Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/3CFCDA78EB3D11EEA970C56CC4F9AE02.roa
File: 3CFCDA78EB3D11EEA970C56CC4F9AE02.roa (raw, json)
Hash identifier: SdpRVAYlgZ7YhozqvF0KOpRUzXJyHMCPR33hz4Z0FJs=
Subject key identifier: 6B:2C:EB:01:3E:76:AB:B6:E9:B8:B9:5D:B7:EF:39:25:42:E2:C6:EA
Certificate issuer: /CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Certificate serial: 0131
Authority key identifier: D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/3CFCDA78EB3D11EEA970C56CC4F9AE02.roa
Signing time: Wed 27 Mar 2024 06:51:20 +0000
ROA not before: Wed 27 Mar 2024 06:51:20 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 55933
IP address blocks: 45.127.194.0/23 maxlen: 23
45.127.194.0/24 maxlen: 24
45.127.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 09:56:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 305 (0x131)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Validity
Not Before: Mar 27 06:51:20 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6603c1e8-0f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:03:90:9e:29:02:ae:24:11:42:e5:1e:4a:dc:
f1:74:cc:94:48:3f:92:d7:9d:17:e6:d1:f4:d7:fa:
9c:45:62:95:0c:12:70:f8:13:cf:16:bf:64:57:aa:
54:64:da:01:13:71:ec:c2:e3:96:61:2e:77:62:4a:
9c:69:34:09:fb:79:1b:3d:51:4f:68:e4:7b:21:ce:
ee:10:e2:67:f9:c3:de:56:c3:2f:dd:ef:fb:c9:d4:
02:37:ec:c0:a1:72:07:75:1a:5f:d2:de:1b:45:92:
20:a7:1f:5d:ed:eb:64:d0:e0:81:d8:b1:88:ce:75:
1e:16:4b:eb:d3:f0:18:6f:aa:73:45:29:e0:50:be:
ed:28:95:c4:c5:37:fb:0e:3d:92:61:27:6a:d7:28:
54:85:54:18:24:04:f0:93:0d:af:86:a8:ab:23:fa:
a8:ba:fd:34:a3:91:30:1b:ac:02:1a:d1:fb:75:65:
e0:33:89:33:93:ea:f5:36:66:2c:b4:05:4d:61:b7:
e9:3a:a4:c5:b8:34:3c:77:90:c8:39:de:05:f0:fa:
31:3f:3d:b4:d3:97:95:9c:1e:86:e8:ab:49:80:8d:
4f:49:bb:30:d6:93:8b:ff:c0:88:ac:3c:3b:c8:a3:
0a:80:9e:1e:e6:a5:a3:ba:8a:01:1a:f3:4b:7f:06:
f9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:2C:EB:01:3E:76:AB:B6:E9:B8:B9:5D:B7:EF:39:25:42:E2:C6:EA
X509v3 Authority Key Identifier:
keyid:D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/0bjmcZc1WQIPhwPRfc2JJpLmQKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/3CFCDA78EB3D11EEA970C56CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.194.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:c5:a5:6c:9f:3e:79:cc:55:80:6a:8b:85:e2:9e:f3:c3:a0:
47:2c:fc:71:0f:07:bb:8a:32:5c:e9:d2:b8:68:33:b3:a1:db:
88:0d:c3:96:17:96:f6:59:c1:14:7e:3b:a4:0d:41:09:5a:d4:
4f:6e:cc:d3:9f:62:bb:50:9e:be:a6:ee:e0:61:d7:e8:6b:12:
73:0d:5b:03:36:13:1a:0d:48:12:9e:b6:18:1f:94:81:44:86:
76:c2:22:e2:fc:8d:86:7f:53:c8:ef:98:95:89:0f:bf:84:0a:
9d:69:08:f2:cd:e7:59:4d:81:98:b0:f9:53:d0:96:37:27:ef:
32:69:a5:7b:6e:81:11:a1:b0:23:31:0b:e8:b8:36:c7:ed:d9:
9c:d0:b9:b3:c3:f9:10:25:04:73:5e:af:3f:b0:e9:9b:6d:e9:
2f:82:3d:39:27:b8:c5:e1:26:b6:b6:f4:5b:ab:92:f8:67:71:
b9:23:39:90:ab:77:34:a3:74:e8:46:3e:ec:a4:2b:a0:bb:1c:
cb:7e:3e:06:fc:3a:bb:14:27:6a:90:90:5c:ba:6e:8d:7b:8f:
97:52:c6:26:da:22:c6:be:38:a3:b7:30:10:ac:d7:f2:14:2d:
19:23:e0:56:ba:3c:1e:5a:5b:b2:53:40:fd:04:1c:3a:61:5c:
14:07:53:b8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVDMDgxMTAvBgNVBAUTKEQxQjhFNjcxOTczNTU5MDIwRjg3MDNEMTdEQ0Q4OTI2
OTJFNjQwQTIwHhcNMjQwMzI3MDY1MTIwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzYzFlOC0wZjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvwOQnikCriQRQuUeStzxdMyUSD+S150X5tH01/qcRWKVDBJw+BPPFr9kV6pU
ZNoBE3HswuOWYS53YkqcaTQJ+3kbPVFPaOR7Ic7uEOJn+cPeVsMv3e/7ydQCN+zA
oXIHdRpf0t4bRZIgpx9d7etk0OCB2LGIznUeFkvr0/AYb6pzRSngUL7tKJXExTf7
Dj2SYSdq1yhUhVQYJATwkw2vhqirI/qouv00o5EwG6wCGtH7dWXgM4kzk+r1NmYs
tAVNYbfpOqTFuDQ8d5DIOd4F8PoxPz2005eVnB6G6KtJgI1PSbsw1pOL/8CIrDw7
yKMKgJ4e5qWjuooBGvNLfwb5WQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGss6wE+
dqu26bi5XbfvOSVC4sbqMB8GA1UdIwQYMBaAFNG45nGXNVkCD4cD0X3NiSaS5kCi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUMwOC84MTJBMkM1ODdE
M0IxMUVEOThCRjlFNDhDNEY5QUUwMi8wYmptY1pjMVdRSVBod1BSZmMySkpwTG1R
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBiam1jWmMxV1FJUGh3UFJmYzJKSnBMbVFLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVDMDgvODEyQTJDNTg3RDNCMTFFRDk4QkY5RTQ4QzRGOUFFMDIvM0NGQ0RBNzhF
QjNEMTFFRUE5NzBDNTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEtf8IwDQYJKoZIhvcNAQELBQADggEBACzFpWyfPnnMVYBq
i4XinvPDoEcs/HEPB7uKMlzp0rhoM7Oh24gNw5YXlvZZwRR+O6QNQQla1E9uzNOf
YrtQnr6m7uBh1+hrEnMNWwM2ExoNSBKethgflIFEhnbCIuL8jYZ/U8jvmJWJD7+E
Cp1pCPLN51lNgZiw+VPQljcn7zJppXtugRGhsCMxC+i4Nsft2ZzQubPD+RAlBHNe
rz+w6Ztt6S+CPTknuMXhJra29FurkvhncbkjOZCrdzSjdOhGPuykK6C7HMt+Pgb8
OrsUJ2qQkFy6bo17j5dSxibaIsa+OKO3MBCs1/IULRkj4Fa6PB5aW7JTQP0EHDph
XBQHU7g=
-----END CERTIFICATE-----
Generated at Wed May 8 14:39:15 2024 by rpki-client on console-fra.rpki-client.org