Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/A22C946CB3D011EB950C7559C4F9AE02.roa
File: A22C946CB3D011EB950C7559C4F9AE02.roa (raw, json)
Hash identifier: t3EFRBF+PLfouJQDpoB/zlBtHSXK2DY5Qk/k/wad1ks=
Subject key identifier: 2E:67:A2:58:21:BC:A5:EA:92:BB:6E:88:50:58:8F:62:F8:1E:60:D0
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 3456
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/A22C946CB3D011EB950C7559C4F9AE02.roa
Signing time: Wed 04 Oct 2023 14:50:34 +0000
ROA not before: Wed 04 Oct 2023 14:50:34 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 35554
IP address blocks: 175.29.0.0/18 maxlen: 24
175.29.64.0/19 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 18:09:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13398 (0x3456)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Oct 4 14:50:34 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=651d7bb9-46c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7b:f3:ff:08:9f:a0:dc:5e:59:cd:23:45:d9:
15:73:c9:d2:d4:fa:62:5b:a3:fe:05:5e:79:8c:d7:
ee:d2:e7:7c:b0:6e:1e:67:c2:bb:93:f1:01:4b:d5:
2c:8e:ff:c0:0b:74:8d:ab:5e:af:3e:fd:be:4f:3f:
34:2e:30:23:a3:50:e3:59:26:c0:71:7e:54:54:1d:
00:f7:83:0d:54:61:38:64:3b:f2:42:3e:15:8c:06:
98:b7:50:82:2e:c6:08:3c:a2:d0:5a:0f:18:36:0b:
57:d7:b0:3c:b3:ae:5f:c0:13:55:b7:70:19:2b:ca:
39:2f:c3:28:b2:07:43:a1:17:4c:e5:d8:74:21:8c:
f9:1a:5e:b1:d0:3e:5b:d4:4b:b6:79:4d:60:cf:79:
f7:b7:d0:8c:15:d4:0a:53:d2:7f:0c:8e:0a:51:10:
a7:fc:8a:e5:5d:10:c5:15:7d:47:ee:c3:17:7b:9b:
15:68:27:c5:29:08:71:2d:f4:df:50:12:b3:a9:5f:
c2:5d:c2:86:a6:6f:ee:61:a0:33:b1:75:22:33:f9:
b5:b8:b8:b2:ff:35:03:e3:55:15:52:16:84:bc:94:
ec:96:6a:f0:ea:be:a5:24:4f:56:3b:97:c4:a9:61:
04:c9:d9:91:4c:d9:72:41:15:2b:9d:70:e5:be:64:
36:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:67:A2:58:21:BC:A5:EA:92:BB:6E:88:50:58:8F:62:F8:1E:60:D0
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/A22C946CB3D011EB950C7559C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.0.0-175.29.95.255
Signature Algorithm: sha256WithRSAEncryption
11:28:e4:09:b9:2b:71:c3:6e:71:1d:69:ed:e8:f2:49:73:36:
96:e4:7b:38:80:4e:be:ad:5a:d4:22:f5:3b:a0:5d:d3:6d:b1:
25:74:2d:30:89:56:4f:cb:19:c8:e3:ca:25:21:48:7b:1a:58:
ba:84:47:68:4d:6b:97:1f:17:ef:7e:aa:02:d1:c2:34:8d:6b:
7f:64:76:b4:c4:df:9a:50:61:7b:88:65:14:02:74:69:71:f4:
de:eb:80:c6:e8:e9:f8:53:68:0c:45:fe:c2:f1:f4:3a:32:0f:
14:66:b7:32:bb:d2:8f:42:3b:bf:1e:02:3d:67:fe:0a:33:29:
b5:43:49:e3:ca:be:12:a2:d2:4f:71:d1:ed:a9:95:5a:81:5e:
4e:e8:61:ec:57:ea:fe:30:02:b2:51:dc:61:f4:34:42:40:41:
b3:e0:54:b1:ea:ec:e8:4c:39:76:d8:e9:b9:84:90:3e:52:b4:
e6:52:41:a2:e1:2a:9e:b0:66:e1:a7:f4:15:70:0b:41:ec:c4:
54:e8:12:af:ed:b0:01:e4:73:16:c3:75:65:49:b2:bf:7d:cf:
08:13:a5:9d:73:a8:38:c7:ea:91:03:f8:90:cc:e0:9b:c0:f1:
1f:c5:f5:56:13:ba:65:e5:21:72:c0:a2:ce:65:50:da:45:20:
5e:d1:0e:23
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgICNFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjMxMDA0MTQ1MDM0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkN2JiOS00NmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzXvz/wifoNxeWc0jRdkVc8nS1PpiW6P+BV55jNfu0ud8sG4eZ8K7k/EBS9Us
jv/AC3SNq16vPv2+Tz80LjAjo1DjWSbAcX5UVB0A94MNVGE4ZDvyQj4VjAaYt1CC
LsYIPKLQWg8YNgtX17A8s65fwBNVt3AZK8o5L8MosgdDoRdM5dh0IYz5Gl6x0D5b
1Eu2eU1gz3n3t9CMFdQKU9J/DI4KURCn/IrlXRDFFX1H7sMXe5sVaCfFKQhxLfTf
UBKzqV/CXcKGpm/uYaAzsXUiM/m1uLiy/zUD41UVUhaEvJTslmrw6r6lJE9WO5fE
qWEEydmRTNlyQRUrnXDlvmQ2iwIDAQABo4ICnDCCApgwHQYDVR0OBBYEFC5nolgh
vKXqkrtuiFBYj2L4HmDQMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvQTIyQzk0NkNC
M0QwMTFFQjk1MEM3NTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQcBAf8E
FzAVMBMEAgABMA0wCwMDAK8dAwQFrx1AMA0GCSqGSIb3DQEBCwUAA4IBAQARKOQJ
uStxw25xHWnt6PJJczaW5Hs4gE6+rVrUIvU7oF3TbbEldC0wiVZPyxnI48olIUh7
Gli6hEdoTWuXHxfvfqoC0cI0jWt/ZHa0xN+aUGF7iGUUAnRpcfTe64DG6On4U2gM
Rf7C8fQ6Mg8UZrcyu9KPQju/HgI9Z/4KMym1Q0njyr4SotJPcdHtqZVagV5O6GHs
V+r+MAKyUdxh9DRCQEGz4FSx6uzoTDl22Om5hJA+UrTmUkGi4SqesGbhp/QVcAtB
7MRU6BKv7bAB5HMWw3VlSbK/fc8IE6Wdc6g4x+qRA/iQzOCbwPEfxfVWE7pl5SFy
wKLOZVDaRSBe0Q4j
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-ams.rpki-client.org