Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8D69674C011411EEB15FDD2AC4F9AE02.roa
File: 8D69674C011411EEB15FDD2AC4F9AE02.roa (raw, json)
Hash identifier: Fe9pPIRbi1KcDtuzl8mGiRjVpAZX1m7bwDcjUxAtJ0Q=
Subject key identifier: 7D:42:D8:DC:C3:D7:42:C5:D4:B8:87:D5:AB:92:C1:46:57:50:39:14
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 34BF
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8D69674C011411EEB15FDD2AC4F9AE02.roa
Signing time: Tue 19 Mar 2024 04:57:02 +0000
ROA not before: Tue 19 Mar 2024 04:57:02 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 150750
IP address blocks: 116.90.119.0/24 maxlen: 24
116.90.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 07:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13503 (0x34bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Mar 19 04:57:02 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65f91b1e-50f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6c:04:84:42:c9:05:73:fa:b7:2a:b6:0c:79:
dd:80:68:a8:a7:e3:51:20:7c:08:70:3f:41:8c:34:
4d:fc:6e:c5:11:ab:e6:2b:34:b6:50:33:e5:f4:9c:
e9:51:0d:dd:f3:cd:05:63:8b:2d:4a:2f:5a:c2:49:
33:d1:d8:33:0c:92:59:3e:4a:52:e0:07:43:bb:48:
a4:be:06:69:cf:33:7a:8b:ad:cb:19:9c:26:4a:48:
df:e5:07:4b:bf:d0:28:ab:16:36:3a:68:51:7b:78:
95:b9:c7:ac:b5:cb:da:30:29:91:89:8a:ed:25:f6:
e5:ad:90:96:4d:08:b0:af:15:a8:c8:6c:9d:a0:43:
ed:82:d9:9b:52:cb:e7:62:f5:8c:0c:c4:87:32:cd:
75:a6:21:aa:87:3b:ea:db:ae:f4:18:d2:4c:7c:2e:
07:44:b6:3d:ce:9c:85:25:11:48:bf:ff:76:41:6b:
53:7c:1c:5d:dc:e1:9b:c3:15:b1:65:fe:b0:3e:23:
20:f8:95:22:cd:d4:f3:65:08:3f:4c:18:78:70:29:
af:23:2a:2f:4f:cd:78:23:d7:2e:42:60:c2:be:ff:
29:93:f5:d5:0c:8b:05:ce:0a:f6:e6:18:aa:88:42:
5d:36:ce:2d:12:04:ca:06:41:df:f1:f5:10:f6:0a:
8b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:42:D8:DC:C3:D7:42:C5:D4:B8:87:D5:AB:92:C1:46:57:50:39:14
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8D69674C011411EEB15FDD2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.119.0/24
116.90.121.0/24
Signature Algorithm: sha256WithRSAEncryption
84:89:aa:4e:ad:a1:ad:c6:73:c8:8a:f5:57:03:61:5b:d5:9c:
28:14:10:4c:1c:35:42:b0:8b:61:d9:7f:58:c0:89:1b:8b:90:
fa:40:ce:52:f3:90:56:a3:e5:16:b3:e1:74:ed:fb:c4:ea:6d:
10:2e:25:dc:e3:4c:b7:58:f8:37:ad:a6:dc:c1:16:12:bd:8b:
bb:c5:2e:3e:58:88:3f:bc:45:6e:90:bc:84:97:6f:54:7a:82:
70:01:2c:37:dd:ae:b0:e2:5b:32:6b:ca:34:e2:aa:bd:c7:41:
c8:73:af:8a:db:cf:ca:e2:86:de:54:6d:cd:1d:8f:cd:ad:ee:
aa:c3:75:ed:47:d2:a7:97:cb:84:85:24:01:f6:c2:ad:19:38:
b1:b3:bc:f2:0b:c2:71:9d:14:96:82:69:aa:08:47:db:e4:1b:
f5:c7:e9:6d:fb:fa:8a:fc:d0:be:89:17:d0:7f:9b:3c:09:e2:
86:90:43:c9:62:0a:21:81:4b:7e:3a:9a:c0:ae:20:21:18:4f:
a3:99:a2:93:d7:03:23:3b:c8:9e:35:68:9d:50:6c:4c:66:2c:
b5:a7:d4:28:8b:5a:83:36:3f:d1:cd:26:61:d1:4f:c2:f8:e8:
3d:c8:75:3f:5b:d5:83:e9:8b:74:76:44:3e:4b:cf:48:37:ee:
1c:be:e7:82
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQwMzE5MDQ1NzAyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWY5MWIxZS01MGY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3GwEhELJBXP6tyq2DHndgGiop+NRIHwIcD9BjDRN/G7FEavmKzS2UDPl9Jzp
UQ3d880FY4stSi9awkkz0dgzDJJZPkpS4AdDu0ikvgZpzzN6i63LGZwmSkjf5QdL
v9AoqxY2OmhRe3iVucestcvaMCmRiYrtJfblrZCWTQiwrxWoyGydoEPtgtmbUsvn
YvWMDMSHMs11piGqhzvq2670GNJMfC4HRLY9zpyFJRFIv/92QWtTfBxd3OGbwxWx
Zf6wPiMg+JUizdTzZQg/TBh4cCmvIyovT814I9cuQmDCvv8pk/XVDIsFzgr25hiq
iEJdNs4tEgTKBkHf8fUQ9gqLPQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFH1C2NzD
10LF1LiH1auSwUZXUDkUMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvOEQ2OTY3NEMw
MTE0MTFFRUIxNUZERDJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB0WncDBAB0WnkwDQYJKoZIhvcNAQELBQADggEBAISJqk6t
oa3Gc8iK9VcDYVvVnCgUEEwcNUKwi2HZf1jAiRuLkPpAzlLzkFaj5Raz4XTt+8Tq
bRAuJdzjTLdY+DetptzBFhK9i7vFLj5YiD+8RW6QvISXb1R6gnABLDfdrrDiWzJr
yjTiqr3HQchzr4rbz8riht5Ubc0dj82t7qrDde1H0qeXy4SFJAH2wq0ZOLGzvPIL
wnGdFJaCaaoIR9vkG/XH6W37+or80L6JF9B/mzwJ4oaQQ8liCiGBS346msCuICEY
T6OZopPXAyM7yJ41aJ1QbExmLLWn1CiLWoM2P9HNJmHRT8L46D3IdT9b1YPpi3R2
RD5Lz0g37hy+54I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org