Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4468/827524E88EE511EEA2EEDD12C4F9AE02/C8F6BEBC91AC11EE8E2FB520C4F9AE02.roa
File: C8F6BEBC91AC11EE8E2FB520C4F9AE02.roa (raw, json)
Hash identifier: al+LUCIBcyRke0H5wBaTDfk1fGEXiu2oNPDmLzV/tmM=
Subject key identifier: CA:36:1A:B6:FA:F6:DC:89:57:7D:60:5E:D4:82:18:AB:3F:45:CD:72
Certificate issuer: /CN=A91E4468/serialNumber=AFFCE637988165E6C51BFBFEBD1283D511240190
Certificate serial: 09
Authority key identifier: AF:FC:E6:37:98:81:65:E6:C5:1B:FB:FE:BD:12:83:D5:11:24:01:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_zmN5iBZebFG_v-vRKD1REkAZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4468/827524E88EE511EEA2EEDD12C4F9AE02/C8F6BEBC91AC11EE8E2FB520C4F9AE02.roa
Signing time: Sun 03 Dec 2023 07:22:59 +0000
ROA not before: Sun 03 Dec 2023 07:22:59 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 152149
IP address blocks: 210.79.180.0/24 maxlen: 24
210.79.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 07:53:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4468/serialNumber=AFFCE637988165E6C51BFBFEBD1283D511240190
Validity
Not Before: Dec 3 07:22:59 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=656c2cd2-b1c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:46:40:44:2d:6c:f7:2c:17:19:e2:6d:79:0a:
ec:bb:ba:23:d2:9b:c3:ee:59:07:5c:49:d6:fe:f4:
31:59:7c:76:21:65:2d:b6:04:2e:d7:93:4b:99:97:
2c:e0:cc:be:88:bb:43:12:58:df:46:d6:20:7b:ef:
c6:2e:a2:9c:a8:af:49:f6:e5:e2:78:3a:a7:7a:9e:
68:93:bf:ff:57:9d:b9:df:b9:4e:32:93:f3:8e:a9:
3e:69:45:83:3c:af:56:b1:89:06:b2:a8:2b:d0:37:
16:c1:fa:19:63:33:94:4c:63:26:b4:69:43:1d:1a:
b5:82:c0:83:99:2a:8e:5a:ae:8b:bc:a9:80:63:70:
e3:15:65:c2:1c:ae:fa:7a:c4:c8:d2:64:16:7f:f1:
f0:ee:da:e7:60:04:ed:8d:a0:a8:46:9b:ed:f8:9c:
fa:2c:c5:48:23:e3:b8:6f:30:d5:ed:d6:3b:bd:09:
61:a2:61:cf:65:74:55:8e:45:5c:57:26:84:e0:64:
fe:bc:6f:cb:85:38:45:ac:97:2e:e3:87:2a:39:70:
cb:a0:d3:a9:b0:32:b6:3b:15:2d:62:97:bb:17:05:
ff:a9:03:8f:55:7c:07:e3:b1:b0:8b:d5:9d:f6:71:
33:bc:cf:f3:4a:95:57:1d:ad:e5:07:0b:3a:a3:bc:
4a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:36:1A:B6:FA:F6:DC:89:57:7D:60:5E:D4:82:18:AB:3F:45:CD:72
X509v3 Authority Key Identifier:
keyid:AF:FC:E6:37:98:81:65:E6:C5:1B:FB:FE:BD:12:83:D5:11:24:01:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4468/827524E88EE511EEA2EEDD12C4F9AE02/r_zmN5iBZebFG_v-vRKD1REkAZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_zmN5iBZebFG_v-vRKD1REkAZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4468/827524E88EE511EEA2EEDD12C4F9AE02/C8F6BEBC91AC11EE8E2FB520C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.79.180.0/23
Signature Algorithm: sha256WithRSAEncryption
90:40:1e:d9:bd:3b:8d:38:2d:6f:04:a3:23:42:3d:da:80:bf:
e0:92:42:89:5f:21:1e:78:95:dc:28:a3:d4:7a:a9:bf:23:ce:
27:a3:94:bc:b1:fe:f3:89:fb:1d:ee:c0:f2:3f:4f:5b:7c:51:
24:17:9c:a8:2a:d9:7b:62:3a:e4:47:c0:3a:ef:e9:59:79:12:
56:b5:f7:e7:16:15:ac:a0:60:75:65:dc:c8:d2:f2:0e:1c:3f:
ee:81:0f:1d:ad:52:0e:48:78:47:ea:f7:48:3f:8b:bc:29:d8:
e7:ee:6c:a2:90:ec:e2:79:bd:85:4a:dd:24:a2:5f:40:76:83:
51:de:39:06:90:96:63:3b:c3:7e:71:b2:e3:8f:a7:91:4f:a2:
a5:91:25:33:bb:cf:1a:31:49:45:06:33:9e:13:17:f1:a1:b2:
52:4c:f1:e9:3a:45:78:89:72:65:f5:75:75:85:8e:e4:d4:6f:
29:88:c0:37:9b:22:d4:de:af:9e:5e:3a:ca:8d:20:a6:91:d0:
a1:e9:db:cb:8d:94:c5:7b:ba:db:d9:83:f3:7e:a2:2d:38:14:
12:10:e0:17:69:63:2d:96:1e:5f:c8:6e:c3:ba:cd:8e:9d:f2:
5a:62:a0:98:39:8b:55:a5:bf:f5:4b:dc:d1:b2:1c:62:b3:2b:
ba:f5:17:18
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
NDQ2ODExMC8GA1UEBRMoQUZGQ0U2Mzc5ODgxNjVFNkM1MUJGQkZFQkQxMjgzRDUx
MTI0MDE5MDAeFw0yMzEyMDMwNzIyNTlaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NmMyY2QyLWIxYzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDbRkBELWz3LBcZ4m15Cuy7uiPSm8PuWQdcSdb+9DFZfHYhZS22BC7Xk0uZlyzg
zL6Iu0MSWN9G1iB778Yuopyor0n25eJ4Oqd6nmiTv/9XnbnfuU4yk/OOqT5pRYM8
r1axiQayqCvQNxbB+hljM5RMYya0aUMdGrWCwIOZKo5arou8qYBjcOMVZcIcrvp6
xMjSZBZ/8fDu2udgBO2NoKhGm+34nPosxUgj47hvMNXt1ju9CWGiYc9ldFWORVxX
JoTgZP68b8uFOEWsly7jhyo5cMug06mwMrY7FS1il7sXBf+pA49VfAfjsbCL1Z32
cTO8z/NKlVcdreUHCzqjvEpxAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUyjYatvr2
3IlXfWBe1IIYqz9FzXIwHwYDVR0jBBgwFoAUr/zmN5iBZebFG/v+vRKD1REkAZAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0NDY4LzgyNzUyNEU4OEVF
NTExRUVBMkVFREQxMkM0RjlBRTAyL3Jfem1ONWlCWmViRkdfdi12UktEMVJFa0Fa
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcl96bU41aUJaZWJGR192LXZSS0QxUkVrQVpBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NDQ2OC84Mjc1MjRFODhFRTUxMUVFQTJFRUREMTJDNEY5QUUwMi9DOEY2QkVCQzkx
QUMxMUVFOEUyRkI1MjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAdJPtDANBgkqhkiG9w0BAQsFAAOCAQEAkEAe2b07jTgtbwSj
I0I92oC/4JJCiV8hHniV3Cij1HqpvyPOJ6OUvLH+84n7He7A8j9PW3xRJBecqCrZ
e2I65EfAOu/pWXkSVrX35xYVrKBgdWXcyNLyDhw/7oEPHa1SDkh4R+r3SD+LvCnY
5+5sopDs4nm9hUrdJKJfQHaDUd45BpCWYzvDfnGy44+nkU+ipZElM7vPGjFJRQYz
nhMX8aGyUkzx6TpFeIlyZfV1dYWO5NRvKYjAN5si1N6vnl46yo0gppHQoenby42U
xXu629mD836iLTgUEhDgF2ljLZYeX8huw7rNjp3yWmKgmDmLVaW/9Uvc0bIcYrMr
uvUXGA==
-----END CERTIFICATE-----
Generated at Tue Apr 16 09:59:44 2024 by rpki-client on console-fra.rpki-client.org