Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0BB/68431FA2E8E611EE9CABE06AC4F9AE02/276C4296E8E711EEBE4CB46CC4F9AE02.roa
File: 276C4296E8E711EEBE4CB46CC4F9AE02.roa (raw, json)
Hash identifier: wfxqUldYiIwnUuhyE0sy42kceVZpflGZBQE6pIsAP0E=
Subject key identifier: E5:5A:DD:7C:45:6D:90:7B:CE:00:AC:C2:B9:CE:7E:A4:2E:B1:DE:DE
Certificate issuer: /CN=A917E0BB/serialNumber=11AB37DC654150C493C8AFC7E86D669C20AE5386
Certificate serial: 02
Authority key identifier: 11:AB:37:DC:65:41:50:C4:93:C8:AF:C7:E8:6D:66:9C:20:AE:53:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Eas33GVBUMSTyK_H6G1mnCCuU4Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E0BB/68431FA2E8E611EE9CABE06AC4F9AE02/276C4296E8E711EEBE4CB46CC4F9AE02.roa
Signing time: Sat 23 Mar 2024 07:29:59 +0000
ROA not before: Sat 23 Mar 2024 07:29:59 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 10225
IP address blocks: 115.84.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 May 2024 08:08:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E0BB/serialNumber=11AB37DC654150C493C8AFC7E86D669C20AE5386
Validity
Not Before: Mar 23 07:29:59 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65fe84f7-4879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c1:4e:95:a1:bb:8f:11:89:85:83:19:7d:67:
55:b4:1d:9f:e7:67:84:34:cd:2e:fc:e9:26:ee:97:
61:77:cb:e1:1b:f7:5e:52:65:e5:d8:e6:dd:5c:95:
32:9d:c4:8e:60:73:50:be:9d:41:1d:57:c7:f6:f2:
88:59:59:9b:0c:92:9b:28:20:7c:ed:88:72:03:10:
a1:b8:41:bf:7c:4f:70:c1:7e:49:3c:99:f7:d2:9c:
e0:01:d5:44:aa:56:83:af:ac:c1:e3:fd:c3:cd:39:
76:ff:36:af:29:6b:ae:9e:de:1e:b2:f4:e5:c9:b2:
a2:d4:75:27:a7:df:07:ba:32:b5:e5:3f:f9:6b:4f:
4e:59:ee:d0:a5:66:a5:ba:15:69:43:96:1b:83:f2:
bb:e2:ac:37:0a:91:61:45:16:85:b5:25:08:44:f7:
05:b0:84:7b:f5:48:81:6b:d8:e6:6a:2d:25:d1:fd:
7e:22:0e:99:fa:47:8b:6b:b2:c2:bd:f3:0e:fe:f4:
bf:e3:b3:d4:80:21:a8:8b:20:8f:08:fd:eb:b6:0b:
47:55:7e:56:a3:56:15:1e:47:05:21:59:70:12:c6:
2a:ef:5b:a2:92:6d:59:f7:2b:6a:c0:35:6d:a5:55:
4f:5a:b6:02:c7:6c:87:20:8f:da:70:d5:f4:d4:75:
b5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:5A:DD:7C:45:6D:90:7B:CE:00:AC:C2:B9:CE:7E:A4:2E:B1:DE:DE
X509v3 Authority Key Identifier:
keyid:11:AB:37:DC:65:41:50:C4:93:C8:AF:C7:E8:6D:66:9C:20:AE:53:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E0BB/68431FA2E8E611EE9CABE06AC4F9AE02/Eas33GVBUMSTyK_H6G1mnCCuU4Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Eas33GVBUMSTyK_H6G1mnCCuU4Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0BB/68431FA2E8E611EE9CABE06AC4F9AE02/276C4296E8E711EEBE4CB46CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.84.170.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:a7:ba:c6:94:2b:41:71:9c:2e:43:9f:40:92:2d:9e:c4:a2:
02:7a:4f:1c:cb:0b:67:ea:50:95:0a:53:e6:46:dc:b5:d6:85:
8c:2d:6b:99:40:a6:ab:d4:44:46:bb:42:5f:0e:3a:70:53:d1:
d2:05:90:ac:3f:a6:be:10:dc:4d:9c:44:69:0f:8c:95:9d:9d:
bd:75:69:33:e6:ee:12:bc:a6:6c:66:da:a6:aa:a7:9e:fc:dc:
49:a4:9d:3d:25:75:08:81:3b:ab:f6:22:61:2a:91:60:1b:05:
7b:2c:28:46:b3:be:42:dd:f7:25:1d:19:e2:b7:0c:f8:f0:2f:
eb:9a:72:3c:11:d8:59:80:4a:06:c2:44:ce:93:05:5c:7e:e5:
70:8b:41:b5:8d:78:07:df:57:95:7f:39:67:0a:dd:24:fd:f5:
c6:a7:55:16:18:a0:a1:10:df:20:a9:29:37:65:aa:f3:56:c2:
1d:93:e5:d6:2d:f0:a4:35:ce:ee:98:08:89:50:0c:d4:ac:35:
d4:b7:88:c5:00:5f:6c:20:f3:2b:00:e6:a7:27:f4:5d:4b:7a:
fc:1f:23:69:fe:09:3e:c8:ea:81:6d:33:4e:43:69:59:45:e0:
d3:67:de:77:fd:a7:87:1c:e9:8c:42:8a:8b:b3:08:e5:e3:90:
06:ab:9f:11
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RTBCQjExMC8GA1UEBRMoMTFBQjM3REM2NTQxNTBDNDkzQzhBRkM3RTg2RDY2OUMy
MEFFNTM4NjAeFw0yNDAzMjMwNzI5NTlaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZmU4NGY3LTQ4NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCgwU6VobuPEYmFgxl9Z1W0HZ/nZ4Q0zS786Sbul2F3y+Eb915SZeXY5t1clTKd
xI5gc1C+nUEdV8f28ohZWZsMkpsoIHztiHIDEKG4Qb98T3DBfkk8mffSnOAB1USq
VoOvrMHj/cPNOXb/Nq8pa66e3h6y9OXJsqLUdSen3we6MrXlP/lrT05Z7tClZqW6
FWlDlhuD8rvirDcKkWFFFoW1JQhE9wWwhHv1SIFr2OZqLSXR/X4iDpn6R4trssK9
8w7+9L/js9SAIaiLII8I/eu2C0dVflajVhUeRwUhWXASxirvW6KSbVn3K2rANW2l
VU9atgLHbIcgj9pw1fTUdbWhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU5VrdfEVt
kHvOAKzCuc5+pC6x3t4wHwYDVR0jBBgwFoAUEas33GVBUMSTyK/H6G1mnCCuU4Yw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFMEJCLzY4NDMxRkEyRThF
NjExRUU5Q0FCRTA2QUM0RjlBRTAyL0VhczMzR1ZCVU1TVHlLX0g2RzFtbkNDdVU0
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRWFzMzNHVkJVTVNUeUtfSDZHMW1uQ0N1VTRZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RTBCQi82ODQzMUZBMkU4RTYxMUVFOUNBQkUwNkFDNEY5QUUwMi8yNzZDNDI5NkU4
RTcxMUVFQkU0Q0I0NkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAHNUqjANBgkqhkiG9w0BAQsFAAOCAQEAWqe6xpQrQXGcLkOf
QJItnsSiAnpPHMsLZ+pQlQpT5kbctdaFjC1rmUCmq9RERrtCXw46cFPR0gWQrD+m
vhDcTZxEaQ+MlZ2dvXVpM+buErymbGbapqqnnvzcSaSdPSV1CIE7q/YiYSqRYBsF
eywoRrO+Qt33JR0Z4rcM+PAv65pyPBHYWYBKBsJEzpMFXH7lcItBtY14B99XlX85
ZwrdJP31xqdVFhigoRDfIKkpN2Wq81bCHZPl1i3wpDXO7pgIiVAM1Kw11LeIxQBf
bCDzKwDmpyf0XUt6/B8jaf4JPsjqgW0zTkNpWUXg02fed/2nhxzpjEKKi7MI5eOQ
BqufEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org