Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919FE01/A4F9CD669F5C11EE8A23047EC4F9AE02/4E87B1F49F5D11EEA7007180C4F9AE02.roa
File: 4E87B1F49F5D11EEA7007180C4F9AE02.roa (raw, json)
Hash identifier: PdgYMFatCPZAI8VUZG17hzLAMLH4pq/xStURbfrk+TI=
Subject key identifier: DB:EB:12:A2:50:86:4E:FE:44:9C:C1:29:24:A2:42:6D:64:45:9A:BD
Certificate issuer: /CN=A919FE01/serialNumber=CB7E8E54C87E01CE8679CFE550F1FE9B2361083E
Certificate serial: 02
Authority key identifier: CB:7E:8E:54:C8:7E:01:CE:86:79:CF:E5:50:F1:FE:9B:23:61:08:3E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y36OVMh-Ac6Gec_lUPH-myNhCD4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919FE01/A4F9CD669F5C11EE8A23047EC4F9AE02/4E87B1F49F5D11EEA7007180C4F9AE02.roa
Signing time: Wed 20 Dec 2023 17:29:19 +0000
ROA not before: Wed 20 Dec 2023 17:29:19 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 152178
IP address blocks: 36.50.148.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Dec 2023 06:19:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919FE01/serialNumber=CB7E8E54C87E01CE8679CFE550F1FE9B2361083E
Validity
Not Before: Dec 20 17:29:19 2023 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6583246f-7e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c2:38:59:df:01:2b:40:43:8d:17:34:60:69:
1a:90:51:07:5f:3b:5a:e5:35:a7:f0:01:d4:5f:7f:
ce:9f:18:04:1c:9f:e3:ce:f8:0a:14:94:b0:1f:eb:
fb:57:a7:41:31:c0:fa:fa:b5:1a:30:48:32:21:6b:
63:25:7e:65:f4:ec:96:8d:58:ee:6b:53:d1:c5:73:
fd:e9:39:60:26:2d:c8:91:0d:75:4d:fc:d0:c3:67:
08:fa:31:cd:8b:3b:e9:c9:e1:8d:6f:92:07:89:4e:
11:f7:07:15:e4:48:e8:90:5a:ce:fd:2e:01:fa:a0:
4a:95:31:b5:d9:52:64:b8:42:d6:cd:57:8a:49:ca:
8b:ca:fe:5e:71:1d:4a:33:27:4b:ad:46:db:20:7b:
43:00:cc:bc:ce:3f:a9:55:06:83:47:29:f2:2d:57:
31:db:41:89:15:3e:bb:e3:a3:3a:15:b5:3d:59:a9:
e3:ad:1e:a0:3a:ea:1d:b3:98:67:ee:95:43:59:26:
87:60:1b:cf:ba:85:9c:e6:e7:86:c9:8e:a8:89:f7:
9c:a7:06:b3:9d:10:6e:68:36:36:24:13:68:5b:65:
c5:2d:e1:c1:0c:ab:47:ca:7b:ff:3f:f0:0e:85:e9:
a2:09:d7:a4:51:5f:f9:a9:6d:93:90:19:af:1e:9b:
6b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:EB:12:A2:50:86:4E:FE:44:9C:C1:29:24:A2:42:6D:64:45:9A:BD
X509v3 Authority Key Identifier:
keyid:CB:7E:8E:54:C8:7E:01:CE:86:79:CF:E5:50:F1:FE:9B:23:61:08:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919FE01/A4F9CD669F5C11EE8A23047EC4F9AE02/y36OVMh-Ac6Gec_lUPH-myNhCD4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y36OVMh-Ac6Gec_lUPH-myNhCD4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919FE01/A4F9CD669F5C11EE8A23047EC4F9AE02/4E87B1F49F5D11EEA7007180C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.148.0/23
Signature Algorithm: sha256WithRSAEncryption
92:8e:4c:93:16:38:5e:92:97:38:84:95:c0:ed:6e:7f:d9:b6:
25:01:e7:99:3e:e2:9b:2c:ec:86:67:d3:f8:5f:9c:f7:c4:4f:
bf:f0:e0:bb:eb:11:a6:40:4b:9e:1e:3c:7e:e4:e3:da:85:73:
c0:ad:e6:bf:e6:9f:d6:61:33:29:b7:4e:f1:9a:dc:29:79:98:
f1:df:84:8b:dd:b5:24:5e:54:e5:72:37:f7:a5:7e:d0:9a:60:
71:32:04:b2:d3:88:18:27:2d:c2:58:9a:ef:21:11:d5:d3:9e:
24:a6:66:20:e6:14:35:03:ce:01:75:c2:09:3f:91:56:74:52:
6c:fe:d5:51:61:f1:a5:9f:f1:a3:93:66:1a:db:15:39:80:3b:
52:94:4c:fe:f7:25:69:75:55:3e:94:64:bf:9d:1f:d8:0c:2b:
85:58:3e:52:ea:9a:d5:7e:bd:62:ec:a1:53:db:e2:9d:c1:5e:
55:b8:d8:59:23:ba:4a:1a:55:6b:97:e3:77:62:a5:75:6e:3f:
97:66:85:26:df:52:7a:e4:e9:e7:31:c3:3b:a2:f1:92:5b:d3:
ff:5b:71:10:ce:37:37:e9:a4:db:bb:16:6d:a7:b6:61:0c:37:
00:23:e0:a1:af:97:01:eb:c9:c9:61:15:81:49:dc:8d:0a:25:
f0:8b:7a:c9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RkUwMTExMC8GA1UEBRMoQ0I3RThFNTRDODdFMDFDRTg2NzlDRkU1NTBGMUZFOUIy
MzYxMDgzRTAeFw0yMzEyMjAxNzI5MTlaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ODMyNDZmLTdlOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCewjhZ3wErQEONFzRgaRqQUQdfO1rlNafwAdRff86fGAQcn+PO+AoUlLAf6/tX
p0ExwPr6tRowSDIha2MlfmX07JaNWO5rU9HFc/3pOWAmLciRDXVN/NDDZwj6Mc2L
O+nJ4Y1vkgeJThH3BxXkSOiQWs79LgH6oEqVMbXZUmS4QtbNV4pJyovK/l5xHUoz
J0utRtsge0MAzLzOP6lVBoNHKfItVzHbQYkVPrvjozoVtT1ZqeOtHqA66h2zmGfu
lUNZJodgG8+6hZzm54bJjqiJ95ynBrOdEG5oNjYkE2hbZcUt4cEMq0fKe/8/8A6F
6aIJ16RRX/mpbZOQGa8em2uRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU2+sSolCG
Tv5EnMEpJKJCbWRFmr0wHwYDVR0jBBgwFoAUy36OVMh+Ac6Gec/lUPH+myNhCD4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlGRTAxL0E0RjlDRDY2OUY1
QzExRUU4QTIzMDQ3RUM0RjlBRTAyL3kzNk9WTWgtQWM2R2VjX2xVUEgtbXlOaENE
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveTM2T1ZNaC1BYzZHZWNfbFVQSC1teU5oQ0Q0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RkUwMS9BNEY5Q0Q2NjlGNUMxMUVFOEEyMzA0N0VDNEY5QUUwMi80RTg3QjFGNDlG
NUQxMUVFQTcwMDcxODBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEASQylDANBgkqhkiG9w0BAQsFAAOCAQEAko5MkxY4XpKXOISV
wO1uf9m2JQHnmT7imyzshmfT+F+c98RPv/Dgu+sRpkBLnh48fuTj2oVzwK3mv+af
1mEzKbdO8ZrcKXmY8d+Ei921JF5U5XI396V+0JpgcTIEstOIGCctwlia7yER1dOe
JKZmIOYUNQPOAXXCCT+RVnRSbP7VUWHxpZ/xo5NmGtsVOYA7UpRM/vclaXVVPpRk
v50f2AwrhVg+Uuqa1X69YuyhU9vincFeVbjYWSO6ShpVa5fjd2KldW4/l2aFJt9S
euTp5zHDO6LxklvT/1txEM43N+mk27sWbae2YQw3ACPgoa+XAevJyWEVgUncjQol
8It6yQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org