Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0CAE/7C644EE66A7111EEA5B4CB26C4F9AE02/859BE02C6A7211EEBCAD6028C4F9AE02.roa
File: 859BE02C6A7211EEBCAD6028C4F9AE02.roa (raw, json)
Hash identifier: OEjrBo6ifhFaluh8qxrK8gT1uRt9IMnbrABoGTZlGAY=
Subject key identifier: 0D:85:CF:37:D3:1C:46:20:8C:E0:CA:A7:72:CF:5E:D2:80:38:F2:D5
Certificate issuer: /CN=A91B0CAE/serialNumber=29811E1DB068BDBBABFB7AB695F85898BD618C69
Certificate serial: 02
Authority key identifier: 29:81:1E:1D:B0:68:BD:BB:AB:FB:7A:B6:95:F8:58:98:BD:61:8C:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KYEeHbBovbur-3q2lfhYmL1hjGk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0CAE/7C644EE66A7111EEA5B4CB26C4F9AE02/859BE02C6A7211EEBCAD6028C4F9AE02.roa
Signing time: Sat 14 Oct 2023 09:17:39 +0000
ROA not before: Sat 14 Oct 2023 09:17:39 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 151961
IP address blocks: 223.130.8.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Oct 2023 16:45:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0CAE/serialNumber=29811E1DB068BDBBABFB7AB695F85898BD618C69
Validity
Not Before: Oct 14 09:17:39 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=652a5cb3-f708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:69:aa:fa:a5:0c:c4:4f:ab:e9:dc:7e:a4:ba:
89:d3:d9:a2:78:d8:9a:1a:0a:08:0a:fd:0c:6a:b8:
9f:80:9c:c1:01:07:83:6c:39:42:02:cc:29:9d:08:
fa:44:4f:25:5e:17:e1:bc:30:32:ff:f0:36:3e:ad:
3d:ea:27:83:66:fc:0f:40:fa:18:13:e4:c6:5d:3d:
22:5d:19:c2:fa:fc:12:cc:80:de:f1:ef:9c:f7:81:
4e:e4:38:8d:19:4d:28:f2:44:0a:85:80:ec:11:f5:
f0:4e:79:2d:3a:0c:cf:12:56:f3:43:b7:52:cf:4b:
d2:e8:a1:00:bf:55:d7:fb:85:07:da:65:5c:c7:97:
c2:8e:31:e8:ff:42:1f:d7:3f:18:82:0e:de:2a:82:
f2:28:80:94:18:ac:d3:c4:22:13:1b:8b:9a:6a:60:
81:4d:5b:ac:62:90:9b:1d:d8:a6:aa:0b:69:1c:79:
51:54:ca:0a:a1:f3:db:1e:87:b6:02:09:78:53:2d:
07:a9:48:9e:6f:49:cf:52:51:89:10:4c:89:04:41:
a5:3a:03:fb:c9:59:2a:0a:7d:b8:d5:79:95:bb:83:
b8:a3:51:f0:69:b0:ba:31:44:a5:e4:69:c4:7f:6a:
a1:7a:cb:49:92:94:11:b2:40:7a:ac:40:32:b7:94:
09:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:85:CF:37:D3:1C:46:20:8C:E0:CA:A7:72:CF:5E:D2:80:38:F2:D5
X509v3 Authority Key Identifier:
keyid:29:81:1E:1D:B0:68:BD:BB:AB:FB:7A:B6:95:F8:58:98:BD:61:8C:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0CAE/7C644EE66A7111EEA5B4CB26C4F9AE02/KYEeHbBovbur-3q2lfhYmL1hjGk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KYEeHbBovbur-3q2lfhYmL1hjGk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0CAE/7C644EE66A7111EEA5B4CB26C4F9AE02/859BE02C6A7211EEBCAD6028C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
223.130.8.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:d7:be:65:90:13:7c:b8:92:0a:0c:27:b0:db:a1:d9:7a:25:
6e:38:37:f8:53:a8:e8:19:6b:7e:4b:d6:eb:7f:da:d7:53:f4:
06:b6:30:b3:ac:5c:84:a5:ad:50:17:06:dd:0c:65:45:14:12:
6b:a4:30:16:8e:0a:7e:53:80:6e:c6:ec:2b:21:dc:fa:a7:9b:
03:90:40:92:f5:e2:20:12:4f:1c:45:fa:4d:64:6d:8a:9d:f8:
ad:a5:12:18:84:a9:3d:fb:fd:09:9d:98:20:6f:bc:72:24:fc:
b4:95:b4:6d:7f:04:7b:03:7a:1d:ec:ce:fa:03:b8:b6:54:41:
72:43:0f:bb:70:51:c1:7b:d9:96:b5:0d:7f:f3:29:d3:c5:a0:
23:9d:74:1f:4a:5e:23:98:99:da:e2:4f:9e:fb:96:ed:93:de:
13:45:6f:9a:ef:96:7e:c1:18:51:b8:ea:0d:b5:8c:3a:78:49:
ff:ec:6d:1a:9d:a8:af:49:67:4b:11:90:f2:88:d4:75:4e:af:
e1:98:33:de:63:0f:a2:e1:16:d7:4d:e3:20:57:93:dd:fb:85:
c6:0f:f4:25:30:74:37:21:fa:8a:b8:db:83:61:ed:db:5c:af:
6f:f7:69:88:35:5f:54:89:3d:98:d0:6f:39:25:1a:c3:20:f6:
5b:cf:b4:0b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
MENBRTExMC8GA1UEBRMoMjk4MTFFMURCMDY4QkRCQkFCRkI3QUI2OTVGODU4OThC
RDYxOEM2OTAeFw0yMzEwMTQwOTE3MzlaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MmE1Y2IzLWY3MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8aar6pQzET6vp3H6kuonT2aJ42JoaCggK/QxquJ+AnMEBB4NsOUICzCmdCPpE
TyVeF+G8MDL/8DY+rT3qJ4Nm/A9A+hgT5MZdPSJdGcL6/BLMgN7x75z3gU7kOI0Z
TSjyRAqFgOwR9fBOeS06DM8SVvNDt1LPS9LooQC/Vdf7hQfaZVzHl8KOMej/Qh/X
PxiCDt4qgvIogJQYrNPEIhMbi5pqYIFNW6xikJsd2KaqC2kceVFUygqh89seh7YC
CXhTLQepSJ5vSc9SUYkQTIkEQaU6A/vJWSoKfbjVeZW7g7ijUfBpsLoxRKXkacR/
aqF6y0mSlBGyQHqsQDK3lAmvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUDYXPN9Mc
RiCM4Mqncs9e0oA48tUwHwYDVR0jBBgwFoAUKYEeHbBovbur+3q2lfhYmL1hjGkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwQ0FFLzdDNjQ0RUU2NkE3
MTExRUVBNUI0Q0IyNkM0RjlBRTAyL0tZRWVIYkJvdmJ1ci0zcTJsZmhZbUwxaGpH
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvS1lFZUhiQm92YnVyLTNxMmxmaFltTDFoakdrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MENBRS83QzY0NEVFNjZBNzExMUVFQTVCNENCMjZDNEY5QUUwMi84NTlCRTAyQzZB
NzIxMUVFQkNBRDYwMjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAd+CCDANBgkqhkiG9w0BAQsFAAOCAQEAite+ZZATfLiSCgwn
sNuh2Xolbjg3+FOo6BlrfkvW63/a11P0BrYws6xchKWtUBcG3QxlRRQSa6QwFo4K
flOAbsbsKyHc+qebA5BAkvXiIBJPHEX6TWRtip34raUSGISpPfv9CZ2YIG+8ciT8
tJW0bX8EewN6HezO+gO4tlRBckMPu3BRwXvZlrUNf/Mp08WgI510H0peI5iZ2uJP
nvuW7ZPeE0Vvmu+WfsEYUbjqDbWMOnhJ/+xtGp2or0lnSxGQ8ojUdU6v4Zgz3mMP
ouEW103jIFeT3fuFxg/0JTB0NyH6irjbg2Ht21yvb/dpiDVfVIk9mNBvOSUawyD2
W8+0Cw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org