Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/20980C30AD5E11EEBD3C8059C4F9AE02.roa
File: 20980C30AD5E11EEBD3C8059C4F9AE02.roa (raw, json)
Hash identifier: ucgnwug3il7CgXzmTjgU0FkOfF3W9SCD8nxU6p26rhA=
Subject key identifier: A9:FE:42:45:2E:C3:13:DB:B1:04:AB:D1:77:E1:32:6E:AB:16:BA:B1
Certificate issuer: /CN=A91AE972/serialNumber=5D185B712D93056BF274B8B7A898C69254EBB983
Certificate serial: 13
Authority key identifier: 5D:18:5B:71:2D:93:05:6B:F2:74:B8:B7:A8:98:C6:92:54:EB:B9:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XRhbcS2TBWvydLi3qJjGklTruYM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/20980C30AD5E11EEBD3C8059C4F9AE02.roa
Signing time: Sun 07 Jan 2024 13:10:28 +0000
ROA not before: Sun 07 Jan 2024 13:10:28 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 136765
IP address blocks: 36.50.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jan 2024 13:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE972/serialNumber=5D185B712D93056BF274B8B7A898C69254EBB983
Validity
Not Before: Jan 7 13:10:28 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=659aa2c4-b682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:df:98:e4:68:6a:9d:fd:ac:a5:54:29:7d:e9:
2c:ab:1a:f1:6b:e6:e7:70:3f:b9:61:70:d6:1d:08:
39:2c:fc:16:3e:e4:7d:74:87:a5:bb:92:91:13:df:
88:b2:ee:f3:d1:73:ea:b2:97:35:61:28:b5:bd:ca:
e8:f8:e0:5a:1f:1c:39:e1:20:04:a0:e3:b4:65:dc:
28:70:8b:7e:5b:21:7c:6d:f8:89:f2:67:76:71:5e:
f7:f9:9b:a9:12:ac:82:c9:3c:ce:b1:bf:27:6d:82:
60:b6:e5:b2:71:54:34:db:87:2d:f5:2b:92:60:7e:
02:b3:2c:a7:90:77:ee:d5:87:82:e3:23:24:31:e2:
af:d5:2f:70:f2:4f:f3:f9:c7:54:6d:5e:b3:26:56:
20:35:4b:93:5f:03:68:80:c7:68:13:fa:f6:cb:1c:
c8:53:d8:01:25:d7:d5:f7:83:63:72:83:9e:c5:36:
27:93:88:a6:3e:ea:53:14:17:9f:35:29:7b:85:d6:
62:16:0b:49:fd:95:39:e0:1b:da:b7:7a:0d:27:d7:
67:ef:0e:97:0d:ef:eb:91:1d:c8:35:10:a4:c8:07:
cf:6a:e1:4c:4a:a5:9d:90:52:dd:87:7c:3b:4e:88:
ed:7b:f2:7b:df:05:c9:28:48:f3:17:e4:f7:54:e2:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FE:42:45:2E:C3:13:DB:B1:04:AB:D1:77:E1:32:6E:AB:16:BA:B1
X509v3 Authority Key Identifier:
keyid:5D:18:5B:71:2D:93:05:6B:F2:74:B8:B7:A8:98:C6:92:54:EB:B9:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/XRhbcS2TBWvydLi3qJjGklTruYM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XRhbcS2TBWvydLi3qJjGklTruYM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/20980C30AD5E11EEBD3C8059C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.199.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:22:d4:a8:6f:fc:d7:96:29:32:8f:35:68:d8:71:3a:81:62:
c5:7c:60:31:3c:41:37:6a:36:a2:4a:25:0f:8c:4b:fe:51:a7:
a1:9c:ee:8f:7a:36:73:96:d5:1d:de:09:b7:ce:b1:e6:ae:b1:
f2:54:68:71:38:95:a3:71:ca:ad:2d:3d:6a:09:4b:b4:37:a4:
8c:3c:dc:0c:fe:f6:8a:17:03:be:65:dd:84:7f:b4:5c:db:ab:
2c:cb:0b:be:4f:3d:c6:0d:b0:bd:78:47:c2:10:28:94:b8:01:
3c:fd:24:04:bd:ae:1f:60:b4:6f:7b:f8:4d:de:6e:f9:76:1a:
c9:ab:5b:e9:a3:6e:74:af:c9:17:84:bf:f1:c4:45:26:03:81:
3a:e9:7c:6b:5e:56:13:cb:99:33:51:c9:06:31:d4:69:19:1b:
af:0a:74:2d:71:d6:1a:34:f4:17:c0:82:7d:72:70:5d:b2:b6:
8f:84:75:e0:a6:41:fe:99:24:cf:98:f9:72:25:15:93:02:83:
50:5f:57:97:8a:f0:9f:6f:82:45:9f:5f:fe:c9:34:67:e7:54:
12:06:7f:04:20:dc:18:c1:b3:e0:01:a1:8f:df:aa:44:cc:89:
01:d4:ae:4f:81:39:15:0c:fc:16:99:79:f6:14:9f:33:35:0c:
0d:1c:7a:dd
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RTk3MjExMC8GA1UEBRMoNUQxODVCNzEyRDkzMDU2QkYyNzRCOEI3QTg5OEM2OTI1
NEVCQjk4MzAeFw0yNDAxMDcxMzEwMjhaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OWFhMmM0LWI2ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDG35jkaGqd/aylVCl96SyrGvFr5udwP7lhcNYdCDks/BY+5H10h6W7kpET34iy
7vPRc+qylzVhKLW9yuj44FofHDnhIASg47Rl3Chwi35bIXxt+InyZ3ZxXvf5m6kS
rILJPM6xvydtgmC25bJxVDTbhy31K5JgfgKzLKeQd+7Vh4LjIyQx4q/VL3DyT/P5
x1RtXrMmViA1S5NfA2iAx2gT+vbLHMhT2AEl19X3g2Nyg57FNieTiKY+6lMUF581
KXuF1mIWC0n9lTngG9q3eg0n12fvDpcN7+uRHcg1EKTIB89q4UxKpZ2QUt2HfDtO
iO178nvfBckoSPMX5PdU4pznAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUqf5CRS7D
E9uxBKvRd+EybqsWurEwHwYDVR0jBBgwFoAUXRhbcS2TBWvydLi3qJjGklTruYMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFFOTcyLzI0NUIzRERDQTNF
NjExRUVBREY5NDg1NUM0RjlBRTAyL1hSaGJjUzJUQld2eWRMaTNxSmpHa2xUcnVZ
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWFJoYmNTMlRCV3Z5ZExpM3FKakdrbFRydVlNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RTk3Mi8yNDVCM0REQ0EzRTYxMUVFQURGOTQ4NTVDNEY5QUUwMi8yMDk4MEMzMEFE
NUUxMUVFQkQzQzgwNTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEACQyxzANBgkqhkiG9w0BAQsFAAOCAQEAKyLUqG/815YpMo81
aNhxOoFixXxgMTxBN2o2okolD4xL/lGnoZzuj3o2c5bVHd4Jt86x5q6x8lRocTiV
o3HKrS09aglLtDekjDzcDP72ihcDvmXdhH+0XNurLMsLvk89xg2wvXhHwhAolLgB
PP0kBL2uH2C0b3v4Td5u+XYayatb6aNudK/JF4S/8cRFJgOBOul8a15WE8uZM1HJ
BjHUaRkbrwp0LXHWGjT0F8CCfXJwXbK2j4R14KZB/pkkz5j5ciUVkwKDUF9Xl4rw
n2+CRZ9f/sk0Z+dUEgZ/BCDcGMGz4AGhj9+qRMyJAdSuT4E5FQz8Fpl59hSfMzUM
DRx63Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org