Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/B09CEC96F97711EEB642002CC4F9AE02.roa
File: B09CEC96F97711EEB642002CC4F9AE02.roa (raw, json)
Hash identifier: qSNxj5uugoQKLhAAUSMPdGi+AeUh4rN9ydAwke1VAAY=
Subject key identifier: 12:5D:9F:B6:54:B2:BC:9D:A1:35:2D:0F:6A:DC:A3:5D:59:AF:AE:2A
Certificate issuer: /CN=A91E7E45/serialNumber=C4829B6C07FD804DF0925CFFC161C6702807A026
Certificate serial: 0925
Authority key identifier: C4:82:9B:6C:07:FD:80:4D:F0:92:5C:FF:C1:61:C6:70:28:07:A0:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIKbbAf9gE3wklz_wWHGcCgHoCY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/B09CEC96F97711EEB642002CC4F9AE02.roa
Signing time: Sat 13 Apr 2024 09:24:55 +0000
ROA not before: Sat 13 Apr 2024 09:24:55 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 150452
IP address blocks: 210.16.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 06:50:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2341 (0x925)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7E45/serialNumber=C4829B6C07FD804DF0925CFFC161C6702807A026
Validity
Not Before: Apr 13 09:24:55 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=661a4f67-a5ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ed:fe:9c:04:6a:71:dd:ba:e4:3e:5f:2c:c4:
cf:74:c3:b0:f9:76:7a:56:b9:61:7a:b2:3a:ff:f7:
e2:1f:fc:36:da:2e:cd:fa:3c:42:ea:6a:e7:f0:6d:
42:da:8d:d5:a9:ee:fb:de:e9:96:4b:54:bd:f0:39:
44:47:7d:08:8e:49:b0:81:72:77:3e:d7:ca:76:fe:
77:15:dc:33:af:03:a1:5e:bd:7c:71:3c:b0:5b:c5:
7e:fc:0c:64:ce:21:b4:76:08:a6:58:59:af:15:ce:
77:6b:ee:32:f5:68:d5:58:9b:f1:2a:2b:97:43:0e:
80:37:19:fc:83:db:42:da:1f:d2:ab:b6:da:36:2d:
e7:96:39:1b:55:e1:c4:b9:65:56:73:b5:38:64:64:
15:d6:8c:a8:6d:ec:ee:74:c0:da:8a:af:b4:b7:c1:
87:f0:bd:c3:51:7e:a3:5a:d7:ea:25:87:23:be:89:
4b:b0:60:2d:96:a2:ac:91:4d:4e:24:bb:32:26:02:
15:6e:2d:c0:d4:b2:10:80:68:45:b5:bf:c5:ec:f6:
bb:34:85:e7:46:8b:8a:5e:e2:28:c2:5c:fe:bb:cf:
95:51:d9:ae:39:15:ed:4a:54:eb:69:5b:f0:b8:8c:
1d:fc:ff:82:1e:71:1e:94:0f:25:af:0f:f6:58:59:
d1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:5D:9F:B6:54:B2:BC:9D:A1:35:2D:0F:6A:DC:A3:5D:59:AF:AE:2A
X509v3 Authority Key Identifier:
keyid:C4:82:9B:6C:07:FD:80:4D:F0:92:5C:FF:C1:61:C6:70:28:07:A0:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/xIKbbAf9gE3wklz_wWHGcCgHoCY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIKbbAf9gE3wklz_wWHGcCgHoCY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/B09CEC96F97711EEB642002CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.16.122.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:4a:a8:41:98:1f:46:8c:31:47:32:f2:b2:a9:b0:29:67:e1:
35:e1:48:ea:24:88:a8:78:da:4c:4d:82:4e:41:35:10:ed:c7:
92:e9:14:af:0f:bf:d7:12:2c:67:1c:62:74:ee:e4:02:39:0c:
ba:73:3f:b0:23:35:b1:7a:41:f5:1b:72:86:e5:82:00:28:b2:
90:63:7f:ea:87:e2:49:74:a3:b8:97:9d:46:6f:53:2d:f9:56:
28:96:b0:b5:4a:78:7e:a5:9c:e9:84:69:82:5e:60:8a:2f:79:
f0:81:29:00:74:ae:fe:53:bc:15:c9:68:54:f7:c4:89:c9:5d:
8f:27:93:3a:e2:73:f4:60:a4:0b:fc:b2:7a:73:20:52:37:5a:
c5:2a:70:71:91:05:31:57:04:bd:4a:b4:2b:00:dd:93:ac:91:
9f:9d:70:c9:67:68:03:4a:59:49:16:4e:8d:ee:0c:27:10:8f:
fd:26:12:8a:9f:03:5b:47:75:6a:8a:96:d6:59:12:dd:fe:dc:
b0:ac:ed:43:f2:89:2d:24:c4:9d:48:18:bc:a0:04:f1:8f:e2:
f3:2e:a7:92:20:ad:cd:7d:d4:f7:55:d1:21:b5:03:19:b0:61:
31:81:ff:48:1b:c1:7e:fc:36:7b:4d:4a:c3:ee:f6:29:10:89:
21:a5:72:d7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCSUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTdFNDUxMTAvBgNVBAUTKEM0ODI5QjZDMDdGRDgwNERGMDkyNUNGRkMxNjFDNjcw
MjgwN0EwMjYwHhcNMjQwNDEzMDkyNDU1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjFhNGY2Ny1hNWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2O3+nARqcd265D5fLMTPdMOw+XZ6VrlherI6//fiH/w22i7N+jxC6mrn8G1C
2o3Vqe773umWS1S98DlER30IjkmwgXJ3PtfKdv53FdwzrwOhXr18cTywW8V+/Axk
ziG0dgimWFmvFc53a+4y9WjVWJvxKiuXQw6ANxn8g9tC2h/Sq7baNi3nljkbVeHE
uWVWc7U4ZGQV1oyobezudMDaiq+0t8GH8L3DUX6jWtfqJYcjvolLsGAtlqKskU1O
JLsyJgIVbi3A1LIQgGhFtb/F7Pa7NIXnRouKXuIowlz+u8+VUdmuORXtSlTraVvw
uIwd/P+CHnEelA8lrw/2WFnR3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFBJdn7ZU
srydoTUtD2rco11Zr64qMB8GA1UdIwQYMBaAFMSCm2wH/YBN8JJc/8FhxnAoB6Am
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0U0NS8wNkM4NTYzQzgz
RDkxMUVBQTMxMjRGNUNDNEY5QUUwMi94SUtiYkFmOWdFM3drbHpfd1dIR2NDZ0hv
Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hJS2JiQWY5Z0Uzd2tsel93V0hHY0NnSG9DWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdFNDUvMDZDODU2M0M4M0Q5MTFFQUEzMTI0RjVDQzRGOUFFMDIvQjA5Q0VDOTZG
OTc3MTFFRUI2NDIwMDJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADSEHowDQYJKoZIhvcNAQELBQADggEBAD5KqEGYH0aMMUcy
8rKpsCln4TXhSOokiKh42kxNgk5BNRDtx5LpFK8Pv9cSLGccYnTu5AI5DLpzP7Aj
NbF6QfUbcoblggAospBjf+qH4kl0o7iXnUZvUy35ViiWsLVKeH6lnOmEaYJeYIov
efCBKQB0rv5TvBXJaFT3xInJXY8nkzric/RgpAv8snpzIFI3WsUqcHGRBTFXBL1K
tCsA3ZOskZ+dcMlnaANKWUkWTo3uDCcQj/0mEoqfA1tHdWqKltZZEt3+3LCs7UPy
iS0kxJ1IGLygBPGP4vMup5Igrc191PdV0SG1AxmwYTGB/0gbwX78NntNSsPu9ikQ
iSGlctc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org