Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/4D2DB5C6E4D411E99A65E973C4F9AE02.roa
File: 4D2DB5C6E4D411E99A65E973C4F9AE02.roa (raw, json)
Hash identifier: e1WwRfMdie0Q6qYoqq+QhmvsGA3GCdhOythVQ2+bNeU=
Subject key identifier: 66:D0:A8:CB:1D:0C:AC:71:24:23:10:3F:D0:3D:7E:A8:C9:B9:0F:06
Certificate issuer: /CN=A915F89C/serialNumber=466F112442C5D02E60F24699193AE215195B3BA9
Certificate serial: 0C85
Authority key identifier: 46:6F:11:24:42:C5:D0:2E:60:F2:46:99:19:3A:E2:15:19:5B:3B:A9
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Rm8RJELF0C5g8kaZGTriFRlbO6k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/4D2DB5C6E4D411E99A65E973C4F9AE02.roa
Signing time: Fri 26 Jan 2024 07:40:00 +0000
ROA not before: Fri 26 Jan 2024 07:40:00 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 3758
IP address blocks: 151.192.0.0/18 maxlen: 18
151.192.64.0/18 maxlen: 18
151.192.128.0/17 maxlen: 17
151.192.132.0/22 maxlen: 22
151.192.160.0/20 maxlen: 20
151.192.192.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 30 May 2024 07:27:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3205 (0xc85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F89C/serialNumber=466F112442C5D02E60F24699193AE215195B3BA9
Validity
Not Before: Jan 26 07:40:00 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65b361d0-4597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:46:85:11:a2:56:e1:15:19:2f:02:92:fe:ea:
43:0c:f0:4b:d1:79:b6:0e:c1:3e:9b:fa:d2:85:34:
79:8a:d1:85:0c:05:cb:4c:da:54:23:2a:5f:c2:86:
df:b3:fb:f3:8e:ed:ad:42:1b:11:65:91:12:b7:38:
24:06:03:45:29:50:34:d4:66:91:17:d0:a0:4a:b7:
79:01:d0:3a:ba:d6:2d:a3:5c:e2:30:b9:cd:e2:5a:
16:87:ef:d9:f4:83:9f:3e:f3:ac:c1:95:7e:07:48:
66:ef:35:92:b7:c4:e9:17:f6:43:8f:b0:31:f9:1d:
b4:3d:e9:e4:c8:7c:e2:85:7c:cd:40:ed:5d:2f:01:
ab:97:e9:7e:20:99:68:09:7a:6a:7e:08:95:82:d0:
ac:56:e0:76:19:1c:7d:4d:3e:ec:7b:66:13:78:cd:
6f:ec:5d:f3:06:a4:93:66:11:dc:b6:cf:da:aa:76:
51:7f:c5:a7:0f:0c:d0:bf:3e:ec:d6:0a:c9:4b:2e:
f1:26:35:07:e5:58:f7:f7:8b:d3:03:9c:cf:a4:5f:
6d:37:12:0a:91:52:c1:41:59:d8:88:1b:ac:e3:cd:
45:e0:fa:0e:1d:7e:9b:8c:13:dc:d5:c5:4d:87:d4:
7a:36:fc:18:41:b1:25:fd:a4:6a:c6:e2:eb:9e:2d:
96:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D0:A8:CB:1D:0C:AC:71:24:23:10:3F:D0:3D:7E:A8:C9:B9:0F:06
X509v3 Authority Key Identifier:
keyid:46:6F:11:24:42:C5:D0:2E:60:F2:46:99:19:3A:E2:15:19:5B:3B:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/Rm8RJELF0C5g8kaZGTriFRlbO6k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Rm8RJELF0C5g8kaZGTriFRlbO6k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/4D2DB5C6E4D411E99A65E973C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.192.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:1b:13:43:ac:3b:a8:3f:12:b5:2b:e7:c8:9b:3b:77:82:6c:
51:20:f5:56:71:aa:15:35:4d:c1:e1:b9:6f:c7:9c:9c:11:b4:
c8:6b:4b:76:b2:8d:4a:38:39:97:ee:f8:b5:db:ce:cb:01:1c:
22:b9:3a:91:3a:9f:b9:43:52:1d:4f:98:7d:2e:d3:4c:b6:18:
d6:8e:7f:9e:6d:de:04:d2:14:ae:76:54:7d:ae:f8:f9:cb:78:
5c:14:8c:c2:3c:c8:a1:2c:5f:a2:9f:c6:ef:20:14:51:79:4c:
82:27:01:17:08:cc:e7:40:ec:e6:e0:19:56:10:3f:9c:d1:a3:
a8:95:28:df:f1:c0:51:92:0b:0d:09:22:59:4d:e5:54:8d:40:
c3:e6:9f:de:3c:88:9f:44:d4:32:11:0c:ad:e3:f4:15:fa:3e:
1b:dc:77:5e:27:9a:c4:fe:c4:23:7a:8e:36:4d:6f:b6:ba:0c:
e0:a7:61:60:e6:28:1a:e6:b6:d2:5c:32:d4:c2:24:18:be:4e:
a2:da:c9:5a:78:b7:6f:0e:4e:b8:76:d5:18:f0:e4:a3:6c:c9:
86:d4:32:a0:c8:3d:6b:a3:c8:61:4d:00:8a:20:7d:13:9d:61:
46:57:6f:06:ed:31:44:98:da:db:26:80:04:a6:aa:3f:f3:90:
f8:d0:ee:67
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICDIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUY4OUMxMTAvBgNVBAUTKDQ2NkYxMTI0NDJDNUQwMkU2MEYyNDY5OTE5M0FFMjE1
MTk1QjNCQTkwHhcNMjQwMTI2MDc0MDAwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWIzNjFkMC00NTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv0aFEaJW4RUZLwKS/upDDPBL0Xm2DsE+m/rShTR5itGFDAXLTNpUIypfwobf
s/vzju2tQhsRZZEStzgkBgNFKVA01GaRF9CgSrd5AdA6utYto1ziMLnN4loWh+/Z
9IOfPvOswZV+B0hm7zWSt8TpF/ZDj7Ax+R20PenkyHzihXzNQO1dLwGrl+l+IJlo
CXpqfgiVgtCsVuB2GRx9TT7se2YTeM1v7F3zBqSTZhHcts/aqnZRf8WnDwzQvz7s
1grJSy7xJjUH5Vj394vTA5zPpF9tNxIKkVLBQVnYiBus481F4PoOHX6bjBPc1cVN
h9R6NvwYQbEl/aRqxuLrni2WuwIDAQABo4IClDCCApAwHQYDVR0OBBYEFGbQqMsd
DKxxJCMQP9A9fqjJuQ8GMB8GA1UdIwQYMBaAFEZvESRCxdAuYPJGmRk64hUZWzup
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy8wMUIwNjlGNkNF
QkIxMUU5OUIxRjdEM0VDNEY5QUUwMi9SbThSSkVMRjBDNWc4a2FaR1RyaUZSbGJP
NmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL1JtOFJKRUxGMEM1ZzhrYVpHVHJpRlJsYk82ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUY4OUMvMDFCMDY5RjZDRUJCMTFFOTlCMUY3RDNFQzRGOUFFMDIvNEQyREI1QzZF
NEQ0MTFFOTlBNjVFOTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCXwDANBgkqhkiG9w0BAQsFAAOCAQEABRsTQ6w7qD8StSvn
yJs7d4JsUSD1VnGqFTVNweG5b8ecnBG0yGtLdrKNSjg5l+74tdvOywEcIrk6kTqf
uUNSHU+YfS7TTLYY1o5/nm3eBNIUrnZUfa74+ct4XBSMwjzIoSxfop/G7yAUUXlM
gicBFwjM50Ds5uAZVhA/nNGjqJUo3/HAUZILDQkiWU3lVI1Aw+af3jyIn0TUMhEM
reP0Ffo+G9x3XieaxP7EI3qONk1vtroM4KdhYOYoGua20lwy1MIkGL5OotrJWni3
bw5OuHbVGPDko2zJhtQyoMg9a6PIYU0AiiB9E51hRldvBu0xRJja2yaABKaqP/OQ
+NDuZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org