Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/C7EFDD4EC02511EEB1E8F431C4F9AE02.roa
File: C7EFDD4EC02511EEB1E8F431C4F9AE02.roa (raw, json)
Hash identifier: M4Tyb6+/rwRzf2PZEaTPZRM+8sK2L6XPzgdc5VuhnNQ=
Subject key identifier: DD:64:5A:9D:CA:E6:CA:75:CF:AC:7C:B0:A9:44:EB:D9:26:A1:83:9A
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3514
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/C7EFDD4EC02511EEB1E8F431C4F9AE02.roa
Signing time: Wed 31 Jan 2024 10:44:59 +0000
ROA not before: Wed 31 Jan 2024 10:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150382
IP address blocks: 117.102.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 11:39:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13588 (0x3514)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Jan 31 10:44:59 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65ba24ab-464e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ce:3e:ae:77:05:ba:38:19:84:7f:82:3e:5d:
93:23:f5:15:b2:7e:5a:88:77:12:1b:f0:81:5b:74:
a8:7e:36:24:cf:26:f1:5c:c6:f6:82:31:b8:f7:0f:
1b:8e:12:70:99:12:08:7a:c1:3e:aa:56:7c:e0:12:
dc:64:4f:23:42:de:23:12:5d:8c:79:f1:82:ec:8a:
df:75:43:f4:87:94:46:ab:97:79:cd:a0:c7:15:07:
8e:f5:8f:09:93:19:46:81:2e:c5:63:29:50:10:53:
5d:bc:53:0a:ac:69:0c:d8:6b:39:45:d9:90:7b:07:
0c:ea:c7:a8:ad:90:55:4b:e2:4b:10:a3:c9:09:60:
e9:a3:7d:17:11:84:74:15:1c:b4:4a:c4:74:b6:61:
d7:ab:e6:74:44:aa:d4:ea:a6:10:01:ff:0c:5b:b8:
da:f2:b4:5f:0b:4d:2e:20:52:b3:54:e0:c1:9a:3d:
c6:40:7e:dd:99:05:31:83:de:bd:08:8a:77:ca:29:
b6:4d:b3:7c:fa:01:f3:44:f9:7d:aa:35:bf:2e:97:
ae:dc:28:90:68:dd:62:7e:2a:22:2d:c6:e1:b2:df:
d4:a5:d2:fa:b7:a9:09:d2:aa:69:88:8e:8b:75:d1:
bb:82:b3:7c:ed:c3:b1:d2:9e:3b:2a:3c:b6:3b:16:
80:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:64:5A:9D:CA:E6:CA:75:CF:AC:7C:B0:A9:44:EB:D9:26:A1:83:9A
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/C7EFDD4EC02511EEB1E8F431C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.102.11.0/24
Signature Algorithm: sha256WithRSAEncryption
84:21:8e:86:f8:e3:ed:03:23:40:a2:f6:01:7c:f7:a4:97:f1:
0e:8a:ea:90:ad:26:7b:fa:b6:f9:89:09:fe:a4:4d:2a:82:86:
f3:1a:14:32:8a:d1:35:d9:76:73:7b:0e:16:ac:53:00:69:61:
0b:c6:dc:f4:c0:f7:eb:1d:33:87:d0:f3:85:3b:5b:ed:18:6b:
a3:6c:31:3b:cd:eb:bb:64:b5:c6:8e:bd:8b:d3:b1:c9:cb:b8:
56:1e:17:a0:b9:bb:b6:27:c6:0f:d8:4d:08:32:ac:6a:04:a4:
8c:6d:43:47:db:4b:7d:39:b8:c6:dc:f9:7e:66:27:6c:a5:de:
db:80:d7:d2:23:dc:ce:4a:02:33:73:34:f4:6c:3d:d4:ce:0d:
01:46:af:69:1f:06:ea:02:18:34:90:0f:43:d8:0d:70:64:5c:
0d:76:27:98:e0:2e:fd:fd:2e:fa:25:3a:47:32:40:70:bc:b9:
e7:9c:6e:da:89:9e:49:4e:43:22:c1:d0:d8:9d:3d:b0:95:8d:
0a:c7:f9:83:ea:b1:fc:a9:54:e3:53:0c:c9:75:e7:98:57:66:
6e:5e:3f:45:ee:60:e9:1b:c8:f7:59:00:c2:0c:e9:ce:bf:54:
3f:d2:6b:b6:00:51:c5:d1:c6:d7:36:ce:c8:94:ad:6f:3b:02:
5e:6d:05:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNRQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjQwMTMxMTA0NDU5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJhMjRhYi00NjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxM4+rncFujgZhH+CPl2TI/UVsn5aiHcSG/CBW3SofjYkzybxXMb2gjG49w8b
jhJwmRIIesE+qlZ84BLcZE8jQt4jEl2MefGC7IrfdUP0h5RGq5d5zaDHFQeO9Y8J
kxlGgS7FYylQEFNdvFMKrGkM2Gs5RdmQewcM6seorZBVS+JLEKPJCWDpo30XEYR0
FRy0SsR0tmHXq+Z0RKrU6qYQAf8MW7ja8rRfC00uIFKzVODBmj3GQH7dmQUxg969
CIp3yim2TbN8+gHzRPl9qjW/Lpeu3CiQaN1ifioiLcbhst/UpdL6t6kJ0qppiI6L
ddG7grN87cOx0p47Kjy2OxaATwIDAQABo4IClTCCApEwHQYDVR0OBBYEFN1kWp3K
5sp1z6x8sKlE69kmoYOaMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvQzdFRkRENEVD
MDI1MTFFRUIxRThGNDMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB1ZgswDQYJKoZIhvcNAQELBQADggEBAIQhjob44+0DI0Ci
9gF896SX8Q6K6pCtJnv6tvmJCf6kTSqChvMaFDKK0TXZdnN7DhasUwBpYQvG3PTA
9+sdM4fQ84U7W+0Ya6NsMTvN67tktcaOvYvTscnLuFYeF6C5u7Ynxg/YTQgyrGoE
pIxtQ0fbS305uMbc+X5mJ2yl3tuA19Ij3M5KAjNzNPRsPdTODQFGr2kfBuoCGDSQ
D0PYDXBkXA12J5jgLv39LvolOkcyQHC8ueecbtqJnklOQyLB0NidPbCVjQrH+YPq
sfypVONTDMl155hXZm5eP0XuYOkbyPdZAMIM6c6/VD/Sa7YAUcXRxtc2zsiUrW87
Al5tBfA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org