Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/BDCB3EACF77111EE9EC79E3EC4F9AE02.roa
File: BDCB3EACF77111EE9EC79E3EC4F9AE02.roa (raw, json)
Hash identifier: J+cWYFnRPsomMj8YzX4tFDktMq39GqtE9P70ShmV2Hk=
Subject key identifier: D7:17:23:D0:7E:D6:D0:4F:55:61:EA:F7:7F:A6:55:69:AF:FB:E1:78
Certificate issuer: /CN=A9110D07/serialNumber=4AC95C8A975E4CF310842C95564051753DEB0289
Certificate serial: 7B
Authority key identifier: 4A:C9:5C:8A:97:5E:4C:F3:10:84:2C:95:56:40:51:75:3D:EB:02:89
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SslcipdeTPMQhCyVVkBRdT3rAok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/BDCB3EACF77111EE9EC79E3EC4F9AE02.roa
Signing time: Wed 10 Apr 2024 19:44:08 +0000
ROA not before: Wed 10 Apr 2024 19:44:07 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137707
IP address blocks: 36.50.18.0/24 maxlen: 31
36.50.19.0/24 maxlen: 31
2001:df3:51c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 Jul 2024 22:47:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123 (0x7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9110D07/serialNumber=4AC95C8A975E4CF310842C95564051753DEB0289
Validity
Not Before: Apr 10 19:44:07 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6616ec07-5a04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:fc:65:fe:b6:6c:9c:61:c4:0f:b5:30:6b:80:
11:ae:b5:e2:ca:18:fd:64:f8:83:af:ef:a5:90:5a:
eb:73:f6:c8:9a:22:f4:48:9a:cd:62:63:40:9e:92:
5a:97:89:7c:dc:f5:cf:b2:20:e5:e4:de:54:9a:27:
e8:3e:5e:30:c1:e4:86:eb:0c:ed:19:b3:2c:77:2c:
a0:2e:df:5b:6a:d9:61:6c:30:32:3e:34:a2:d5:f4:
c7:fd:da:7e:72:cd:45:42:52:98:1a:9d:7c:e6:54:
ce:e9:5b:fd:50:b6:6a:c5:c0:62:6c:fc:0f:8c:3a:
7f:ca:e1:1b:62:fa:cf:e5:6d:0d:5e:5d:72:ec:8c:
6d:f1:96:69:e9:f5:0e:05:62:58:e2:93:31:1e:24:
79:27:34:07:19:38:f9:e1:13:cb:ab:8b:a8:ef:a9:
ce:7c:42:84:30:d5:74:7d:5e:eb:50:78:61:19:45:
2b:b5:a6:b5:52:98:03:18:2d:5f:13:51:ae:55:da:
16:3f:ff:21:12:50:f8:41:0d:87:b0:e9:98:68:c2:
ed:62:99:2d:86:d7:b9:0f:ff:cf:c6:f8:d3:e5:27:
17:e8:11:1c:7e:99:f5:04:2c:99:0d:05:16:c1:77:
8b:c9:77:9e:07:98:ee:1d:d1:3b:f3:55:c1:3c:de:
6b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:17:23:D0:7E:D6:D0:4F:55:61:EA:F7:7F:A6:55:69:AF:FB:E1:78
X509v3 Authority Key Identifier:
keyid:4A:C9:5C:8A:97:5E:4C:F3:10:84:2C:95:56:40:51:75:3D:EB:02:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/SslcipdeTPMQhCyVVkBRdT3rAok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SslcipdeTPMQhCyVVkBRdT3rAok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/BDCB3EACF77111EE9EC79E3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.18.0/23
IPv6:
2001:df3:51c0::/48
Signature Algorithm: sha256WithRSAEncryption
3b:eb:bf:d7:16:f7:55:9c:2b:d4:26:99:23:6c:71:49:ac:8d:
a8:39:53:7e:b8:6a:ce:a1:08:72:6f:45:a0:78:c6:cf:25:00:
2c:df:e5:1d:18:35:86:b5:41:99:fe:27:21:03:ed:4f:6b:6c:
72:87:24:e8:a6:fc:80:51:6e:31:18:15:5c:18:77:55:36:e4:
d0:1b:d5:2b:37:0d:f6:46:26:ba:b2:98:81:eb:13:99:14:ff:
f2:ea:54:66:81:b6:57:5e:e0:24:5e:de:6d:24:0a:7e:15:fb:
7d:99:3e:24:eb:df:1f:68:a2:71:8c:9f:f1:f5:42:9e:c0:62:
b7:0f:ff:7e:2c:d9:27:ca:23:1d:d6:ab:56:19:e4:cd:d7:1a:
1f:b4:be:50:ed:21:25:c1:9b:bb:3d:ae:d8:cc:f7:a6:0e:ef:
fd:9f:71:ba:87:77:a9:d4:e7:a3:27:03:19:68:13:69:4c:72:
e0:9a:ee:bf:ca:e1:1d:64:09:ff:88:77:76:2c:7d:7d:ed:34:
4d:7f:3a:9a:be:fd:f4:a6:e3:b6:2d:bc:a8:62:5f:d1:30:d7:
78:5e:f3:d8:ec:55:d2:e1:5a:36:12:78:9f:65:17:d4:9f:a8:
7e:77:f9:69:9c:7d:ee:49:f3:ab:4a:c4:81:c7:eb:20:9c:38:
b8:41:4f:3b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBezANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MEQwNzExMC8GA1UEBRMoNEFDOTVDOEE5NzVFNENGMzEwODQyQzk1NTY0MDUxNzUz
REVCMDI4OTAeFw0yNDA0MTAxOTQ0MDdaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTZlYzA3LTVhMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDk/GX+tmycYcQPtTBrgBGuteLKGP1k+IOv76WQWutz9siaIvRIms1iY0CeklqX
iXzc9c+yIOXk3lSaJ+g+XjDB5IbrDO0Zsyx3LKAu31tq2WFsMDI+NKLV9Mf92n5y
zUVCUpganXzmVM7pW/1QtmrFwGJs/A+MOn/K4Rti+s/lbQ1eXXLsjG3xlmnp9Q4F
YljikzEeJHknNAcZOPnhE8uri6jvqc58QoQw1XR9XutQeGEZRSu1prVSmAMYLV8T
Ua5V2hY//yESUPhBDYew6Zhowu1imS2G17kP/8/G+NPlJxfoERx+mfUELJkNBRbB
d4vJd54HmO4d0TvzVcE83msRAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU1xcj0H7W
0E9VYer3f6ZVaa/74XgwHwYDVR0jBBgwFoAUSslcipdeTPMQhCyVVkBRdT3rAokw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEwRDA3L0QzRTg4OUQ0OEU3
RjExRUU4RTk3QjQ4NEM0RjlBRTAyL1NzbGNpcGRlVFBNUWhDeVZWa0JSZFQzckFv
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU3NsY2lwZGVUUE1RaEN5VlZrQlJkVDNyQW9rLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MEQwNy9EM0U4ODlENDhFN0YxMUVFOEU5N0I0ODRDNEY5QUUwMi9CRENCM0VBQ0Y3
NzExMUVFOUVDNzlFM0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEASQyEjAPBAIAAjAJAwcAIAEN81HAMA0GCSqGSIb3DQEBCwUA
A4IBAQA767/XFvdVnCvUJpkjbHFJrI2oOVN+uGrOoQhyb0WgeMbPJQAs3+UdGDWG
tUGZ/ichA+1Pa2xyhyTopvyAUW4xGBVcGHdVNuTQG9UrNw32Ria6spiB6xOZFP/y
6lRmgbZXXuAkXt5tJAp+Fft9mT4k698faKJxjJ/x9UKewGK3D/9+LNknyiMd1qtW
GeTN1xoftL5Q7SElwZu7Pa7YzPemDu/9n3G6h3ep1OejJwMZaBNpTHLgmu6/yuEd
ZAn/iHd2LH197TRNfzqavv30puO2LbyoYl/RMNd4XvPY7FXS4Vo2EnifZRfUn6h+
d/lpnH3uSfOrSsSBx+sgnDi4QU87
-----END CERTIFICATE-----
Generated at Thu Jul 25 00:10:05 2024 by rpki-client on console-fra.rpki-client.org