Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912AED4/BEC9AC82B0BD11E792A2BF30C4F9AE02/173835CCD1BC11EC9D8FBC52C4F9AE02.roa
File: 173835CCD1BC11EC9D8FBC52C4F9AE02.roa (raw, json)
Hash identifier: +DBLU6yUYTO0/CGytjtF5sSbHq6yh2Paz557t+g8X7k=
Subject key identifier: 3B:3A:05:AE:4E:DA:23:CC:21:82:0A:E9:C1:04:53:B1:5F:94:7C:5E
Certificate issuer: /CN=A912AED4/serialNumber=66F0C1DBCDF1ABC34ED11B46A90AE3201802A95C
Certificate serial: 15EB
Authority key identifier: 66:F0:C1:DB:CD:F1:AB:C3:4E:D1:1B:46:A9:0A:E3:20:18:02:A9:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZvDB283xq8NO0RtGqQrjIBgCqVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912AED4/BEC9AC82B0BD11E792A2BF30C4F9AE02/173835CCD1BC11EC9D8FBC52C4F9AE02.roa
Signing time: Fri 26 Aug 2022 05:35:50 +0000
ROA not before: Fri 26 Aug 2022 05:35:50 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 45873
IP address blocks: 180.94.236.0/22 maxlen: 24
2401:e880::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5611 (0x15eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912AED4/serialNumber=66F0C1DBCDF1ABC34ED11B46A90AE3201802A95C
Validity
Not Before: Aug 26 05:35:50 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63085bb6-8ba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b0:4a:45:29:8c:1b:ff:1f:1d:d9:94:59:e3:
30:94:be:e9:0d:5c:d7:4c:f3:7e:5f:b3:1e:02:a5:
da:64:b1:40:3b:14:bd:dc:a7:c4:9d:5a:51:48:58:
80:64:11:cf:4d:ab:94:4e:15:34:41:78:28:e7:38:
e5:92:c9:24:50:2a:94:59:92:bc:5e:09:4f:5b:7a:
d1:66:22:63:77:52:eb:fc:4d:57:a4:43:d4:7a:18:
89:95:4b:57:0c:a9:9f:63:de:ed:8a:57:30:f9:89:
82:9e:e2:80:c7:5d:0b:56:2b:84:74:49:81:3a:63:
9e:9b:98:1a:e2:d1:9c:b2:aa:42:2b:66:6a:d7:22:
a1:b9:f4:bb:e9:13:0d:05:82:6d:f4:d1:58:4e:af:
a3:2f:13:63:1f:1a:a8:b6:89:19:ce:c9:e8:45:11:
9f:66:e9:99:03:ce:fb:97:d8:e0:50:f0:c5:74:74:
64:84:b7:30:a7:c7:0d:27:ad:4b:4f:1f:1e:d7:64:
8d:5a:3b:f1:43:e4:16:e5:9b:bf:c8:09:cb:8a:70:
68:ec:b4:ca:6d:8c:40:69:69:d1:cf:d2:de:5b:55:
8c:1b:89:56:1d:f1:04:71:35:ec:38:f9:22:a3:1c:
65:14:65:e5:be:43:f7:d3:e4:f3:7b:b4:df:01:68:
79:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3A:05:AE:4E:DA:23:CC:21:82:0A:E9:C1:04:53:B1:5F:94:7C:5E
X509v3 Authority Key Identifier:
keyid:66:F0:C1:DB:CD:F1:AB:C3:4E:D1:1B:46:A9:0A:E3:20:18:02:A9:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912AED4/BEC9AC82B0BD11E792A2BF30C4F9AE02/ZvDB283xq8NO0RtGqQrjIBgCqVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZvDB283xq8NO0RtGqQrjIBgCqVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912AED4/BEC9AC82B0BD11E792A2BF30C4F9AE02/173835CCD1BC11EC9D8FBC52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.94.236.0/22
IPv6:
2401:e880::/32
Signature Algorithm: sha256WithRSAEncryption
79:85:ad:97:1b:03:8c:03:5f:bc:f4:03:68:1e:fc:95:e8:12:
07:55:7e:29:1b:30:98:f8:f5:e8:26:e4:1c:ce:69:c3:32:46:
a6:1f:03:2d:81:38:c8:6a:c9:b9:48:5b:01:70:ac:79:f3:81:
ca:6d:3a:7d:18:22:8c:c8:af:6f:82:2c:ae:91:82:89:4a:cf:
39:f2:13:77:74:3f:ab:83:91:73:61:dc:2e:c1:e7:a0:61:84:
63:e4:e9:75:ca:d6:54:68:31:4c:7d:b1:dd:bf:73:8e:6c:45:
f2:3f:e9:9e:ef:d4:35:1e:ff:91:94:59:15:75:23:08:cb:8f:
2c:da:81:b1:e3:a1:8c:9a:ba:27:72:d1:cd:8b:16:02:58:42:
1a:0f:e5:cc:6f:f3:81:f3:df:5a:60:a5:0f:b9:0f:a3:ea:ef:
81:c4:7e:6f:65:f2:91:fa:6c:3e:26:cd:8f:04:ee:82:3b:d1:
b5:9e:29:f8:a4:c3:00:71:4b:b2:95:8a:03:53:02:d0:9f:f9:
90:04:e6:85:e6:e7:68:94:3c:d4:f7:5f:e1:5a:56:4d:e5:e7:
f4:2e:8f:09:0d:39:ed:be:b1:be:06:83:72:be:da:13:62:9e:
aa:7c:3e:5d:47:a1:7f:b6:d3:19:c0:96:aa:95:55:9f:95:16:
cd:3f:b9:46
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICFeswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkFFRDQxMTAvBgNVBAUTKDY2RjBDMURCQ0RGMUFCQzM0RUQxMUI0NkE5MEFFMzIw
MTgwMkE5NUMwHhcNMjIwODI2MDUzNTUwWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA4NWJiNi04YmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxbBKRSmMG/8fHdmUWeMwlL7pDVzXTPN+X7MeAqXaZLFAOxS93KfEnVpRSFiA
ZBHPTauUThU0QXgo5zjlkskkUCqUWZK8XglPW3rRZiJjd1Lr/E1XpEPUehiJlUtX
DKmfY97tilcw+YmCnuKAx10LViuEdEmBOmOem5ga4tGcsqpCK2Zq1yKhufS76RMN
BYJt9NFYTq+jLxNjHxqotokZzsnoRRGfZumZA877l9jgUPDFdHRkhLcwp8cNJ61L
Tx8e12SNWjvxQ+QW5Zu/yAnLinBo7LTKbYxAaWnRz9LeW1WMG4lWHfEEcTXsOPki
oxxlFGXlvkP30+Tze7TfAWh5wwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDs6Ba5O
2iPMIYIK6cEEU7FflHxeMB8GA1UdIwQYMBaAFGbwwdvN8avDTtEbRqkK4yAYAqlc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQUVENC9CRUM5QUM4MkIw
QkQxMUU3OTJBMkJGMzBDNEY5QUUwMi9adkRCMjgzeHE4Tk8wUnRHcVFyaklCZ0Nx
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1p2REIyODN4cThOTzBSdEdxUXJqSUJnQ3FWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkFFRDQvQkVDOUFDODJCMEJEMTFFNzkyQTJCRjMwQzRGOUFFMDIvMTczODM1Q0NE
MUJDMTFFQzlEOEZCQzUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAK0XuwwDQQCAAIwBwMFACQB6IAwDQYJKoZIhvcNAQELBQAD
ggEBAHmFrZcbA4wDX7z0A2ge/JXoEgdVfikbMJj49egm5BzOacMyRqYfAy2BOMhq
yblIWwFwrHnzgcptOn0YIozIr2+CLK6RgolKzznyE3d0P6uDkXNh3C7B56BhhGPk
6XXK1lRoMUx9sd2/c45sRfI/6Z7v1DUe/5GUWRV1IwjLjyzagbHjoYyauidy0c2L
FgJYQhoP5cxv84Hz31pgpQ+5D6Pq74HEfm9l8pH6bD4mzY8E7oI70bWeKfikwwBx
S7KVigNTAtCf+ZAE5oXm52iUPNT3X+FaVk3l5/QujwkNOe2+sb4Gg3K+2hNinqp8
Pl1HoX+20xnAlqqVVZ+VFs0/uUY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:35 2023 by rpki-client on console-ams.rpki-client.org