Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B3F2/0051DBCC97E211EE89813D23C4F9AE02/AEA264B497EA11EEBA039709C4F9AE02.roa
File: AEA264B497EA11EEBA039709C4F9AE02.roa (raw, json)
Hash identifier: 4/PLj4pKdDDGKyWstmPSgIAFwQf2G0u3G3YWr1qILm4=
Subject key identifier: 8B:BC:88:8A:C4:87:7C:2B:03:10:74:D3:B7:68:71:DC:E1:7C:2C:2B
Certificate issuer: /CN=A913B3F2/serialNumber=5CC91AFD5B8B37ED8C509F61189F448E73121F97
Certificate serial: 02
Authority key identifier: 5C:C9:1A:FD:5B:8B:37:ED:8C:50:9F:61:18:9F:44:8E:73:12:1F:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XMka_VuLN-2MUJ9hGJ9EjnMSH5c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B3F2/0051DBCC97E211EE89813D23C4F9AE02/AEA264B497EA11EEBA039709C4F9AE02.roa
Signing time: Mon 11 Dec 2023 06:01:10 +0000
ROA not before: Mon 11 Dec 2023 06:01:10 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 152137
IP address blocks: 210.79.182.0/23 maxlen: 23
2001:df3:3bc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:51:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B3F2/serialNumber=5CC91AFD5B8B37ED8C509F61189F448E73121F97
Validity
Not Before: Dec 11 06:01:10 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6576a5a6-8df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:89:b7:c7:62:29:c5:e2:30:01:61:42:58:bc:
2a:2b:69:1c:08:4b:f4:62:59:ba:30:ef:43:c1:2a:
33:ec:e2:42:85:f1:97:ba:39:40:ad:fa:82:f8:dd:
43:cf:44:f3:59:98:74:15:33:2e:a3:10:12:4d:f1:
e3:4b:fa:57:0b:f4:ce:68:ce:5f:5d:8c:d1:4e:11:
ff:17:7e:ce:46:76:58:6b:f0:89:c6:c1:5e:c5:f0:
9c:5f:b2:06:04:7e:80:80:d1:14:e4:8d:b4:ee:06:
27:b6:42:15:9b:bf:12:ae:3b:78:85:e3:90:00:2a:
8c:a1:cd:78:b7:2c:6c:b1:1f:3e:3d:ef:3b:3f:39:
a8:dc:79:0d:d3:4c:b6:e0:c7:42:77:b8:4a:15:aa:
b7:9a:9a:1a:76:46:72:22:88:f1:a6:1d:1c:2c:db:
8b:bb:5f:47:f5:3c:84:b1:b1:17:00:f4:db:02:fe:
69:64:f1:a3:d9:d8:13:e0:8f:e0:66:4f:13:f1:a9:
76:d6:c7:99:ba:ef:90:f3:42:84:f0:7a:79:5d:be:
7d:80:c9:4e:ff:d4:fa:9d:79:7f:8f:63:84:ee:5a:
da:9b:66:22:48:38:6c:8f:83:7a:74:44:0d:12:6c:
ba:67:0d:80:e8:9c:a0:3d:e9:5c:13:ea:ef:d4:93:
d1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:BC:88:8A:C4:87:7C:2B:03:10:74:D3:B7:68:71:DC:E1:7C:2C:2B
X509v3 Authority Key Identifier:
keyid:5C:C9:1A:FD:5B:8B:37:ED:8C:50:9F:61:18:9F:44:8E:73:12:1F:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B3F2/0051DBCC97E211EE89813D23C4F9AE02/XMka_VuLN-2MUJ9hGJ9EjnMSH5c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XMka_VuLN-2MUJ9hGJ9EjnMSH5c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B3F2/0051DBCC97E211EE89813D23C4F9AE02/AEA264B497EA11EEBA039709C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.79.182.0/23
IPv6:
2001:df3:3bc0::/48
Signature Algorithm: sha256WithRSAEncryption
04:1f:42:fd:dc:de:0b:6b:3b:cb:4e:d4:33:28:a3:0b:91:87:
46:0e:8e:bf:f3:1e:1b:59:cb:4f:a9:32:1c:be:7c:70:bc:d9:
3a:ee:39:8f:0c:6e:a6:cd:f8:85:7c:c4:5f:83:47:84:fc:e3:
c7:60:38:bc:df:a7:0a:9d:08:7b:05:91:cd:a6:64:64:e2:f3:
af:c8:e0:96:94:68:45:23:9d:98:34:c2:e1:31:a8:33:35:6b:
1d:c5:d4:58:a4:5e:6f:56:99:fd:9a:96:74:26:ac:f2:3c:d4:
37:1c:25:0a:4e:80:f3:53:41:da:4d:24:9c:93:cd:a8:18:33:
39:82:5b:d5:8d:ab:2f:f7:34:79:41:3c:94:b3:25:98:31:ea:
92:09:e8:4b:80:8b:49:86:b0:0e:f9:a2:6a:d5:d9:49:83:c5:
77:d2:4b:96:4a:6a:ad:44:d8:73:0a:39:89:0c:57:ea:cb:c7:
44:d6:fa:a0:c9:fe:1c:a7:ab:38:88:12:21:ce:d7:3f:af:b9:
d0:f8:9d:97:e1:65:62:83:c9:87:e4:26:0c:d6:cc:ee:84:5f:
f3:95:e5:cf:a6:5b:05:67:83:07:ce:cc:8b:23:93:20:83:31:
b3:62:3f:4a:11:de:f9:b5:74:00:2c:f2:03:63:76:06:29:92:
46:4c:5d:61
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
QjNGMjExMC8GA1UEBRMoNUNDOTFBRkQ1QjhCMzdFRDhDNTA5RjYxMTg5RjQ0OEU3
MzEyMUY5NzAeFw0yMzEyMTEwNjAxMTBaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NzZhNWE2LThkZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCcibfHYinF4jABYUJYvCoraRwIS/RiWbow70PBKjPs4kKF8Ze6OUCt+oL43UPP
RPNZmHQVMy6jEBJN8eNL+lcL9M5ozl9djNFOEf8Xfs5Gdlhr8InGwV7F8JxfsgYE
foCA0RTkjbTuBie2QhWbvxKuO3iF45AAKoyhzXi3LGyxHz497zs/OajceQ3TTLbg
x0J3uEoVqreamhp2RnIiiPGmHRws24u7X0f1PISxsRcA9NsC/mlk8aPZ2BPgj+Bm
TxPxqXbWx5m675DzQoTwenldvn2AyU7/1PqdeX+PY4TuWtqbZiJIOGyPg3p0RA0S
bLpnDYDonKA96VwT6u/Uk9E3AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUi7yIisSH
fCsDEHTTt2hx3OF8LCswHwYDVR0jBBgwFoAUXMka/VuLN+2MUJ9hGJ9EjnMSH5cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNCM0YyLzAwNTFEQkNDOTdF
MjExRUU4OTgxM0QyM0M0RjlBRTAyL1hNa2FfVnVMTi0yTVVKOWhHSjlFam5NU0g1
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWE1rYV9WdUxOLTJNVUo5aEdKOUVqbk1TSDVjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
QjNGMi8wMDUxREJDQzk3RTIxMUVFODk4MTNEMjNDNEY5QUUwMi9BRUEyNjRCNDk3
RUExMUVFQkEwMzk3MDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAdJPtjAPBAIAAjAJAwcAIAEN8zvAMA0GCSqGSIb3DQEBCwUA
A4IBAQAEH0L93N4LazvLTtQzKKMLkYdGDo6/8x4bWctPqTIcvnxwvNk67jmPDG6m
zfiFfMRfg0eE/OPHYDi836cKnQh7BZHNpmRk4vOvyOCWlGhFI52YNMLhMagzNWsd
xdRYpF5vVpn9mpZ0JqzyPNQ3HCUKToDzU0HaTSSck82oGDM5glvVjasv9zR5QTyU
syWYMeqSCehLgItJhrAO+aJq1dlJg8V30kuWSmqtRNhzCjmJDFfqy8dE1vqgyf4c
p6s4iBIhztc/r7nQ+J2X4WVig8mH5CYM1szuhF/zleXPplsFZ4MHzsyLI5MggzGz
Yj9KEd75tXQALPIDY3YGKZJGTF1h
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org