Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/AA518BAA917F11EDA5B26357C4F9AE02.roa
File: AA518BAA917F11EDA5B26357C4F9AE02.roa (raw, json)
Hash identifier: jhKght21B3ANN84a1OeaFIOc2QxWU1F32vmgoPnRpso=
Subject key identifier: E1:8D:A1:FF:77:E2:22:78:9E:41:FF:89:FC:45:1F:10:7F:46:9B:23
Certificate issuer: /CN=A91E57DC/serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742
Certificate serial: 1016
Authority key identifier: 22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/AA518BAA917F11EDA5B26357C4F9AE02.roa
Signing time: Tue 02 Apr 2024 18:26:18 +0000
ROA not before: Tue 02 Apr 2024 18:26:18 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 58689
IP address blocks: 220.152.112.0/22 maxlen: 22
220.152.112.0/23 maxlen: 23
220.152.112.0/24 maxlen: 24
220.152.113.0/24 maxlen: 24
220.152.114.0/23 maxlen: 23
220.152.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 08:24:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4118 (0x1016)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E57DC/serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742
Validity
Not Before: Apr 2 18:26:18 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660c4dca-d4ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c1:17:31:41:7c:b3:d9:f9:5b:f1:d8:9e:a3:
59:c2:76:fb:b5:c5:8b:3b:73:2a:06:66:94:df:ee:
03:d0:59:db:90:9f:35:51:d9:e7:be:7e:c7:8a:cd:
1c:e9:ab:85:df:cc:b0:32:c0:ec:df:15:37:a8:ee:
bb:62:ab:60:6f:70:4e:1b:29:7e:1c:3e:42:63:d8:
a1:42:22:cc:b9:e9:72:d4:8b:f4:a7:07:40:c9:ae:
f0:1f:4f:49:61:eb:b8:fa:00:07:13:a8:99:40:2a:
62:65:98:78:e3:b4:f1:1a:82:d9:f2:a7:ff:5a:f3:
a2:83:85:36:c6:7f:69:be:fa:0c:19:67:0a:20:b4:
bb:40:35:69:23:74:36:4d:bc:5a:6b:d8:01:e6:d3:
bb:f6:ce:e1:2d:93:fd:e7:a8:de:62:07:1d:41:cb:
eb:14:5c:c7:66:68:58:9f:5e:08:02:93:c9:76:3f:
8b:fd:34:f2:51:47:a4:22:30:6e:8b:1d:5e:a6:d8:
5e:06:65:2d:32:d7:b7:d5:e3:da:b4:1a:89:ca:64:
4b:d9:7d:dd:2b:fa:34:17:04:1d:2c:21:e6:c2:6f:
69:db:47:69:97:1b:42:bb:ff:3b:22:5e:56:7c:7b:
6b:5a:4c:9c:2d:a9:8a:df:fa:fe:8a:d5:27:6a:ee:
bd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8D:A1:FF:77:E2:22:78:9E:41:FF:89:FC:45:1F:10:7F:46:9B:23
X509v3 Authority Key Identifier:
keyid:22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/AA518BAA917F11EDA5B26357C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.152.112.0/22
Signature Algorithm: sha256WithRSAEncryption
34:f3:28:88:96:7d:e9:dd:ac:da:87:f5:a7:d4:cb:35:02:ce:
47:e4:ab:21:0c:eb:6b:98:73:65:d8:84:e8:d6:c6:35:7c:fb:
e3:4e:eb:75:b3:02:5c:4e:e8:c5:b9:7c:56:a5:e6:90:fc:5b:
cb:e0:44:a9:63:47:2a:f2:30:26:4f:78:b9:94:87:7b:1e:a3:
60:17:f6:fe:f3:8a:06:2c:24:22:86:e6:d1:7e:d2:62:4c:86:
74:ca:60:11:66:e3:37:f3:5b:ee:18:44:1c:03:0a:15:04:22:
b3:48:c0:61:2d:da:1f:75:ff:d0:5a:4c:64:19:11:29:78:53:
10:e0:0c:d5:7f:51:0f:73:37:af:8e:ea:a0:e0:09:f4:b2:6a:
c6:6f:73:47:d2:11:f9:b4:cc:dc:8d:b0:1b:91:77:a5:c3:2b:
4e:48:bb:30:a6:fd:f3:3d:e8:29:03:77:e1:ae:26:60:f8:7a:
b2:f4:1a:df:d0:a8:7e:d1:cc:32:ab:14:b4:8d:f7:a5:cc:5e:
ae:d7:c7:24:1b:8d:b1:81:e9:c2:d1:35:fa:95:f4:1c:db:cd:
c2:af:70:7a:a9:ef:45:79:e6:93:a4:80:14:28:11:d0:6b:ad:
0e:70:53:16:ea:13:ba:91:1e:38:a5:b1:ac:9b:4d:95:87:eb:
c0:2b:9c:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTU3REMxMTAvBgNVBAUTKDIyQjFBNzE3NUU3NUZGRDg0NzM5MUYyQzJFOTY2NUU0
RUVFMUI3NDIwHhcNMjQwNDAyMTgyNjE4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjNGRjYS1kNGFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0sEXMUF8s9n5W/HYnqNZwnb7tcWLO3MqBmaU3+4D0FnbkJ81Udnnvn7His0c
6auF38ywMsDs3xU3qO67Yqtgb3BOGyl+HD5CY9ihQiLMuely1Iv0pwdAya7wH09J
Yeu4+gAHE6iZQCpiZZh447TxGoLZ8qf/WvOig4U2xn9pvvoMGWcKILS7QDVpI3Q2
Tbxaa9gB5tO79s7hLZP956jeYgcdQcvrFFzHZmhYn14IApPJdj+L/TTyUUekIjBu
ix1eptheBmUtMte31ePatBqJymRL2X3dK/o0FwQdLCHmwm9p20dplxtCu/87Il5W
fHtrWkycLamK3/r+itUnau69BwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOGNof93
4iJ4nkH/ifxFHxB/RpsjMB8GA1UdIwQYMBaAFCKxpxdedf/YRzkfLC6WZeTu4bdC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTdEQy8zNUY3OTg2NjFG
MDExMUU5QjFBQTk0MzZDNEY5QUUwMi9JckduRjE1MV85aEhPUjhzTHBabDVPN2h0
MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lyR25GMTUxXzloSE9SOHNMcFpsNU83aHQwSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTU3REMvMzVGNzk4NjYxRjAxMTFFOUIxQUE5NDM2QzRGOUFFMDIvQUE1MThCQUE5
MTdGMTFFREE1QjI2MzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALcmHAwDQYJKoZIhvcNAQELBQADggEBADTzKIiWfendrNqH
9afUyzUCzkfkqyEM62uYc2XYhOjWxjV8++NO63WzAlxO6MW5fFal5pD8W8vgRKlj
RyryMCZPeLmUh3seo2AX9v7zigYsJCKG5tF+0mJMhnTKYBFm4zfzW+4YRBwDChUE
IrNIwGEt2h91/9BaTGQZESl4UxDgDNV/UQ9zN6+O6qDgCfSyasZvc0fSEfm0zNyN
sBuRd6XDK05IuzCm/fM96CkDd+GuJmD4erL0Gt/QqH7RzDKrFLSN96XMXq7XxyQb
jbGB6cLRNfqV9BzbzcKvcHqp70V55pOkgBQoEdBrrQ5wUxbqE7qRHjilsaybTZWH
68ArnAA=
-----END CERTIFICATE-----
Generated at Tue Apr 9 11:49:17 2024 by rpki-client on console-fra.rpki-client.org