Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/8C6BFDA27C1F11ED9EEE1D3DC4F9AE02.roa
File: 8C6BFDA27C1F11ED9EEE1D3DC4F9AE02.roa (raw, json)
Hash identifier: rTE1zhsEqiQfpEd6bggiLziMvhRCpQ5WzRoj3RfK4/M=
Subject key identifier: 7C:71:F5:EA:D9:44:8D:51:B2:2E:D7:85:5E:0E:BD:A1:7A:0E:B7:77
Certificate issuer: /CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08
Certificate serial: 020A
Authority key identifier: 85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/8C6BFDA27C1F11ED9EEE1D3DC4F9AE02.roa
Signing time: Tue 25 Apr 2023 05:04:35 +0000
ROA not before: Tue 25 Apr 2023 05:04:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17571
IP address blocks: 209.35.156.0/24 maxlen: 24
209.35.188.0/24 maxlen: 24
209.35.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 04:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 522 (0x20a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08
Validity
Not Before: Apr 25 05:04:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64475f63-2f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8d:b0:a2:1c:ef:2f:26:f6:48:0c:e0:8f:d2:
5d:9f:fb:6e:19:b1:6a:89:0f:c3:c2:f8:31:72:2f:
10:c8:bd:2e:1a:19:2a:be:2b:ab:4b:97:d1:d5:f3:
0a:99:08:2a:3c:8a:e0:2f:ca:96:a4:5c:a4:00:1a:
15:7a:3b:ab:0f:d0:a1:7d:36:a2:4e:6b:7b:26:ac:
db:95:c7:f1:b3:3d:b4:b4:3e:5b:63:fa:10:56:61:
38:48:50:ae:6d:ca:89:54:17:37:96:f2:24:8f:f2:
c5:59:8b:d7:89:17:14:82:df:5d:d3:b1:5f:34:0f:
39:56:5b:b1:be:f3:59:2c:ab:04:09:40:9e:93:88:
62:ef:9c:8b:25:91:d7:df:2c:b6:22:34:d6:1b:5a:
b9:08:66:af:d0:b8:e8:b3:6a:84:0b:b8:44:d5:8d:
54:6b:39:df:ea:ac:b3:24:0b:d2:a5:32:bc:96:6b:
50:3c:fa:ca:68:ce:8f:bd:75:b2:b7:5f:9a:7c:82:
43:33:37:3d:75:fa:fa:43:1c:d1:af:16:6a:ef:40:
83:44:a2:a9:1e:79:c8:23:03:2a:6d:96:2c:bb:1f:
e9:e2:b8:ad:b2:d8:89:57:91:82:f3:85:79:29:38:
3a:b5:80:ed:24:55:b8:03:ad:c3:11:8d:a2:a7:30:
f2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:71:F5:EA:D9:44:8D:51:B2:2E:D7:85:5E:0E:BD:A1:7A:0E:B7:77
X509v3 Authority Key Identifier:
keyid:85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/8C6BFDA27C1F11ED9EEE1D3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
209.35.156.0/24
209.35.188.0/23
Signature Algorithm: sha256WithRSAEncryption
03:b6:b4:a3:88:1d:60:3f:cf:b7:cb:0c:b3:b2:54:dd:a2:e6:
56:88:02:b8:9d:d8:cd:b4:f4:21:a2:eb:56:a1:91:b8:67:68:
a7:51:aa:ea:38:c8:59:bf:d5:bf:45:2c:81:3b:b1:af:ba:ea:
7a:37:4e:71:15:96:31:69:20:39:9c:a8:a9:70:ab:ed:ae:61:
77:b0:2b:5b:15:bd:1f:55:8d:d2:e3:73:b6:ff:c1:74:1c:cf:
f1:05:5b:25:eb:5c:d0:31:9f:38:4b:df:f6:16:ad:07:b3:ca:
30:75:93:c9:58:6c:a8:72:80:e1:f1:0c:86:f9:a0:e6:6e:36:
94:53:6f:cc:34:05:b5:49:71:56:75:01:49:67:a4:c8:47:9e:
b7:10:7d:b6:f9:53:5b:67:60:bf:cd:ee:af:da:4f:74:26:21:
72:80:43:86:82:1c:0e:8c:85:e2:71:b6:19:0f:58:6f:fe:8d:
c2:91:e0:9e:75:2c:58:b4:8b:a4:de:39:a5:fd:85:16:da:dc:
8e:b5:db:31:dd:9c:ba:19:98:2c:ed:6e:22:81:b7:2c:d9:5e:
00:86:21:79:c1:44:0d:25:2e:5c:9a:64:3f:57:53:94:e9:56:
68:65:c7:da:d4:bb:b8:b0:c1:fd:1f:51:07:dd:eb:dc:54:10:
01:69:e6:cb
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQyQzUxMTAvBgNVBAUTKDg1RjJCQUYxQjdERjFEQUE4Qzg4QUI2QzVFNzhDMUZD
QzNGNzhEMDgwHhcNMjMwNDI1MDUwNDM1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQ3NWY2My0yZjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA542wohzvLyb2SAzgj9Jdn/tuGbFqiQ/Dwvgxci8QyL0uGhkqviurS5fR1fMK
mQgqPIrgL8qWpFykABoVejurD9ChfTaiTmt7Jqzblcfxsz20tD5bY/oQVmE4SFCu
bcqJVBc3lvIkj/LFWYvXiRcUgt9d07FfNA85VluxvvNZLKsECUCek4hi75yLJZHX
3yy2IjTWG1q5CGav0Ljos2qEC7hE1Y1Uaznf6qyzJAvSpTK8lmtQPPrKaM6PvXWy
t1+afIJDMzc9dfr6QxzRrxZq70CDRKKpHnnIIwMqbZYsux/p4ritstiJV5GC84V5
KTg6tYDtJFW4A63DEY2ipzDyEwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHxx9erZ
RI1Rsi7XhV4OvaF6Drd3MB8GA1UdIwQYMBaAFIXyuvG33x2qjIirbF54wfzD940I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDJDNS8xRjQwNEUzMEE0
RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhhcU1pS3RzWG5qQl9NUDNq
UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2hmSzY4YmZmSGFxTWlLdHNYbmpCX01QM2pRZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQyQzUvMUY0MDRFMzBBNEU5MTFFQ0FGM0ZCMTUyQzRGOUFFMDIvOEM2QkZEQTI3
QzFGMTFFRDlFRUUxRDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADRI5wDBAHRI7wwDQYJKoZIhvcNAQELBQADggEBAAO2tKOI
HWA/z7fLDLOyVN2i5laIArid2M209CGi61ahkbhnaKdRquo4yFm/1b9FLIE7sa+6
6no3TnEVljFpIDmcqKlwq+2uYXewK1sVvR9VjdLjc7b/wXQcz/EFWyXrXNAxnzhL
3/YWrQezyjB1k8lYbKhygOHxDIb5oOZuNpRTb8w0BbVJcVZ1AUlnpMhHnrcQfbb5
U1tnYL/N7q/aT3QmIXKAQ4aCHA6MheJxthkPWG/+jcKR4J51LFi0i6TeOaX9hRba
3I612zHdnLoZmCztbiKBtyzZXgCGIXnBRA0lLlyaZD9XU5TpVmhlx9rUu7iwwf0f
UQfd69xUEAFp5ss=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org