Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/C45A0E88946F11EF828F9F2FC4F9AE02.roa
File: C45A0E88946F11EF828F9F2FC4F9AE02.roa (raw, json)
Hash identifier: WQlI0kHO93cVlNwdqADD7Vhj100Mp6yLGHnll8I+3co=
Subject key identifier: 90:62:E7:E4:C8:76:2F:CD:81:6B:2C:9C:8E:49:2C:BA:53:D2:7F:9F
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 359F
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/C45A0E88946F11EF828F9F2FC4F9AE02.roa
Signing time: Sun 03 Nov 2024 10:14:39 +0000
ROA not before: Sun 03 Nov 2024 10:14:39 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 175.29.21.0/24 maxlen: 24
175.29.22.0/23 maxlen: 24
175.29.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 13:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13727 (0x359f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Nov 3 10:14:39 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67274d0f-3f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9e:40:7d:7e:17:ea:d2:93:63:67:e2:c9:33:
54:b4:3d:cf:73:bf:ae:15:f5:4f:76:c8:1c:b8:36:
87:37:98:0a:7a:f0:f0:18:f1:c7:86:59:9b:45:16:
01:94:22:29:7e:bd:b6:ba:c2:be:b6:c6:9a:4d:f1:
14:85:cd:b4:1c:3e:ac:27:32:3b:33:8e:93:c4:dd:
15:d2:d1:62:f9:ea:47:36:29:0e:65:82:eb:85:ff:
5c:d2:fe:e2:9c:79:02:ea:21:84:c9:4a:25:a4:4b:
09:ea:2f:f3:26:ee:c0:3f:96:4b:fb:3b:a8:1f:39:
f6:8e:ac:53:95:09:65:71:f1:8c:16:63:24:63:64:
e9:0f:b6:b5:5a:c6:48:be:7f:b6:e5:c9:dd:92:19:
13:0e:3b:fb:e9:05:e4:9f:3b:8d:e6:69:24:b5:95:
e7:bc:9b:b4:cb:7b:98:6c:8a:2d:b4:0f:c1:f3:ca:
9a:a8:cc:d6:c1:47:c5:f2:80:0f:e2:63:4a:cf:e4:
15:2f:50:34:35:64:8d:95:e1:b9:6a:01:48:64:de:
b7:f5:5a:43:a0:79:58:60:b6:21:b7:d5:69:bd:a9:
9b:dd:18:cd:c8:23:5e:23:43:ae:7b:dc:37:7b:15:
f8:c2:51:c8:44:d0:4d:3d:34:c5:c2:fa:0c:69:9a:
95:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:62:E7:E4:C8:76:2F:CD:81:6B:2C:9C:8E:49:2C:BA:53:D2:7F:9F
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/C45A0E88946F11EF828F9F2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.21.0-175.29.23.255
175.29.32.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:83:fc:88:b6:7e:53:ab:af:83:1a:2c:7e:bb:fe:ce:6a:89:
81:83:db:0a:ef:b8:d4:c5:fd:fa:45:d8:df:ec:43:e8:b8:3e:
09:2a:c4:6e:a6:3d:cf:37:2e:c6:bf:89:b7:1d:69:72:76:f8:
11:23:72:4c:30:ac:a6:a7:5b:d0:8b:21:98:18:16:97:43:7f:
68:a2:41:2d:6a:20:1a:70:db:95:f0:46:94:cf:82:c7:5c:60:
9b:ad:db:e5:ce:e2:6f:3c:39:ae:cf:90:7d:c3:b7:ea:3e:43:
90:d1:96:20:72:52:47:aa:7a:65:bb:73:f9:9e:d7:5c:19:48:
c2:1f:2e:a0:8c:ed:03:c6:81:54:48:53:98:56:9b:27:e8:97:
9b:82:54:56:6e:5a:a3:b3:c6:64:3d:9e:22:e0:05:a5:61:be:
58:55:a7:cc:e6:fe:bf:73:22:11:44:86:a8:7c:b0:19:2a:b2:
22:06:7d:0e:8b:58:41:c4:d5:c3:26:19:37:cc:c0:44:62:86:
8f:b2:bb:79:95:7d:f0:93:fc:a2:75:b5:0d:fb:08:df:67:fe:
38:c4:a7:03:9e:97:b2:34:93:47:87:50:79:83:0e:28:c9:31:
2c:5c:0a:3c:ef:f4:40:f0:a6:f5:9c:62:5a:43:98:96:23:c1:
d4:3e:b4:75
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICNZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjQxMTAzMTAxNDM5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI3NGQwZi0zZjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvp5AfX4X6tKTY2fiyTNUtD3Pc7+uFfVPdsgcuDaHN5gKevDwGPHHhlmbRRYB
lCIpfr22usK+tsaaTfEUhc20HD6sJzI7M46TxN0V0tFi+epHNikOZYLrhf9c0v7i
nHkC6iGEyUolpEsJ6i/zJu7AP5ZL+zuoHzn2jqxTlQllcfGMFmMkY2TpD7a1WsZI
vn+25cndkhkTDjv76QXknzuN5mkktZXnvJu0y3uYbIottA/B88qaqMzWwUfF8oAP
4mNKz+QVL1A0NWSNleG5agFIZN639VpDoHlYYLYht9Vpvamb3RjNyCNeI0Oue9w3
exX4wlHIRNBNPTTFwvoMaZqVCwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFJBi5+TI
di/NgWssnI5JLLpT0n+fMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvQzQ1QTBFODg5
NDZGMTFFRjgyOEY5RjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAK8dFQMEA68dEAMEAK8dIDANBgkqhkiG9w0BAQsFAAOC
AQEAnIP8iLZ+U6uvgxosfrv+zmqJgYPbCu+41MX9+kXY3+xD6Lg+CSrEbqY9zzcu
xr+Jtx1pcnb4ESNyTDCspqdb0IshmBgWl0N/aKJBLWogGnDblfBGlM+Cx1xgm63b
5c7ibzw5rs+QfcO36j5DkNGWIHJSR6p6Zbtz+Z7XXBlIwh8uoIztA8aBVEhTmFab
J+iXm4JUVm5ao7PGZD2eIuAFpWG+WFWnzOb+v3MiEUSGqHywGSqyIgZ9DotYQcTV
wyYZN8zARGKGj7K7eZV98JP8onW1DfsI32f+OMSnA56XsjSTR4dQeYMOKMkxLFwK
PO/0QPCm9ZxiWkOYliPB1D60dQ==
-----END CERTIFICATE-----
Generated at Mon Nov 4 14:58:13 2024 by rpki-client on console-fra.rpki-client.org