Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C49A30FC7D6F11EE91D2DC4AC4F9AE02.roa
File: C49A30FC7D6F11EE91D2DC4AC4F9AE02.roa (raw, json)
Hash identifier: Qd+fvGVQJiz6RN8RYYlXEVMjYHqFQsjnIvYqFEob7SE=
Subject key identifier: 16:BA:A1:C6:ED:86:14:67:85:CC:98:78:84:DE:41:A8:1D:D7:75:0E
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0554
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C49A30FC7D6F11EE91D2DC4AC4F9AE02.roa
Signing time: Tue 07 Nov 2023 13:15:49 +0000
ROA not before: Tue 07 Nov 2023 13:15:49 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 136173
IP address blocks: 36.255.192.0/24 maxlen: 24
36.255.193.0/24 maxlen: 24
43.229.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 05:26:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1364 (0x554)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Nov 7 13:15:49 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=654a3885-ac01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ee:92:c9:06:08:a9:50:83:2c:b7:58:74:3b:
13:45:d7:85:a6:8d:98:5a:6f:89:45:97:6b:06:b4:
1b:4c:0d:45:ce:84:af:92:36:98:20:77:f0:52:69:
93:73:ec:ce:8d:cc:3f:1e:77:a0:65:27:ec:e7:b9:
83:7c:25:ce:28:ed:57:86:3f:e3:20:56:93:3a:86:
91:31:01:03:b7:6e:99:49:b0:17:38:a0:df:aa:b9:
81:f9:bc:24:a8:61:ed:8a:e9:b6:a2:06:d2:30:c9:
28:bd:a9:50:5e:1e:d3:fe:29:5e:c9:e5:f9:f1:ec:
23:5c:25:9a:71:d1:e8:1d:c6:b4:14:85:b2:31:43:
98:8c:1c:4a:e6:a4:5b:bc:a7:49:52:58:af:c7:61:
6c:a2:9f:6e:20:22:c3:43:af:b8:30:77:75:06:22:
1e:5a:62:10:60:df:fc:5d:6d:18:2c:f0:2f:b0:cb:
9b:88:d6:84:2c:37:af:f4:30:a3:b8:8c:6c:41:4e:
68:e8:9b:5c:1a:6a:ff:7c:56:56:d5:67:3e:b5:ca:
8f:91:0e:f7:32:17:02:80:fb:60:f2:91:8a:83:f1:
94:08:4f:17:af:82:76:84:3a:69:62:05:ad:a2:3c:
d8:3f:35:48:26:d4:59:a9:aa:5d:90:3e:0e:1e:a0:
b7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:BA:A1:C6:ED:86:14:67:85:CC:98:78:84:DE:41:A8:1D:D7:75:0E
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C49A30FC7D6F11EE91D2DC4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.192.0/23
43.229.155.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:e9:a8:e9:da:a4:5c:95:97:0c:58:1d:fe:2c:e0:98:2d:f7:
d2:15:95:ad:7d:bd:1f:24:d2:be:c8:86:ab:09:55:43:ed:88:
22:2f:f9:31:83:b5:bf:fa:bc:d5:08:ca:16:8b:99:12:2a:d4:
2f:c0:7b:6c:c4:7c:07:48:7a:d0:4e:0a:a0:52:be:ea:66:5c:
f7:7a:26:c8:cd:b8:86:50:ce:4d:af:c1:fe:04:03:e3:4b:ea:
f7:52:53:de:a4:47:78:74:58:02:30:70:09:03:92:67:4e:09:
68:b3:3a:3b:eb:b9:20:23:35:b6:bc:ed:b8:cd:aa:f2:4f:ba:
59:90:1c:23:3c:90:36:3a:b0:2b:f2:b8:66:a6:33:bc:f1:ef:
21:eb:aa:3b:fb:83:cd:1b:24:8c:8c:3b:d0:a9:8b:54:65:01:
5b:17:e2:39:28:f5:5b:e4:c8:16:bf:64:76:23:aa:bd:59:25:
62:aa:1c:ca:d2:df:04:ec:18:57:1d:1f:f7:3c:7f:98:a2:2d:
dd:86:c9:dd:78:d7:47:b6:19:13:82:ac:49:c8:fc:0b:77:16:
f1:88:d0:ee:04:7f:c1:ca:c9:47:66:9b:bc:b3:de:a2:2b:11:
94:82:16:8e:ae:b2:aa:a5:c5:9f:5a:41:27:4c:af:38:27:77:
e6:69:21:f5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMxMTA3MTMxNTQ5WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRhMzg4NS1hYzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqO6SyQYIqVCDLLdYdDsTRdeFpo2YWm+JRZdrBrQbTA1FzoSvkjaYIHfwUmmT
c+zOjcw/HnegZSfs57mDfCXOKO1Xhj/jIFaTOoaRMQEDt26ZSbAXOKDfqrmB+bwk
qGHtium2ogbSMMkovalQXh7T/ileyeX58ewjXCWacdHoHca0FIWyMUOYjBxK5qRb
vKdJUlivx2Fsop9uICLDQ6+4MHd1BiIeWmIQYN/8XW0YLPAvsMubiNaELDev9DCj
uIxsQU5o6JtcGmr/fFZW1Wc+tcqPkQ73MhcCgPtg8pGKg/GUCE8Xr4J2hDppYgWt
ojzYPzVIJtRZqapdkD4OHqC3RwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBa6ocbt
hhRnhcyYeITeQagd13UOMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQzQ5QTMwRkM3
RDZGMTFFRTkxRDJEQzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEk/8ADBAAr5ZswDQYJKoZIhvcNAQELBQADggEBABzpqOna
pFyVlwxYHf4s4Jgt99IVla19vR8k0r7IhqsJVUPtiCIv+TGDtb/6vNUIyhaLmRIq
1C/Ae2zEfAdIetBOCqBSvupmXPd6JsjNuIZQzk2vwf4EA+NL6vdSU96kR3h0WAIw
cAkDkmdOCWizOjvruSAjNba87bjNqvJPulmQHCM8kDY6sCvyuGamM7zx7yHrqjv7
g80bJIyMO9Cpi1RlAVsX4jko9VvkyBa/ZHYjqr1ZJWKqHMrS3wTsGFcdH/c8f5ii
Ld2Gyd1410e2GROCrEnI/At3FvGI0O4Ef8HKyUdmm7yz3qIrEZSCFo6usqqlxZ9a
QSdMrzgnd+ZpIfU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org