Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/751F02BC990D11EB9C047D5DC4F9AE02.roa
File: 751F02BC990D11EB9C047D5DC4F9AE02.roa (raw, json)
Hash identifier: 8AnkXlTo3UJMjSI86gTN6/kxQkeSfU7NYblpxTELZyM=
Subject key identifier: E1:48:EA:62:8F:F0:EC:9C:B5:4C:12:CC:61:93:0F:FD:69:C2:3D:88
Certificate issuer: /CN=A9148D01/serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Certificate serial: 0530
Authority key identifier: 7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/751F02BC990D11EB9C047D5DC4F9AE02.roa
Signing time: Thu 01 Jun 2023 02:50:19 +0000
ROA not before: Thu 01 Jun 2023 02:50:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58608
IP address blocks: 49.248.70.0/24 maxlen: 24
49.248.71.0/24 maxlen: 24
49.248.125.0/24 maxlen: 24
49.248.217.0/24 maxlen: 24
49.248.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 23:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1328 (0x530)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D01/serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Validity
Not Before: Jun 1 02:50:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6478076b-b259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:14:66:81:97:cf:aa:77:20:ef:bb:6c:f7:1d:
59:99:b4:7b:0b:2a:17:04:bd:bb:e2:72:08:0a:ba:
26:d1:10:d6:97:d0:62:48:55:77:35:26:91:af:09:
18:6f:e9:59:02:45:10:bf:e8:6a:4d:7b:9a:58:85:
94:fe:7c:c0:eb:13:b1:3b:b3:56:0e:24:71:7f:01:
7c:04:a2:54:a6:4c:1f:07:ea:90:b8:3c:70:20:22:
a2:c1:96:e0:03:c8:a5:03:b8:10:db:6d:2f:1b:e3:
53:c3:df:e2:4a:c1:ee:45:31:0a:9a:55:d8:02:61:
1a:64:89:5d:cf:7e:5a:97:56:8a:b7:2e:f3:84:2e:
02:bf:db:32:ce:2e:a4:96:2b:7a:f6:85:c1:40:4d:
71:43:8d:7d:bc:9d:7c:bf:de:c4:cc:b5:a7:58:6a:
c7:0f:dc:25:9d:15:b8:3d:7b:ae:48:b3:1b:70:21:
eb:af:2a:e9:87:fe:1a:3e:9a:04:72:ea:57:b2:fb:
4d:7c:ec:37:3f:11:d8:67:c4:f9:09:ed:97:55:a7:
a9:20:3f:c8:61:c9:d7:2b:cb:dd:3b:c2:ea:cc:87:
d5:18:1c:cc:fa:66:65:a8:65:3e:02:c3:7d:ea:68:
f9:0f:05:2e:8c:7a:93:52:11:b8:29:c8:8a:0d:97:
a1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:48:EA:62:8F:F0:EC:9C:B5:4C:12:CC:61:93:0F:FD:69:C2:3D:88
X509v3 Authority Key Identifier:
keyid:7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/751F02BC990D11EB9C047D5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.248.70.0/23
49.248.125.0/24
49.248.217.0/24
49.248.220.0/24
Signature Algorithm: sha256WithRSAEncryption
79:2c:7d:1b:8f:68:67:4c:bc:16:0d:5e:13:fa:dc:ff:93:45:
b6:84:30:bf:57:2d:de:e2:e7:4e:2f:df:46:8b:67:95:2f:e2:
41:8f:3e:a4:48:51:88:e5:40:2a:e0:d2:11:3f:cd:59:bf:90:
09:11:81:a5:74:3a:18:8a:6e:81:bd:51:40:b5:e1:42:fa:4b:
a4:02:38:56:7e:a0:f8:58:03:07:b6:67:11:1f:7a:73:bf:dd:
4a:2f:d9:02:06:eb:0b:6e:b4:f8:be:2b:8c:84:29:99:c7:46:
4b:e5:5c:9e:4a:1c:a2:2d:af:71:0d:11:b1:2d:30:c1:77:8b:
24:75:8b:c5:07:3d:42:8b:62:12:05:ee:fa:b0:3c:0c:6a:af:
01:ab:62:13:9f:a8:3e:cf:4c:3d:60:f4:ce:06:19:48:42:87:
dd:a9:50:3f:5a:81:f5:1a:d2:d2:fb:e3:73:dd:74:70:b9:a9:
28:e0:1d:a9:96:93:d7:16:f0:5d:f1:61:d7:8a:79:77:13:1f:
e5:3c:f0:6d:b9:39:85:85:c6:ab:e4:1a:7f:25:7b:02:5b:4d:
86:0f:3f:09:82:d6:7e:55:ba:f2:b6:e5:17:a5:92:95:2f:c7:
54:02:34:bb:c0:29:96:8d:8f:a3:34:83:a5:3d:56:1a:13:18:
29:0c:e6:f6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBTAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhEMDExMTAvBgNVBAUTKDdFMzZBQjFDMDQ0MzIxQjc0Q0Y2NzgyNjNFMDUyNEZE
MzQxNzlCQkQwHhcNMjMwNjAxMDI1MDE5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc4MDc2Yi1iMjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2xRmgZfPqncg77ts9x1ZmbR7CyoXBL274nIICrom0RDWl9BiSFV3NSaRrwkY
b+lZAkUQv+hqTXuaWIWU/nzA6xOxO7NWDiRxfwF8BKJUpkwfB+qQuDxwICKiwZbg
A8ilA7gQ220vG+NTw9/iSsHuRTEKmlXYAmEaZIldz35al1aKty7zhC4Cv9syzi6k
lit69oXBQE1xQ419vJ18v97EzLWnWGrHD9wlnRW4PXuuSLMbcCHrryrph/4aPpoE
cupXsvtNfOw3PxHYZ8T5Ce2XVaepID/IYcnXK8vdO8LqzIfVGBzM+mZlqGU+AsN9
6mj5DwUujHqTUhG4KciKDZehuwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFOFI6mKP
8OyctUwSzGGTD/1pwj2IMB8GA1UdIwQYMBaAFH42qxwEQyG3TPZ4Jj4FJP00F5u9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQwMS9FOTI1MTlGQTk5
MEIxMUVCQTM1NUNCNTNDNEY5QUUwMi9mamFySEFSREliZE05bmdtUGdVa19UUVht
NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqYXJIQVJESWJkTTluZ21QZ1VrX1RRWG03MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhEMDEvRTkyNTE5RkE5OTBCMTFFQkEzNTVDQjUzQzRGOUFFMDIvNzUxRjAyQkM5
OTBEMTFFQjlDMDQ3RDVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAEx+EYDBAAx+H0DBAAx+NkDBAAx+NwwDQYJKoZIhvcNAQEL
BQADggEBAHksfRuPaGdMvBYNXhP63P+TRbaEML9XLd7i504v30aLZ5Uv4kGPPqRI
UYjlQCrg0hE/zVm/kAkRgaV0OhiKboG9UUC14UL6S6QCOFZ+oPhYAwe2ZxEfenO/
3Uov2QIG6wtutPi+K4yEKZnHRkvlXJ5KHKItr3ENEbEtMMF3iyR1i8UHPUKLYhIF
7vqwPAxqrwGrYhOfqD7PTD1g9M4GGUhCh92pUD9agfUa0tL743PddHC5qSjgHamW
k9cW8F3xYdeKeXcTH+U88G25OYWFxqvkGn8lewJbTYYPPwmC1n5VuvK25RelkpUv
x1QCNLvAKZaNj6M0g6U9VhoTGCkM5vY=
-----END CERTIFICATE-----
Generated at Thu Jun 27 02:24:56 2024 by rpki-client on console-ams.rpki-client.org