Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/3B02C1BC587D11EF9A6C1510C4F9AE02.roa
File: 3B02C1BC587D11EF9A6C1510C4F9AE02.roa (raw, json)
Hash identifier: gtnl2K9fLKVwJpy4RpaW+RUNpOaZ3Aneptjk+PdP5TI=
Subject key identifier: 86:30:EB:AD:92:87:28:21:5C:DA:D4:7B:0A:A6:89:C6:49:E6:7B:71
Certificate issuer: /CN=A912F1D5/serialNumber=FBBA4A9609B4174E6CB47B95834E2A9C3D968663
Certificate serial: 0B9E
Authority key identifier: FB:BA:4A:96:09:B4:17:4E:6C:B4:7B:95:83:4E:2A:9C:3D:96:86:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7pKlgm0F05stHuVg04qnD2WhmM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/3B02C1BC587D11EF9A6C1510C4F9AE02.roa
Signing time: Mon 12 Aug 2024 07:33:56 +0000
ROA not before: Mon 12 Aug 2024 07:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36026
IP address blocks: 116.193.217.0/24 maxlen: 24
116.193.218.0/24 maxlen: 24
116.193.219.0/24 maxlen: 24
116.193.220.0/24 maxlen: 24
116.193.221.0/24 maxlen: 24
116.193.222.0/24 maxlen: 24
116.193.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 07:35:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2974 (0xb9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912F1D5/serialNumber=FBBA4A9609B4174E6CB47B95834E2A9C3D968663
Validity
Not Before: Aug 12 07:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66b9bae3-1b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:36:2b:72:a8:e7:ec:f0:c7:87:52:c8:38:46:
3f:a1:79:89:9b:61:8d:98:f5:95:7e:16:5a:88:0e:
da:2f:c2:7d:b0:a2:34:3f:f0:b4:5c:6b:96:34:ef:
28:bd:61:c0:ce:06:48:58:7b:26:83:77:27:2f:ec:
50:a8:26:44:eb:2c:b0:f6:2d:c2:21:37:08:30:b0:
a5:2f:ec:70:7a:30:90:e5:8c:56:3f:7a:bc:81:cb:
6f:d1:bf:f3:0e:fd:7d:2a:26:30:49:91:6a:ee:4e:
35:72:e3:4a:9a:d3:e2:3d:ee:11:e0:60:79:d1:8b:
eb:ea:5f:1a:ec:d0:82:43:be:9a:7e:9b:ed:01:d6:
47:8d:ca:e4:20:b1:ed:7f:67:1b:c3:56:88:7f:82:
34:79:fa:f9:18:75:05:9b:40:e9:c6:38:08:f0:89:
60:49:74:f1:1f:0b:0c:cc:3f:1d:b0:77:cb:8e:ca:
d3:d5:e9:29:83:c7:a8:28:5e:e5:40:f2:eb:38:e2:
42:27:5e:8c:91:7c:63:f8:bb:fb:2c:5a:2f:29:e4:
56:8f:23:a4:91:d8:2f:39:95:67:15:dd:4c:c8:01:
99:0d:ef:21:6e:df:a0:bd:c6:b9:02:31:53:7b:9e:
e7:08:07:49:c3:d4:72:86:d5:39:60:f0:0c:29:b9:
43:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:30:EB:AD:92:87:28:21:5C:DA:D4:7B:0A:A6:89:C6:49:E6:7B:71
X509v3 Authority Key Identifier:
keyid:FB:BA:4A:96:09:B4:17:4E:6C:B4:7B:95:83:4E:2A:9C:3D:96:86:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/-7pKlgm0F05stHuVg04qnD2WhmM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7pKlgm0F05stHuVg04qnD2WhmM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/3B02C1BC587D11EF9A6C1510C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.193.217.0-116.193.223.255
Signature Algorithm: sha256WithRSAEncryption
88:2b:70:94:27:46:03:74:b5:d7:40:9d:01:dc:15:31:e7:70:
6f:49:ed:d3:96:7b:72:c4:d9:7d:37:27:93:3b:2e:74:59:ab:
95:0e:99:a2:d4:14:44:16:0d:1b:c1:b1:5b:f2:a0:01:91:14:
8b:c3:55:2b:16:a9:ed:6a:b5:f0:97:53:9d:c0:9c:46:e5:50:
0f:a7:a1:73:82:c6:ad:9b:de:40:b3:aa:ee:f2:32:a4:c6:8a:
3c:90:f0:ea:36:e7:d4:ba:d9:81:4c:bf:61:87:5b:a8:b5:11:
b4:bc:a0:c4:97:e4:9c:4b:00:85:cd:4c:4c:36:9b:23:14:54:
63:ee:8e:15:4d:c4:01:4e:94:72:c7:5c:11:ad:12:f5:aa:51:
1e:56:04:b4:72:49:de:01:2a:d3:f4:57:86:78:27:59:9a:6d:
dc:82:45:a3:ef:d8:50:3c:7b:d7:4d:62:46:a8:74:06:93:53:
10:6c:b3:f7:f9:be:d0:23:c7:3f:3e:4e:66:fe:41:6c:44:0d:
65:8b:ef:33:4f:dd:f5:02:a3:dd:39:47:68:f0:e6:43:d3:d3:
31:c1:78:9f:bf:72:55:0d:ad:f2:62:fc:ca:a1:88:71:58:c2:
78:52:4d:60:24:b4:9b:0e:14:96:c4:68:a8:1d:e3:82:6c:24:
11:db:87:64
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICC54wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkYxRDUxMTAvBgNVBAUTKEZCQkE0QTk2MDlCNDE3NEU2Q0I0N0I5NTgzNEUyQTlD
M0Q5Njg2NjMwHhcNMjQwODEyMDczMzU2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI5YmFlMy0xYjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0DYrcqjn7PDHh1LIOEY/oXmJm2GNmPWVfhZaiA7aL8J9sKI0P/C0XGuWNO8o
vWHAzgZIWHsmg3cnL+xQqCZE6yyw9i3CITcIMLClL+xwejCQ5YxWP3q8gctv0b/z
Dv19KiYwSZFq7k41cuNKmtPiPe4R4GB50Yvr6l8a7NCCQ76afpvtAdZHjcrkILHt
f2cbw1aIf4I0efr5GHUFm0DpxjgI8IlgSXTxHwsMzD8dsHfLjsrT1ekpg8eoKF7l
QPLrOOJCJ16MkXxj+Lv7LFovKeRWjyOkkdgvOZVnFd1MyAGZDe8hbt+gvca5AjFT
e57nCAdJw9RyhtU5YPAMKblDcwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFIYw662S
hyghXNrUewqmicZJ5ntxMB8GA1UdIwQYMBaAFPu6SpYJtBdObLR7lYNOKpw9loZj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjFENS9FRTAxODA3ODBG
NjIxMUVBQTcwNkFGM0RDNEY5QUUwMi8tN3BLbGdtMEYwNXN0SHVWZzA0cW5EMldo
bU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy03cEtsZ20wRjA1c3RIdVZnMDRxbkQyV2htTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkYxRDUvRUUwMTgwNzgwRjYyMTFFQUE3MDZBRjNEQzRGOUFFMDIvM0IwMkMxQkM1
ODdEMTFFRjlBNkMxNTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAHTB2QMEBXTBwDANBgkqhkiG9w0BAQsFAAOCAQEAiCtw
lCdGA3S110CdAdwVMedwb0nt05Z7csTZfTcnkzsudFmrlQ6ZotQURBYNG8GxW/Kg
AZEUi8NVKxap7Wq18JdTncCcRuVQD6ehc4LGrZveQLOq7vIypMaKPJDw6jbn1LrZ
gUy/YYdbqLURtLygxJfknEsAhc1MTDabIxRUY+6OFU3EAU6UcsdcEa0S9apRHlYE
tHJJ3gEq0/RXhngnWZpt3IJFo+/YUDx7101iRqh0BpNTEGyz9/m+0CPHPz5OZv5B
bEQNZYvvM0/d9QKj3TlHaPDmQ9PTMcF4n79yVQ2t8mL8yqGIcVjCeFJNYCS0mw4U
lsRoqB3jgmwkEduHZA==
-----END CERTIFICATE-----
Generated at Mon Aug 12 12:10:13 2024 by rpki-client on console-ams.rpki-client.org