Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/272679E28BB211EE824C4144C4F9AE02.roa
File: 272679E28BB211EE824C4144C4F9AE02.roa (raw, json)
Hash identifier: +i9JWnv7VNlEEL9i4bpG2zHqF75hzmtvokpDGC+RVEU=
Subject key identifier: 2F:79:3E:A2:9A:59:6D:12:81:8F:00:F2:3F:C2:B5:C7:21:03:8B:2C
Certificate issuer: /CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Certificate serial: 20C9
Authority key identifier: 53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/272679E28BB211EE824C4144C4F9AE02.roa
Signing time: Sat 25 Nov 2023 16:46:17 +0000
ROA not before: Sat 25 Nov 2023 16:46:17 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 180.210.220.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 25 Nov 2023 19:14:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8393 (0x20c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Validity
Not Before: Nov 25 16:46:17 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=656224d9-1483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ea:30:6e:5e:22:88:79:2f:90:15:1a:96:7e:
08:ad:3a:12:18:e7:6d:02:c6:cb:4a:70:ef:a5:d7:
a9:62:1b:e8:f3:dd:0a:12:10:08:5c:f8:93:67:30:
35:c9:e0:59:c2:ea:45:63:58:76:bb:51:cb:5b:f9:
2e:a7:49:d2:5c:55:40:5b:e1:1e:3e:52:15:b3:55:
95:fd:54:d4:d1:10:77:a2:2a:2d:3e:00:7f:c6:03:
0d:2f:43:31:14:73:11:52:89:79:b8:08:6a:31:59:
a2:b1:ca:ae:99:5b:33:c0:e6:ef:c5:4c:02:4f:6d:
76:31:c3:f8:f1:76:41:20:c8:8c:85:b9:3c:0e:ad:
8f:dd:b9:d2:3d:74:4c:78:8d:84:0a:f2:ad:64:28:
69:8f:dc:8d:ff:da:71:f8:e8:c7:dd:b6:6a:1c:a6:
dd:4b:1c:e7:7b:d3:54:cd:48:9f:ca:93:e2:20:3a:
9d:8a:af:f1:7c:cb:63:59:1e:bb:68:24:77:2d:e7:
d2:85:79:6b:65:af:da:e7:33:67:0f:e9:96:e4:5d:
e6:89:2a:ba:04:c9:99:c6:d1:fd:f4:9d:fb:be:ee:
38:e6:6d:b3:77:4b:4d:9f:bc:f8:f3:23:7f:59:dd:
40:0b:a5:8d:64:2f:0f:6b:51:13:12:29:0c:88:75:
ab:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:79:3E:A2:9A:59:6D:12:81:8F:00:F2:3F:C2:B5:C7:21:03:8B:2C
X509v3 Authority Key Identifier:
keyid:53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/U78N14DbA47OFNQEWbq5xo9phTs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/272679E28BB211EE824C4144C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.210.220.0/23
Signature Algorithm: sha256WithRSAEncryption
45:fb:24:42:5d:a0:dd:a9:c8:48:d5:86:88:e5:fc:f9:e1:3d:
c2:95:5f:13:82:4d:7d:1f:cf:eb:c2:5e:6e:80:81:0d:66:8b:
fb:bb:d9:3e:bf:29:50:24:e9:46:b6:6b:75:1d:33:07:0a:8d:
fc:e9:36:71:57:89:96:26:7a:48:47:ae:a2:88:49:2b:10:4f:
d1:14:35:6a:a5:af:02:69:60:94:28:85:0f:61:f0:be:42:fd:
4f:82:f6:88:0f:27:ec:95:c9:da:c0:d6:35:35:9e:6e:51:1a:
bb:f7:03:a3:df:57:5c:0f:8b:49:db:ca:cc:d0:c4:dd:1e:3a:
a8:c4:4f:92:80:f7:38:ce:bc:32:8f:a5:32:c7:3d:37:f3:87:
51:1a:f0:85:42:78:8a:be:de:1e:ec:dd:f5:83:46:96:02:5c:
ba:70:b0:db:fd:a0:13:3e:73:08:f6:7a:74:82:15:ef:fb:bd:
fe:f4:c2:fe:58:3d:d1:a3:5f:64:49:e2:67:9d:22:cd:ef:2a:
dc:55:75:33:88:c4:31:0c:c5:12:5c:02:7b:35:61:23:30:c7:
9e:0a:8a:cc:e0:62:b8:ea:74:8e:cd:cf:2f:eb:8f:6f:37:73:
c9:90:64:6e:78:d1:56:c8:ac:81:75:30:f7:ec:d5:b9:68:30:
4a:5a:08:cc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICIMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDRDYxMTAvBgNVBAUTKDUzQkYwREQ3ODBEQjAzOEVDRTE0RDQwNDU5QkFCOUM2
OEY2OTg1M0IwHhcNMjMxMTI1MTY0NjE3WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTYyMjRkOS0xNDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx+owbl4iiHkvkBUaln4IrToSGOdtAsbLSnDvpdepYhvo890KEhAIXPiTZzA1
yeBZwupFY1h2u1HLW/kup0nSXFVAW+EePlIVs1WV/VTU0RB3oiotPgB/xgMNL0Mx
FHMRUol5uAhqMVmiscqumVszwObvxUwCT212McP48XZBIMiMhbk8Dq2P3bnSPXRM
eI2ECvKtZChpj9yN/9px+OjH3bZqHKbdSxzne9NUzUifypPiIDqdiq/xfMtjWR67
aCR3LefShXlrZa/a5zNnD+mW5F3miSq6BMmZxtH99J37vu445m2zd0tNn7z48yN/
Wd1AC6WNZC8Pa1ETEikMiHWreQIDAQABo4IClTCCApEwHQYDVR0OBBYEFC95PqKa
WW0SgY8A8j/CtcchA4ssMB8GA1UdIwQYMBaAFFO/DdeA2wOOzhTUBFm6ucaPaYU7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkNENi8xRTlFMUFBQ0Qy
RUExMUU1QUZCMUUyNENDNEY5QUUwMi9VNzhOMTREYkE0N09GTlFFV2JxNXhvOXBo
VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3OE4xNERiQTQ3T0ZOUUVXYnE1eG85cGhUcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDRDYvMUU5RTFBQUNEMkVBMTFFNUFGQjFFMjRDQzRGOUFFMDIvMjcyNjc5RTI4
QkIyMTFFRTgyNEM0MTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAG00twwDQYJKoZIhvcNAQELBQADggEBAEX7JEJdoN2pyEjV
hojl/PnhPcKVXxOCTX0fz+vCXm6AgQ1mi/u72T6/KVAk6Ua2a3UdMwcKjfzpNnFX
iZYmekhHrqKISSsQT9EUNWqlrwJpYJQohQ9h8L5C/U+C9ogPJ+yVydrA1jU1nm5R
Grv3A6PfV1wPi0nbyszQxN0eOqjET5KA9zjOvDKPpTLHPTfzh1Ea8IVCeIq+3h7s
3fWDRpYCXLpwsNv9oBM+cwj2enSCFe/7vf70wv5YPdGjX2RJ4medIs3vKtxVdTOI
xDEMxRJcAns1YSMwx54KiszgYrjqdI7Nzy/rj283c8mQZG540VbIrIF1MPfs1blo
MEpaCMw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org