Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/76DEE866B75411EEA0462B22C4F9AE02.roa
File: 76DEE866B75411EEA0462B22C4F9AE02.roa (raw, json)
Hash identifier: ML6RuIZSMYM7h2HeyipOvjmvK0U4Wtz2GHhI1Jg+U1w=
Subject key identifier: 2D:03:BA:F6:48:7A:59:75:01:3A:18:89:CF:05:AD:14:AC:1C:D1:C0
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0585
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/76DEE866B75411EEA0462B22C4F9AE02.roa
Signing time: Sat 20 Jan 2024 05:26:30 +0000
ROA not before: Sat 20 Jan 2024 05:26:30 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 136173
IP address blocks: 36.255.192.0/24 maxlen: 24
43.229.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Apr 2024 08:57:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1413 (0x585)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Jan 20 05:26:30 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65ab5985-eeb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f1:a7:d1:13:41:a8:22:41:fe:ad:3e:e2:14:
97:37:14:0f:bc:68:92:f1:64:07:33:8b:6a:ed:d8:
b6:39:51:53:25:b7:31:d9:f0:fc:c5:cc:46:1a:20:
4a:59:20:a5:a2:be:19:b5:ba:cc:da:71:4f:ae:5f:
cf:74:9d:44:5c:e3:7e:4d:77:ce:4c:24:cc:f0:f6:
17:c1:56:eb:c2:94:34:e8:08:72:fb:93:2b:47:a8:
e2:77:95:d8:a5:bb:18:28:51:35:f7:2b:5d:87:ce:
8f:1d:2e:e2:40:57:e4:65:c5:77:1f:46:dc:88:22:
02:80:6d:68:63:10:2f:e8:83:90:d9:d2:ee:89:b1:
26:f5:f7:6d:48:e7:c3:ed:79:51:39:9d:74:b8:f2:
18:38:26:f9:b8:b9:f9:cc:40:e6:1a:db:f1:93:4e:
d1:4f:06:74:bf:d6:03:c4:75:7d:7c:6f:41:33:42:
f9:1c:d5:37:c2:7a:9d:89:18:40:84:62:df:6c:ae:
a3:8a:f9:aa:0d:c3:99:d3:2e:d6:3c:f1:94:1b:4c:
f1:05:56:45:81:74:71:a1:0e:7c:70:40:7a:68:61:
0a:0d:11:c4:a4:f8:96:64:62:ee:e7:c9:8d:3c:6f:
cd:c0:16:5c:ca:d7:2f:55:b1:87:a2:3d:fc:88:97:
9b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:03:BA:F6:48:7A:59:75:01:3A:18:89:CF:05:AD:14:AC:1C:D1:C0
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/76DEE866B75411EEA0462B22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.192.0/24
43.229.155.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:c3:9e:8c:99:c6:7c:e8:b8:93:97:64:9d:b2:35:5f:68:76:
25:b8:80:8d:e3:b0:81:58:32:5b:82:c2:d9:ad:70:49:ac:c8:
ff:bc:f5:ae:a5:37:6a:70:be:95:09:45:f3:50:69:26:7d:c0:
d7:06:a2:4b:4a:ad:b3:e3:d5:9a:86:1f:60:1e:87:fb:1e:74:
d6:1c:82:e6:e6:b6:52:58:85:d8:16:30:f9:27:a6:70:f2:f1:
6a:9a:49:3d:f8:29:95:a2:7c:56:a8:e7:bf:05:6f:22:29:40:
a5:5b:0a:e2:d8:37:ce:ac:f3:36:92:49:ea:a0:38:83:87:02:
62:0b:ae:35:7a:c1:c7:74:ba:39:90:91:ab:bf:af:97:ff:65:
28:ed:5d:f8:51:03:cf:22:64:9e:67:77:3f:54:a1:7c:03:7e:
ae:e5:39:85:5d:ee:98:e2:7b:e4:3e:09:7b:47:6e:d6:65:72:
95:6b:d5:72:dd:8a:22:0c:de:fb:dd:a3:0e:a9:09:54:1f:60:
14:43:fa:ec:cc:20:b9:bc:df:30:6e:8a:5b:15:3e:ec:9f:92:
45:31:b3:d9:36:d5:92:1e:1c:18:1d:d4:3e:8d:0a:c9:a5:be:
fe:c6:3e:f1:35:c7:72:b9:58:96:be:30:01:26:71:5e:70:cb:
81:4a:97:d7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQwMTIwMDUyNjMwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWFiNTk4NS1lZWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzPGn0RNBqCJB/q0+4hSXNxQPvGiS8WQHM4tq7di2OVFTJbcx2fD8xcxGGiBK
WSClor4ZtbrM2nFPrl/PdJ1EXON+TXfOTCTM8PYXwVbrwpQ06Ahy+5MrR6jid5XY
pbsYKFE19ytdh86PHS7iQFfkZcV3H0bciCICgG1oYxAv6IOQ2dLuibEm9fdtSOfD
7XlROZ10uPIYOCb5uLn5zEDmGtvxk07RTwZ0v9YDxHV9fG9BM0L5HNU3wnqdiRhA
hGLfbK6jivmqDcOZ0y7WPPGUG0zxBVZFgXRxoQ58cEB6aGEKDRHEpPiWZGLu58mN
PG/NwBZcytcvVbGHoj38iJebhwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC0DuvZI
ell1AToYic8FrRSsHNHAMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvNzZERUU4NjZC
NzU0MTFFRUEwNDYyQjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAk/8ADBAAr5ZswDQYJKoZIhvcNAQELBQADggEBALXDnoyZ
xnzouJOXZJ2yNV9odiW4gI3jsIFYMluCwtmtcEmsyP+89a6lN2pwvpUJRfNQaSZ9
wNcGoktKrbPj1ZqGH2Aeh/sedNYcgubmtlJYhdgWMPknpnDy8WqaST34KZWifFao
578FbyIpQKVbCuLYN86s8zaSSeqgOIOHAmILrjV6wcd0ujmQkau/r5f/ZSjtXfhR
A88iZJ5ndz9UoXwDfq7lOYVd7pjie+Q+CXtHbtZlcpVr1XLdiiIM3vvdow6pCVQf
YBRD+uzMILm83zBuilsVPuyfkkUxs9k21ZIeHBgd1D6NCsmlvv7GPvE1x3K5WJa+
MAEmcV5wy4FKl9c=
-----END CERTIFICATE-----
Generated at Mon Apr 1 09:52:01 2024 by rpki-client on console-ams.rpki-client.org