Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/3D981CCC3A1E11E79AA0D51CC4F9AE02/AAC94CB26AEE11EBA768DD39C4F9AE02.roa
File: AAC94CB26AEE11EBA768DD39C4F9AE02.roa (raw, json)
Hash identifier: /bUnaqabgJiHZue1LGYlgQ/QaQCsJLzaLaCB5/3IJUY=
Subject key identifier: 6C:F2:A1:66:E2:A7:25:60:5F:8C:1A:6B:BA:5E:06:A9:75:FC:1D:0B
Certificate issuer: /CN=A9150F66/serialNumber=AA32562429F896C0A5CBDE564431480339BEBA97
Certificate serial: 198C
Authority key identifier: AA:32:56:24:29:F8:96:C0:A5:CB:DE:56:44:31:48:03:39:BE:BA:97
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qjJWJCn4lsCly95WRDFIAzm-upc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/3D981CCC3A1E11E79AA0D51CC4F9AE02/AAC94CB26AEE11EBA768DD39C4F9AE02.roa
Signing time: Thu 28 Dec 2023 06:05:23 +0000
ROA not before: Thu 28 Dec 2023 06:05:23 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 24440
IP address blocks: 72.255.0.0/18 maxlen: 24
139.135.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 06:08:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6540 (0x198c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66/serialNumber=AA32562429F896C0A5CBDE564431480339BEBA97
Validity
Not Before: Dec 28 06:05:23 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=658d1023-b5c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e4:df:c3:65:86:ca:da:64:b3:18:50:dd:e4:
02:d5:e8:9f:66:f9:28:5a:8f:35:7b:88:65:51:1f:
ff:12:7a:a9:12:00:44:61:53:5e:bf:3a:c6:6d:cf:
d3:91:11:e3:91:df:52:d8:80:45:ae:ef:32:17:66:
2d:e2:c0:a2:d9:19:42:43:77:89:4d:aa:ea:a8:38:
6d:0c:0f:0e:e0:87:58:87:ef:81:4a:ed:3e:dc:97:
7b:44:18:41:a3:75:b6:a0:51:2a:be:7c:d3:91:23:
e4:f0:db:fb:79:55:78:32:9f:03:91:e8:6c:13:24:
ee:0e:a5:e9:3a:af:3c:53:71:cd:ca:ab:73:f0:8a:
57:b3:b4:1b:06:78:97:e4:b9:f4:ff:0e:81:91:2d:
e8:15:33:3a:a8:6f:4a:26:a3:25:c2:40:3c:79:17:
33:0b:5c:5b:53:c4:1d:4e:d9:44:b1:bb:3a:7f:90:
22:f6:04:80:f9:0b:44:af:05:9d:58:41:03:fa:fa:
eb:b6:c9:4c:95:82:c9:1b:b5:85:9f:db:ac:65:65:
6c:40:b1:03:1c:9e:0e:48:4a:ac:33:09:bf:2c:ac:
5d:3a:1d:e4:eb:ef:00:e2:38:94:7e:5d:14:4b:6a:
96:92:52:1d:c7:b5:a6:23:6d:e1:5d:97:0f:45:4d:
24:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F2:A1:66:E2:A7:25:60:5F:8C:1A:6B:BA:5E:06:A9:75:FC:1D:0B
X509v3 Authority Key Identifier:
keyid:AA:32:56:24:29:F8:96:C0:A5:CB:DE:56:44:31:48:03:39:BE:BA:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/3D981CCC3A1E11E79AA0D51CC4F9AE02/qjJWJCn4lsCly95WRDFIAzm-upc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qjJWJCn4lsCly95WRDFIAzm-upc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/3D981CCC3A1E11E79AA0D51CC4F9AE02/AAC94CB26AEE11EBA768DD39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
72.255.0.0/18
139.135.51.0/24
Signature Algorithm: sha256WithRSAEncryption
36:16:da:5a:d7:c3:17:16:fb:03:bc:1b:1b:12:a2:45:cd:ef:
96:32:c8:a8:5b:0e:c8:ef:a7:08:ac:40:50:82:27:cb:88:3c:
2a:9a:f1:7a:50:f5:14:92:42:8a:0e:5e:84:59:63:07:0c:80:
24:c4:f1:4f:ba:02:bf:1e:b1:64:f1:15:f6:0c:9e:0b:dd:9f:
34:d6:ba:d0:bb:87:c1:d5:9e:ac:24:82:62:b9:eb:a2:d8:1f:
9a:8c:8c:e5:42:95:01:dc:18:79:17:49:52:e8:9a:11:34:8e:
8e:e0:3c:20:1e:1c:d8:e6:2d:3f:ae:4e:63:e5:5f:c0:f8:3d:
8a:1c:24:46:9b:55:b2:f9:68:a3:ba:ae:2a:5d:d2:12:0b:8c:
35:10:d4:cc:53:56:cd:28:bb:36:c2:6a:6d:42:dd:21:cb:de:
45:9a:fd:c4:94:69:94:e8:5e:bf:ef:bc:df:3a:ff:59:ed:a0:
6b:d5:f9:b3:52:79:6b:e5:cd:d6:78:44:a2:37:c6:f2:6f:cc:
a3:19:db:89:3a:37:82:35:36:4d:ab:f9:00:3a:60:42:7e:28:
aa:01:45:6f:4d:6c:c8:90:66:d2:61:93:cd:5b:56:d1:ba:8f:
a8:b0:3d:50:09:6a:bf:67:44:5c:7f:5e:2b:74:d3:6b:13:ed:
b9:9c:11:ad
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICGYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKEFBMzI1NjI0MjlGODk2QzBBNUNCREU1NjQ0MzE0ODAz
MzlCRUJBOTcwHhcNMjMxMjI4MDYwNTIzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThkMTAyMy1iNWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAreTfw2WGytpksxhQ3eQC1eifZvkoWo81e4hlUR//EnqpEgBEYVNevzrGbc/T
kRHjkd9S2IBFru8yF2Yt4sCi2RlCQ3eJTarqqDhtDA8O4IdYh++BSu0+3Jd7RBhB
o3W2oFEqvnzTkSPk8Nv7eVV4Mp8DkehsEyTuDqXpOq88U3HNyqtz8IpXs7QbBniX
5Ln0/w6BkS3oFTM6qG9KJqMlwkA8eRczC1xbU8QdTtlEsbs6f5Ai9gSA+QtErwWd
WEED+vrrtslMlYLJG7WFn9usZWVsQLEDHJ4OSEqsMwm/LKxdOh3k6+8A4jiUfl0U
S2qWklIdx7WmI23hXZcPRU0kdQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGzyoWbi
pyVgX4waa7peBql1/B0LMB8GA1UdIwQYMBaAFKoyViQp+JbApcveVkQxSAM5vrqX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni8zRDk4MUNDQzNB
MUUxMUU3OUFBMEQ1MUNDNEY5QUUwMi9xakpXSkNuNGxzQ2x5OTVXUkRGSUF6bS11
cGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3FqSldKQ240bHNDbHk5NVdSREZJQXptLXVwYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvM0Q5ODFDQ0MzQTFFMTFFNzlBQTBENTFDQzRGOUFFMDIvQUFDOTRDQjI2
QUVFMTFFQkE3NjhERDM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAZI/wADBACLhzMwDQYJKoZIhvcNAQELBQADggEBADYW2lrX
wxcW+wO8GxsSokXN75YyyKhbDsjvpwisQFCCJ8uIPCqa8XpQ9RSSQooOXoRZYwcM
gCTE8U+6Ar8esWTxFfYMngvdnzTWutC7h8HVnqwkgmK566LYH5qMjOVClQHcGHkX
SVLomhE0jo7gPCAeHNjmLT+uTmPlX8D4PYocJEabVbL5aKO6ripd0hILjDUQ1MxT
Vs0ouzbCam1C3SHL3kWa/cSUaZToXr/vvN86/1ntoGvV+bNSeWvlzdZ4RKI3xvJv
zKMZ24k6N4I1Nk2r+QA6YEJ+KKoBRW9NbMiQZtJhk81bVtG6j6iwPVAJar9nRFx/
Xit002sT7bmcEa0=
-----END CERTIFICATE-----
Generated at Tue Feb 20 06:57:33 2024 by rpki-client on console-ams.rpki-client.org