Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912CEBD/CCD8142899C111EE9A1FDE1FC4F9AE02/72A7CD68653111EF91768914C4F9AE02.roa
File: 72A7CD68653111EF91768914C4F9AE02.roa (raw, json)
Hash identifier: l/f2ta8ciefa/FjnECY5vPoN2PYkRQHVjeH7qBpSmm0=
Subject key identifier: F8:10:5E:41:34:F4:7F:0B:9C:F6:E1:56:76:C7:46:66:63:A4:16:6E
Certificate issuer: /CN=A912CEBD/serialNumber=BE91F21C7A0BC06437F3DB5B214208C8774EEBCD
Certificate serial: 87
Authority key identifier: BE:91:F2:1C:7A:0B:C0:64:37:F3:DB:5B:21:42:08:C8:77:4E:EB:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vpHyHHoLwGQ389tbIUIIyHdO680.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912CEBD/CCD8142899C111EE9A1FDE1FC4F9AE02/72A7CD68653111EF91768914C4F9AE02.roa
Signing time: Wed 28 Aug 2024 11:34:12 +0000
ROA not before: Wed 28 Aug 2024 11:34:12 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 56264
IP address blocks: 36.50.102.0/24 maxlen: 24
36.50.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 00:18:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135 (0x87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912CEBD/serialNumber=BE91F21C7A0BC06437F3DB5B214208C8774EEBCD
Validity
Not Before: Aug 28 11:34:12 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66cf0b34-2d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:29:a5:99:df:d3:87:25:29:86:3f:24:41:97:
63:f3:0c:37:aa:09:51:ed:89:bd:b3:a1:39:79:a0:
59:60:1a:6e:1a:3d:ff:20:a0:a3:93:af:41:3e:54:
07:1d:3e:72:9f:96:22:58:9f:45:5d:91:6c:9e:59:
5a:ce:fc:d5:17:5a:09:ae:57:ef:25:b7:0e:65:bf:
72:04:ad:dc:48:1c:c6:69:c0:56:2a:ad:f4:77:ab:
33:9b:01:1d:a3:75:22:58:52:3e:3f:87:1e:53:b3:
9a:6d:87:81:42:23:bc:31:1c:07:0e:72:25:87:36:
21:18:a4:81:b7:bd:0e:88:b1:00:16:e2:5d:39:81:
fe:41:29:72:35:1c:77:23:a7:49:1e:82:33:17:db:
ad:61:5b:6d:fa:ce:56:fb:20:a0:5b:eb:c4:fd:0b:
16:e6:d5:55:17:80:98:31:61:fa:9f:56:0a:01:92:
5e:c8:cc:bc:46:18:01:68:b5:0b:79:bc:ab:56:b9:
f5:c0:78:09:46:18:f8:bd:ba:eb:a8:d3:11:dd:4a:
3c:f3:8f:95:81:e0:e3:9e:9e:73:53:d1:04:8a:fd:
1e:0f:92:ec:0e:0c:a9:3b:8e:e7:1e:70:6f:50:a1:
d5:e8:97:5a:82:50:e5:90:14:20:c0:32:bb:1d:9b:
fb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:10:5E:41:34:F4:7F:0B:9C:F6:E1:56:76:C7:46:66:63:A4:16:6E
X509v3 Authority Key Identifier:
keyid:BE:91:F2:1C:7A:0B:C0:64:37:F3:DB:5B:21:42:08:C8:77:4E:EB:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912CEBD/CCD8142899C111EE9A1FDE1FC4F9AE02/vpHyHHoLwGQ389tbIUIIyHdO680.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vpHyHHoLwGQ389tbIUIIyHdO680.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CEBD/CCD8142899C111EE9A1FDE1FC4F9AE02/72A7CD68653111EF91768914C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.102.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:d3:d8:29:4c:87:c5:31:2e:ad:84:b2:c1:53:0f:18:bf:82:
cf:92:14:86:dc:4d:ef:96:6e:67:10:39:ac:3a:28:31:18:ad:
b3:68:ef:04:2c:3f:40:25:31:c1:26:8e:13:cf:68:4b:13:60:
3a:30:2a:42:91:ca:81:f3:ed:35:0e:2b:bc:b4:3f:69:61:a3:
d7:3c:1e:f2:e1:c0:34:c4:4c:61:be:20:3b:5a:37:54:fc:b7:
fc:12:2e:03:a4:11:8b:00:2a:56:ff:63:a5:e0:1d:20:a5:e4:
f5:db:3e:8e:f1:47:af:57:47:a9:6e:1b:44:bc:c8:23:b6:28:
27:16:6e:c6:7b:2c:a9:02:03:3d:1a:39:0b:18:09:9b:a5:1c:
93:1f:84:09:26:0f:0c:d5:dd:a8:87:6c:d5:a6:ab:1f:5e:f9:
b8:1f:61:5f:99:3f:6c:da:45:b4:62:c2:2f:2f:86:73:f0:86:
2c:20:4c:25:11:cb:56:07:5a:01:4d:6a:ee:c5:03:e6:e5:8e:
6d:23:97:a7:9f:c1:76:52:e9:9d:bb:63:3b:72:84:de:33:2b:
b3:33:fe:d7:82:01:2c:62:52:d1:af:5b:5d:a8:b2:0a:9c:9d:
e0:ea:7d:18:d6:1a:dc:d8:3c:57:a0:57:de:cd:16:72:f4:5f:
d0:7c:3c:1c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkNFQkQxMTAvBgNVBAUTKEJFOTFGMjFDN0EwQkMwNjQzN0YzREI1QjIxNDIwOEM4
Nzc0RUVCQ0QwHhcNMjQwODI4MTEzNDEyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNmMGIzNC0yZDgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArCmlmd/ThyUphj8kQZdj8ww3qglR7Ym9s6E5eaBZYBpuGj3/IKCjk69BPlQH
HT5yn5YiWJ9FXZFsnllazvzVF1oJrlfvJbcOZb9yBK3cSBzGacBWKq30d6szmwEd
o3UiWFI+P4ceU7OabYeBQiO8MRwHDnIlhzYhGKSBt70OiLEAFuJdOYH+QSlyNRx3
I6dJHoIzF9utYVtt+s5W+yCgW+vE/QsW5tVVF4CYMWH6n1YKAZJeyMy8RhgBaLUL
ebyrVrn1wHgJRhj4vbrrqNMR3Uo884+VgeDjnp5zU9EEiv0eD5LsDgypO47nHnBv
UKHV6JdaglDlkBQgwDK7HZv7EQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPgQXkE0
9H8LnPbhVnbHRmZjpBZuMB8GA1UdIwQYMBaAFL6R8hx6C8BkN/PbWyFCCMh3TuvN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0VCRC9DQ0Q4MTQyODk5
QzExMUVFOUExRkRFMUZDNEY5QUUwMi92cEh5SEhvTHdHUTM4OXRiSVVJSXlIZE82
ODAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZwSHlISG9Md0dRMzg5dGJJVUlJeUhkTzY4MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkNFQkQvQ0NEODE0Mjg5OUMxMTFFRTlBMUZERTFGQzRGOUFFMDIvNzJBN0NENjg2
NTMxMTFFRjkxNzY4OTE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEkMmYwDQYJKoZIhvcNAQELBQADggEBAKnT2ClMh8UxLq2E
ssFTDxi/gs+SFIbcTe+WbmcQOaw6KDEYrbNo7wQsP0AlMcEmjhPPaEsTYDowKkKR
yoHz7TUOK7y0P2lho9c8HvLhwDTETGG+IDtaN1T8t/wSLgOkEYsAKlb/Y6XgHSCl
5PXbPo7xR69XR6luG0S8yCO2KCcWbsZ7LKkCAz0aOQsYCZulHJMfhAkmDwzV3aiH
bNWmqx9e+bgfYV+ZP2zaRbRiwi8vhnPwhiwgTCURy1YHWgFNau7FA+bljm0jl6ef
wXZS6Z27YztyhN4zK7Mz/teCASxiUtGvW12osgqcneDqfRjWGtzYPFegV97NFnL0
X9B8PBw=
-----END CERTIFICATE-----
Generated at Mon Sep 2 02:58:31 2024 by rpki-client on console-ams.rpki-client.org