Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/B0A9AD04F82E11EEB5F71762C4F9AE02.roa
File: B0A9AD04F82E11EEB5F71762C4F9AE02.roa (raw, json)
Hash identifier: XgKlwGa5sHorxYJtqUqGoarvPM63TqRzlHeyEz6tNws=
Subject key identifier: C8:10:73:EF:0F:73:F1:B6:F8:17:D7:6A:CA:A5:45:36:84:B8:8E:B4
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3579
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/B0A9AD04F82E11EEB5F71762C4F9AE02.roa
Signing time: Thu 11 Apr 2024 18:09:51 +0000
ROA not before: Thu 11 Apr 2024 18:09:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23750
IP address blocks: 111.88.232.0/21 maxlen: 22
111.88.232.0/23 maxlen: 23
111.88.232.0/24 maxlen: 24
111.88.235.0/24 maxlen: 24
111.88.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 13:38:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13689 (0x3579)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Apr 11 18:09:51 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6618276f-e4c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:09:31:41:07:ef:4f:9e:32:6a:c3:d6:e5:90:
de:3b:bf:cc:de:84:fd:19:ce:31:f5:19:7d:df:da:
3b:c5:7c:8f:d0:9b:c3:b6:35:54:5c:64:20:53:b7:
bc:ee:bc:47:c3:87:ed:5d:1e:de:22:a9:aa:a1:9d:
72:df:22:f4:88:8d:3c:14:64:c6:25:b1:5f:2a:a0:
16:44:1c:83:6c:05:68:b6:8c:21:e2:f5:1f:4f:77:
60:f3:87:43:9c:af:33:1a:68:83:50:09:df:79:a8:
66:cd:7c:05:ad:e6:97:5c:4d:a5:0e:65:a6:a6:90:
41:1f:e8:40:e4:06:76:93:c8:0a:c3:a8:32:9b:3f:
ec:10:4f:e0:49:63:52:02:b1:c4:61:fb:43:c2:23:
13:9a:78:f6:fd:a1:0d:40:e4:88:f9:70:7d:c7:78:
47:d3:39:6b:3a:00:54:90:1b:58:97:de:a3:88:f8:
c8:83:e0:8a:68:9f:b3:a2:4f:ee:8d:82:10:b4:08:
d8:65:3e:eb:8e:00:97:17:78:68:c2:7a:b4:77:10:
4c:0c:fb:56:99:af:f3:83:22:d2:90:34:9a:38:53:
3a:47:99:40:1d:40:f4:6f:37:55:43:43:16:54:fc:
dd:40:ae:02:91:02:51:8c:17:15:4c:2b:6f:70:3a:
6d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:10:73:EF:0F:73:F1:B6:F8:17:D7:6A:CA:A5:45:36:84:B8:8E:B4
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/B0A9AD04F82E11EEB5F71762C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.232.0/21
Signature Algorithm: sha256WithRSAEncryption
22:1d:76:5f:4f:b4:99:7e:35:24:b2:3c:11:cb:55:f1:61:76:
87:af:13:31:26:4b:2f:c6:12:5c:07:21:c8:8e:18:48:0a:b3:
76:3b:f4:2d:7c:f2:34:eb:a8:76:9f:31:cc:49:4e:b2:ca:9a:
19:13:e8:50:18:a2:14:97:f4:03:b6:96:02:9a:81:e4:53:fe:
3d:33:d7:cd:45:ec:eb:c9:45:15:24:5b:4f:da:b7:c8:95:88:
9d:88:5c:29:3a:a6:11:97:90:c4:c8:d6:e4:24:f8:6a:51:c5:
cf:a1:ef:30:1c:90:28:78:b9:b9:2d:f0:b6:6a:a5:49:f1:81:
ed:3c:11:19:8d:97:e7:2e:67:dd:f2:ab:eb:b1:0b:90:a0:d3:
28:87:db:f9:8a:19:76:b5:8b:e0:3e:23:28:2f:6a:1a:2e:88:
89:74:0b:df:00:32:18:df:07:a7:b2:56:5b:b6:c5:8d:73:bf:
15:ba:61:de:2a:75:b4:cb:80:5a:37:a0:67:a1:c6:4e:7f:b6:
10:8f:c3:0c:6a:94:64:b9:c9:4e:9e:cc:20:ca:d5:67:c4:20:
89:74:08:5f:4b:40:3f:42:c0:d6:8a:f8:4c:bf:fe:f2:0e:06:
39:62:55:0d:d4:eb:21:f5:b8:8b:01:00:86:43:58:a8:7e:95:
13:ce:36:c2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjQwNDExMTgwOTUxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE4Mjc2Zi1lNGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0gkxQQfvT54yasPW5ZDeO7/M3oT9Gc4x9Rl939o7xXyP0JvDtjVUXGQgU7e8
7rxHw4ftXR7eIqmqoZ1y3yL0iI08FGTGJbFfKqAWRByDbAVotowh4vUfT3dg84dD
nK8zGmiDUAnfeahmzXwFreaXXE2lDmWmppBBH+hA5AZ2k8gKw6gymz/sEE/gSWNS
ArHEYftDwiMTmnj2/aENQOSI+XB9x3hH0zlrOgBUkBtYl96jiPjIg+CKaJ+zok/u
jYIQtAjYZT7rjgCXF3hownq0dxBMDPtWma/zgyLSkDSaOFM6R5lAHUD0bzdVQ0MW
VPzdQK4CkQJRjBcVTCtvcDptDQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMgQc+8P
c/G2+BfXasqlRTaEuI60MB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvQjBBOUFEMDRG
ODJFMTFFRUI1RjcxNzYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBANvWOgwDQYJKoZIhvcNAQELBQADggEBACIddl9PtJl+NSSy
PBHLVfFhdoevEzEmSy/GElwHIciOGEgKs3Y79C188jTrqHafMcxJTrLKmhkT6FAY
ohSX9AO2lgKageRT/j0z181F7OvJRRUkW0/at8iViJ2IXCk6phGXkMTI1uQk+GpR
xc+h7zAckCh4ubkt8LZqpUnxge08ERmNl+cuZ93yq+uxC5Cg0yiH2/mKGXa1i+A+
IygvahouiIl0C98AMhjfB6eyVlu2xY1zvxW6Yd4qdbTLgFo3oGehxk5/thCPwwxq
lGS5yU6ezCDK1WfEIIl0CF9LQD9CwNaK+Ey//vIOBjliVQ3U6yH1uIsBAIZDWKh+
lRPONsI=
-----END CERTIFICATE-----
Generated at Tue Apr 16 16:50:18 2024 by rpki-client on console-ams.rpki-client.org