Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/A924B7BA1E0211E9862ECE3FC4F9AE02.roa
File: A924B7BA1E0211E9862ECE3FC4F9AE02.roa (raw, json)
Hash identifier: PyFsAQUAq26yK3Xq4QM79K4Drh5v8sc1EC7ZG8Jt6os=
Subject key identifier: 1E:9E:D3:32:6D:47:79:3C:67:5A:27:88:3E:60:1C:2E:9D:A3:76:A6
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 36AE
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/A924B7BA1E0211E9862ECE3FC4F9AE02.roa
Signing time: Sat 08 Jul 2023 14:30:59 +0000
ROA not before: Sat 08 Jul 2023 14:30:59 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 24562
IP address blocks: 171.102.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 02:58:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13998 (0x36ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 8 14:30:59 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64a97322-132e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:78:90:5b:85:b5:3d:7f:ab:df:d6:a1:c0:51:
7b:1d:b5:03:16:9d:b2:c9:63:e3:0d:30:c9:b1:2b:
03:bc:44:42:a4:40:ea:5f:b5:53:98:61:cd:71:0f:
22:a3:60:57:9e:5a:bd:05:78:68:11:0b:1b:6b:f8:
2f:aa:55:89:ee:81:a3:11:3b:c3:1b:cd:44:53:b8:
d8:fd:2f:4f:fb:d8:28:81:6b:70:c7:4a:32:07:df:
f9:b5:23:1e:83:b2:f5:d4:ec:18:de:ac:ab:43:52:
b0:8c:bf:e5:6d:61:33:46:2e:8e:55:c2:75:e1:a2:
c6:a9:85:ae:18:2d:54:8a:91:89:b2:a2:7b:c6:41:
8a:9f:8c:a9:d0:59:67:4c:70:d6:7b:50:bb:51:00:
d9:25:73:ba:71:37:d3:8b:4f:cc:d9:d5:f9:b9:4d:
a2:2f:2f:b1:e2:bf:be:4b:5f:c0:c6:d0:e4:02:b6:
e8:c1:45:0e:3e:1e:18:2f:a7:95:e1:9b:5f:d8:57:
8a:74:a2:ee:24:e9:92:e8:e7:3d:02:14:07:d4:3d:
39:2a:93:93:b3:09:1b:a2:f5:68:55:0a:99:d4:d0:
f9:65:e9:20:06:66:ad:eb:2e:d6:4d:7f:a3:4f:44:
32:52:e4:99:93:36:d7:7f:92:1f:42:09:77:a7:ac:
5d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:9E:D3:32:6D:47:79:3C:67:5A:27:88:3E:60:1C:2E:9D:A3:76:A6
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/A924B7BA1E0211E9862ECE3FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
171.102.35.0/24
Signature Algorithm: sha256WithRSAEncryption
19:81:79:58:93:b8:0a:2b:33:df:21:76:c9:ab:38:f8:21:e3:
95:34:b8:e4:f8:a4:84:f8:67:77:26:9b:46:9b:fc:2e:a8:66:
5d:26:3f:14:b5:03:b4:62:ac:e9:4f:e7:01:a7:66:3b:88:82:
c3:bc:a9:a3:c3:f7:d7:6f:09:03:d2:b5:f9:ae:7c:76:9e:17:
5d:04:e7:d9:f7:c7:57:d3:fe:25:1b:90:f2:9d:c4:6d:93:a8:
37:8d:2f:19:95:9d:87:14:4c:4a:5b:1a:ed:19:8d:25:98:e4:
57:97:d4:42:6d:ca:be:e7:7e:1f:5a:c2:52:67:14:c7:93:f3:
18:4b:e9:3d:63:40:70:3f:a2:e4:83:f0:62:64:51:82:09:da:
68:c7:96:5a:13:2f:ad:fe:2b:92:99:0d:81:a4:a1:d9:d2:65:
3e:e7:76:ea:46:0c:94:b1:be:a6:4b:c5:93:22:c9:99:74:67:
29:8c:e0:1b:85:32:7a:80:27:14:a0:af:f3:f1:f8:b6:eb:c9:
6b:90:bb:ca:39:2b:4d:b7:68:82:08:f0:8a:7e:11:31:8b:60:
ae:83:79:93:ec:56:fe:a7:7d:d7:e1:63:b0:f0:06:98:b2:5f:
5d:7f:10:51:7a:01:08:20:68:bc:8b:17:0d:b6:47:d7:59:45:
b4:dd:56:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNq4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjMwNzA4MTQzMDU5WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE5NzMyMi0xMzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyHiQW4W1PX+r39ahwFF7HbUDFp2yyWPjDTDJsSsDvERCpEDqX7VTmGHNcQ8i
o2BXnlq9BXhoEQsba/gvqlWJ7oGjETvDG81EU7jY/S9P+9gogWtwx0oyB9/5tSMe
g7L11OwY3qyrQ1KwjL/lbWEzRi6OVcJ14aLGqYWuGC1UipGJsqJ7xkGKn4yp0Fln
THDWe1C7UQDZJXO6cTfTi0/M2dX5uU2iLy+x4r++S1/AxtDkArbowUUOPh4YL6eV
4Ztf2FeKdKLuJOmS6Oc9AhQH1D05KpOTswkbovVoVQqZ1ND5ZekgBmat6y7WTX+j
T0QyUuSZkzbXf5IfQgl3p6xdXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFB6e0zJt
R3k8Z1oniD5gHC6do3amMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvQTkyNEI3QkEx
RTAyMTFFOTg2MkVDRTNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACrZiMwDQYJKoZIhvcNAQELBQADggEBABmBeViTuAorM98h
dsmrOPgh45U0uOT4pIT4Z3cmm0ab/C6oZl0mPxS1A7RirOlP5wGnZjuIgsO8qaPD
99dvCQPStfmufHaeF10E59n3x1fT/iUbkPKdxG2TqDeNLxmVnYcUTEpbGu0ZjSWY
5FeX1EJtyr7nfh9awlJnFMeT8xhL6T1jQHA/ouSD8GJkUYIJ2mjHlloTL63+K5KZ
DYGkodnSZT7ndupGDJSxvqZLxZMiyZl0ZymM4BuFMnqAJxSgr/Px+LbryWuQu8o5
K023aIII8Ip+ETGLYK6DeZPsVv6nfdfhY7DwBpiyX11/EFF6AQggaLyLFw22R9dZ
RbTdVgA=
-----END CERTIFICATE-----
Generated at Tue Feb 6 04:09:28 2024 by rpki-client on console-fra.rpki-client.org