Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913ED02/12B16D5054E611E79ADC2518C4F9AE02/A19BA328657C11EBBA486B84C4F9AE02.roa
File: A19BA328657C11EBBA486B84C4F9AE02.roa (raw, json)
Hash identifier: v7vRKVXg/w5Arlj8cfzT3SLbMUrx2YdXRXwg0xv2DQw=
Subject key identifier: 93:BF:DD:2A:8E:B0:E4:0B:9C:8C:F4:02:F6:63:3D:31:93:F2:AE:DD
Certificate issuer: /CN=A913ED02/serialNumber=EB53900034C619FC600A9BD58DD8CA41602475C8
Certificate serial: 05E4
Authority key identifier: EB:53:90:00:34:C6:19:FC:60:0A:9B:D5:8D:D8:CA:41:60:24:75:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/61OQADTGGfxgCpvVjdjKQWAkdcg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913ED02/12B16D5054E611E79ADC2518C4F9AE02/A19BA328657C11EBBA486B84C4F9AE02.roa
Signing time: Sun 31 Mar 2024 17:24:34 +0000
ROA not before: Sun 31 Mar 2024 17:24:34 +0000
ROA not after: Thu 01 Aug 2024 00:00:00 +0000
asID: 49544
IP address blocks: 220.158.216.0/22 maxlen: 22
2403:1480:9000::/36 maxlen: 36
Validation: Failed, certificate revoked on Sun 28 Apr 2024 23:04:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1508 (0x5e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913ED02/serialNumber=EB53900034C619FC600A9BD58DD8CA41602475C8
Validity
Not Before: Mar 31 17:24:34 2024 GMT
Not After : Aug 1 00:00:00 2024 GMT
Subject: CN=66099c52-dfcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:10:39:83:56:c0:59:e2:5d:82:50:b3:62:33:
51:22:06:3f:44:da:b5:4d:48:04:4a:65:c8:96:cc:
e6:b0:aa:1a:52:8d:9a:2e:fc:09:9f:45:60:3d:99:
2e:96:5b:97:df:ff:57:ff:9d:6a:8a:0c:05:7b:eb:
1a:f0:ac:37:93:47:75:96:6c:77:c9:82:98:28:6e:
4b:24:80:a5:ab:3d:e6:a7:e8:f7:db:25:39:b7:7f:
3e:ce:7a:46:a0:7f:fd:f3:5d:25:2b:1f:79:2c:00:
25:c7:88:e6:07:de:fc:ca:9a:ee:6e:28:99:ab:08:
35:f0:26:63:17:dd:23:1b:38:29:ee:d9:7f:55:64:
30:fb:16:7b:65:d5:ec:ef:9f:66:a5:a1:d4:f8:3e:
ac:bf:db:8c:5d:ee:7d:93:f7:9d:39:93:3e:8a:37:
4c:aa:e3:f4:ed:57:fe:9a:5e:71:e5:5b:27:61:16:
ac:40:33:44:cf:c2:7f:5b:62:c9:16:60:d1:80:ec:
2a:1d:72:6b:71:7d:2b:e2:a3:5b:a0:ec:97:87:73:
1f:87:39:b2:2b:cd:d9:65:e4:0b:9a:c8:62:78:5b:
f2:b3:b7:4d:91:6b:7b:0c:64:8d:17:11:5e:7f:82:
77:b0:d8:e3:d3:3d:11:76:fc:b6:d5:fe:20:fc:55:
45:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:BF:DD:2A:8E:B0:E4:0B:9C:8C:F4:02:F6:63:3D:31:93:F2:AE:DD
X509v3 Authority Key Identifier:
keyid:EB:53:90:00:34:C6:19:FC:60:0A:9B:D5:8D:D8:CA:41:60:24:75:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913ED02/12B16D5054E611E79ADC2518C4F9AE02/61OQADTGGfxgCpvVjdjKQWAkdcg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/61OQADTGGfxgCpvVjdjKQWAkdcg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ED02/12B16D5054E611E79ADC2518C4F9AE02/A19BA328657C11EBBA486B84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.158.216.0/22
IPv6:
2403:1480:9000::/36
Signature Algorithm: sha256WithRSAEncryption
36:2f:30:54:12:f2:29:11:51:1a:39:9f:c1:fa:72:82:85:3c:
aa:af:4d:46:32:16:3b:2d:78:b4:db:58:54:0f:ea:5c:c8:dc:
0a:e7:af:5e:69:b7:83:84:57:7c:7c:3e:69:5c:ca:f7:16:7c:
1b:b4:69:a1:a3:12:a5:37:97:91:b3:ff:8f:5d:4c:a5:b9:5b:
57:7c:f8:6a:bf:cc:9b:83:5e:80:ee:46:16:e1:d4:fe:57:80:
a7:7e:6a:92:0e:4e:a1:bf:2c:08:bb:72:5e:05:26:57:34:da:
6b:cd:b7:69:f1:db:e3:42:f4:f0:17:70:1c:9b:80:eb:a6:66:
a1:01:9e:56:2e:70:8e:b3:f3:8d:ca:be:ae:dc:44:eb:fe:0b:
d9:4c:4d:67:a6:36:1a:fe:ec:b3:61:01:e9:fd:33:51:3a:ea:
3e:7a:70:75:b8:ae:dd:7a:2d:27:20:83:e2:eb:ef:7a:87:66:
69:ec:4c:df:6a:09:b4:31:93:49:4f:77:56:33:37:29:99:1c:
ad:46:cf:6b:a5:d0:d9:e6:84:05:f9:6f:43:9a:a6:e1:38:d7:
84:84:da:a4:97:67:0b:0b:cc:8b:1d:3e:72:18:60:06:2c:9f:
ae:42:b5:c0:a7:7d:a2:8e:b7:ad:72:f3:f1:3e:ee:34:7b:4f:
d1:d8:c7:f4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICBeQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0VEMDIxMTAvBgNVBAUTKEVCNTM5MDAwMzRDNjE5RkM2MDBBOUJENThERDhDQTQx
NjAyNDc1QzgwHhcNMjQwMzMxMTcyNDM0WhcNMjQwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA5OWM1Mi1kZmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmBA5g1bAWeJdglCzYjNRIgY/RNq1TUgESmXIlszmsKoaUo2aLvwJn0VgPZku
lluX3/9X/51qigwFe+sa8Kw3k0d1lmx3yYKYKG5LJIClqz3mp+j32yU5t38+znpG
oH/9810lKx95LAAlx4jmB978yprubiiZqwg18CZjF90jGzgp7tl/VWQw+xZ7ZdXs
759mpaHU+D6sv9uMXe59k/edOZM+ijdMquP07Vf+ml5x5VsnYRasQDNEz8J/W2LJ
FmDRgOwqHXJrcX0r4qNboOyXh3MfhzmyK83ZZeQLmshieFvys7dNkWt7DGSNFxFe
f4J3sNjj0z0Rdvy21f4g/FVFRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJO/3SqO
sOQLnIz0AvZjPTGT8q7dMB8GA1UdIwQYMBaAFOtTkAA0xhn8YAqb1Y3YykFgJHXI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRUQwMi8xMkIxNkQ1MDU0
RTYxMUU3OUFEQzI1MThDNEY5QUUwMi82MU9RQURUR0dmeGdDcHZWamRqS1FXQWtk
Y2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzYxT1FBRFRHR2Z4Z0NwdlZqZGpLUVdBa2RjZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0VEMDIvMTJCMTZENTA1NEU2MTFFNzlBREMyNTE4QzRGOUFFMDIvQTE5QkEzMjg2
NTdDMTFFQkJBNDg2Qjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBALcntgwDgQCAAIwCAMGBCQDFICQMA0GCSqGSIb3DQEBCwUA
A4IBAQA2LzBUEvIpEVEaOZ/B+nKChTyqr01GMhY7LXi021hUD+pcyNwK569eabeD
hFd8fD5pXMr3FnwbtGmhoxKlN5eRs/+PXUyluVtXfPhqv8ybg16A7kYW4dT+V4Cn
fmqSDk6hvywIu3JeBSZXNNprzbdp8dvjQvTwF3Acm4DrpmahAZ5WLnCOs/ONyr6u
3ETr/gvZTE1npjYa/uyzYQHp/TNROuo+enB1uK7dei0nIIPi6+96h2Zp7Ezfagm0
MZNJT3dWMzcpmRytRs9rpdDZ5oQF+W9DmqbhONeEhNqkl2cLC8yLHT5yGGAGLJ+u
QrXAp32ijretcvPxPu40e0/R2Mf0
-----END CERTIFICATE-----
Generated at Mon Apr 29 02:14:27 2024 by rpki-client on console-ams.rpki-client.org