Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/D6B2AAAEF6B311EEBE14EA54C4F9AE02.roa
File: D6B2AAAEF6B311EEBE14EA54C4F9AE02.roa (raw, json)
Hash identifier: V1iS+wyC6J8ah+EM55GjWdByZBfME2jeSk7AnbdXHUM=
Subject key identifier: 9E:1D:0F:3D:3C:A0:32:F7:3D:F2:71:53:6B:77:CB:E0:DB:BF:23:4D
Certificate issuer: /CN=A91864A7/serialNumber=FF42B3436044954696FFE08B0EE1975C6C5B8D6D
Certificate serial: CD
Authority key identifier: FF:42:B3:43:60:44:95:46:96:FF:E0:8B:0E:E1:97:5C:6C:5B:8D:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0KzQ2BElUaW_-CLDuGXXGxbjW0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/D6B2AAAEF6B311EEBE14EA54C4F9AE02.roa
Signing time: Tue 09 Apr 2024 21:10:58 +0000
ROA not before: Tue 09 Apr 2024 21:10:58 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 9500
IP address blocks: 119.15.0.0/22 maxlen: 22
119.15.4.0/22 maxlen: 22
119.15.8.0/24 maxlen: 24
119.15.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 21:56:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 205 (0xcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91864A7/serialNumber=FF42B3436044954696FFE08B0EE1975C6C5B8D6D
Validity
Not Before: Apr 9 21:10:58 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6615aee2-8963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:de:b1:85:e3:35:80:f1:ef:4d:a4:18:1a:d0:
51:ef:68:86:9f:9a:a2:94:e9:f7:67:40:10:cb:e9:
2d:21:91:4c:e5:2a:10:f5:0e:f3:e4:72:32:2b:19:
f0:d3:69:c8:18:34:6a:80:39:ba:34:13:de:22:11:
66:a5:97:1e:2a:ed:d4:b5:d5:09:49:ae:26:16:36:
71:37:a0:d5:71:fa:6a:1a:d1:dd:01:22:ef:95:6b:
43:ff:64:a0:ce:a4:83:1d:3d:47:16:45:46:bd:11:
24:d8:9f:03:57:34:ad:77:d9:ea:fd:b1:c4:3c:0a:
02:dd:b1:4e:32:9a:f6:a2:ba:10:50:f2:30:27:05:
41:87:18:a1:72:2a:d6:c3:79:06:b2:74:9b:80:54:
74:5c:f2:d8:bf:1d:ac:4a:ff:d3:89:ce:ab:d0:4c:
68:b3:99:2e:ed:66:36:5d:60:a3:6d:e7:b6:45:50:
68:74:7f:a6:e3:b7:51:01:8c:85:d5:6c:60:bd:66:
01:b8:4c:9f:29:1f:f5:12:8f:52:5b:f5:d8:32:88:
ae:22:1c:f3:c1:cf:a0:f2:40:fc:32:bc:97:bd:f5:
e6:7b:8f:28:b1:a0:92:2f:ec:45:d6:56:df:1d:d5:
18:0b:0d:da:26:30:a3:6a:29:7e:d8:8a:1a:c1:2d:
0e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1D:0F:3D:3C:A0:32:F7:3D:F2:71:53:6B:77:CB:E0:DB:BF:23:4D
X509v3 Authority Key Identifier:
keyid:FF:42:B3:43:60:44:95:46:96:FF:E0:8B:0E:E1:97:5C:6C:5B:8D:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/_0KzQ2BElUaW_-CLDuGXXGxbjW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0KzQ2BElUaW_-CLDuGXXGxbjW0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/D6B2AAAEF6B311EEBE14EA54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.0.0-119.15.8.255
119.15.13.0/24
Signature Algorithm: sha256WithRSAEncryption
97:a7:3e:d8:61:f2:ad:0d:7c:78:a9:c4:2a:af:86:78:d6:be:
d0:ab:a2:a3:a3:89:f7:ae:b8:0f:cc:2c:20:4c:bc:6c:93:7b:
48:80:e8:17:f6:ca:92:52:36:c3:47:7e:71:a5:11:97:44:f1:
28:0c:4c:93:56:48:64:78:80:d3:5e:08:28:4d:6e:39:55:a7:
32:73:0a:60:20:79:96:7c:e6:60:11:e3:be:3b:46:1b:8a:86:
96:0d:35:c2:19:64:5e:7d:24:f4:9d:a0:8a:b8:14:b4:b3:1f:
a8:3e:82:03:17:a5:6b:c2:04:0e:38:d9:30:99:f4:5e:2a:40:
de:b5:3c:3e:9c:28:04:dd:7c:ed:1e:80:8d:36:3d:9f:9e:35:
45:f9:be:51:26:bd:85:fd:92:39:76:10:ec:30:98:19:94:4e:
49:a1:ac:77:12:73:4a:3a:c1:da:d8:22:19:af:40:52:a1:a1:
2a:fd:58:76:78:2f:10:bb:d6:57:fa:0c:51:e9:b7:4e:83:e6:
d0:b4:36:8d:a3:f9:c0:fc:c9:aa:c3:fa:60:94:27:af:db:c2:
ae:e5:77:ee:b0:3c:85:ce:49:3b:7c:86:7b:c6:f2:61:b0:59:
f7:53:10:83:73:36:28:7b:66:a4:95:0c:43:d1:8e:44:d4:04:
d7:63:07:e1
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgICAM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODY0QTcxMTAvBgNVBAUTKEZGNDJCMzQzNjA0NDk1NDY5NkZGRTA4QjBFRTE5NzVD
NkM1QjhENkQwHhcNMjQwNDA5MjExMDU4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE1YWVlMi04OTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvN6xheM1gPHvTaQYGtBR72iGn5qilOn3Z0AQy+ktIZFM5SoQ9Q7z5HIyKxnw
02nIGDRqgDm6NBPeIhFmpZceKu3UtdUJSa4mFjZxN6DVcfpqGtHdASLvlWtD/2Sg
zqSDHT1HFkVGvREk2J8DVzStd9nq/bHEPAoC3bFOMpr2oroQUPIwJwVBhxihcirW
w3kGsnSbgFR0XPLYvx2sSv/Tic6r0Exos5ku7WY2XWCjbee2RVBodH+m47dRAYyF
1WxgvWYBuEyfKR/1Eo9SW/XYMoiuIhzzwc+g8kD8MryXvfXme48osaCSL+xF1lbf
HdUYCw3aJjCjail+2IoawS0OAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ4dDz08
oDL3PfJxU2t3y+DbvyNNMB8GA1UdIwQYMBaAFP9Cs0NgRJVGlv/giw7hl1xsW41t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjRBNy9DODA1NUZENkM5
MjUxMUVEODA5MzYxNDlDNEY5QUUwMi9fMEt6UTJCRWxVYVdfLUNMRHVHWFhHeGJq
VzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18wS3pRMkJFbFVhV18tQ0xEdUdYWEd4YmpXMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODY0QTcvQzgwNTVGRDZDOTI1MTFFRDgwOTM2MTQ5QzRGOUFFMDIvRDZCMkFBQUVG
NkIzMTFFRUJFMTRFQTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E
HTAbMBkEAgABMBMwCwMDAHcPAwQAdw8IAwQAdw8NMA0GCSqGSIb3DQEBCwUAA4IB
AQCXpz7YYfKtDXx4qcQqr4Z41r7Qq6Kjo4n3rrgPzCwgTLxsk3tIgOgX9sqSUjbD
R35xpRGXRPEoDEyTVkhkeIDTXggoTW45VacycwpgIHmWfOZgEeO+O0YbioaWDTXC
GWRefST0naCKuBS0sx+oPoIDF6VrwgQOONkwmfReKkDetTw+nCgE3XztHoCNNj2f
njVF+b5RJr2F/ZI5dhDsMJgZlE5Joax3EnNKOsHa2CIZr0BSoaEq/Vh2eC8Qu9ZX
+gxR6bdOg+bQtDaNo/nA/Mmqw/pglCev28Ku5XfusDyFzkk7fIZ7xvJhsFn3UxCD
czYoe2aklQxD0Y5E1ATXYwfh
-----END CERTIFICATE-----
Generated at Wed Apr 10 01:20:27 2024 by rpki-client on console-fra.rpki-client.org