Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/690B4722CC7911EE8AE57B59C4F9AE02.roa
File: 690B4722CC7911EE8AE57B59C4F9AE02.roa (raw, json)
Hash identifier: rFjsEPCCX6gAJnpThyHkhnz/9l+d8TrHK9yquHK1HhQ=
Subject key identifier: 36:EA:D0:55:A4:2C:D2:0B:C5:6E:40:10:08:D6:CC:AF:21:16:C9:95
Certificate issuer: /CN=A91E7363/serialNumber=A897C04DE12F0A6F59C1AD1509F0B209FA5438B3
Certificate serial: 33EE
Authority key identifier: A8:97:C0:4D:E1:2F:0A:6F:59:C1:AD:15:09:F0:B2:09:FA:54:38:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/690B4722CC7911EE8AE57B59C4F9AE02.roa
Signing time: Fri 16 Feb 2024 03:13:52 +0000
ROA not before: Fri 16 Feb 2024 03:13:52 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 45224
IP address blocks: 119.235.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 09:54:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13294 (0x33ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7363/serialNumber=A897C04DE12F0A6F59C1AD1509F0B209FA5438B3
Validity
Not Before: Feb 16 03:13:52 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65ced2f0-5734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:10:74:9a:3a:ca:61:c3:62:d1:b3:35:e3:ae:
1d:00:79:bd:b8:18:7f:fb:41:13:f5:35:84:4e:6f:
07:29:ec:2a:f8:b6:e6:ad:b8:bf:e3:72:b4:33:b2:
65:d5:20:42:4a:bb:da:42:36:27:53:63:ee:6a:b7:
bf:14:b6:48:8a:66:f0:0c:79:df:24:cd:09:af:3c:
fc:4a:ed:97:4f:00:d9:56:cc:d0:fc:ec:d8:39:b7:
af:c3:e4:77:74:90:d9:10:51:2a:29:20:a7:87:36:
d3:37:b6:f4:f4:bf:83:6f:c9:3c:4f:d4:1d:8b:64:
06:3c:46:91:84:20:e0:b5:39:74:30:1a:18:01:33:
9d:77:d9:60:3c:b4:a2:f8:b3:e7:f1:42:e8:b6:00:
24:04:e6:58:e6:3a:2a:0c:16:70:6b:9a:26:df:e2:
c1:bc:de:b8:92:42:23:1c:e2:69:15:f5:d7:b5:af:
c3:c9:50:b8:26:0f:18:8b:d4:9c:47:69:87:3c:80:
94:99:3b:8c:c6:7e:1f:a2:0f:3c:cc:fe:83:16:cf:
25:c7:b9:c8:4e:11:b3:e7:a3:0e:08:50:2c:05:fa:
9b:84:ed:f6:7a:c7:90:c0:14:30:83:40:1a:22:73:
0b:be:c1:58:cb:4f:ec:87:66:7b:65:5a:e5:ce:32:
f2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EA:D0:55:A4:2C:D2:0B:C5:6E:40:10:08:D6:CC:AF:21:16:C9:95
X509v3 Authority Key Identifier:
keyid:A8:97:C0:4D:E1:2F:0A:6F:59:C1:AD:15:09:F0:B2:09:FA:54:38:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/690B4722CC7911EE8AE57B59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.235.4.0/24
Signature Algorithm: sha256WithRSAEncryption
08:e9:4f:e5:f3:59:18:6b:03:10:55:25:6f:be:01:5e:2e:26:
f8:dd:79:59:3b:af:11:66:06:f6:aa:b3:ec:04:4d:6c:e6:f3:
83:96:8e:2f:bb:7d:05:af:2c:ce:86:f7:da:b9:a9:62:2e:ef:
92:77:af:72:f7:a5:38:25:12:28:5d:0b:5c:9a:ca:be:15:e2:
d1:3a:e6:8d:38:4b:24:47:24:1e:c3:c5:8c:68:fa:f1:40:26:
ed:cd:0b:66:a3:3f:4b:97:9d:c9:de:0e:1a:93:98:c6:a7:51:
e8:60:59:1a:95:0e:d1:81:85:e7:5a:42:10:c5:7a:e9:82:ec:
c8:e4:57:e5:46:98:d3:bb:04:d4:35:8e:f4:25:ea:50:fd:ff:
92:d3:6c:be:2e:9d:a3:44:02:5a:78:9f:e1:38:bd:4a:71:4b:
23:69:e5:92:12:65:48:7e:ac:4f:09:eb:22:76:ad:8f:f9:1c:
55:05:e6:81:8d:a7:b0:23:65:b7:af:e3:fe:6a:22:74:ba:89:
08:54:82:95:b3:0b:90:e5:38:34:58:85:4a:91:33:4d:11:a1:
9f:b0:63:ea:48:3f:87:94:27:49:31:56:48:97:a2:77:58:e4:
cc:e2:e5:ac:1d:85:47:ec:6c:8c:d1:fe:02:75:29:18:bd:48:
06:b4:48:82
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICM+4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTczNjMxMTAvBgNVBAUTKEE4OTdDMDRERTEyRjBBNkY1OUMxQUQxNTA5RjBCMjA5
RkE1NDM4QjMwHhcNMjQwMjE2MDMxMzUyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNlZDJmMC01NzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7hB0mjrKYcNi0bM1464dAHm9uBh/+0ET9TWETm8HKewq+Lbmrbi/43K0M7Jl
1SBCSrvaQjYnU2Puare/FLZIimbwDHnfJM0Jrzz8Su2XTwDZVszQ/OzYObevw+R3
dJDZEFEqKSCnhzbTN7b09L+Db8k8T9Qdi2QGPEaRhCDgtTl0MBoYATOdd9lgPLSi
+LPn8ULotgAkBOZY5joqDBZwa5om3+LBvN64kkIjHOJpFfXXta/DyVC4Jg8Yi9Sc
R2mHPICUmTuMxn4fog88zP6DFs8lx7nIThGz56MOCFAsBfqbhO32eseQwBQwg0Aa
InMLvsFYy0/sh2Z7ZVrlzjLy1wIDAQABo4IClTCCApEwHQYDVR0OBBYEFDbq0FWk
LNILxW5AEAjWzK8hFsmVMB8GA1UdIwQYMBaAFKiXwE3hLwpvWcGtFQnwsgn6VDiz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzM2My9GRjhCNEI2QzFE
ODQxMUUyOENEMzNEREIwOEIwMkNEMi9xSmZBVGVFdkNtOVp3YTBWQ2ZDeUNmcFVP
TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FKZkFUZUV2Q205WndhMFZDZkN5Q2ZwVU9MTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTczNjMvRkY4QjRCNkMxRDg0MTFFMjhDRDMzRERCMDhCMDJDRDIvNjkwQjQ3MjJD
Qzc5MTFFRThBRTU3QjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB36wQwDQYJKoZIhvcNAQELBQADggEBAAjpT+XzWRhrAxBV
JW++AV4uJvjdeVk7rxFmBvaqs+wETWzm84OWji+7fQWvLM6G99q5qWIu75J3r3L3
pTglEihdC1yayr4V4tE65o04SyRHJB7DxYxo+vFAJu3NC2ajP0uXncneDhqTmMan
UehgWRqVDtGBhedaQhDFeumC7MjkV+VGmNO7BNQ1jvQl6lD9/5LTbL4unaNEAlp4
n+E4vUpxSyNp5ZISZUh+rE8J6yJ2rY/5HFUF5oGNp7AjZbev4/5qInS6iQhUgpWz
C5DlODRYhUqRM00RoZ+wY+pIP4eUJ0kxVkiXondY5Mzi5awdhUfsbIzR/gJ1KRi9
SAa0SII=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org