Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/1D519132D55D11EEB560AC4AC4F9AE02.roa
File: 1D519132D55D11EEB560AC4AC4F9AE02.roa (raw, json)
Hash identifier: 9XjU8ZsmwEgQgCfLW72xuLDFJQOADo4yY3BNZMPGxII=
Subject key identifier: 89:5F:CE:BA:B4:FA:8D:D8:B8:B7:AE:67:F0:7D:65:07:96:39:7F:12
Certificate issuer: /CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Certificate serial: 0112
Authority key identifier: D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/1D519132D55D11EEB560AC4AC4F9AE02.roa
Signing time: Tue 27 Feb 2024 10:44:00 +0000
ROA not before: Tue 27 Feb 2024 10:44:00 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 149196
IP address blocks: 45.127.194.0/24 maxlen: 24
45.127.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 04:43:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 274 (0x112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Validity
Not Before: Feb 27 10:44:00 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65ddbcef-02d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:59:84:f5:0e:db:39:07:f3:6d:b8:87:0a:40:
79:fd:a5:ea:cb:46:d2:20:79:c4:13:20:d3:9f:8c:
ab:38:4f:70:77:93:c4:94:30:88:c4:95:ff:47:c7:
7c:3e:bf:5c:e7:db:e2:3a:01:c7:4c:49:68:b0:57:
b8:7c:41:b4:86:60:42:24:fc:8b:57:76:0d:88:be:
84:30:ab:4e:1a:0e:97:b8:62:a4:6d:2e:14:04:25:
e4:37:ee:9d:aa:d8:56:8f:53:a3:77:c5:54:d4:4b:
ee:b1:e7:0d:ec:3a:6a:7f:40:bf:00:06:9a:e9:e8:
46:50:79:8d:86:c0:97:15:58:a6:ae:17:48:30:2d:
9f:97:60:d5:71:26:af:6f:27:6a:ef:09:19:5b:07:
b6:32:ff:30:29:a7:f6:d5:f3:fe:22:02:45:40:bf:
95:c3:2a:ac:8d:8f:d6:20:ee:34:c0:0e:18:21:df:
d7:30:78:dd:2b:63:7c:88:3e:fb:ad:b8:28:5b:c1:
88:e3:52:64:61:72:4c:78:fc:47:74:07:bc:4b:a6:
15:5b:a4:37:0c:9f:5d:e6:e3:6f:88:cb:63:3f:ca:
33:ec:8f:15:6c:ae:d9:16:92:a4:f2:f8:80:d1:87:
2a:45:e8:98:cd:46:41:76:cb:72:36:b5:36:05:a8:
7a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5F:CE:BA:B4:FA:8D:D8:B8:B7:AE:67:F0:7D:65:07:96:39:7F:12
X509v3 Authority Key Identifier:
keyid:D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/0bjmcZc1WQIPhwPRfc2JJpLmQKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/1D519132D55D11EEB560AC4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.194.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:53:27:cb:45:d9:76:31:08:7e:75:74:26:55:dd:7f:e7:c8:
c8:3b:fd:b5:3f:be:14:1d:89:29:a8:0b:93:86:b8:59:ab:92:
78:12:e4:b8:50:ec:6a:54:45:e5:d3:42:6d:5c:96:96:17:9b:
c2:a3:c5:e9:4c:b7:8a:4c:52:8d:57:97:e3:58:68:41:a8:2a:
82:85:f7:a5:6c:e0:04:4b:1f:05:79:99:d5:45:d2:8e:ec:bc:
ed:09:fa:ef:e6:40:5c:44:83:0a:ad:96:33:57:03:85:70:34:
78:2b:e1:7a:8c:23:ee:96:79:5a:21:73:79:cb:73:da:7d:67:
45:12:e0:e8:04:92:3a:53:f1:81:15:53:a1:d5:4f:83:48:68:
6e:c5:3f:4b:09:c7:93:ca:6c:6d:2c:6c:6f:d1:0b:b5:91:e6:
87:d4:4d:05:fe:7a:61:23:5a:6d:7d:55:1b:4b:88:d3:62:c1:
2c:c6:06:f3:49:f2:48:4e:7e:d5:4c:a5:53:0a:3c:b3:c0:eb:
5d:51:5b:e8:57:8b:da:f6:2c:fc:a9:d3:0a:35:50:a0:71:5c:
e1:1d:2c:3c:40:8e:fd:ff:d2:d7:7e:26:8a:cf:e8:29:eb:58:
6b:bc:c6:2f:72:55:5e:93:6e:30:63:f2:ef:e2:02:b0:31:5a:
49:3e:af:1d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICARIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVDMDgxMTAvBgNVBAUTKEQxQjhFNjcxOTczNTU5MDIwRjg3MDNEMTdEQ0Q4OTI2
OTJFNjQwQTIwHhcNMjQwMjI3MTA0NDAwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRkYmNlZi0wMmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5FmE9Q7bOQfzbbiHCkB5/aXqy0bSIHnEEyDTn4yrOE9wd5PElDCIxJX/R8d8
Pr9c59viOgHHTElosFe4fEG0hmBCJPyLV3YNiL6EMKtOGg6XuGKkbS4UBCXkN+6d
qthWj1Ojd8VU1EvusecN7Dpqf0C/AAaa6ehGUHmNhsCXFVimrhdIMC2fl2DVcSav
bydq7wkZWwe2Mv8wKaf21fP+IgJFQL+VwyqsjY/WIO40wA4YId/XMHjdK2N8iD77
rbgoW8GI41JkYXJMePxHdAe8S6YVW6Q3DJ9d5uNviMtjP8oz7I8VbK7ZFpKk8viA
0YcqReiYzUZBdstyNrU2Bah6qQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIlfzrq0
+o3YuLeuZ/B9ZQeWOX8SMB8GA1UdIwQYMBaAFNG45nGXNVkCD4cD0X3NiSaS5kCi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUMwOC84MTJBMkM1ODdE
M0IxMUVEOThCRjlFNDhDNEY5QUUwMi8wYmptY1pjMVdRSVBod1BSZmMySkpwTG1R
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBiam1jWmMxV1FJUGh3UFJmYzJKSnBMbVFLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVDMDgvODEyQTJDNTg3RDNCMTFFRDk4QkY5RTQ4QzRGOUFFMDIvMUQ1MTkxMzJE
NTVEMTFFRUI1NjBBQzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEtf8IwDQYJKoZIhvcNAQELBQADggEBALtTJ8tF2XYxCH51
dCZV3X/nyMg7/bU/vhQdiSmoC5OGuFmrkngS5LhQ7GpUReXTQm1clpYXm8KjxelM
t4pMUo1Xl+NYaEGoKoKF96Vs4ARLHwV5mdVF0o7svO0J+u/mQFxEgwqtljNXA4Vw
NHgr4XqMI+6WeVohc3nLc9p9Z0US4OgEkjpT8YEVU6HVT4NIaG7FP0sJx5PKbG0s
bG/RC7WR5ofUTQX+emEjWm19VRtLiNNiwSzGBvNJ8khOftVMpVMKPLPA611RW+hX
i9r2LPyp0wo1UKBxXOEdLDxAjv3/0td+JorP6CnrWGu8xi9yVV6TbjBj8u/iArAx
Wkk+rx0=
-----END CERTIFICATE-----
Generated at Thu Mar 7 05:37:04 2024 by rpki-client on console-ams.rpki-client.org