Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/0BE10E847F3311EA99222072C4F9AE02.roa
File: 0BE10E847F3311EA99222072C4F9AE02.roa (raw, json)
Hash identifier: s1uX0DUWQbufY3ttAoqMnF9KgKJs7Srn4WV+hGJVCjw=
Subject key identifier: 85:9F:35:DC:7A:8E:F0:61:A8:3F:7C:BA:09:29:AF:9D:54:81:57:CF
Certificate issuer: /CN=A91E00FC/serialNumber=4BD9994BC5CFF9ECB6683C94DC6EECD5EEEE0E78
Certificate serial: 0866
Authority key identifier: 4B:D9:99:4B:C5:CF:F9:EC:B6:68:3C:94:DC:6E:EC:D5:EE:EE:0E:78
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/S9mZS8XP-ey2aDyU3G7s1e7uDng.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/0BE10E847F3311EA99222072C4F9AE02.roa
Signing time: Wed 24 May 2023 22:23:22 +0000
ROA not before: Wed 24 May 2023 22:23:22 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 139006
IP address blocks: 165.173.160.0/22 maxlen: 24
165.173.191.0/24 maxlen: 24
199.67.70.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2150 (0x866)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E00FC/serialNumber=4BD9994BC5CFF9ECB6683C94DC6EECD5EEEE0E78
Validity
Not Before: May 24 22:23:22 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=646e8e59-9301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:dd:c5:06:6d:04:d9:48:b4:35:43:94:ee:39:
ad:a9:de:e5:66:43:63:27:0a:5d:13:ac:f8:b5:db:
88:97:cd:fd:38:b5:6b:ce:35:5b:92:12:44:8f:48:
3f:3c:d3:4b:1c:fc:c0:b0:cf:7b:3f:f4:94:fa:1d:
55:5b:d2:62:36:dc:f8:93:28:91:da:24:68:c6:3d:
be:87:fa:8c:cd:10:e2:65:10:e1:11:d9:2d:83:b3:
6e:91:ae:f4:5d:f2:06:0b:2a:e4:3e:4a:cf:0b:75:
8a:18:bb:fe:1d:4e:e2:c3:04:3f:04:ef:ca:28:4f:
aa:7a:e1:4c:a0:91:66:54:ef:7c:c8:83:60:78:36:
a2:2e:55:96:22:86:47:c2:8b:c1:c4:4d:ac:7f:2f:
63:65:2d:30:e9:3d:41:cc:fe:43:75:65:f6:4a:c2:
bb:8a:dd:58:97:66:0c:8b:71:68:db:b8:8a:45:7c:
58:d6:e8:43:ce:db:2b:99:8f:a8:32:97:60:b6:b3:
c4:cd:2e:6a:45:13:d1:47:df:43:36:36:b7:9a:1c:
60:af:3f:70:a6:d1:01:5b:4a:20:4d:c1:0e:66:90:
03:95:96:ea:dd:ea:4b:27:56:5b:fb:c8:1e:87:8e:
d3:37:67:8b:58:44:b3:3c:ac:bc:bc:a7:99:f6:d5:
4b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9F:35:DC:7A:8E:F0:61:A8:3F:7C:BA:09:29:AF:9D:54:81:57:CF
X509v3 Authority Key Identifier:
keyid:4B:D9:99:4B:C5:CF:F9:EC:B6:68:3C:94:DC:6E:EC:D5:EE:EE:0E:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/S9mZS8XP-ey2aDyU3G7s1e7uDng.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/S9mZS8XP-ey2aDyU3G7s1e7uDng.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/0BE10E847F3311EA99222072C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.173.160.0/22
165.173.191.0/24
199.67.70.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:cd:35:38:79:b6:cd:f5:05:68:9f:b1:71:e9:d9:16:1c:6c:
76:76:2a:44:eb:bb:b9:d5:3b:52:bc:22:a4:69:0e:1f:59:f6:
a5:96:37:fb:fa:c5:1c:d0:f6:3a:df:c0:97:f1:ba:2a:81:52:
c2:34:2b:ab:95:ef:b4:f0:67:10:8f:ce:b8:3a:46:2b:1f:df:
8a:48:a3:71:d5:26:8b:ab:83:c5:3f:33:fa:fb:84:94:ab:dd:
37:23:79:37:ef:15:0a:7e:d2:99:f4:a0:d7:69:9f:f5:32:e7:
55:6b:29:a5:f3:22:07:0d:02:9d:99:a2:d3:96:a0:30:56:77:
37:02:b7:2b:2a:98:e2:31:b0:47:18:cf:67:00:f6:2c:ab:c1:
98:1d:d8:b8:24:e1:17:19:e1:fc:83:b9:6d:03:19:10:9d:15:
9b:e2:6b:99:3a:fa:83:2e:33:46:08:88:60:51:9b:c0:7a:f8:
a4:a5:9c:b4:ee:6a:32:bc:a5:27:68:c9:58:f9:53:c9:c0:a3:
a0:da:fb:66:ca:c4:39:ad:80:5e:ea:eb:8f:02:fc:3a:78:92:
14:f2:d6:5c:32:99:e1:27:0f:28:36:57:6b:2f:c0:58:a3:5a:
45:3a:01:1e:89:d3:3d:45:81:a2:85:e4:9f:ea:d0:61:59:88:
ce:03:67:f5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCGYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTAwRkMxMTAvBgNVBAUTKDRCRDk5OTRCQzVDRkY5RUNCNjY4M0M5NERDNkVFQ0Q1
RUVFRTBFNzgwHhcNMjMwNTI0MjIyMzIyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZlOGU1OS05MzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw93FBm0E2Ui0NUOU7jmtqd7lZkNjJwpdE6z4tduIl839OLVrzjVbkhJEj0g/
PNNLHPzAsM97P/SU+h1VW9JiNtz4kyiR2iRoxj2+h/qMzRDiZRDhEdktg7Nuka70
XfIGCyrkPkrPC3WKGLv+HU7iwwQ/BO/KKE+qeuFMoJFmVO98yINgeDaiLlWWIoZH
wovBxE2sfy9jZS0w6T1BzP5DdWX2SsK7it1Yl2YMi3Fo27iKRXxY1uhDztsrmY+o
MpdgtrPEzS5qRRPRR99DNja3mhxgrz9wptEBW0ogTcEOZpADlZbq3epLJ1Zb+8ge
h47TN2eLWESzPKy8vKeZ9tVLZwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFIWfNdx6
jvBhqD98ugkpr51UgVfPMB8GA1UdIwQYMBaAFEvZmUvFz/nstmg8lNxu7NXu7g54
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDBGQy81NUYyQzRDNjdG
MkYxMUVBQURGNEJGNkFDNEY5QUUwMi9TOW1aUzhYUC1leTJhRHlVM0c3czFlN3VE
bmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1M5bVpTOFhQLWV5MmFEeVUzRzdzMWU3dURuZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTAwRkMvNTVGMkM0QzY3RjJGMTFFQUFERjRCRjZBQzRGOUFFMDIvMEJFMTBFODQ3
RjMzMTFFQTk5MjIyMDcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAKlraADBAClrb8DBADHQ0YwDQYJKoZIhvcNAQELBQADggEB
AD3NNTh5ts31BWifsXHp2RYcbHZ2KkTru7nVO1K8IqRpDh9Z9qWWN/v6xRzQ9jrf
wJfxuiqBUsI0K6uV77TwZxCPzrg6Risf34pIo3HVJourg8U/M/r7hJSr3TcjeTfv
FQp+0pn0oNdpn/Uy51VrKaXzIgcNAp2ZotOWoDBWdzcCtysqmOIxsEcYz2cA9iyr
wZgd2Lgk4RcZ4fyDuW0DGRCdFZvia5k6+oMuM0YIiGBRm8B6+KSlnLTuajK8pSdo
yVj5U8nAo6Da+2bKxDmtgF7q648C/Dp4khTy1lwymeEnDyg2V2svwFijWkU6AR6J
0z1FgaKF5J/q0GFZiM4DZ/U=
-----END CERTIFICATE-----
Generated at Fri Aug 25 07:37:22 2023 by rpki-client on console-ams.rpki-client.org