Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/E47E9D5E855811EE91FA9C24C4F9AE02.roa
File: E47E9D5E855811EE91FA9C24C4F9AE02.roa (raw, json)
Hash identifier: qnyjxBLcj7TW9ePNf/YjdDiGdt7KyRAogQk/FTj/0o0=
Subject key identifier: 8E:1A:0C:FA:F3:64:0A:6E:74:3C:E4:A9:72:E1:BB:FD:BC:5D:B7:68
Certificate issuer: /CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Certificate serial: 20C0
Authority key identifier: 53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/E47E9D5E855811EE91FA9C24C4F9AE02.roa
Signing time: Fri 17 Nov 2023 14:52:13 +0000
ROA not before: Fri 17 Nov 2023 14:52:13 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 180.210.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Nov 2023 16:44:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8384 (0x20c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Validity
Not Before: Nov 17 14:52:13 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65577e1d-dbae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:60:ee:72:30:0d:1f:ec:19:3b:71:c3:31:7f:
d9:08:d1:02:73:84:8b:75:c5:48:52:5e:35:e3:25:
f1:ef:96:2e:b8:ab:1a:67:6f:f4:45:7a:e2:99:1f:
3c:cc:f3:6a:23:fc:53:6e:86:d3:3a:a7:64:5a:95:
b2:29:49:cf:a0:c0:a8:6a:69:c2:06:14:d6:30:bf:
97:61:72:c6:00:74:82:93:84:52:c8:96:89:f6:54:
8e:3c:c6:ae:c1:26:ad:97:43:14:77:c5:f2:ac:b6:
89:78:53:1c:fa:85:df:8c:0c:16:46:b6:02:99:8c:
86:30:5f:c2:0d:ba:93:bb:96:b0:b7:2e:24:85:09:
5b:1e:38:6d:16:b4:1a:95:a1:1f:01:dd:5c:71:e3:
a3:b3:d8:b0:5e:65:fb:77:1e:8f:f5:7f:fe:60:cf:
ca:7f:93:4e:be:53:ed:5f:8f:c9:81:58:2c:69:f7:
11:c4:08:43:e4:ae:53:f3:4d:0e:a7:41:8e:ba:61:
9d:1e:05:87:2e:4b:bb:fc:7e:76:c6:1c:d8:cf:05:
da:06:9e:70:08:f6:29:cd:ed:c0:3e:fb:6f:42:36:
d3:5f:4f:2d:f9:64:34:5c:72:85:73:8e:6b:b2:09:
be:57:51:4e:ca:e3:a3:7e:89:e5:da:9d:53:fc:e4:
2c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1A:0C:FA:F3:64:0A:6E:74:3C:E4:A9:72:E1:BB:FD:BC:5D:B7:68
X509v3 Authority Key Identifier:
keyid:53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/U78N14DbA47OFNQEWbq5xo9phTs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/E47E9D5E855811EE91FA9C24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.210.221.0/24
Signature Algorithm: sha256WithRSAEncryption
87:9a:2e:8e:b8:36:13:d6:7d:76:75:0a:f3:42:ae:aa:d2:40:
67:4e:f3:31:df:2d:f5:48:ea:5b:cf:b2:ed:21:c5:0e:d0:c6:
b6:83:d4:7a:bf:1c:ae:11:62:5b:f0:d9:6f:1c:a0:a8:39:ef:
c5:15:97:62:8d:75:54:95:19:e0:18:a2:2b:60:19:b5:75:28:
cc:fa:fe:6b:c8:08:1e:d3:64:a0:c6:1e:7a:a7:55:91:8c:e6:
59:01:88:b7:30:c5:1f:54:54:36:79:e4:57:a1:af:39:66:3e:
2f:8c:51:89:e7:f4:c0:20:be:55:a9:2d:20:1a:b2:90:c1:67:
94:22:58:67:6d:78:fc:6c:00:cf:e8:bf:e8:25:ad:28:48:ec:
40:17:fb:4c:0d:be:41:41:d1:a6:1d:67:50:a4:6c:de:5f:af:
b4:94:f3:81:fa:2a:ad:7e:0e:51:8e:e6:d9:7e:ad:da:0d:4a:
ba:32:e3:99:f5:81:6a:35:c2:93:ff:99:b8:e3:89:83:ad:8a:
3a:6b:f5:1b:cb:1f:83:32:fe:55:fc:d7:9d:1e:ce:bb:ec:c5:
ed:8d:26:54:41:b9:2e:91:2d:a3:1a:fb:f6:98:3c:2b:0d:82:
d5:8e:4e:59:26:6c:5f:88:19:f0:cc:66:cf:f5:4c:7c:f3:00:
56:8c:c7:bf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICIMAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDRDYxMTAvBgNVBAUTKDUzQkYwREQ3ODBEQjAzOEVDRTE0RDQwNDU5QkFCOUM2
OEY2OTg1M0IwHhcNMjMxMTE3MTQ1MjEzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU3N2UxZC1kYmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxGDucjANH+wZO3HDMX/ZCNECc4SLdcVIUl414yXx75YuuKsaZ2/0RXrimR88
zPNqI/xTbobTOqdkWpWyKUnPoMCoamnCBhTWML+XYXLGAHSCk4RSyJaJ9lSOPMau
wSatl0MUd8XyrLaJeFMc+oXfjAwWRrYCmYyGMF/CDbqTu5awty4khQlbHjhtFrQa
laEfAd1cceOjs9iwXmX7dx6P9X/+YM/Kf5NOvlPtX4/JgVgsafcRxAhD5K5T800O
p0GOumGdHgWHLku7/H52xhzYzwXaBp5wCPYpze3APvtvQjbTX08t+WQ0XHKFc45r
sgm+V1FOyuOjfonl2p1T/OQsQwIDAQABo4IClTCCApEwHQYDVR0OBBYEFI4aDPrz
ZApudDzkqXLhu/28XbdoMB8GA1UdIwQYMBaAFFO/DdeA2wOOzhTUBFm6ucaPaYU7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkNENi8xRTlFMUFBQ0Qy
RUExMUU1QUZCMUUyNENDNEY5QUUwMi9VNzhOMTREYkE0N09GTlFFV2JxNXhvOXBo
VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3OE4xNERiQTQ3T0ZOUUVXYnE1eG85cGhUcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDRDYvMUU5RTFBQUNEMkVBMTFFNUFGQjFFMjRDQzRGOUFFMDIvRTQ3RTlENUU4
NTU4MTFFRTkxRkE5QzI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAC00t0wDQYJKoZIhvcNAQELBQADggEBAIeaLo64NhPWfXZ1
CvNCrqrSQGdO8zHfLfVI6lvPsu0hxQ7QxraD1Hq/HK4RYlvw2W8coKg578UVl2KN
dVSVGeAYoitgGbV1KMz6/mvICB7TZKDGHnqnVZGM5lkBiLcwxR9UVDZ55Fehrzlm
Pi+MUYnn9MAgvlWpLSAaspDBZ5QiWGdtePxsAM/ov+glrShI7EAX+0wNvkFB0aYd
Z1CkbN5fr7SU84H6Kq1+DlGO5tl+rdoNSroy45n1gWo1wpP/mbjjiYOtijpr9RvL
H4My/lX8150ezrvsxe2NJlRBuS6RLaMa+/aYPCsNgtWOTlkmbF+IGfDMZs/1THzz
AFaMx78=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org