Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9144F59/44A6FF6400CB11E8BEB1EF10C4F9AE02/CC4109780DE911EBA6C0DD42C4F9AE02.roa
File: CC4109780DE911EBA6C0DD42C4F9AE02.roa (raw, json)
Hash identifier: cL/Sn3hLVtOSWgqR6O+V6v8Pl9/o9ujWTC2hmWcOtBY=
Subject key identifier: B9:BA:30:01:32:0F:FB:76:1C:50:D4:19:10:A5:41:35:17:2A:4B:49
Certificate issuer: /CN=A9144F59/serialNumber=26743B1E4E0E90A19B240C0936979CA237688DF2
Certificate serial: 1554
Authority key identifier: 26:74:3B:1E:4E:0E:90:A1:9B:24:0C:09:36:97:9C:A2:37:68:8D:F2
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JnQ7Hk4OkKGbJAwJNpecojdojfI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9144F59/44A6FF6400CB11E8BEB1EF10C4F9AE02/CC4109780DE911EBA6C0DD42C4F9AE02.roa
Signing time: Tue 11 Jul 2023 04:33:37 +0000
ROA not before: Tue 11 Jul 2023 04:33:37 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 18190
IP address blocks: 155.137.88.0/24 maxlen: 24
155.137.89.0/24 maxlen: 24
155.137.90.0/24 maxlen: 24
209.141.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5460 (0x1554)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9144F59/serialNumber=26743B1E4E0E90A19B240C0936979CA237688DF2
Validity
Not Before: Jul 11 04:33:37 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64acdba0-a785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d3:eb:b7:b3:3a:c9:d8:4f:cc:17:c0:e1:46:
9d:72:fb:b5:c0:d7:15:13:8c:f3:82:b0:c4:a6:d9:
b8:f1:84:61:78:f6:e8:10:b2:29:13:9b:03:60:32:
a6:09:7d:c8:d0:c9:5e:e0:8d:e0:ca:10:a4:3c:8e:
b0:45:b4:0a:6b:eb:71:f1:f2:f7:f2:13:c6:13:bf:
c1:41:56:17:0b:ea:40:77:70:b4:fc:ff:d8:6e:97:
d0:4c:d7:fe:68:81:96:8f:38:41:c9:45:c2:21:24:
0a:1d:5a:d0:cf:46:89:c4:47:37:32:e9:aa:dc:a3:
59:d8:60:a5:95:d2:26:ac:46:84:10:29:4b:13:cb:
16:a4:7a:43:0f:1d:d7:20:40:a4:dd:bf:e3:f6:45:
c1:6a:62:8c:32:72:fe:93:59:69:2e:d7:0b:53:8c:
1f:8d:f3:37:17:b8:23:ed:18:4c:3f:2c:ed:4d:31:
0c:83:9a:10:82:bd:f5:90:fb:c4:bd:5c:ff:85:9d:
e3:e1:c6:1e:c5:f0:c2:53:da:01:a9:df:35:f4:7a:
0b:dd:c4:a7:67:86:c8:e4:95:4c:a2:46:c3:35:c1:
29:ee:77:1a:ae:40:45:33:d5:9e:d8:03:12:ac:f5:
04:15:e1:eb:10:0e:b8:72:21:45:91:08:24:01:eb:
ed:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:BA:30:01:32:0F:FB:76:1C:50:D4:19:10:A5:41:35:17:2A:4B:49
X509v3 Authority Key Identifier:
keyid:26:74:3B:1E:4E:0E:90:A1:9B:24:0C:09:36:97:9C:A2:37:68:8D:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9144F59/44A6FF6400CB11E8BEB1EF10C4F9AE02/JnQ7Hk4OkKGbJAwJNpecojdojfI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JnQ7Hk4OkKGbJAwJNpecojdojfI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144F59/44A6FF6400CB11E8BEB1EF10C4F9AE02/CC4109780DE911EBA6C0DD42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
155.137.88.0-155.137.90.255
209.141.9.0/24
Signature Algorithm: sha256WithRSAEncryption
31:08:ff:a2:bd:f1:91:2f:f3:d9:81:58:76:80:c9:ce:1e:b5:
8a:74:bd:78:f1:ad:db:bd:db:a5:bb:dd:f4:9a:bc:71:59:e6:
d7:57:ab:c5:4f:bd:d3:18:ef:f3:c7:0b:ea:46:2a:4e:e0:a1:
c6:ac:5f:66:8e:bd:e8:b1:0a:d4:71:44:22:2b:a1:14:7f:c5:
58:b2:82:a8:01:8e:5b:6a:51:06:80:3a:b1:47:0d:18:7a:7d:
f5:87:4e:bd:c7:fc:a3:48:09:b1:b7:f0:35:2e:73:97:ca:0f:
f0:cb:52:d5:d9:5e:c3:87:3b:37:05:89:7f:ee:db:0b:5f:c4:
a0:cb:74:ce:ed:c1:0f:a8:9a:0f:f5:5c:74:02:e5:ec:51:6b:
5f:10:67:cf:8a:71:9e:33:58:24:79:5f:4a:1c:0e:93:38:9b:
d9:a3:6a:21:2c:4c:c9:d0:10:cb:a1:00:73:bd:dd:65:cc:2c:
94:75:3f:1a:0a:b4:70:04:d2:42:2c:75:77:d8:d1:af:c6:be:
b3:91:9f:aa:55:68:27:7f:97:da:47:25:c1:fb:11:91:eb:91:
c3:cb:8e:37:0b:e6:32:70:11:dd:f5:1d:85:dd:5a:64:81:66:
4c:d5:94:20:d1:10:40:f0:53:b0:8e:14:bb:5a:e0:5e:19:d8:
8e:7b:e9:f3
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICFVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDRGNTkxMTAvBgNVBAUTKDI2NzQzQjFFNEUwRTkwQTE5QjI0MEMwOTM2OTc5Q0Ey
Mzc2ODhERjIwHhcNMjMwNzExMDQzMzM3WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFjZGJhMC1hNzg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArNPrt7M6ydhPzBfA4Uadcvu1wNcVE4zzgrDEptm48YRhePboELIpE5sDYDKm
CX3I0Mle4I3gyhCkPI6wRbQKa+tx8fL38hPGE7/BQVYXC+pAd3C0/P/YbpfQTNf+
aIGWjzhByUXCISQKHVrQz0aJxEc3Mumq3KNZ2GClldImrEaEEClLE8sWpHpDDx3X
IECk3b/j9kXBamKMMnL+k1lpLtcLU4wfjfM3F7gj7RhMPyztTTEMg5oQgr31kPvE
vVz/hZ3j4cYexfDCU9oBqd819HoL3cSnZ4bI5JVMokbDNcEp7ncarkBFM9We2AMS
rPUEFeHrEA64ciFFkQgkAevteQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFLm6MAEy
D/t2HFDUGRClQTUXKktJMB8GA1UdIwQYMBaAFCZ0Ox5ODpChmyQMCTaXnKI3aI3y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEY1OS80NEE2RkY2NDAw
Q0IxMUU4QkVCMUVGMTBDNEY5QUUwMi9KblE3SGs0T2tLR2JKQXdKTnBlY29qZG9q
ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0puUTdIazRPa0tHYkpBd0pOcGVjb2pkb2pmSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDRGNTkvNDRBNkZGNjQwMENCMTFFOEJFQjFFRjEwQzRGOUFFMDIvQ0M0MTA5Nzgw
REU5MTFFQkE2QzBERDQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEA5uJWAMEAJuJWgMEANGNCTANBgkqhkiG9w0BAQsFAAOC
AQEAMQj/or3xkS/z2YFYdoDJzh61inS9ePGt273bpbvd9Jq8cVnm11erxU+90xjv
88cL6kYqTuChxqxfZo696LEK1HFEIiuhFH/FWLKCqAGOW2pRBoA6sUcNGHp99YdO
vcf8o0gJsbfwNS5zl8oP8MtS1dlew4c7NwWJf+7bC1/EoMt0zu3BD6iaD/VcdALl
7FFrXxBnz4pxnjNYJHlfShwOkzib2aNqISxMydAQy6EAc73dZcwslHU/Ggq0cATS
Qix1d9jRr8a+s5GfqlVoJ3+X2kclwfsRkeuRw8uONwvmMnAR3fUdhd1aZIFmTNWU
INEQQPBTsI4Uu1rgXhnYjnvp8w==
Generated at Tue Jul 25 06:15:16 2023 by rpki-client on console-fra.rpki-client.org