Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/F55CF6A0B0B611EE8715DB71C4F9AE02.roa
File: F55CF6A0B0B611EE8715DB71C4F9AE02.roa (raw, json)
Hash identifier: gJCtjZnDji5HM3ofL5hyUHq+/9DNQZZkZGJ4SIAqGqg=
Subject key identifier: 04:34:85:8D:27:14:A8:72:F8:FF:97:68:5F:15:C7:70:5B:56:5B:9B
Certificate issuer: /CN=A91A192D/serialNumber=A81D0D61F7B730DDB742CC48ADD88A04D46FD024
Certificate serial: 29
Authority key identifier: A8:1D:0D:61:F7:B7:30:DD:B7:42:CC:48:AD:D8:8A:04:D4:6F:D0:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0NYfe3MN23QsxIrdiKBNRv0CQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/F55CF6A0B0B611EE8715DB71C4F9AE02.roa
Signing time: Thu 11 Jan 2024 19:36:37 +0000
ROA not before: Thu 11 Jan 2024 19:36:37 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 152300
IP address blocks: 36.50.240.0/23 maxlen: 31
2001:df3:5240::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Apr 2024 18:17:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41 (0x29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A192D/serialNumber=A81D0D61F7B730DDB742CC48ADD88A04D46FD024
Validity
Not Before: Jan 11 19:36:37 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65a04344-b5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:53:1d:64:96:8e:97:56:e4:cc:97:cb:dc:d7:
e2:86:0c:d8:ce:7e:09:2f:fd:fd:a2:3c:d2:54:16:
e3:95:41:09:e5:ae:2e:a9:23:bb:12:3b:6c:18:90:
3c:6c:b5:42:fe:a8:5c:d8:22:43:d0:5e:00:b3:6d:
f4:4e:b1:3d:07:a7:6d:ed:04:8e:b0:c3:db:1a:b4:
d7:d0:1e:a3:84:fb:ce:f1:a2:88:49:de:e2:fe:94:
9a:12:29:97:7a:98:ea:8d:1f:f3:4b:9e:5f:4c:45:
94:fd:bb:8f:99:a1:52:22:37:f9:e9:5a:93:2e:41:
8b:2e:03:11:9f:33:23:15:4b:b8:f9:82:9a:70:5b:
3b:95:30:dc:44:f5:92:fd:54:c8:c5:d5:37:10:80:
3a:75:cd:bf:78:35:13:39:19:fa:c4:f8:2e:b5:a9:
0c:57:89:75:50:30:e9:77:1b:e5:6e:1b:61:86:a0:
cd:92:20:23:79:bf:f0:3c:55:50:39:06:7e:23:7f:
9d:bc:75:b5:a4:79:87:c3:b6:46:2b:ef:ce:23:ab:
27:b6:42:16:52:a4:a3:26:cb:48:00:9b:dc:2c:7f:
01:e1:c6:25:77:56:b1:34:be:20:97:d8:eb:88:9a:
a4:87:37:15:39:fc:68:0b:3d:b6:28:d7:c4:3a:4a:
14:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:34:85:8D:27:14:A8:72:F8:FF:97:68:5F:15:C7:70:5B:56:5B:9B
X509v3 Authority Key Identifier:
keyid:A8:1D:0D:61:F7:B7:30:DD:B7:42:CC:48:AD:D8:8A:04:D4:6F:D0:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/qB0NYfe3MN23QsxIrdiKBNRv0CQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0NYfe3MN23QsxIrdiKBNRv0CQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/F55CF6A0B0B611EE8715DB71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.240.0/23
IPv6:
2001:df3:5240::/48
Signature Algorithm: sha256WithRSAEncryption
40:a5:23:0a:b9:bc:e7:e3:f0:b7:be:2f:b7:d5:4c:b3:92:7d:
79:56:97:62:b8:72:7c:e2:88:2f:66:b1:09:ff:4b:c0:38:1b:
1c:53:aa:e0:b8:34:81:a2:a3:16:b8:7b:28:c5:49:50:39:83:
95:28:e6:b7:a7:a4:c5:b3:a0:62:92:20:b9:91:2a:6f:8a:ff:
e4:e2:53:14:71:82:77:07:1e:b8:86:5f:49:c9:0e:f7:79:f3:
32:77:4c:60:54:ee:e2:9d:0d:1f:4b:f8:26:6e:a2:9f:fc:c5:
9e:50:8f:c1:40:f3:33:ba:ba:de:c8:26:22:96:80:13:0d:b4:
f0:58:44:9a:3e:35:02:e3:fb:65:ba:ed:13:78:75:9d:22:d6:
bc:d5:63:bb:4a:33:1a:9a:78:5c:a1:a3:5a:b0:68:28:6d:58:
6a:44:92:ec:dd:18:43:13:cd:39:e7:2a:57:10:63:b9:74:79:
95:1e:9b:a9:96:de:ea:d3:48:c9:5c:d7:c4:a1:ad:5d:9c:bb:
81:d3:d4:b8:09:60:40:68:a7:1c:9c:b2:a6:62:5c:38:91:f8:
41:4c:86:77:db:5b:70:b3:d7:2a:2a:88:90:3a:92:2e:f0:d1:
27:c0:53:65:35:96:9d:78:57:e9:c5:d0:30:23:b5:c1:92:9c:
08:30:1f:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBKTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MTkyRDExMC8GA1UEBRMoQTgxRDBENjFGN0I3MzBEREI3NDJDQzQ4QUREODhBMDRE
NDZGRDAyNDAeFw0yNDAxMTExOTM2MzdaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YTA0MzQ0LWI1YmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDeUx1klo6XVuTMl8vc1+KGDNjOfgkv/f2iPNJUFuOVQQnlri6pI7sSO2wYkDxs
tUL+qFzYIkPQXgCzbfROsT0Hp23tBI6ww9satNfQHqOE+87xoohJ3uL+lJoSKZd6
mOqNH/NLnl9MRZT9u4+ZoVIiN/npWpMuQYsuAxGfMyMVS7j5gppwWzuVMNxE9ZL9
VMjF1TcQgDp1zb94NRM5GfrE+C61qQxXiXVQMOl3G+VuG2GGoM2SICN5v/A8VVA5
Bn4jf528dbWkeYfDtkYr784jqye2QhZSpKMmy0gAm9wsfwHhxiV3VrE0viCX2OuI
mqSHNxU5/GgLPbYo18Q6ShSDAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUBDSFjScU
qHL4/5doXxXHcFtWW5swHwYDVR0jBBgwFoAUqB0NYfe3MN23QsxIrdiKBNRv0CQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUExOTJEL0NDNjdEMjUyQTRC
QzExRUU5RTVBNUQ3MkM0RjlBRTAyL3FCME5ZZmUzTU4yM1FzeElyZGlLQk5SdjBD
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcUIwTllmZTNNTjIzUXN4SXJkaUtCTlJ2MENRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MTkyRC9DQzY3RDI1MkE0QkMxMUVFOUU1QTVENzJDNEY5QUUwMi9GNTVDRjZBMEIw
QjYxMUVFODcxNURCNzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEASQy8DAPBAIAAjAJAwcAIAEN81JAMA0GCSqGSIb3DQEBCwUA
A4IBAQBApSMKubzn4/C3vi+31Uyzkn15VpdiuHJ84ogvZrEJ/0vAOBscU6rguDSB
oqMWuHsoxUlQOYOVKOa3p6TFs6BikiC5kSpviv/k4lMUcYJ3Bx64hl9JyQ73efMy
d0xgVO7inQ0fS/gmbqKf/MWeUI/BQPMzurreyCYiloATDbTwWESaPjUC4/tluu0T
eHWdIta81WO7SjMamnhcoaNasGgobVhqRJLs3RhDE8055ypXEGO5dHmVHpuplt7q
00jJXNfEoa1dnLuB09S4CWBAaKccnLKmYlw4kfhBTIZ321tws9cqKoiQOpIu8NEn
wFNlNZadeFfpxdAwI7XBkpwIMB9/
-----END CERTIFICATE-----
Generated at Wed Apr 10 20:32:43 2024 by rpki-client on console-fra.rpki-client.org