Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/886376B4969D11EFA8E89029C4F9AE02.roa
File: 886376B4969D11EFA8E89029C4F9AE02.roa (raw, json)
Hash identifier: cP/FoEGs9Zt5hI5jEkgXOMizNrY4HAQ6YbrglvUOLGE=
Subject key identifier: A7:11:13:1E:86:39:F9:AE:D2:67:F5:34:3E:D1:56:93:8D:8B:1C:48
Certificate issuer: /CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
Certificate serial: 25FD
Authority key identifier: 9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/886376B4969D11EFA8E89029C4F9AE02.roa
Signing time: Wed 30 Oct 2024 09:06:13 +0000
ROA not before: Wed 30 Oct 2024 09:06:13 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 139215
IP address blocks: 150.107.48.0/24 maxlen: 24
150.107.49.0/24 maxlen: 24
150.107.50.0/24 maxlen: 24
150.107.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 10:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9725 (0x25fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
Validity
Not Before: Oct 30 09:06:13 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6721f705-b4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fb:52:12:47:88:00:77:15:6d:19:86:01:61:
c2:6e:a8:2e:ea:38:e9:27:d4:78:22:18:d0:40:d7:
a8:38:ca:27:05:50:0f:47:b6:de:af:81:12:ec:c0:
3a:10:e2:f3:2e:d2:02:81:53:a3:72:82:f4:40:62:
05:cd:5b:69:af:57:dc:33:8e:df:42:43:99:9b:92:
ef:85:c8:a9:64:a7:84:fd:94:2a:2e:e8:66:be:df:
dc:03:bc:80:6d:03:e2:2a:22:e6:1d:c5:1b:99:94:
ec:c6:bd:97:d4:59:b4:66:e1:48:70:0b:c2:66:79:
48:29:f9:98:18:b7:d3:bc:ff:f6:3b:17:5e:ba:69:
0f:45:0c:aa:69:46:fc:09:c7:02:e9:0d:35:62:83:
0e:c6:42:88:18:ae:21:4f:09:e3:7b:90:01:79:a7:
bd:c0:90:cb:8a:a3:e7:ce:2c:7e:99:26:42:8d:59:
5a:6f:63:f1:e8:09:bb:8a:01:78:a7:ea:83:ee:9c:
c6:7d:3a:8c:18:3e:5f:12:d0:26:e8:3c:18:db:d3:
ec:95:0c:d4:d5:f0:21:fa:82:b4:2f:71:c9:55:5a:
8f:b1:e9:a0:fd:15:b9:38:45:40:d4:31:65:1a:44:
76:ea:86:45:4b:16:e1:53:6b:db:94:d5:9a:ab:d1:
e1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:11:13:1E:86:39:F9:AE:D2:67:F5:34:3E:D1:56:93:8D:8B:1C:48
X509v3 Authority Key Identifier:
keyid:9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/m8dlGsS6v4xEeFNPraYQrNp0a9Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/886376B4969D11EFA8E89029C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
150.107.48.0/22
Signature Algorithm: sha256WithRSAEncryption
71:2e:ad:07:ec:7d:a0:13:8d:35:c0:9d:d4:45:dc:fa:f3:92:
a3:e9:08:ed:89:2b:2d:76:04:b3:e4:09:35:c9:c4:7e:ae:bf:
e0:0c:f2:25:eb:c2:0d:e5:b9:5d:d5:60:77:ea:82:83:39:0b:
41:8b:64:35:e7:c8:d6:ab:92:f4:b5:75:51:02:a2:64:60:8f:
95:3f:3a:13:20:f1:44:82:ad:f4:dc:66:95:9f:fb:10:a4:69:
bf:85:38:bf:d5:aa:48:0b:26:a6:67:2b:4d:75:c7:54:2b:b8:
65:cb:d4:8d:00:6d:5f:c0:a3:f9:f6:a8:99:52:f6:97:dd:7e:
b4:06:d9:ac:59:a5:2c:2e:43:f5:82:75:eb:d7:d1:86:d5:d0:
25:af:ac:bb:ec:41:31:d9:2e:2d:3e:dd:eb:21:37:e5:b4:6a:
7e:bd:f6:d5:7b:a4:dc:40:50:0b:30:a3:df:6b:90:f5:80:5e:
7a:64:09:ad:83:10:32:89:4f:a7:4c:98:71:ac:77:11:bf:96:
0b:43:5f:9d:1c:07:eb:6a:f6:58:d7:22:61:3f:b0:ef:1c:08:
00:c7:51:fb:da:c4:4f:79:fc:c9:a3:ab:83:51:ee:1d:83:1b:
fa:5f:65:0e:7a:d7:ca:0c:0d:b7:b6:c6:08:fc:b4:09:79:ef:
21:02:31:c1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNEQjAxMTAvBgNVBAUTKDlCQzc2NTFBQzRCQUJGOEM0NDc4NTM0RkFEQTYxMEFD
REE3NDZCRDQwHhcNMjQxMDMwMDkwNjEzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIxZjcwNS1iNGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsvtSEkeIAHcVbRmGAWHCbqgu6jjpJ9R4IhjQQNeoOMonBVAPR7ber4ES7MA6
EOLzLtICgVOjcoL0QGIFzVtpr1fcM47fQkOZm5LvhcipZKeE/ZQqLuhmvt/cA7yA
bQPiKiLmHcUbmZTsxr2X1Fm0ZuFIcAvCZnlIKfmYGLfTvP/2OxdeumkPRQyqaUb8
CccC6Q01YoMOxkKIGK4hTwnje5ABeae9wJDLiqPnzix+mSZCjVlab2Px6Am7igF4
p+qD7pzGfTqMGD5fEtAm6DwY29PslQzU1fAh+oK0L3HJVVqPsemg/RW5OEVA1DFl
GkR26oZFSxbhU2vblNWaq9Hh6wIDAQABo4IClTCCApEwHQYDVR0OBBYEFKcREx6G
Ofmu0mf1ND7RVpONixxIMB8GA1UdIwQYMBaAFJvHZRrEur+MRHhTT62mEKzadGvU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RCMC9CODk1QUY3NDA1
MTUxMUU1OEQ0OUFFNDJDNEY5QUUwMi9tOGRsR3NTNnY0eEVlRk5QcmFZUXJOcDBh
OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204ZGxHc1M2djR4RWVGTlByYVlRck5wMGE5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNEQjAvQjg5NUFGNzQwNTE1MTFFNThENDlBRTQyQzRGOUFFMDIvODg2Mzc2QjQ5
NjlEMTFFRkE4RTg5MDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKWazAwDQYJKoZIhvcNAQELBQADggEBAHEurQfsfaATjTXA
ndRF3PrzkqPpCO2JKy12BLPkCTXJxH6uv+AM8iXrwg3luV3VYHfqgoM5C0GLZDXn
yNarkvS1dVEComRgj5U/OhMg8USCrfTcZpWf+xCkab+FOL/VqkgLJqZnK011x1Qr
uGXL1I0AbV/Ao/n2qJlS9pfdfrQG2axZpSwuQ/WCdevX0YbV0CWvrLvsQTHZLi0+
3eshN+W0an699tV7pNxAUAswo99rkPWAXnpkCa2DEDKJT6dMmHGsdxG/lgtDX50c
B+tq9ljXImE/sO8cCADHUfvaxE95/Mmjq4NR7h2DG/pfZQ5618oMDbe2xgj8tAl5
7yECMcE=
-----END CERTIFICATE-----
Generated at Sun Nov 3 14:28:07 2024 by rpki-client on console-ams.rpki-client.org