2d:8d:
bf:68:d1:44:97:3f:72:3d:cc:27:f0:49:1d:2e:e3:e0:15:f2:
08:99:a9:f1:ae:3b:08:51:82:eb:cb:dc:4e:be:89:a7:8e:f9:
da:63:98:c5:f3:24:b9:69:69:10:7d:3d:dd:a8:71:b6:d2:3d:
6f:a1:8c:5b:dc:6c:19:26:9a:f8:0a:8a:cb:ad:ca:07:02:73:
28:fa:ff:0a:a4:6c:37:89:9e:cd:a9:d6:d6:ef:a9:a7:bd:8e:
22:48:1c:54:1d:c8:4c:52:38:e3:bd:5a:c8:5d:b5:6d:7f:40:
3e:3d:ef:64:26:63:dc:8b:63:9e:7b:96:fb:c5:04:8f:8d:e4:
a1:35:99:56:28:de:20:39:6a:e8:80:ef:6b:50:61:02:23:ba:
84:8c:83:d6:4b:65:36:6d:6b:11:2b:1a:a7:88:fe:27:da:aa:
07:c6:a3:f2:9e:29:dd:43:a0:70:31:13:b0:6c:13:aa:9e:e3:
4f:9d:59:67:e2:67:2c:fe:01:7c:fc:29:0d:9f:3d:69:29:39:
2c:60:e1:7d:ab:27:fd:6b:0f:80:51:06:0b:f2:5e:6a:35:36:
7a:1e:bc:63:0e:01:b8:e6:d4:4d:df:e6:3f:c4:8f:18:11:5a:
ea:24:e0:01
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICNPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMxMjA5MTYyMzUxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTc0OTQ5Ny0yZTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwmyIuOmWr9IsZz97lqrp6f5NAdfwkZOV9nGKrrdIR9I/Sda5IOCDPIs7eKEW
FzcUoY1NodxHaL8OaDdyKlr21+kAapC/U2U2rtQOjNBGlkXii/W4yY9REMvd97ED
uvRupyv8tqic549beI4pE7Lc6L9IrDhcVFYwCQ+2PfiVAZw5ml4q2V9HrhWEO3sm
KMJnNQtomSt0wUd7RAhUQ6fOW3GXeiZEzidoGxE7SdjQq3lv8GpKQakG9GVlEDTl
7+Fbsh0JnoC9tYRdHNBsa+oZJmmUCV0sBKBdmjpZZvkq5L9XXST21eIw+RPvm0/d
kupaI0nR3cg3Z884nCPjlapXjQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGmaF4pg
ZdZ3uGw++fUZL961WP32MB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvNTY2QjUzRDI5
NkFGMTFFRUIyNjdCMDE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAFvWIoDBAJvWKgDBAJvWOwwDQYJKoZIhvcNAQELBQADggEB
AMW5BpO8/9rkBu+LALJqRlgtjb9o0USXP3I9zCfwSR0u4+AV8giZqfGuOwhRguvL
3E6+iaeO+dpjmMXzJLlpaRB9Pd2ocbbSPW+hjFvcbBkmmvgKisutygcCcyj6/wqk
bDeJns2p1tbvqae9jiJIHFQdyExSOOO9WshdtW1/QD4972QmY9yLY557lvvFBI+N
5KE1mVYo3iA5auiA72tQYQIjuoSMg9ZLZTZtaxErGqeI/ifaqgfGo/KeKd1DoHAx
E7BsE6qe40+dWWfiZyz+AXz8KQ2fPWkpOSxg4X2rJ/1rD4BRBgvyXmo1NnoevGMO
Abjm1E3f5j/EjxgRWuok4AE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org