Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/03F387AC7B1D11EFA9F2962CC4F9AE02.roa
File: 03F387AC7B1D11EFA9F2962CC4F9AE02.roa (raw, json)
Hash identifier: aynIZEaaZIE9M1T6oYorW5jC/hBn0IlgNb462+xD4cM=
Subject key identifier: 3F:48:BB:30:14:4F:A8:7A:B4:67:9A:6A:65:AD:C9:92:65:85:33:D9
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 356F
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/03F387AC7B1D11EFA9F2962CC4F9AE02.roa
Signing time: Thu 10 Oct 2024 14:50:50 +0000
ROA not before: Thu 10 Oct 2024 14:50:50 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 212238
IP address blocks: 175.29.22.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13679 (0x356f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Oct 10 14:50:50 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6707e9ca-711a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:39:8d:d9:50:04:c2:b6:22:d9:37:5f:3b:c8:
97:3f:1d:ba:7a:04:55:87:4e:37:9f:63:73:3e:b2:
73:4f:83:4f:e0:e8:06:b3:a0:74:ef:bb:49:50:d9:
bd:4b:fa:6c:82:c3:e3:9a:a0:3a:36:2c:5f:7e:8f:
71:40:b4:e5:f5:6d:4b:c1:be:44:a1:09:23:ac:58:
a5:ae:d1:80:61:c8:71:7d:bd:7b:c6:f9:ee:46:d6:
dc:4c:20:3d:40:2f:3d:1a:5d:01:3b:1e:1d:9e:2c:
3a:5c:0d:d1:fb:1c:2f:75:15:78:0d:0a:c2:57:a4:
de:7c:7f:4e:04:a3:a1:55:51:a4:e2:db:5d:81:b8:
31:f1:e6:31:5d:dc:cf:9f:91:ef:73:ee:23:2d:59:
9b:d7:4b:18:fb:5e:d9:e8:91:47:af:f8:b1:c0:7d:
bf:6c:c4:e2:0c:31:79:a2:f4:4d:a8:b8:9e:19:28:
92:61:b9:c0:df:4d:c0:98:b7:25:e5:04:30:26:8c:
31:c2:d3:00:8e:ad:73:94:96:67:c7:f3:aa:8f:50:
72:a6:d2:9d:16:fb:aa:16:82:7a:dd:15:e7:b3:8e:
ba:39:90:b3:f7:f9:8a:c3:dd:c9:db:11:d7:03:30:
72:7e:77:66:66:98:7b:97:45:8e:59:d9:0f:1b:9e:
a0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:48:BB:30:14:4F:A8:7A:B4:67:9A:6A:65:AD:C9:92:65:85:33:D9
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/03F387AC7B1D11EFA9F2962CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.22.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:40:93:3b:25:77:45:55:be:1b:ba:f0:23:0a:36:63:41:00:
aa:d9:cf:aa:75:6e:58:60:8c:18:b5:84:48:2b:52:cd:b2:9f:
33:f8:5b:3a:10:af:63:d9:12:24:0d:9e:8c:3a:0c:fd:93:5f:
aa:d2:b6:2d:0c:be:be:f2:a5:e7:bb:d6:73:ab:c3:ad:7e:88:
c6:7a:9d:f7:db:15:66:cb:4c:8f:dc:3d:b4:a7:70:34:52:36:
59:4a:73:f9:ed:ef:0b:94:cd:70:b6:a3:30:e7:54:a4:33:e1:
cb:e6:76:67:bb:dd:8b:5c:21:05:a5:ff:5a:30:8e:bf:c5:82:
79:df:68:70:d0:17:dc:d3:36:fb:f7:15:6d:49:0b:01:74:42:
a3:04:a6:78:81:c7:e9:9e:c9:8b:3c:38:45:f5:b6:54:24:07:
10:8e:c7:db:ae:0c:71:d9:6a:eb:32:da:8d:28:56:cb:47:e9:
fe:b4:86:f7:3d:7c:d3:9e:e5:19:11:4b:13:a6:57:90:9a:27:
b3:a8:93:a0:df:79:35:f9:a5:52:a8:aa:57:f3:02:48:1a:0d:
29:34:d9:fd:60:07:ad:72:79:13:66:a7:96:02:d7:32:54:ac:
95:06:a5:0b:9e:fb:3d:1d:0c:3c:84:e7:de:f5:50:53:5c:41:
8f:99:b2:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNW8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjQxMDEwMTQ1MDUwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA3ZTljYS03MTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArDmN2VAEwrYi2TdfO8iXPx26egRVh043n2NzPrJzT4NP4OgGs6B077tJUNm9
S/psgsPjmqA6Nixffo9xQLTl9W1Lwb5EoQkjrFilrtGAYchxfb17xvnuRtbcTCA9
QC89Gl0BOx4dniw6XA3R+xwvdRV4DQrCV6TefH9OBKOhVVGk4ttdgbgx8eYxXdzP
n5Hvc+4jLVmb10sY+17Z6JFHr/ixwH2/bMTiDDF5ovRNqLieGSiSYbnA303AmLcl
5QQwJowxwtMAjq1zlJZnx/Oqj1ByptKdFvuqFoJ63RXns466OZCz9/mKw93J2xHX
AzByfndmZph7l0WOWdkPG56g4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFD9IuzAU
T6h6tGeaamWtyZJlhTPZMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvMDNGMzg3QUM3
QjFEMTFFRkE5RjI5NjJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGvHRYwDQYJKoZIhvcNAQELBQADggEBAF9Akzsld0VVvhu6
8CMKNmNBAKrZz6p1blhgjBi1hEgrUs2ynzP4WzoQr2PZEiQNnow6DP2TX6rSti0M
vr7ypee71nOrw61+iMZ6nffbFWbLTI/cPbSncDRSNllKc/nt7wuUzXC2ozDnVKQz
4cvmdme73YtcIQWl/1owjr/FgnnfaHDQF9zTNvv3FW1JCwF0QqMEpniBx+meyYs8
OEX1tlQkBxCOx9uuDHHZausy2o0oVstH6f60hvc9fNOe5RkRSxOmV5CaJ7Ook6Df
eTX5pVKoqlfzAkgaDSk02f1gB61yeRNmp5YC1zJUrJUGpQue+z0dDDyE5971UFNc
QY+Zsvw=
-----END CERTIFICATE-----
Generated at Fri Oct 25 12:38:01 2024 by rpki-client on console-ams.rpki-client.org