Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9194C67/C2A761908E8911EEBC286358C4F9AE02/E451A1B88EA011EE897BAB34C4F9AE02.roa
File: E451A1B88EA011EE897BAB34C4F9AE02.roa (raw, json)
Hash identifier: ggTIpVNbc7JoGGpS+thx9/5bc8ZDkayrXMH84nQv05g=
Subject key identifier: 94:61:10:13:B0:45:00:E3:4F:32:36:CF:AF:09:67:DB:04:DC:85:72
Certificate issuer: /CN=A9194C67/serialNumber=22D021488AE1317FC95C74A38825254AB7926137
Certificate serial: 10
Authority key identifier: 22:D0:21:48:8A:E1:31:7F:C9:5C:74:A3:88:25:25:4A:B7:92:61:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ItAhSIrhMX_JXHSjiCUlSreSYTc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9194C67/C2A761908E8911EEBC286358C4F9AE02/E451A1B88EA011EE897BAB34C4F9AE02.roa
Signing time: Wed 29 Nov 2023 10:20:17 +0000
ROA not before: Wed 29 Nov 2023 10:20:17 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 149311
IP address blocks: 36.50.12.0/23 maxlen: 24
2001:df3:2fc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Nov 2023 10:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9194C67/serialNumber=22D021488AE1317FC95C74A38825254AB7926137
Validity
Not Before: Nov 29 10:20:17 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65671061-4adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:60:75:77:b7:92:d4:36:5f:36:1e:19:5b:f5:
d0:b4:e6:0b:10:09:db:0d:4a:f4:f0:c4:dc:20:54:
db:d7:d7:79:e0:81:d1:86:79:a9:1b:03:67:3b:6b:
09:9b:1a:d9:ca:8b:81:32:a5:c4:c3:2f:81:ad:04:
7c:87:31:5e:63:e7:e4:bd:42:74:dc:b8:1a:eb:62:
66:40:34:67:fe:af:50:11:68:78:8b:e0:f9:80:65:
db:cf:5a:d7:50:b8:1b:4c:36:75:3c:fe:e9:13:94:
4a:9b:fa:b6:6d:21:0a:e4:35:da:b5:10:50:cb:a3:
56:1a:fe:89:90:70:f7:ef:b7:a2:1f:1b:0e:38:ee:
19:0e:db:f0:2c:da:7a:62:01:d2:f9:be:8d:ba:88:
fc:f0:fc:84:6c:1c:82:c3:55:46:8b:68:da:03:70:
fc:26:f1:ce:d8:0b:6e:44:c1:f1:d5:d6:06:18:0d:
66:91:10:c9:7f:85:16:07:43:ca:e1:30:61:df:55:
ab:5f:3b:50:4a:58:ab:49:e5:69:04:5a:14:eb:24:
d1:03:6b:81:0f:21:a3:d3:64:23:ca:a4:de:47:d2:
4f:0d:12:14:1a:38:ab:65:6e:4e:70:60:1f:f6:1f:
ab:1c:b0:0b:65:8f:08:a7:44:cd:53:fe:9f:a0:28:
7c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:61:10:13:B0:45:00:E3:4F:32:36:CF:AF:09:67:DB:04:DC:85:72
X509v3 Authority Key Identifier:
keyid:22:D0:21:48:8A:E1:31:7F:C9:5C:74:A3:88:25:25:4A:B7:92:61:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9194C67/C2A761908E8911EEBC286358C4F9AE02/ItAhSIrhMX_JXHSjiCUlSreSYTc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ItAhSIrhMX_JXHSjiCUlSreSYTc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194C67/C2A761908E8911EEBC286358C4F9AE02/E451A1B88EA011EE897BAB34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.12.0/23
IPv6:
2001:df3:2fc0::/48
Signature Algorithm: sha256WithRSAEncryption
7b:d2:18:56:8c:a4:6d:11:7a:3b:36:d8:84:a1:6e:e4:36:0f:
6c:14:0d:d7:37:17:f2:0c:63:0d:09:23:92:c2:e9:48:8b:96:
80:67:3b:de:f2:3c:53:6b:21:1e:61:9e:03:5b:3d:6c:bd:79:
a4:b1:9a:3c:b0:88:6c:5b:a2:23:56:32:01:a0:b1:52:72:8c:
85:18:b5:fe:4b:8b:d7:a1:a9:29:f5:bb:61:3b:1c:2c:bf:f3:
1c:b1:fa:e4:f3:60:09:c5:ca:33:84:8d:e2:4d:2a:63:50:43:
b5:ce:de:c0:45:ec:8a:6a:7c:dd:03:c0:01:5c:f0:e9:04:b3:
21:dc:30:d8:46:cf:59:af:ab:3b:05:83:0c:6a:60:f1:d5:1d:
cb:4c:b1:70:0e:9d:90:19:e6:e0:2e:c3:16:09:dc:ab:99:70:
9a:1b:4b:38:c2:e3:7c:07:7c:ca:da:a5:29:c2:23:fd:46:3f:
2d:02:c8:f8:23:78:36:71:89:e3:57:7e:32:7f:79:d2:3a:09:
74:6e:fe:49:83:08:e7:64:b5:09:2c:87:67:5b:db:9c:c1:60:
38:84:8f:34:19:c5:8d:6e:08:bf:83:ff:65:09:18:43:78:43:
e6:f5:8e:eb:2d:47:d2:4d:64:22:ac:4d:7a:10:db:f7:3a:32:
32:33:74:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NEM2NzExMC8GA1UEBRMoMjJEMDIxNDg4QUUxMzE3RkM5NUM3NEEzODgyNTI1NEFC
NzkyNjEzNzAeFw0yMzExMjkxMDIwMTdaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NjcxMDYxLTRhZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9YHV3t5LUNl82Hhlb9dC05gsQCdsNSvTwxNwgVNvX13nggdGGeakbA2c7awmb
GtnKi4EypcTDL4GtBHyHMV5j5+S9QnTcuBrrYmZANGf+r1ARaHiL4PmAZdvPWtdQ
uBtMNnU8/ukTlEqb+rZtIQrkNdq1EFDLo1Ya/omQcPfvt6IfGw447hkO2/As2npi
AdL5vo26iPzw/IRsHILDVUaLaNoDcPwm8c7YC25EwfHV1gYYDWaREMl/hRYHQ8rh
MGHfVatfO1BKWKtJ5WkEWhTrJNEDa4EPIaPTZCPKpN5H0k8NEhQaOKtlbk5wYB/2
H6scsAtljwinRM1T/p+gKHyVAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUlGEQE7BF
AONPMjbPrwln2wTchXIwHwYDVR0jBBgwFoAUItAhSIrhMX/JXHSjiCUlSreSYTcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk0QzY3L0MyQTc2MTkwOEU4
OTExRUVCQzI4NjM1OEM0RjlBRTAyL0l0QWhTSXJoTVhfSlhIU2ppQ1VsU3JlU1lU
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSXRBaFNJcmhNWF9KWEhTamlDVWxTcmVTWVRjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NEM2Ny9DMkE3NjE5MDhFODkxMUVFQkMyODYzNThDNEY5QUUwMi9FNDUxQTFCODhF
QTAxMUVFODk3QkFCMzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEASQyDDAPBAIAAjAJAwcAIAEN8y/AMA0GCSqGSIb3DQEBCwUA
A4IBAQB70hhWjKRtEXo7NtiEoW7kNg9sFA3XNxfyDGMNCSOSwulIi5aAZzve8jxT
ayEeYZ4DWz1svXmksZo8sIhsW6IjVjIBoLFScoyFGLX+S4vXoakp9bthOxwsv/Mc
sfrk82AJxcozhI3iTSpjUEO1zt7AReyKanzdA8ABXPDpBLMh3DDYRs9Zr6s7BYMM
amDx1R3LTLFwDp2QGebgLsMWCdyrmXCaG0s4wuN8B3zK2qUpwiP9Rj8tAsj4I3g2
cYnjV34yf3nSOgl0bv5JgwjnZLUJLIdnW9ucwWA4hI80GcWNbgi/g/9lCRhDeEPm
9Y7rLUfSTWQirE16ENv3OjIyM3RI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org