Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/B894BAB296AF11EE8DB86D16C4F9AE02.roa
File: B894BAB296AF11EE8DB86D16C4F9AE02.roa (raw, json)
Hash identifier: sszPmG4Ju2vGOSw43x8Sh5SN4o1XPnyct3Omg/+gwFE=
Subject key identifier: CD:73:2D:E1:C8:A1:F1:C3:4C:03:D8:5A:E1:3A:89:2E:F9:45:BD:0D
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 34F7
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/B894BAB296AF11EE8DB86D16C4F9AE02.roa
Signing time: Sat 09 Dec 2023 16:26:35 +0000
ROA not before: Sat 09 Dec 2023 16:26:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 111.88.236.0/24 maxlen: 24
111.88.237.0/24 maxlen: 24
111.88.238.0/24 maxlen: 24
111.88.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 12:24:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13559 (0x34f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Dec 9 16:26:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6574953b-714c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c0:39:8a:7a:f2:24:98:5c:42:4c:e2:f5:1e:
9a:1f:62:30:05:8d:bb:8f:0f:36:88:1f:15:39:61:
72:31:88:5f:20:23:53:92:ed:3e:ed:91:66:b3:54:
75:2e:89:08:c2:aa:19:16:01:f5:a0:f8:d2:73:cc:
61:39:17:4b:86:d4:65:08:df:7d:45:f7:da:cc:a7:
a8:bd:a8:9c:a6:82:98:e4:d0:64:a2:6e:37:7b:ca:
bb:cf:40:3d:79:24:e7:5a:f2:c4:32:76:20:0e:9f:
4a:98:e0:1d:1f:6b:6c:0b:6a:81:f0:6c:4e:0b:86:
19:73:5a:d7:36:e2:a2:b3:54:0f:f8:2d:da:a6:33:
da:39:8b:92:ad:57:8d:18:34:e3:6e:af:43:d0:3e:
3e:3e:f3:c1:ea:8c:c0:8f:e5:03:46:80:16:f5:17:
cb:a5:22:31:3c:65:24:5a:b6:9e:98:34:ef:81:88:
60:e7:ea:cb:ce:42:b3:62:16:8e:2e:c0:60:79:39:
66:0b:9c:1c:9e:fc:c0:4b:0f:78:88:81:69:d4:05:
ff:c5:bd:d4:ef:2c:a7:71:ae:fd:59:23:8b:66:12:
14:d2:db:36:cc:71:ab:34:a0:e3:3d:92:67:7c:52:
a0:16:93:df:14:67:65:7d:dd:83:a0:e5:9f:cc:11:
d2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:73:2D:E1:C8:A1:F1:C3:4C:03:D8:5A:E1:3A:89:2E:F9:45:BD:0D
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/B894BAB296AF11EE8DB86D16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.236.0/22
Signature Algorithm: sha256WithRSAEncryption
62:57:ff:7e:2a:6b:91:0d:75:a0:1e:a1:06:ac:86:88:2f:98:
1c:36:30:20:cc:5f:65:a3:76:00:f8:8e:11:a1:35:45:e5:75:
63:b0:4e:ce:5e:f8:b3:04:0e:06:df:e3:ee:70:c9:7d:5d:91:
61:c2:c0:a0:9b:25:d1:eb:b5:e1:39:f6:fc:6d:a3:4a:d4:9b:
02:43:81:af:db:a9:51:7b:d3:d3:2e:2b:62:28:bd:b8:c6:1d:
09:ff:6d:0e:40:68:a7:68:36:cd:7b:92:b1:6e:bc:2b:9e:4c:
b5:e3:68:fb:50:f2:08:fc:ff:79:54:c7:4a:3b:6a:d6:7d:04:
4b:b3:2e:99:12:ab:0e:aa:c5:58:7d:53:1e:db:1c:22:d3:f2:
70:ab:6c:ef:a4:94:e3:6f:28:72:95:40:9b:be:69:05:f7:29:
fb:10:9c:27:ed:17:2c:6e:0a:d1:9c:4d:78:f3:4f:d6:b2:a7:
f4:da:ce:29:f6:23:a2:e1:23:38:cd:54:af:42:b2:02:fe:0e:
6c:50:0d:fe:7b:69:db:76:ee:0d:f4:0d:79:b0:5d:6c:0b:a8:
f6:51:98:00:8a:0b:b1:2e:b2:58:ca:88:52:7a:fe:8e:97:9b:
a2:0d:1c:d9:30:eb:c3:34:98:cb:9a:c3:90:b0:50:ec:4a:10:
d9:f0:6d:24
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNPcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMxMjA5MTYyNjM1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTc0OTUzYi03MTRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5sA5inryJJhcQkzi9R6aH2IwBY27jw82iB8VOWFyMYhfICNTku0+7ZFms1R1
LokIwqoZFgH1oPjSc8xhORdLhtRlCN99RffazKeovaicpoKY5NBkom43e8q7z0A9
eSTnWvLEMnYgDp9KmOAdH2tsC2qB8GxOC4YZc1rXNuKis1QP+C3apjPaOYuSrVeN
GDTjbq9D0D4+PvPB6ozAj+UDRoAW9RfLpSIxPGUkWraemDTvgYhg5+rLzkKzYhaO
LsBgeTlmC5wcnvzASw94iIFp1AX/xb3U7yynca79WSOLZhIU0ts2zHGrNKDjPZJn
fFKgFpPfFGdlfd2DoOWfzBHSKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM1zLeHI
ofHDTAPYWuE6iS75Rb0NMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvQjg5NEJBQjI5
NkFGMTFFRThEQjg2RDE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJvWOwwDQYJKoZIhvcNAQELBQADggEBAGJX/34qa5ENdaAe
oQashogvmBw2MCDMX2WjdgD4jhGhNUXldWOwTs5e+LMEDgbf4+5wyX1dkWHCwKCb
JdHrteE59vxto0rUmwJDga/bqVF709MuK2IovbjGHQn/bQ5AaKdoNs17krFuvCue
TLXjaPtQ8gj8/3lUx0o7atZ9BEuzLpkSqw6qxVh9Ux7bHCLT8nCrbO+klONvKHKV
QJu+aQX3KfsQnCftFyxuCtGcTXjzT9ayp/Tazin2I6LhIzjNVK9CsgL+DmxQDf57
adt27g30DXmwXWwLqPZRmACKC7EusljKiFJ6/o6Xm6INHNkw68M0mMuaw5CwUOxK
ENnwbSQ=
-----END CERTIFICATE-----
Generated at Wed Mar 13 16:50:35 2024 by rpki-client on console-fra.rpki-client.org