Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164CD2/D78AF74428F211EABD81F164C4F9AE02/CC14DEB885B611EFBDA36659C4F9AE02.roa
File: CC14DEB885B611EFBDA36659C4F9AE02.roa (raw, json)
Hash identifier: a5Srwzsv4oPQsVKzHT2Ljtx+gH2Y7IU7p2sGcSLcwPo=
Subject key identifier: 9D:C1:E5:72:E3:DD:9D:C8:EA:10:16:F0:F3:88:FB:50:0A:06:69:A7
Certificate issuer: /CN=A9164CD2/serialNumber=91C3C480EE8BCDC1528B1E8B9746B65FDC61974C
Certificate serial: 0B2F
Authority key identifier: 91:C3:C4:80:EE:8B:CD:C1:52:8B:1E:8B:97:46:B6:5F:DC:61:97:4C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcPEgO6LzcFSix6Ll0a2X9xhl0w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164CD2/D78AF74428F211EABD81F164C4F9AE02/CC14DEB885B611EFBDA36659C4F9AE02.roa
Signing time: Tue 08 Oct 2024 20:49:23 +0000
ROA not before: Tue 08 Oct 2024 20:49:23 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 32708
IP address blocks: 45.65.44.0/24 maxlen: 24
45.65.45.0/24 maxlen: 24
45.65.46.0/23 maxlen: 23
45.65.46.0/24 maxlen: 24
45.65.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 20:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2863 (0xb2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164CD2/serialNumber=91C3C480EE8BCDC1528B1E8B9746B65FDC61974C
Validity
Not Before: Oct 8 20:49:23 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=67059ad2-c519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:51:37:96:48:df:d8:84:9a:f8:05:36:ac:09:
55:87:be:e7:4e:53:be:2d:2a:46:41:96:04:18:07:
3c:3a:20:e0:f9:e3:df:a5:3c:20:3e:de:55:80:a7:
b9:6d:6e:d1:b7:5e:06:dd:6d:04:94:66:e8:7b:d9:
9e:7e:ff:96:33:d9:04:e9:35:64:cc:05:90:cf:3c:
f8:ac:3f:89:17:09:53:ec:46:99:0c:a5:a1:7f:60:
31:3a:0e:5c:d2:c8:71:a8:50:2b:d3:47:d1:dc:d5:
89:df:92:64:c4:65:27:35:97:c3:d5:57:82:ac:79:
8d:d5:60:7b:5c:22:4a:fa:eb:b3:dd:3f:c2:af:65:
67:cd:2f:1b:34:4e:93:f5:4c:20:82:0b:6e:29:8c:
33:dd:0a:1f:7f:04:92:58:09:5f:a4:c8:e6:ea:a6:
3e:17:d9:a2:1d:3a:d0:c1:1b:3e:cd:0c:85:eb:64:
3d:01:af:88:76:b2:99:b7:e2:76:be:f3:b5:b0:ce:
71:bd:62:23:69:a6:83:e5:10:0c:6b:67:bb:5a:d9:
e4:f2:3b:d4:f3:50:cd:52:9b:b7:52:43:29:12:80:
a1:a5:4b:c2:cb:8b:6d:0d:be:8e:16:23:e9:50:a6:
ee:43:0f:20:56:bd:1a:ca:99:61:9c:69:e6:aa:1f:
08:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C1:E5:72:E3:DD:9D:C8:EA:10:16:F0:F3:88:FB:50:0A:06:69:A7
X509v3 Authority Key Identifier:
keyid:91:C3:C4:80:EE:8B:CD:C1:52:8B:1E:8B:97:46:B6:5F:DC:61:97:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164CD2/D78AF74428F211EABD81F164C4F9AE02/kcPEgO6LzcFSix6Ll0a2X9xhl0w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kcPEgO6LzcFSix6Ll0a2X9xhl0w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164CD2/D78AF74428F211EABD81F164C4F9AE02/CC14DEB885B611EFBDA36659C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.65.44.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:52:ec:80:56:84:d4:39:f7:df:30:de:c8:d0:1c:04:e5:0f:
7e:df:87:78:75:d1:33:30:2b:d3:be:86:00:b5:f7:9e:91:d4:
0e:c4:5d:f2:92:33:f7:d4:18:ba:72:71:32:d5:3a:3a:84:8b:
ac:9c:1d:0e:5e:b5:4c:8c:d3:a3:f2:b4:89:08:f8:c6:ed:85:
12:15:bd:64:18:79:e6:36:65:86:12:40:53:8d:75:3d:3a:09:
d8:11:b3:4c:d3:37:37:93:1f:f0:89:db:3b:a5:f9:36:45:de:
10:a2:5f:66:60:d8:08:35:e3:29:97:4d:eb:88:d5:3f:d4:93:
f2:c0:b6:41:2d:7b:c6:25:af:62:1b:d0:0c:eb:56:40:89:3f:
ef:cd:4d:86:51:a3:45:3c:be:4d:e6:e9:dd:28:e4:75:18:5f:
f7:69:c4:2c:f3:80:d8:0d:cd:ff:81:5a:14:bf:41:6e:57:75:
69:e5:99:66:05:77:71:78:9d:36:5c:ca:60:73:05:e0:5a:21:
2a:ae:86:02:92:e0:aa:4a:95:b1:f8:57:8a:c8:a7:75:9c:de:
c9:0b:83:9a:a2:70:b5:67:07:04:12:60:40:41:0b:c2:be:a5:
6c:54:d8:de:d0:9a:6a:eb:cd:25:a3:34:d8:88:ca:51:cb:bb:
3f:e6:b6:e9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCy8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjRDRDIxMTAvBgNVBAUTKDkxQzNDNDgwRUU4QkNEQzE1MjhCMUU4Qjk3NDZCNjVG
REM2MTk3NEMwHhcNMjQxMDA4MjA0OTIzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA1OWFkMi1jNTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA81E3lkjf2ISa+AU2rAlVh77nTlO+LSpGQZYEGAc8OiDg+ePfpTwgPt5VgKe5
bW7Rt14G3W0ElGboe9mefv+WM9kE6TVkzAWQzzz4rD+JFwlT7EaZDKWhf2AxOg5c
0shxqFAr00fR3NWJ35JkxGUnNZfD1VeCrHmN1WB7XCJK+uuz3T/Cr2VnzS8bNE6T
9UwgggtuKYwz3QoffwSSWAlfpMjm6qY+F9miHTrQwRs+zQyF62Q9Aa+IdrKZt+J2
vvO1sM5xvWIjaaaD5RAMa2e7Wtnk8jvU81DNUpu3UkMpEoChpUvCy4ttDb6OFiPp
UKbuQw8gVr0ayplhnGnmqh8I9QIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ3B5XLj
3Z3I6hAW8POI+1AKBmmnMB8GA1UdIwQYMBaAFJHDxIDui83BUosei5dGtl/cYZdM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NENEMi9ENzhBRjc0NDI4
RjIxMUVBQkQ4MUYxNjRDNEY5QUUwMi9rY1BFZ082THpjRlNpeDZMbDBhMlg5eGhs
MHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tjUEVnTzZMemNGU2l4NkxsMGEyWDl4aGwwdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjRDRDIvRDc4QUY3NDQyOEYyMTFFQUJEODFGMTY0QzRGOUFFMDIvQ0MxNERFQjg4
NUI2MTFFRkJEQTM2NjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAItQSwwDQYJKoZIhvcNAQELBQADggEBALJS7IBWhNQ5998w
3sjQHATlD37fh3h10TMwK9O+hgC1956R1A7EXfKSM/fUGLpycTLVOjqEi6ycHQ5e
tUyM06PytIkI+MbthRIVvWQYeeY2ZYYSQFONdT06CdgRs0zTNzeTH/CJ2zul+TZF
3hCiX2Zg2Ag14ymXTeuI1T/Uk/LAtkEte8Ylr2Ib0AzrVkCJP+/NTYZRo0U8vk3m
6d0o5HUYX/dpxCzzgNgNzf+BWhS/QW5XdWnlmWYFd3F4nTZcymBzBeBaISquhgKS
4KpKlbH4V4rIp3Wc3skLg5qicLVnBwQSYEBBC8K+pWxU2N7QmmrrzSWjNNiIylHL
uz/mtuk=
-----END CERTIFICATE-----
Generated at Thu Oct 10 22:45:50 2024 by rpki-client on console-ams.rpki-client.org