Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/A30D821C4F2511EF8BB04726C4F9AE02.roa
File: A30D821C4F2511EF8BB04726C4F9AE02.roa (raw, json)
Hash identifier: QDo3DR5jpl6YHz1akunfiUkR1qm89h+omujvll+RmbM=
Subject key identifier: 72:D3:29:8C:05:20:CC:19:55:25:08:4E:64:C0:C1:B9:DD:B8:B9:C1
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 3564
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/A30D821C4F2511EF8BB04726C4F9AE02.roa
Signing time: Thu 10 Oct 2024 14:50:41 +0000
ROA not before: Thu 10 Oct 2024 14:50:41 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 136897
IP address blocks: 175.29.19.0/24 maxlen: 24
175.29.20.0/24 maxlen: 24
175.29.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Oct 2024 09:57:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13668 (0x3564)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Oct 10 14:50:41 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6707e9c0-e663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5b:ff:75:40:76:49:aa:0f:7c:c5:3a:2c:c0:
d6:38:93:78:69:6d:31:d2:26:59:21:47:26:c1:c2:
49:1a:1d:ff:ca:f9:3b:67:26:42:78:db:52:a9:09:
ef:40:40:79:1d:6d:69:c0:16:28:50:96:c6:81:4d:
75:b6:14:76:5b:ff:f8:7d:bc:66:f2:4d:51:55:2d:
b2:8b:52:8d:ed:25:ca:52:5f:84:29:07:b4:fe:53:
93:04:e9:6a:f9:8a:08:59:b9:a7:9f:e2:d8:9e:06:
da:0e:2d:74:92:16:6d:db:c1:74:37:93:46:dd:e2:
88:e7:4d:3d:08:a3:f1:7c:b4:be:33:a0:11:a6:0b:
9c:39:1b:1c:f5:26:69:4d:79:35:b7:26:49:b1:df:
8c:fd:76:63:43:5b:f1:32:31:e7:0a:2b:14:9b:5f:
23:70:fa:09:24:bf:4f:88:d0:00:0b:ed:32:b5:3f:
09:e8:29:d7:86:32:73:29:86:35:21:d5:37:30:b8:
33:9a:5f:13:8f:5d:a6:eb:6a:e0:87:eb:b1:0b:dc:
14:d5:0b:dc:dd:4d:b4:2c:b1:5e:14:92:1d:44:fb:
cd:43:c1:f6:76:77:39:b3:e4:a6:e8:f3:e4:15:ba:
a4:eb:ba:55:d9:1e:48:c9:3b:99:b1:f0:e9:67:49:
14:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D3:29:8C:05:20:CC:19:55:25:08:4E:64:C0:C1:B9:DD:B8:B9:C1
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/A30D821C4F2511EF8BB04726C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.19.0-175.29.20.255
175.29.120.0/22
Signature Algorithm: sha256WithRSAEncryption
90:73:30:80:ec:0c:0c:da:8d:fe:b7:b1:8d:9c:9c:00:dc:c3:
3b:c0:60:35:d4:92:29:58:f6:a6:9f:15:04:f5:56:9e:2f:86:
97:3e:f8:0c:7c:65:96:80:0d:db:51:42:ef:3d:e3:03:11:9a:
66:b3:d0:10:24:bd:08:47:e7:31:11:c4:68:ef:1b:c7:7d:2a:
2c:22:8a:21:b5:83:cc:f2:33:ce:f1:76:e9:f3:8d:45:dc:5a:
41:7e:bc:5d:85:f3:09:db:85:d8:0e:41:cf:b1:d3:b6:f5:2e:
3d:dd:48:18:09:99:aa:67:d1:d0:57:2d:79:e5:9f:ef:20:0f:
7a:4e:3e:38:83:63:a0:5c:fd:f9:4e:40:36:f0:93:87:65:a2:
a2:74:0f:4c:55:0a:98:1b:94:98:77:0b:34:e2:f6:4d:48:d5:
27:b9:e8:4d:3f:de:74:cf:1d:cc:72:d9:48:22:e7:d4:ad:8a:
9c:e6:e3:67:a8:4a:23:2a:aa:06:0e:03:f4:53:59:b6:76:f6:
0a:e9:18:40:b0:7a:0d:71:48:86:5a:dc:e2:6e:49:86:c1:60:
2f:ed:c2:cf:93:49:9d:80:94:31:21:9b:74:8d:05:47:e5:01:
08:91:04:f3:7d:9c:e0:d3:1e:da:d3:67:e9:13:02:c0:f4:29:
42:ef:e6:4f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICNWQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjQxMDEwMTQ1MDQxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA3ZTljMC1lNjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxlv/dUB2SaoPfMU6LMDWOJN4aW0x0iZZIUcmwcJJGh3/yvk7ZyZCeNtSqQnv
QEB5HW1pwBYoUJbGgU11thR2W//4fbxm8k1RVS2yi1KN7SXKUl+EKQe0/lOTBOlq
+YoIWbmnn+LYngbaDi10khZt28F0N5NG3eKI5009CKPxfLS+M6ARpgucORsc9SZp
TXk1tyZJsd+M/XZjQ1vxMjHnCisUm18jcPoJJL9PiNAAC+0ytT8J6CnXhjJzKYY1
IdU3MLgzml8Tj12m62rgh+uxC9wU1Qvc3U20LLFeFJIdRPvNQ8H2dnc5s+Sm6PPk
Fbqk67pV2R5IyTuZsfDpZ0kUfQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFHLTKYwF
IMwZVSUITmTAwbnduLnBMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvQTMwRDgyMUM0
RjI1MTFFRjhCQjA0NzI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAK8dEwMEAK8dFAMEAq8deDANBgkqhkiG9w0BAQsFAAOC
AQEAkHMwgOwMDNqN/rexjZycANzDO8BgNdSSKVj2pp8VBPVWni+Glz74DHxlloAN
21FC7z3jAxGaZrPQECS9CEfnMRHEaO8bx30qLCKKIbWDzPIzzvF26fONRdxaQX68
XYXzCduF2A5Bz7HTtvUuPd1IGAmZqmfR0FcteeWf7yAPek4+OINjoFz9+U5ANvCT
h2WionQPTFUKmBuUmHcLNOL2TUjVJ7noTT/edM8dzHLZSCLn1K2KnObjZ6hKIyqq
Bg4D9FNZtnb2CukYQLB6DXFIhlrc4m5JhsFgL+3Cz5NJnYCUMSGbdI0FR+UBCJEE
832c4NMe2tNn6RMCwPQpQu/mTw==
-----END CERTIFICATE-----
Generated at Fri Oct 25 12:38:01 2024 by rpki-client on console-ams.rpki-client.org