Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC415/BD1C935CD73211EEA183F50AC4F9AE02/C67E4784FAF411EE9A7EC618C4F9AE02.roa
File: C67E4784FAF411EE9A7EC618C4F9AE02.roa (raw, json)
Hash identifier: Cw7B+l/U0VgXBO52U4QVY8bFWrxgTbsRl5qNR++AB0A=
Subject key identifier: 9D:E0:F1:AC:26:27:65:0E:05:58:0E:80:7F:58:AD:4E:F9:B3:69:C0
Certificate issuer: /CN=A91AC415/serialNumber=A82E6331EBF44F58FC659986DB0544C6615F26F1
Certificate serial: 20
Authority key identifier: A8:2E:63:31:EB:F4:4F:58:FC:65:99:86:DB:05:44:C6:61:5F:26:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qC5jMev0T1j8ZZmG2wVExmFfJvE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC415/BD1C935CD73211EEA183F50AC4F9AE02/C67E4784FAF411EE9A7EC618C4F9AE02.roa
Signing time: Mon 15 Apr 2024 06:52:50 +0000
ROA not before: Mon 15 Apr 2024 06:52:50 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 4755
IP address blocks: 210.79.128.0/23 maxlen: 23
2401:5420::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 12 May 2024 09:17:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32 (0x20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC415/serialNumber=A82E6331EBF44F58FC659986DB0544C6615F26F1
Validity
Not Before: Apr 15 06:52:50 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=661ccec2-2640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2d:c7:a9:43:ee:85:91:08:9b:b2:79:95:d5:
fc:2f:67:d7:5a:2b:87:f5:1a:02:fe:d9:0a:60:7a:
b6:be:b1:ae:32:44:7a:ff:09:88:f9:55:a7:fc:bc:
12:9d:6f:01:68:be:83:80:b4:5e:1a:f3:eb:e3:58:
db:18:36:3d:fc:66:89:d6:6a:b4:66:75:45:b8:9f:
ae:7e:7e:57:6c:ef:22:bf:0a:65:b6:91:dd:e0:b6:
93:a6:99:6e:d1:c6:47:50:c6:3e:a9:3d:06:3e:6c:
e8:38:77:50:f4:48:7f:14:7b:c3:0b:04:16:eb:35:
c6:3a:0f:21:56:f6:ff:fb:68:11:ee:16:5f:e7:89:
4f:77:f1:06:8d:d4:52:7e:1a:b5:d8:64:cd:22:30:
a7:fd:d6:aa:c9:12:9e:30:f6:9c:79:6c:70:ef:ab:
da:91:9e:99:2c:51:f4:30:e5:57:7d:63:48:a4:be:
84:82:60:6b:b1:fd:55:4c:36:06:6a:81:22:67:39:
69:0a:78:9a:a9:68:43:47:4e:d9:44:fb:e5:af:b4:
95:35:57:cd:17:07:a9:8d:79:28:fc:60:e5:c8:5f:
fd:83:0b:f4:b6:e5:84:5a:37:2e:55:c6:89:3b:47:
62:a3:e9:5d:86:15:ea:b6:7b:c2:61:ce:70:c9:72:
a4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E0:F1:AC:26:27:65:0E:05:58:0E:80:7F:58:AD:4E:F9:B3:69:C0
X509v3 Authority Key Identifier:
keyid:A8:2E:63:31:EB:F4:4F:58:FC:65:99:86:DB:05:44:C6:61:5F:26:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC415/BD1C935CD73211EEA183F50AC4F9AE02/qC5jMev0T1j8ZZmG2wVExmFfJvE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qC5jMev0T1j8ZZmG2wVExmFfJvE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC415/BD1C935CD73211EEA183F50AC4F9AE02/C67E4784FAF411EE9A7EC618C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.79.128.0/23
IPv6:
2401:5420::/32
Signature Algorithm: sha256WithRSAEncryption
38:5f:25:af:b3:3b:bc:15:a5:3a:57:99:bc:1f:d3:fc:7b:90:
2f:5d:bd:3c:7c:27:fe:40:cb:3f:b7:58:47:f9:e8:ba:5b:8b:
fc:e9:e1:ae:65:20:1c:0f:e1:f5:66:60:d2:8a:21:93:62:79:
52:00:81:df:e7:d4:4c:5c:eb:2b:57:02:44:74:c4:16:10:56:
77:8b:47:0b:1b:6b:02:1f:db:e3:1b:04:69:df:82:4b:8e:3b:
ef:84:6a:7b:c0:9d:fc:b5:58:83:5a:e9:80:e5:c4:be:ff:f7:
bb:ab:79:9a:5f:5e:76:82:47:42:1b:42:ad:8a:a3:cc:b0:6d:
9b:22:9f:57:33:5d:94:ce:fe:77:9a:3e:bd:0c:72:6f:0a:e1:
d3:79:a5:64:21:28:3e:d8:8c:af:8f:cb:33:e5:38:9a:43:fb:
b3:69:c5:61:9b:bd:60:e7:2f:29:fb:f4:a7:20:7c:8e:4b:db:
70:91:95:5c:f9:d0:1f:ea:d8:16:77:38:0b:d2:d3:92:9b:3d:
58:17:0d:a8:40:a7:0f:ff:86:16:99:4c:a9:06:f7:9c:5f:5e:
b4:99:fc:2b:0f:d6:72:78:1a:20:0e:a6:04:1e:4e:a9:61:d3:
67:11:06:cb:03:c3:bb:9d:f3:60:ff:10:31:0d:ac:f5:97:d7:
76:18:d6:47
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QzQxNTExMC8GA1UEBRMoQTgyRTYzMzFFQkY0NEY1OEZDNjU5OTg2REIwNTQ0QzY2
MTVGMjZGMTAeFw0yNDA0MTUwNjUyNTBaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MWNjZWMyLTI2NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLLcepQ+6FkQibsnmV1fwvZ9daK4f1GgL+2Qpgera+sa4yRHr/CYj5Vaf8vBKd
bwFovoOAtF4a8+vjWNsYNj38ZonWarRmdUW4n65+flds7yK/CmW2kd3gtpOmmW7R
xkdQxj6pPQY+bOg4d1D0SH8Ue8MLBBbrNcY6DyFW9v/7aBHuFl/niU938QaN1FJ+
GrXYZM0iMKf91qrJEp4w9px5bHDvq9qRnpksUfQw5Vd9Y0ikvoSCYGux/VVMNgZq
gSJnOWkKeJqpaENHTtlE++WvtJU1V80XB6mNeSj8YOXIX/2DC/S25YRaNy5Vxok7
R2Kj6V2GFeq2e8JhznDJcqThAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUneDxrCYn
ZQ4FWA6Af1itTvmzacAwHwYDVR0jBBgwFoAUqC5jMev0T1j8ZZmG2wVExmFfJvEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDNDE1L0JEMUM5MzVDRDcz
MjExRUVBMTgzRjUwQUM0RjlBRTAyL3FDNWpNZXYwVDFqOFpabUcyd1ZFeG1GZkp2
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcUM1ak1ldjBUMWo4WlptRzJ3VkV4bUZmSnZFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QzQxNS9CRDFDOTM1Q0Q3MzIxMUVFQTE4M0Y1MEFDNEY5QUUwMi9DNjdFNDc4NEZB
RjQxMUVFOUE3RUM2MThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAdJPgDANBAIAAjAHAwUAJAFUIDANBgkqhkiG9w0BAQsFAAOC
AQEAOF8lr7M7vBWlOleZvB/T/HuQL129PHwn/kDLP7dYR/nouluL/OnhrmUgHA/h
9WZg0oohk2J5UgCB3+fUTFzrK1cCRHTEFhBWd4tHCxtrAh/b4xsEad+CS44774Rq
e8Cd/LVYg1rpgOXEvv/3u6t5ml9edoJHQhtCrYqjzLBtmyKfVzNdlM7+d5o+vQxy
bwrh03mlZCEoPtiMr4/LM+U4mkP7s2nFYZu9YOcvKfv0pyB8jkvbcJGVXPnQH+rY
Fnc4C9LTkps9WBcNqECnD/+GFplMqQb3nF9etJn8Kw/WcngaIA6mBB5OqWHTZxEG
ywPDu53zYP8QMQ2s9ZfXdhjWRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org