Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/6B8B9D0E36FF11E49904AC66C4F9AE02/5D0875D279D611EC98B60F5DC4F9AE02.roa
File: 5D0875D279D611EC98B60F5DC4F9AE02.roa (raw, json)
Hash identifier: QaROMOhbKJnc6xwn5xsQW8FDlPeaXmwlBQdUIi2sPZM=
Subject key identifier: 45:02:23:E1:BA:57:3F:29:2E:67:5B:72:AF:F0:74:B7:CD:D1:33:E1
Certificate issuer: /CN=A9137ABC/serialNumber=E87DC6C5C710439057D8ABED90C26D0C9C872B34
Certificate serial: 288B
Authority key identifier: E8:7D:C6:C5:C7:10:43:90:57:D8:AB:ED:90:C2:6D:0C:9C:87:2B:34
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6H3GxccQQ5BX2KvtkMJtDJyHKzQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/6B8B9D0E36FF11E49904AC66C4F9AE02/5D0875D279D611EC98B60F5DC4F9AE02.roa
Signing time: Sat 08 Jul 2023 14:30:09 +0000
ROA not before: Sat 08 Jul 2023 14:30:09 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 17552
IP address blocks: 134.196.0.0/18 maxlen: 24
134.196.64.0/18 maxlen: 24
134.196.128.0/18 maxlen: 24
134.196.192.0/18 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jul 2023 05:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10379 (0x288b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC/serialNumber=E87DC6C5C710439057D8ABED90C26D0C9C872B34
Validity
Not Before: Jul 8 14:30:09 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64a972f1-2584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fb:ab:2c:bf:2a:96:ef:e2:03:f1:9e:05:2f:
c4:31:45:ee:50:a2:8f:99:7a:5b:f5:e1:2d:b2:97:
9a:1f:f8:cf:b4:8d:bb:a5:7c:56:1e:69:05:d4:81:
29:9e:8e:21:1a:b8:be:91:7e:f3:38:a3:d0:92:50:
d4:f7:10:e7:4f:e5:60:27:e9:14:5a:fa:cf:72:e0:
d4:5f:40:1b:f3:ca:48:8b:42:e7:f2:9b:f1:0c:e3:
cc:9c:4c:4d:da:08:99:78:35:f8:44:73:8d:c0:9d:
17:7d:d2:d5:5a:45:2f:9c:47:e5:9e:9a:c3:d6:1b:
1a:37:c4:6c:04:1e:6e:c6:91:91:71:17:b9:66:e1:
30:d1:79:a3:16:4d:df:fb:03:89:63:18:88:ac:5c:
af:6d:2c:e1:16:61:c2:10:44:24:a2:20:d5:3c:dc:
9e:78:5e:fa:fe:9c:95:75:5e:02:41:78:04:c4:ca:
a4:22:13:18:b5:74:71:a2:66:18:08:56:92:78:ba:
47:d3:0d:f4:59:4c:f7:da:06:ee:fe:ad:ae:c3:45:
ab:fe:b6:57:0d:68:e0:0e:45:c0:37:03:13:c4:bc:
e4:c5:0f:bd:4b:6c:dd:67:18:b6:6b:a9:72:d4:1c:
08:cc:0b:63:cb:eb:fd:90:71:b2:4d:e0:e3:a1:0e:
9c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:02:23:E1:BA:57:3F:29:2E:67:5B:72:AF:F0:74:B7:CD:D1:33:E1
X509v3 Authority Key Identifier:
keyid:E8:7D:C6:C5:C7:10:43:90:57:D8:AB:ED:90:C2:6D:0C:9C:87:2B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/6B8B9D0E36FF11E49904AC66C4F9AE02/6H3GxccQQ5BX2KvtkMJtDJyHKzQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6H3GxccQQ5BX2KvtkMJtDJyHKzQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/6B8B9D0E36FF11E49904AC66C4F9AE02/5D0875D279D611EC98B60F5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
134.196.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:84:3a:ad:66:05:6e:8c:a7:4e:bb:e3:31:5a:ee:27:7a:cc:
78:a8:10:e8:85:84:22:58:9d:3d:b9:5d:7a:d2:72:af:73:37:
5e:e2:be:64:9b:48:3f:50:0e:3e:99:a3:ab:11:0b:c1:72:f8:
6f:cc:75:b5:ba:41:dc:8b:cb:02:ce:55:68:ed:35:ab:84:65:
e2:13:19:2f:bf:25:03:09:7c:44:3a:bb:73:e5:a3:f9:12:ae:
ec:0b:1b:8c:e8:06:81:e6:6d:fe:7b:90:93:c0:2f:bf:6a:34:
bd:00:6f:44:83:9d:b8:93:94:67:56:29:17:21:c5:3c:4b:ba:
13:dd:30:5a:1d:51:42:12:d0:0b:40:0d:dd:f1:c8:ab:97:13:
db:94:1a:7e:59:a7:fc:73:0d:73:68:ec:46:bb:20:df:4a:9a:
1e:d9:96:12:4b:a2:72:d3:1f:7d:a4:10:ce:42:90:1a:88:02:
29:86:65:62:5d:ce:04:e7:db:53:80:0c:94:5f:6b:c8:fd:10:
4a:55:0f:0e:cd:e2:8e:62:67:d7:91:8e:7a:b0:d9:6f:02:5a:
6d:12:d2:d4:b7:ae:ef:8e:1c:bb:e7:e8:47:7c:b3:5a:5c:f3:
6b:77:b3:14:aa:50:a5:74:a4:b0:fe:d3:03:64:24:ac:2a:7e:
d9:9a:1f:aa
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICKIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKEU4N0RDNkM1QzcxMDQzOTA1N0Q4QUJFRDkwQzI2RDBD
OUM4NzJCMzQwHhcNMjMwNzA4MTQzMDA5WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE5NzJmMS0yNTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl/urLL8qlu/iA/GeBS/EMUXuUKKPmXpb9eEtspeaH/jPtI27pXxWHmkF1IEp
no4hGri+kX7zOKPQklDU9xDnT+VgJ+kUWvrPcuDUX0Ab88pIi0Ln8pvxDOPMnExN
2giZeDX4RHONwJ0XfdLVWkUvnEflnprD1hsaN8RsBB5uxpGRcRe5ZuEw0XmjFk3f
+wOJYxiIrFyvbSzhFmHCEEQkoiDVPNyeeF76/pyVdV4CQXgExMqkIhMYtXRxomYY
CFaSeLpH0w30WUz32gbu/q2uw0Wr/rZXDWjgDkXANwMTxLzkxQ+9S2zdZxi2a6ly
1BwIzAtjy+v9kHGyTeDjoQ6cYQIDAQABo4IClDCCApAwHQYDVR0OBBYEFEUCI+G6
Vz8pLmdbcq/wdLfN0TPhMB8GA1UdIwQYMBaAFOh9xsXHEEOQV9ir7ZDCbQychys0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy82QjhCOUQwRTM2
RkYxMUU0OTkwNEFDNjZDNEY5QUUwMi82SDNHeGNjUVE1QlgyS3Z0a01KdERKeUhL
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzZIM0d4Y2NRUTVCWDJLdnRrTUp0REp5SEt6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNkI4QjlEMEUzNkZGMTFFNDk5MDRBQzY2QzRGOUFFMDIvNUQwODc1RDI3
OUQ2MTFFQzk4QjYwRjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCGxDANBgkqhkiG9w0BAQsFAAOCAQEAEIQ6rWYFboynTrvj
MVruJ3rMeKgQ6IWEIlidPbldetJyr3M3XuK+ZJtIP1AOPpmjqxELwXL4b8x1tbpB
3IvLAs5VaO01q4Rl4hMZL78lAwl8RDq7c+Wj+RKu7AsbjOgGgeZt/nuQk8Avv2o0
vQBvRIOduJOUZ1YpFyHFPEu6E90wWh1RQhLQC0AN3fHIq5cT25Qaflmn/HMNc2js
Rrsg30qaHtmWEkuictMffaQQzkKQGogCKYZlYl3OBOfbU4AMlF9ryP0QSlUPDs3i
jmJn15GOerDZbwJabRLS1Leu744cu+foR3yzWlzza3ezFKpQpXSksP7TA2QkrCp+
2Zofqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org