Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/2DBEC850A09C11EE9921D11CC4F9AE02.roa
File: 2DBEC850A09C11EE9921D11CC4F9AE02.roa (raw, json)
Hash identifier: UgYk71LvNLUhS/GAwdfrwNX1o5xn9PDtFPSztxYxWaY=
Subject key identifier: 21:F1:88:64:21:C8:56:CC:63:34:8A:E9:65:62:BD:08:20:AF:2B:06
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 3476
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/2DBEC850A09C11EE9921D11CC4F9AE02.roa
Signing time: Thu 04 Jan 2024 14:50:39 +0000
ROA not before: Thu 04 Jan 2024 14:50:39 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 174
IP address blocks: 116.90.100.0/24 maxlen: 24
116.90.101.0/24 maxlen: 24
116.90.105.0/24 maxlen: 24
116.90.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 08:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13430 (0x3476)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Jan 4 14:50:39 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6596c5bf-82b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ec:76:eb:64:ac:20:fa:41:4c:e4:bb:40:a6:
8f:00:80:aa:ad:4f:7f:45:8e:4f:f6:1f:3d:3f:da:
7e:ca:fe:83:eb:34:56:6b:f2:01:64:27:4b:f1:fc:
3e:a3:28:da:e0:41:12:a2:9e:bc:9b:b6:d4:51:79:
47:6a:2d:92:e6:ae:98:83:9a:3c:34:4a:a9:aa:0b:
b5:19:bd:36:77:63:65:9e:9b:0f:e5:78:06:eb:95:
7b:31:02:04:10:fe:d7:0a:82:ec:19:9e:2c:66:b1:
18:e2:df:a1:44:f5:f4:96:3c:95:0b:ef:5b:44:ce:
c5:37:c7:ca:9e:58:d6:dc:b5:44:2f:49:4c:f5:2f:
1d:a2:7c:6d:c6:ca:43:14:d3:fc:52:c9:29:68:ed:
48:d3:0b:5d:58:0b:9b:ec:28:65:83:b6:e7:c4:e7:
cd:34:f5:12:25:ad:c9:61:cc:9d:42:16:00:5b:85:
c0:c3:32:18:94:18:bc:84:3a:1e:d6:c5:d8:0e:f0:
ad:4b:a3:62:7c:6d:64:a3:de:1c:14:eb:70:7c:74:
ff:83:5e:ba:f9:91:81:9a:be:f7:5f:02:66:28:40:
ce:91:7b:ca:83:b7:d6:ee:c0:26:e8:ba:16:6a:63:
b1:92:9e:12:df:b8:52:c6:a7:1d:b5:18:dd:46:3a:
27:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F1:88:64:21:C8:56:CC:63:34:8A:E9:65:62:BD:08:20:AF:2B:06
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/2DBEC850A09C11EE9921D11CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.100.0/23
116.90.105.0/24
116.90.115.0/24
Signature Algorithm: sha256WithRSAEncryption
28:d8:61:3f:f5:d1:fd:43:71:3f:7a:10:8a:41:4f:1a:2e:c8:
68:0f:67:a1:23:e3:4a:08:4d:fc:83:79:da:37:d8:3c:8b:77:
f4:2d:9f:d1:f0:53:61:ea:8a:45:bc:08:bd:73:c8:23:65:5d:
5e:60:7f:93:35:51:75:e0:0a:ab:98:02:c8:ec:eb:73:f3:05:
7b:2f:08:0f:61:42:ab:57:5e:0a:2b:60:08:3e:2e:96:39:26:
8f:ba:cc:ce:a1:c5:78:3a:92:dc:3b:2f:f8:75:38:a3:a5:de:
29:ea:e8:b2:39:43:33:10:6a:2e:4c:29:97:e6:af:0a:05:e0:
50:8c:05:ab:d8:5a:dd:f5:7a:70:a0:ef:06:eb:1f:49:99:c8:
75:be:a7:bc:da:84:92:d5:80:54:c8:3a:5e:77:46:8e:93:14:
37:06:85:34:d1:87:86:7a:8d:0a:81:5a:0e:c4:98:98:19:fe:
60:bc:e2:5e:9b:18:73:02:65:c2:3c:f1:36:24:7b:a6:a1:e4:
20:ec:bb:78:bd:76:45:ff:01:09:06:93:b3:38:89:75:96:d1:
ba:3a:7a:9a:fc:af:ce:4f:e9:3e:af:e4:3c:eb:c7:ae:71:c2:
31:fa:0a:83:48:15:05:3b:6f:cf:b8:d6:cd:0f:76:c5:16:46:
86:19:c0:8a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICNHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQwMTA0MTQ1MDM5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk2YzViZi04MmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyux262SsIPpBTOS7QKaPAICqrU9/RY5P9h89P9p+yv6D6zRWa/IBZCdL8fw+
oyja4EESop68m7bUUXlHai2S5q6Yg5o8NEqpqgu1Gb02d2NlnpsP5XgG65V7MQIE
EP7XCoLsGZ4sZrEY4t+hRPX0ljyVC+9bRM7FN8fKnljW3LVEL0lM9S8donxtxspD
FNP8UskpaO1I0wtdWAub7Chlg7bnxOfNNPUSJa3JYcydQhYAW4XAwzIYlBi8hDoe
1sXYDvCtS6NifG1ko94cFOtwfHT/g166+ZGBmr73XwJmKEDOkXvKg7fW7sAm6LoW
amOxkp4S37hSxqcdtRjdRjonowIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFCHxiGQh
yFbMYzSK6WVivQggrysGMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvMkRCRUM4NTBB
MDlDMTFFRTk5MjFEMTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAF0WmQDBAB0WmkDBAB0WnMwDQYJKoZIhvcNAQELBQADggEB
ACjYYT/10f1DcT96EIpBTxouyGgPZ6Ej40oITfyDedo32DyLd/Qtn9HwU2HqikW8
CL1zyCNlXV5gf5M1UXXgCquYAsjs63PzBXsvCA9hQqtXXgorYAg+LpY5Jo+6zM6h
xXg6ktw7L/h1OKOl3inq6LI5QzMQai5MKZfmrwoF4FCMBavYWt31enCg7wbrH0mZ
yHW+p7zahJLVgFTIOl53Ro6TFDcGhTTRh4Z6jQqBWg7EmJgZ/mC84l6bGHMCZcI8
8TYke6ah5CDsu3i9dkX/AQkGk7M4iXWW0bo6epr8r85P6T6v5Dzrx65xwjH6CoNI
FQU7b8+41s0PdsUWRoYZwIo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org