Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912559E/350AFEBEA47311EEBDFBB759C4F9AE02/6BF402BEA47711EE85D2226AC4F9AE02.roa
File: 6BF402BEA47711EE85D2226AC4F9AE02.roa (raw, json)
Hash identifier: tXKntVVxoUmogwDbWPaYbYtA4OP0q/doLeVkS5HPfkk=
Subject key identifier: 37:09:51:4B:BB:D5:E7:13:F1:95:B9:3C:FD:32:2E:C2:1B:9A:D4:79
Certificate issuer: /CN=A912559E/serialNumber=09407F70F9771600F4FBAA75C0FE9690D8C65A30
Certificate serial: 02
Authority key identifier: 09:40:7F:70:F9:77:16:00:F4:FB:AA:75:C0:FE:96:90:D8:C6:5A:30
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUB_cPl3FgD0-6p1wP6WkNjGWjA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912559E/350AFEBEA47311EEBDFBB759C4F9AE02/6BF402BEA47711EE85D2226AC4F9AE02.roa
Signing time: Wed 27 Dec 2023 05:18:51 +0000
ROA not before: Wed 27 Dec 2023 05:18:51 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 152192
IP address blocks: 36.50.238.0/24 maxlen: 24
36.50.239.0/24 maxlen: 24
2001:df3:50c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Feb 2024 05:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912559E/serialNumber=09407F70F9771600F4FBAA75C0FE9690D8C65A30
Validity
Not Before: Dec 27 05:18:51 2023 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=658bb3bb-fbca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a4:dd:0f:65:ce:11:37:90:d2:aa:f1:93:09:
4f:89:f3:af:3a:fa:2e:2b:52:cb:47:ca:43:82:95:
59:9a:0b:cc:d2:77:a5:29:45:fc:a9:ee:31:3f:53:
5d:99:63:0b:cc:cd:66:7e:c1:8d:1f:4f:7a:c5:ca:
95:11:de:cc:e8:43:0b:87:63:26:26:42:7c:d5:1e:
98:5b:9a:d8:20:6a:71:b1:45:45:a3:e9:ca:55:60:
bb:c9:bd:a1:35:61:46:ec:75:8b:2a:e5:00:8a:45:
45:ab:ae:3f:15:cc:8c:bd:7e:f5:b7:ca:40:f2:a2:
4b:50:b2:c4:f8:6e:04:0c:c8:fd:e8:f4:9e:81:84:
13:b6:9a:3b:08:06:c9:11:98:cc:cf:1d:62:d5:18:
4b:b6:d8:8d:4e:ea:52:fc:8d:e9:e3:0c:e6:34:47:
0a:c7:46:66:49:d0:0b:f9:08:8f:02:6e:5f:5f:7a:
b6:08:58:28:a4:3a:a1:5f:4c:45:60:34:6f:5d:2b:
aa:d3:b4:7f:31:9b:ae:79:85:4c:41:23:6d:b8:7d:
51:b0:ff:26:c3:0d:ce:1b:68:9e:4b:d9:c0:f4:18:
fc:27:d6:e4:47:72:00:a8:6e:36:b8:a8:87:b6:44:
62:5a:89:5a:db:ba:15:84:bb:2b:94:77:35:c6:d1:
ed:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:09:51:4B:BB:D5:E7:13:F1:95:B9:3C:FD:32:2E:C2:1B:9A:D4:79
X509v3 Authority Key Identifier:
keyid:09:40:7F:70:F9:77:16:00:F4:FB:AA:75:C0:FE:96:90:D8:C6:5A:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912559E/350AFEBEA47311EEBDFBB759C4F9AE02/CUB_cPl3FgD0-6p1wP6WkNjGWjA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUB_cPl3FgD0-6p1wP6WkNjGWjA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912559E/350AFEBEA47311EEBDFBB759C4F9AE02/6BF402BEA47711EE85D2226AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.238.0/23
IPv6:
2001:df3:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
01:f0:02:ef:7b:62:56:fd:9e:15:da:13:e5:f5:23:d2:28:e4:
c0:3e:23:68:fc:a1:52:96:da:03:2d:1e:3f:5f:2e:a0:3f:af:
50:c2:e2:53:37:8e:78:f5:f5:f9:8c:4d:97:56:64:e4:6b:b4:
84:68:8f:92:11:11:ea:03:f1:05:76:77:47:35:9f:c6:26:98:
b0:b3:13:21:b3:b3:1a:f2:8a:5a:d1:73:97:5c:ab:53:60:0e:
7d:e9:1e:2b:84:1a:6d:6a:c6:a8:5e:4b:71:42:55:3b:07:e3:
37:e5:24:8c:7d:ec:75:9f:cf:49:11:eb:79:e1:2b:b3:84:3f:
f7:43:51:c1:5c:20:1d:e0:96:bd:3f:6b:59:9b:b8:5d:a5:b8:
ed:46:2b:8f:5d:2a:b6:b1:0e:e0:54:9b:3c:e3:8d:6e:b3:c2:
90:97:f9:34:4d:51:d3:57:2b:b9:bd:ee:c6:05:aa:2e:7d:32:
e3:0e:37:e2:05:a9:94:59:c8:bd:cd:11:92:ad:92:4a:9f:38:
c5:26:f1:84:80:b3:a4:ad:29:dc:54:c2:c9:4e:e6:cd:94:43:
ea:25:6f:44:0d:15:d0:f6:3d:23:02:26:e9:df:ea:45:b1:e6:
b5:98:e0:54:74:b0:1f:48:e5:74:1e:df:b8:92:20:cd:4b:b6:
13:d7:ba:ff
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
NTU5RTExMC8GA1UEBRMoMDk0MDdGNzBGOTc3MTYwMEY0RkJBQTc1QzBGRTk2OTBE
OEM2NUEzMDAeFw0yMzEyMjcwNTE4NTFaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OGJiM2JiLWZiY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3pN0PZc4RN5DSqvGTCU+J8686+i4rUstHykOClVmaC8zSd6UpRfyp7jE/U12Z
YwvMzWZ+wY0fT3rFypUR3szoQwuHYyYmQnzVHphbmtgganGxRUWj6cpVYLvJvaE1
YUbsdYsq5QCKRUWrrj8VzIy9fvW3ykDyoktQssT4bgQMyP3o9J6BhBO2mjsIBskR
mMzPHWLVGEu22I1O6lL8jenjDOY0RwrHRmZJ0Av5CI8Cbl9ferYIWCikOqFfTEVg
NG9dK6rTtH8xm655hUxBI224fVGw/ybDDc4baJ5L2cD0GPwn1uRHcgCobja4qIe2
RGJaiVrbuhWEuyuUdzXG0e3DAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUNwlRS7vV
5xPxlbk8/TIuwhua1HkwHwYDVR0jBBgwFoAUCUB/cPl3FgD0+6p1wP6WkNjGWjAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI1NTlFLzM1MEFGRUJFQTQ3
MzExRUVCREZCQjc1OUM0RjlBRTAyL0NVQl9jUGwzRmdEMC02cDF3UDZXa05qR1dq
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ1VCX2NQbDNGZ0QwLTZwMXdQNldrTmpHV2pBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NTU5RS8zNTBBRkVCRUE0NzMxMUVFQkRGQkI3NTlDNEY5QUUwMi82QkY0MDJCRUE0
NzcxMUVFODVEMjIyNkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEASQy7jAPBAIAAjAJAwcAIAEN81DAMA0GCSqGSIb3DQEBCwUA
A4IBAQAB8ALve2JW/Z4V2hPl9SPSKOTAPiNo/KFSltoDLR4/Xy6gP69QwuJTN454
9fX5jE2XVmTka7SEaI+SERHqA/EFdndHNZ/GJpiwsxMhs7Ma8opa0XOXXKtTYA59
6R4rhBptasaoXktxQlU7B+M35SSMfex1n89JEet54SuzhD/3Q1HBXCAd4Ja9P2tZ
m7hdpbjtRiuPXSq2sQ7gVJs8441us8KQl/k0TVHTVyu5ve7GBaoufTLjDjfiBamU
Wci9zRGSrZJKnzjFJvGEgLOkrSncVMLJTubNlEPqJW9EDRXQ9j0jAibp3+pFsea1
mOBUdLAfSOV0Ht+4kiDNS7YT17r/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-ams.rpki-client.org