Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/8AD1AD524CC111EE87453D77C4F9AE02.roa
File: 8AD1AD524CC111EE87453D77C4F9AE02.roa (raw, json)
Hash identifier: i2GeqmN+XqNlSMD6sRR6Q3MQVPe9qsz5wWctFm1GJhI=
Subject key identifier: 88:DA:09:1F:A1:91:AD:35:7A:22:1C:40:BF:11:76:1B:4C:EF:6F:28
Certificate issuer: /CN=A91304A9/serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA
Certificate serial: 09E6
Authority key identifier: 58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/8AD1AD524CC111EE87453D77C4F9AE02.roa
Signing time: Wed 06 Sep 2023 14:27:44 +0000
ROA not before: Wed 06 Sep 2023 14:27:44 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 9237
IP address blocks: 116.66.208.0/20 maxlen: 20
116.66.208.0/24 maxlen: 24
116.66.209.0/24 maxlen: 24
116.66.210.0/24 maxlen: 24
116.66.211.0/24 maxlen: 24
116.66.212.0/24 maxlen: 24
116.66.213.0/24 maxlen: 24
116.66.214.0/24 maxlen: 24
116.66.215.0/24 maxlen: 24
116.66.216.0/24 maxlen: 24
116.66.217.0/24 maxlen: 24
116.66.218.0/24 maxlen: 24
116.66.219.0/24 maxlen: 24
116.66.220.0/24 maxlen: 24
116.66.221.0/24 maxlen: 24
116.66.222.0/24 maxlen: 24
116.66.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 09:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2534 (0x9e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91304A9/serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA
Validity
Not Before: Sep 6 14:27:44 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64f88c5f-9f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:44:1f:6d:e8:5c:47:86:dc:63:9e:50:a7:80:
38:2a:6f:2a:0c:58:f0:df:36:86:ff:3c:84:9a:70:
ec:2c:65:8c:ee:c1:9c:83:4d:21:6b:de:e7:94:d3:
c5:12:b3:c3:f4:e1:a3:09:f5:5f:84:de:01:e1:05:
11:0c:52:00:6c:70:5d:2f:c8:b4:90:ad:63:32:0d:
02:2f:48:71:16:67:0b:17:56:e3:0c:62:f9:f8:90:
58:e8:26:a7:86:ee:67:4a:53:4a:7b:c0:37:ae:d6:
d4:91:91:e7:43:ce:8a:33:54:71:04:53:df:0b:82:
be:92:50:70:88:7e:b3:4c:11:35:bb:58:f8:dd:e2:
25:f8:0f:30:d7:b2:1c:6f:15:53:2a:89:57:9e:f5:
22:b4:9e:7d:95:e6:d1:81:6a:f0:40:72:92:b9:1a:
fa:3a:db:0e:c3:86:9e:1c:c9:1f:ff:98:8f:8f:c4:
f9:c3:65:30:1e:a1:c0:3a:88:fe:c0:9d:19:86:04:
ae:a3:0f:62:07:fe:f4:b1:67:1b:a3:ad:b8:d4:19:
07:f5:ff:31:1d:29:dd:73:03:47:5c:c1:8f:27:45:
0d:65:cc:84:af:ad:ae:d6:aa:d1:a0:65:e3:ab:44:
7d:48:99:65:28:fd:60:18:4c:b1:b0:dd:40:36:3f:
d3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:DA:09:1F:A1:91:AD:35:7A:22:1C:40:BF:11:76:1B:4C:EF:6F:28
X509v3 Authority Key Identifier:
keyid:58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/8AD1AD524CC111EE87453D77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.66.208.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:ee:c4:a5:b1:5f:66:d8:5c:95:aa:05:62:93:69:d0:4d:66:
3d:3e:a1:5f:55:ad:5c:3e:4f:04:cd:4e:10:47:66:4c:58:14:
a5:f7:d1:a0:de:0e:7d:3b:54:eb:87:f2:61:02:29:8e:40:27:
48:ff:41:61:37:35:cb:ff:2c:b9:bc:0e:5d:f7:83:46:fe:02:
ca:de:b3:e8:03:e4:59:0e:62:9a:47:75:33:07:28:54:ec:1b:
b4:56:40:06:dd:81:d2:c4:91:48:97:37:c5:85:aa:ef:43:0c:
ae:a8:2f:ab:49:0d:d0:30:99:fb:8b:08:1f:c6:f3:73:a9:39:
2f:f7:83:2d:73:77:15:39:77:84:66:c2:89:0b:09:af:58:28:
e8:00:8c:3b:78:d2:60:86:86:91:2a:a5:47:ca:e9:41:42:e3:
b7:6b:f5:64:49:e3:8f:ad:7e:07:0c:30:cd:2b:98:fe:13:5e:
a6:e0:d6:80:8e:bf:44:83:00:03:c6:76:ec:8b:cc:66:74:74:
51:40:47:e4:9d:16:3f:86:3a:84:82:9e:31:3e:74:af:57:95:
a1:86:1a:e0:87:7b:4d:13:18:7d:48:05:7c:bd:30:f7:70:58:
ce:67:0f:10:fa:4c:50:c9:f7:2c:5b:2b:80:4a:64:4e:c2:20:
2a:18:0a:28
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCeYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzA0QTkxMTAvBgNVBAUTKDU4MDU1M0I4ODNERUMzRERCMjRGNjg4RTZDMkQxQkZB
OTNDMjYzQUEwHhcNMjMwOTA2MTQyNzQ0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY4OGM1Zi05ZjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvkQfbehcR4bcY55Qp4A4Km8qDFjw3zaG/zyEmnDsLGWM7sGcg00ha97nlNPF
ErPD9OGjCfVfhN4B4QURDFIAbHBdL8i0kK1jMg0CL0hxFmcLF1bjDGL5+JBY6Can
hu5nSlNKe8A3rtbUkZHnQ86KM1RxBFPfC4K+klBwiH6zTBE1u1j43eIl+A8w17Ic
bxVTKolXnvUitJ59lebRgWrwQHKSuRr6OtsOw4aeHMkf/5iPj8T5w2UwHqHAOoj+
wJ0ZhgSuow9iB/70sWcbo6241BkH9f8xHSndcwNHXMGPJ0UNZcyEr62u1qrRoGXj
q0R9SJllKP1gGEyxsN1ANj/T3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFIjaCR+h
ka01eiIcQL8RdhtM728oMB8GA1UdIwQYMBaAFFgFU7iD3sPdsk9ojmwtG/qTwmOq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDRBOS9BMzc0QTFCNjQ2
NzExMUVBODFBQkIyNUZDNEY5QUUwMi9XQVZUdUlQZXc5MnlUMmlPYkMwYi1wUENZ
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dBVlR1SVBldzkyeVQyaU9iQzBiLXBQQ1k2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzA0QTkvQTM3NEExQjY0NjcxMTFFQTgxQUJCMjVGQzRGOUFFMDIvOEFEMUFENTI0
Q0MxMTFFRTg3NDUzRDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAR0QtAwDQYJKoZIhvcNAQELBQADggEBAAvuxKWxX2bYXJWq
BWKTadBNZj0+oV9VrVw+TwTNThBHZkxYFKX30aDeDn07VOuH8mECKY5AJ0j/QWE3
Ncv/LLm8Dl33g0b+Asres+gD5FkOYppHdTMHKFTsG7RWQAbdgdLEkUiXN8WFqu9D
DK6oL6tJDdAwmfuLCB/G83OpOS/3gy1zdxU5d4RmwokLCa9YKOgAjDt40mCGhpEq
pUfK6UFC47dr9WRJ44+tfgcMMM0rmP4TXqbg1oCOv0SDAAPGduyLzGZ0dFFAR+Sd
Fj+GOoSCnjE+dK9XlaGGGuCHe00TGH1IBXy9MPdwWM5nDxD6TFDJ9yxbK4BKZE7C
ICoYCig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org