Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/E8381688C69C11EA8B8C2D35C4F9AE02.roa
File: E8381688C69C11EA8B8C2D35C4F9AE02.roa (raw, json)
Hash identifier: 670ZXIhTtiEJdE60uS24f1vwcFP7Wnl4++GH51oAYCY=
Subject key identifier: 0F:18:83:D2:58:F9:2A:5C:04:5D:FB:9B:2C:38:8F:2D:80:74:31:59
Certificate issuer: /CN=A916BCDF/serialNumber=87954C0231CAACB2BE2DFDB567C74AF5ECB75B0C
Certificate serial: 10F5
Authority key identifier: 87:95:4C:02:31:CA:AC:B2:BE:2D:FD:B5:67:C7:4A:F5:EC:B7:5B:0C
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/h5VMAjHKrLK-Lf21Z8dK9ey3Www.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/E8381688C69C11EA8B8C2D35C4F9AE02.roa
Signing time: Tue 14 Nov 2023 18:05:23 +0000
ROA not before: Tue 14 Nov 2023 18:05:23 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 20473
IP address blocks: 66.42.32.0/20 maxlen: 24
66.42.48.0/20 maxlen: 24
139.180.128.0/19 maxlen: 24
139.180.160.0/19 maxlen: 24
139.180.192.0/20 maxlen: 24
139.180.208.0/20 maxlen: 24
158.247.192.0/18 maxlen: 24
167.179.64.0/18 maxlen: 24
207.148.64.0/20 maxlen: 24
207.148.80.0/21 maxlen: 24
207.148.88.0/21 maxlen: 24
207.148.96.0/20 maxlen: 24
207.148.112.0/22 maxlen: 24
207.148.116.0/22 maxlen: 24
207.148.120.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4341 (0x10f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916BCDF/serialNumber=87954C0231CAACB2BE2DFDB567C74AF5ECB75B0C
Validity
Not Before: Nov 14 18:05:23 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6553b6e3-165c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8a:12:e9:92:53:f9:2a:13:2c:79:98:5f:4f:
5c:c8:d3:00:8e:07:10:a1:5f:03:a6:a1:f6:76:7a:
4e:c7:58:5b:68:33:ed:29:bf:1b:51:ba:70:de:c4:
c2:12:ac:35:b5:13:43:9a:a8:e3:a1:dc:ed:73:ef:
dc:08:6d:7a:0d:08:0d:a0:df:93:85:89:21:fa:8c:
1f:89:88:d9:57:9e:86:4d:78:d8:2f:f8:f9:80:3f:
b7:ea:09:bb:ee:8d:6c:d2:69:e6:cb:d6:f3:f7:c8:
e0:44:1d:86:a7:6d:23:f9:8d:7f:4d:20:f7:ec:dd:
45:2a:7c:4d:bb:54:e7:23:d9:80:a1:3a:7c:27:b6:
6e:1a:31:51:fb:1e:76:d6:79:74:03:aa:7a:e3:fd:
0d:e7:71:16:2e:05:02:10:aa:94:9f:48:18:18:87:
83:aa:68:6a:95:65:ff:32:94:ea:ba:fa:c6:3f:da:
76:16:a5:57:f0:16:19:15:b7:82:a1:57:48:af:d4:
4d:1f:9a:7f:de:31:35:9a:a8:c1:04:5f:34:82:00:
22:3a:c9:a0:9f:6e:01:ce:c8:49:31:62:82:8b:b8:
85:fb:bd:52:7c:5c:9b:ff:93:fb:ff:7f:c3:36:7e:
77:8a:90:ae:a3:85:6d:f1:22:8e:48:61:ae:2b:e2:
af:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:18:83:D2:58:F9:2A:5C:04:5D:FB:9B:2C:38:8F:2D:80:74:31:59
X509v3 Authority Key Identifier:
keyid:87:95:4C:02:31:CA:AC:B2:BE:2D:FD:B5:67:C7:4A:F5:EC:B7:5B:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/h5VMAjHKrLK-Lf21Z8dK9ey3Www.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/h5VMAjHKrLK-Lf21Z8dK9ey3Www.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/E8381688C69C11EA8B8C2D35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.42.32.0/19
139.180.128.0-139.180.223.255
158.247.192.0/18
167.179.64.0/18
207.148.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2b:ff:33:4c:70:48:8f:ef:1d:07:da:db:50:17:54:ca:65:d1:
89:6d:f2:41:1f:9a:e8:6f:88:a6:6b:d5:78:b1:22:ae:b3:e1:
06:48:75:e2:99:23:51:be:39:39:2b:4a:8e:db:7e:fc:79:9d:
46:32:93:20:72:79:43:8f:13:74:21:b5:bc:1e:d0:8c:df:9c:
21:c8:16:7b:82:5f:36:d1:8b:ac:a0:4b:b5:1e:18:a5:0a:d3:
df:3e:f3:59:48:fb:17:e3:b2:14:bd:be:b4:ab:5a:15:94:08:
c5:17:04:ec:d3:9a:f9:95:82:bc:45:39:e1:41:35:03:0d:e9:
df:b6:f3:ca:1d:0f:9c:7a:db:0f:9a:fc:5f:38:4d:bf:d5:f2:
3b:24:41:05:41:d0:e9:f7:f3:5b:81:68:2f:ad:44:60:40:c6:
a3:4c:65:81:18:c1:0b:59:2d:99:f0:17:48:c4:f7:91:2c:13:
45:63:57:16:30:04:dd:a9:e2:b1:d0:64:5e:20:19:74:33:62:
61:33:e4:0b:da:98:f3:6b:e9:b5:0f:72:01:e2:9b:0e:91:68:
16:17:4c:54:4c:5b:fb:10:51:99:05:19:1f:94:b1:59:6a:27:
59:61:6b:e1:be:24:81:d0:ff:1e:89:c7:a9:c9:ae:ba:60:ad:
70:e5:fc:03
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICEPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJDREYxMTAvBgNVBAUTKDg3OTU0QzAyMzFDQUFDQjJCRTJERkRCNTY3Qzc0QUY1
RUNCNzVCMEMwHhcNMjMxMTE0MTgwNTIzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTUzYjZlMy0xNjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn4oS6ZJT+SoTLHmYX09cyNMAjgcQoV8DpqH2dnpOx1hbaDPtKb8bUbpw3sTC
Eqw1tRNDmqjjodztc+/cCG16DQgNoN+ThYkh+owfiYjZV56GTXjYL/j5gD+36gm7
7o1s0mnmy9bz98jgRB2Gp20j+Y1/TSD37N1FKnxNu1TnI9mAoTp8J7ZuGjFR+x52
1nl0A6p64/0N53EWLgUCEKqUn0gYGIeDqmhqlWX/MpTquvrGP9p2FqVX8BYZFbeC
oVdIr9RNH5p/3jE1mqjBBF80ggAiOsmgn24BzshJMWKCi7iF+71SfFyb/5P7/3/D
Nn53ipCuo4Vt8SKOSGGuK+KvwwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFA8Yg9JY
+SpcBF37myw4jy2AdDFZMB8GA1UdIwQYMBaAFIeVTAIxyqyyvi39tWfHSvXst1sM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkNERi9FQ0UwRkJFNkUz
NkQxMUU4OTU2RjM1MTZDNEY5QUUwMi9oNVZNQWpIS3JMSy1MZjIxWjhkSzlleTNX
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2g1Vk1BakhLckxLLUxmMjFaOGRLOWV5M1d3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJDREYvRUNFMEZCRTZFMzZEMTFFODk1NkYzNTE2QzRGOUFFMDIvRTgzODE2ODhD
NjlDMTFFQThCOEMyRDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAVCKiAwDAMEB4u0gAMEBYu0wAMEBp73wAMEBqezQAMEBs+U
QDANBgkqhkiG9w0BAQsFAAOCAQEAK/8zTHBIj+8dB9rbUBdUymXRiW3yQR+a6G+I
pmvVeLEirrPhBkh14pkjUb45OStKjtt+/HmdRjKTIHJ5Q48TdCG1vB7QjN+cIcgW
e4JfNtGLrKBLtR4YpQrT3z7zWUj7F+OyFL2+tKtaFZQIxRcE7NOa+ZWCvEU54UE1
Aw3p37bzyh0PnHrbD5r8XzhNv9XyOyRBBUHQ6ffzW4FoL61EYEDGo0xlgRjBC1kt
mfAXSMT3kSwTRWNXFjAE3anisdBkXiAZdDNiYTPkC9qY82vptQ9yAeKbDpFoFhdM
VExb+xBRmQUZH5SxWWonWWFr4b4kgdD/HonHqcmuumCtcOX8Aw==
-----END CERTIFICATE-----
Generated at Mon Dec 11 20:39:50 2023 by rpki-client on console-fra.rpki-client.org