Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/D933F6384D5411EEB734EF25C4F9AE02.roa
File: D933F6384D5411EEB734EF25C4F9AE02.roa (raw, json)
Hash identifier: SI2O3MxAMhjBG4M7yAccBeYMOGFUVMld72FdcrsrfPU=
Subject key identifier: 59:78:AC:45:F4:23:95:D8:D4:31:1D:E6:0D:E6:3B:94:3D:E5:C3:1B
Certificate issuer: /CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Certificate serial: 074C
Authority key identifier: 7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/D933F6384D5411EEB734EF25C4F9AE02.roa
Signing time: Fri 13 Oct 2023 09:56:31 +0000
ROA not before: Fri 13 Oct 2023 09:56:31 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 21859
IP address blocks: 169.136.82.0/24 maxlen: 24
169.136.85.0/24 maxlen: 24
169.136.105.0/24 maxlen: 24
169.136.109.0/24 maxlen: 24
169.136.120.0/24 maxlen: 24
169.136.122.0/24 maxlen: 24
169.136.128.0/24 maxlen: 24
169.136.129.0/24 maxlen: 24
169.136.130.0/24 maxlen: 24
169.136.134.0/24 maxlen: 24
169.136.135.0/24 maxlen: 24
169.136.137.0/24 maxlen: 24
169.136.138.0/24 maxlen: 24
169.136.139.0/24 maxlen: 24
169.136.142.0/24 maxlen: 24
169.136.143.0/24 maxlen: 24
169.136.146.0/24 maxlen: 24
169.136.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 11:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1868 (0x74c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Validity
Not Before: Oct 13 09:56:31 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6529144f-26b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b6:44:16:2c:05:b9:26:3b:63:55:5c:b3:7e:
a0:56:ce:6f:9b:cd:29:85:55:30:14:86:40:2a:31:
ec:c1:2c:26:a9:72:17:9b:a3:94:b6:d3:ee:b6:cc:
8a:dc:a1:59:3a:11:f6:50:29:0e:c5:88:47:48:12:
c2:55:22:6a:56:59:b5:db:3f:d9:73:b4:b8:eb:72:
87:bd:eb:e6:f9:f4:e9:c3:8b:ea:07:76:20:f6:2d:
ce:ef:bb:6e:cb:e1:f6:2f:ce:60:0a:2f:cf:30:f3:
34:e0:33:bb:38:ef:e6:66:fb:8e:f2:26:38:43:7d:
e8:e1:0f:37:29:81:97:c2:9c:04:80:62:f6:e9:1a:
c9:88:00:89:3b:e0:9f:44:a0:8f:64:aa:06:18:84:
a0:59:53:58:34:48:c9:60:a1:c9:17:b1:e3:df:be:
ce:39:21:a8:df:ab:04:38:83:93:94:15:4e:6c:e3:
ec:b6:e2:89:ee:b9:9d:67:e5:db:40:b6:d5:a1:a9:
21:57:44:b6:1b:40:0f:0e:4b:bb:b3:76:6b:00:73:
93:45:8a:c0:a6:bb:c6:73:44:f0:1d:93:3a:30:ad:
a4:77:fa:49:13:53:b7:25:8b:fc:8f:f1:1c:1e:b2:
5a:49:70:ac:2f:0b:06:37:b4:8a:b7:cd:a3:0c:a2:
f3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:78:AC:45:F4:23:95:D8:D4:31:1D:E6:0D:E6:3B:94:3D:E5:C3:1B
X509v3 Authority Key Identifier:
keyid:7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/D933F6384D5411EEB734EF25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.136.82.0/24
169.136.85.0/24
169.136.105.0/24
169.136.109.0/24
169.136.120.0/24
169.136.122.0/24
169.136.128.0-169.136.130.255
169.136.134.0/23
169.136.137.0-169.136.139.255
169.136.142.0/23
169.136.146.0/24
169.136.191.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:f5:34:3c:e5:38:98:11:19:36:b0:12:4b:3f:00:0e:15:98:
aa:ab:ff:fa:87:42:c8:7c:42:03:2f:85:eb:96:80:e1:3f:9b:
57:dd:d2:76:87:46:08:35:98:05:1f:c9:90:0f:55:3e:0f:b0:
f7:de:67:e7:27:ef:b3:aa:76:a9:34:c9:b0:e3:69:91:0b:b6:
25:85:c3:3d:53:3e:0b:b9:21:c0:e5:1e:75:c0:a4:ed:3b:b9:
cc:98:70:3a:80:40:20:7c:11:53:f4:1c:fd:47:95:42:41:b5:
d8:78:fe:8d:fa:ca:96:8e:01:aa:14:c5:76:58:a0:37:c3:ef:
fa:70:b7:d8:59:b9:9b:67:1f:88:61:fc:d9:2b:07:0e:59:79:
dd:de:72:a0:e3:2d:a0:71:33:1a:0b:bd:a7:a7:40:e3:ed:41:
fa:8c:e1:f8:e1:53:73:49:4a:cb:9b:6c:fe:7e:53:5c:75:06:
db:68:16:61:4b:0b:20:8e:11:66:df:1b:19:b9:7e:b3:78:29:
60:e1:1b:ac:2a:34:db:ba:95:4c:d4:3b:d2:86:0b:d5:ad:d7:
da:00:09:7b:c5:5b:c3:01:f5:b9:97:aa:3f:71:08:42:01:4c:
a0:23:83:2c:1a:d9:20:71:6e:68:f3:2c:95:ea:28:90:89:38:
40:39:9d:c7
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICB0wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY5M0ExMTAvBgNVBAUTKDdFMjQ0MzEwRDdBNDU2RUIxMjdCOTI2QzQyRjI2RDc5
RTlBQ0RCODgwHhcNMjMxMDEzMDk1NjMxWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI5MTQ0Zi0yNmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4bZEFiwFuSY7Y1Vcs36gVs5vm80phVUwFIZAKjHswSwmqXIXm6OUttPutsyK
3KFZOhH2UCkOxYhHSBLCVSJqVlm12z/Zc7S463KHvevm+fTpw4vqB3Yg9i3O77tu
y+H2L85gCi/PMPM04DO7OO/mZvuO8iY4Q33o4Q83KYGXwpwEgGL26RrJiACJO+Cf
RKCPZKoGGISgWVNYNEjJYKHJF7Hj377OOSGo36sEOIOTlBVObOPstuKJ7rmdZ+Xb
QLbVoakhV0S2G0APDku7s3ZrAHOTRYrAprvGc0TwHZM6MK2kd/pJE1O3JYv8j/Ec
HrJaSXCsLwsGN7SKt82jDKLzWQIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFFl4rEX0
I5XY1DEd5g3mO5Q95cMbMB8GA1UdIwQYMBaAFH4kQxDXpFbrEnuSbELybXnprNuI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GN0RGQTcyRUU1
RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9maVJERU5la1Z1c1NlNUpzUXZKdGVlbXMy
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2ZpUkRFTmVrVnVzU2U1SnNRdkp0ZWVtczI0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY5M0EvRjdERkE3MkVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvRDkzM0Y2Mzg0
RDU0MTFFRUI3MzRFRjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcQYIKwYBBQUHAQcBAf8E
YjBgMF4EAgABMFgDBACpiFIDBACpiFUDBACpiGkDBACpiG0DBACpiHgDBACpiHow
DAMEB6mIgAMEAKmIggMEAamIhjAMAwQAqYiJAwQCqYiIAwQBqYiOAwQAqYiSAwQA
qYi/MA0GCSqGSIb3DQEBCwUAA4IBAQCO9TQ85TiYERk2sBJLPwAOFZiqq//6h0LI
fEIDL4XrloDhP5tX3dJ2h0YINZgFH8mQD1U+D7D33mfnJ++zqnapNMmw42mRC7Yl
hcM9Uz4LuSHA5R51wKTtO7nMmHA6gEAgfBFT9Bz9R5VCQbXYeP6N+sqWjgGqFMV2
WKA3w+/6cLfYWbmbZx+IYfzZKwcOWXnd3nKg4y2gcTMaC72np0Dj7UH6jOH44VNz
SUrLm2z+flNcdQbbaBZhSwsgjhFm3xsZuX6zeClg4RusKjTbupVM1DvShgvVrdfa
AAl7xVvDAfW5l6o/cQhCAUygI4MsGtkgcW5o8yyV6iiQiThAOZ3H
-----END CERTIFICATE-----
Generated at Wed Mar 13 16:50:35 2024 by rpki-client on console-fra.rpki-client.org