Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/1FBC359C2A3211EFA5B22858C4F9AE02.roa
File: 1FBC359C2A3211EFA5B22858C4F9AE02.roa (raw, json)
Hash identifier: xAK0iP2fE68Rzh+g1k48QJCZpkUCCAe0g/rBZjUGqUE=
Subject key identifier: AE:79:E8:3D:A3:16:AD:99:34:EF:B9:4A:EC:0F:8F:8B:A4:94:04:2F
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 063C
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/1FBC359C2A3211EFA5B22858C4F9AE02.roa
Signing time: Wed 14 Aug 2024 08:12:42 +0000
ROA not before: Wed 14 Aug 2024 08:12:42 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 62610
IP address blocks: 150.107.0.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 07:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1596 (0x63c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Aug 14 08:12:42 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66bc66fa-f4be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:82:79:4e:5d:0e:54:a5:e2:51:75:97:ce:3d:
cd:aa:87:ec:de:98:95:06:01:6b:70:d3:d1:07:c4:
60:f8:9d:9e:5d:03:5d:d7:7f:9e:97:30:5d:1a:4a:
b1:3f:b7:49:a2:33:0a:d8:70:88:8e:0e:96:9d:0b:
f9:e2:e4:4e:01:2e:7f:08:9b:4f:cc:e4:c6:01:76:
e7:8a:62:bc:5d:36:84:4f:9f:d5:95:2b:c9:59:8e:
90:a4:12:29:29:54:00:80:7c:2a:fe:bf:4b:09:83:
a5:d2:35:a8:9f:0c:61:c2:79:d9:ed:59:ff:04:53:
9d:13:5d:7b:9f:04:3e:68:15:87:ef:f9:c4:2f:25:
06:17:8b:73:87:c4:fa:c5:b6:f0:4d:f9:f6:1b:56:
4f:4e:4f:da:42:0c:3e:f9:7e:70:e8:e3:7a:ae:5a:
43:8e:3a:3b:f6:0e:a0:5a:d4:33:a6:08:fa:ea:f8:
6f:0d:9d:78:e2:3f:93:a4:df:fb:1e:a6:39:21:07:
31:62:2a:4e:d0:6c:82:b9:e1:9d:fc:82:05:ef:f5:
be:af:9a:d5:0b:d1:12:15:e9:9e:ed:a7:7f:d3:d8:
37:7d:f1:67:47:39:e4:cf:de:f9:6e:88:35:a0:4c:
47:8a:5d:9d:92:55:05:c2:c1:63:7e:a7:87:3a:48:
fd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:79:E8:3D:A3:16:AD:99:34:EF:B9:4A:EC:0F:8F:8B:A4:94:04:2F
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/1FBC359C2A3211EFA5B22858C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
150.107.0.0/24
150.129.42.0/24
Signature Algorithm: sha256WithRSAEncryption
06:6a:d5:ae:53:eb:f1:e9:c7:d8:19:49:3e:3a:99:bf:22:31:
be:a7:62:c6:6e:73:a8:6d:49:7c:f0:d1:46:3e:6b:ab:20:9b:
d0:ef:32:02:32:f4:59:8e:01:cf:16:6a:6f:fa:35:fe:07:df:
e0:5c:15:be:c1:bd:07:39:da:f4:9e:2b:8f:a3:ed:17:23:36:
82:fc:d9:45:9b:be:f9:85:2c:c7:03:8a:c0:24:2a:a0:09:ac:
e9:69:3c:e8:bf:22:35:64:1c:29:b1:5f:bd:51:cd:30:5f:c9:
0b:ef:e3:ec:dc:73:ce:84:f0:6e:70:c1:e9:91:f4:88:e9:cb:
92:2b:34:7f:f7:63:8a:d3:95:01:8c:f5:8a:db:e1:e8:5d:c1:
15:db:ac:b1:48:e9:47:44:91:85:c5:b3:c8:6f:a0:58:fc:35:
99:62:cf:d7:69:99:44:b0:d4:0f:16:b7:20:49:31:48:74:16:
a6:f5:6b:60:05:06:3e:08:c5:c5:71:7f:90:2f:38:bb:41:d8:
06:0f:af:74:a3:9a:fa:4a:e3:5e:99:2c:31:32:9d:06:7a:27:
35:90:47:ca:96:c1:05:89:40:33:9b:ac:72:dd:54:b1:10:10:
cf:46:26:4c:e6:f8:97:a1:4f:26:61:f2:f4:60:c3:6e:25:5e:
06:df:8d:09
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBjwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQwODE0MDgxMjQyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJjNjZmYS1mNGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzIJ5Tl0OVKXiUXWXzj3Nqofs3piVBgFrcNPRB8Rg+J2eXQNd13+elzBdGkqx
P7dJojMK2HCIjg6WnQv54uROAS5/CJtPzOTGAXbnimK8XTaET5/VlSvJWY6QpBIp
KVQAgHwq/r9LCYOl0jWonwxhwnnZ7Vn/BFOdE117nwQ+aBWH7/nELyUGF4tzh8T6
xbbwTfn2G1ZPTk/aQgw++X5w6ON6rlpDjjo79g6gWtQzpgj66vhvDZ144j+TpN/7
HqY5IQcxYipO0GyCueGd/IIF7/W+r5rVC9ESFeme7ad/09g3ffFnRznkz975bog1
oExHil2dklUFwsFjfqeHOkj9NwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFK556D2j
Fq2ZNO+5SuwPj4uklAQvMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMUZCQzM1OUMy
QTMyMTFFRkE1QjIyODU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBACWawADBACWgSowDQYJKoZIhvcNAQELBQADggEBAAZq1a5T
6/Hpx9gZST46mb8iMb6nYsZuc6htSXzw0UY+a6sgm9DvMgIy9FmOAc8Wam/6Nf4H
3+BcFb7BvQc52vSeK4+j7RcjNoL82UWbvvmFLMcDisAkKqAJrOlpPOi/IjVkHCmx
X71RzTBfyQvv4+zcc86E8G5wwemR9Ijpy5IrNH/3Y4rTlQGM9Yrb4ehdwRXbrLFI
6UdEkYXFs8hvoFj8NZliz9dpmUSw1A8WtyBJMUh0Fqb1a2AFBj4IxcVxf5AvOLtB
2AYPr3SjmvpK416ZLDEynQZ6JzWQR8qWwQWJQDObrHLdVLEQEM9GJkzm+JehTyZh
8vRgw24lXgbfjQk=
-----END CERTIFICATE-----
Generated at Tue Sep 3 10:16:07 2024 by rpki-client on console-ams.rpki-client.org