Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/AC1A06F8D4A011EBB6C0B351C4F9AE02.roa
File: AC1A06F8D4A011EBB6C0B351C4F9AE02.roa (raw, json)
Hash identifier: YbOBAEl/SE9y8blGmBxNsTFCg7ymiotnKdBqlg/Vh84=
Subject key identifier: E7:06:27:8F:16:9E:97:5F:B2:76:CD:EF:F8:CC:D4:D6:96:5E:E9:7D
Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646
Certificate serial: 2FA6
Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/AC1A06F8D4A011EBB6C0B351C4F9AE02.roa
Signing time: Thu 24 Jun 2021 04:00:12 +0000
ROA not before: Thu 24 Jun 2021 04:00:12 +0000
ROA not after: Mon 31 Mar 2031 00:00:00 +0000
asID: 24555
IP address blocks: 220.247.144.0/20 maxlen: 20
2001:df9::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Aug 2023 04:22:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12198 (0x2fa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646
Validity
Not Before: Jun 24 04:00:12 2021 GMT
Not After : Mar 31 00:00:00 2031 GMT
Subject: CN=60d4034b-5c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6c:1d:24:e8:3d:12:dd:8d:0a:0f:83:5f:10:
de:78:e7:2e:2f:ec:bf:36:05:08:08:36:05:71:b8:
01:ea:e8:8f:49:ee:57:5a:56:9e:81:35:24:57:42:
7d:c3:ca:de:95:a2:de:6c:c9:5b:2a:86:e0:42:e6:
9d:20:6b:d7:31:11:b7:62:5f:05:63:2b:df:d4:12:
20:98:3d:27:f4:49:b5:83:f3:c0:23:3e:de:02:f4:
2b:c7:6b:9c:7f:4a:3a:73:ab:96:a2:2d:37:f0:1f:
a9:2b:17:a8:ae:a8:f1:fa:09:da:eb:70:12:9f:57:
5e:27:7d:2d:37:38:45:d7:dc:01:54:ad:62:34:0b:
e8:51:20:17:24:32:22:e6:51:b0:2d:91:7b:34:d1:
0b:b7:55:f3:a1:0c:27:d3:41:ef:db:70:af:5a:17:
99:d3:22:7f:d5:8c:52:c7:61:b2:49:90:8d:7c:5a:
23:5b:cd:3e:60:5c:f7:53:ef:98:97:10:40:0d:98:
50:b7:1a:93:53:93:3e:24:d9:c8:2f:18:c7:f3:72:
7b:16:83:5f:a5:d2:13:69:82:1e:24:20:72:68:dd:
c5:c5:63:3e:3c:d3:5c:d5:16:19:ce:bf:f4:08:8b:
6f:90:1e:8b:15:74:5a:99:0c:c1:51:87:97:3b:c5:
1d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:06:27:8F:16:9E:97:5F:B2:76:CD:EF:F8:CC:D4:D6:96:5E:E9:7D
X509v3 Authority Key Identifier:
keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/AC1A06F8D4A011EBB6C0B351C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.247.144.0/20
IPv6:
2001:df9::/32
Signature Algorithm: sha256WithRSAEncryption
5f:1f:40:ba:46:b1:58:fb:4a:9a:27:04:a7:b3:4c:ff:59:5d:
fe:0b:f9:d9:f9:73:9e:ff:ec:09:2b:b6:49:be:c5:f8:5c:a4:
1d:a1:8e:bc:c0:9a:e4:a5:9a:5d:42:c1:29:a8:be:c3:31:45:
88:07:ce:5d:e7:6d:5e:a9:d8:ce:36:c7:38:b1:7e:64:47:2b:
e7:ac:3e:1a:ba:41:a9:a7:1c:98:fc:e1:d0:09:8e:b9:fd:90:
ee:4a:c7:ba:7f:f6:a9:c1:00:79:ef:ad:39:0c:4e:9e:49:e5:
4a:03:0e:66:b9:8f:62:10:fa:72:dc:5b:64:bb:df:2f:40:83:
ce:a7:93:63:d4:50:bd:3d:9e:e4:df:dc:54:03:cc:b5:a3:95:
af:12:7b:8d:d2:a2:28:13:31:4a:57:13:7e:08:b9:d9:f2:02:
bc:4e:8a:24:cf:05:13:00:2a:37:c7:cb:13:8c:ff:de:3f:df:
dd:03:d7:44:7a:9e:f8:76:cc:11:7d:66:e6:90:7e:da:d7:08:
64:43:20:24:98:64:42:f9:72:0c:57:8c:87:25:a5:b7:bf:b4:
ee:45:cd:4c:47:df:15:26:b8:bc:0c:52:90:6e:1c:54:29:b9:
c2:02:65:8a:ab:6b:b9:b2:d3:f6:79:38:d3:30:7a:56:b6:90:
4a:37:64:4f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICL6YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC
REU1ODE2NDYwHhcNMjEwNjI0MDQwMDEyWhcNMzEwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGQ0MDM0Yi01Yzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt2wdJOg9Et2NCg+DXxDeeOcuL+y/NgUICDYFcbgB6uiPSe5XWlaegTUkV0J9
w8relaLebMlbKobgQuadIGvXMRG3Yl8FYyvf1BIgmD0n9Em1g/PAIz7eAvQrx2uc
f0o6c6uWoi038B+pKxeorqjx+gna63ASn1deJ30tNzhF19wBVK1iNAvoUSAXJDIi
5lGwLZF7NNELt1XzoQwn00Hv23CvWheZ0yJ/1YxSx2GySZCNfFojW80+YFz3U++Y
lxBADZhQtxqTU5M+JNnILxjH83J7FoNfpdITaYIeJCByaN3FxWM+PNNc1RYZzr/0
CItvkB6LFXRamQzBUYeXO8UdQQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOcGJ48W
npdfsnbN7/jM1NaWXul9MB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE
NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG
a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REM1QkUvRDQwMTYxOUExRDY5MTFFMkFGQjY0RUE3MDhCMDJDRDIvQUMxQTA2RjhE
NEEwMTFFQkI2QzBCMzUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBATc95AwDQQCAAIwBwMFACABDfkwDQYJKoZIhvcNAQELBQAD
ggEBAF8fQLpGsVj7SponBKezTP9ZXf4L+dn5c57/7Akrtkm+xfhcpB2hjrzAmuSl
ml1CwSmovsMxRYgHzl3nbV6p2M42xzixfmRHK+esPhq6QamnHJj84dAJjrn9kO5K
x7p/9qnBAHnvrTkMTp5J5UoDDma5j2IQ+nLcW2S73y9Ag86nk2PUUL09nuTf3FQD
zLWjla8Se43SoigTMUpXE34IudnyArxOiiTPBRMAKjfHyxOM/94/390D10R6nvh2
zBF9ZuaQftrXCGRDICSYZEL5cgxXjIclpbe/tO5FzUxH3xUmuLwMUpBuHFQpucIC
ZYqra7my0/Z5ONMwela2kEo3ZE8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org