Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/06648ADED09811EE89D13B2FC4F9AE02.roa
File: 06648ADED09811EE89D13B2FC4F9AE02.roa (raw, json)
Hash identifier: UV0w8kMYKj9kvo4ctwM4zNxJ91zhAiXi13ZjC2kmv1U=
Subject key identifier: 49:1E:91:86:9A:32:1B:56:00:EE:2D:FC:5A:C6:4B:91:C3:D7:22:06
Certificate issuer: /CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Certificate serial: 0312
Authority key identifier: F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/06648ADED09811EE89D13B2FC4F9AE02.roa
Signing time: Wed 21 Feb 2024 09:15:49 +0000
ROA not before: Wed 21 Feb 2024 09:15:49 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 133410
IP address blocks: 116.204.140.0/24 maxlen: 24
116.204.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 06:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 786 (0x312)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Validity
Not Before: Feb 21 09:15:49 2024 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=65d5bf44-5c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:cb:43:16:c0:c3:b1:71:19:75:80:a2:9b:15:
e4:27:d3:1e:ba:50:2a:aa:db:90:53:12:b8:ef:0b:
71:b4:f1:7c:bc:79:a9:cb:a3:93:cb:ff:bd:16:73:
49:cb:27:f7:d4:08:ad:c2:94:ec:66:f9:0b:2a:f5:
8b:5c:72:2f:fa:b5:e1:4a:98:88:19:64:2c:c3:12:
99:87:8d:d0:16:1d:55:c4:f8:96:72:52:40:56:c5:
57:5d:f8:b8:9a:d7:38:4a:01:f4:0f:2e:23:c0:b7:
fa:f6:3a:bc:1b:7b:40:3e:5c:1a:13:f6:98:68:23:
68:a0:71:3d:e0:b9:13:03:4b:3c:af:ed:ce:50:73:
d4:93:40:3d:bc:7b:c0:80:69:59:fc:bd:5d:e2:c7:
f1:b0:fa:fe:75:90:4c:15:bf:a3:4d:3c:fc:fe:dd:
3e:eb:e8:26:f1:79:be:82:fe:ad:81:be:98:ac:18:
53:85:e1:66:e6:8a:c4:d1:a6:e3:3d:8c:d5:2e:80:
40:00:48:63:4e:81:9d:18:29:c2:dd:01:00:cb:e6:
06:19:a7:60:b7:a5:df:34:bb:34:2f:64:6d:b1:18:
45:ff:d9:b2:7a:75:59:a3:7f:af:29:ca:a6:29:4a:
02:88:ae:f2:56:4e:3c:57:cf:be:b7:70:b2:46:e2:
28:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:1E:91:86:9A:32:1B:56:00:EE:2D:FC:5A:C6:4B:91:C3:D7:22:06
X509v3 Authority Key Identifier:
keyid:F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/06648ADED09811EE89D13B2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.204.140.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:e0:68:4b:00:8a:3d:bb:f3:af:a4:59:89:d4:40:b7:b3:9d:
ee:b2:88:85:4e:30:25:5b:cd:f2:51:af:2e:8a:71:6f:6a:82:
a2:6c:06:d1:a2:4c:ef:7c:01:68:4f:95:58:ad:d9:33:a8:a0:
68:2b:ba:93:72:e7:d0:6d:96:81:20:cc:87:a1:ab:92:7c:32:
5b:a0:b3:12:43:34:8a:ca:b5:db:d6:c3:e0:bd:4f:e2:86:43:
55:dc:91:e6:44:25:d4:4b:05:35:5d:df:86:68:81:31:8c:49:
b5:42:d1:7d:8a:5b:9b:11:e5:b4:97:60:22:73:a5:87:24:b8:
a5:cb:3e:5e:71:a7:ef:c1:5d:49:ea:7d:4f:1e:5b:f1:ba:2f:
28:44:5d:88:5a:07:1a:60:07:be:22:95:42:77:29:76:e0:8d:
fe:81:3f:4d:20:13:88:bf:c2:bd:ce:be:75:d5:dc:9b:41:13:
ba:59:fe:d2:01:c1:c8:23:57:35:2f:6a:e4:8d:2d:13:87:9e:
3f:6b:f2:9f:8b:58:69:30:73:cb:a4:c1:04:03:d3:0a:9a:91:
39:f6:93:47:26:12:6c:99:d7:f4:86:cf:9a:b3:8a:ad:6b:75:
32:b6:88:a1:ef:1a:0e:42:dc:4b:01:2b:44:62:cf:a5:c3:fc:
01:9f:d3:6a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAxIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM2MUIxMTAvBgNVBAUTKEY1MzkyOTE5MTlDREUxNDRCMDM0RUYyODhCMEE2MzQ3
ODNFODJDN0YwHhcNMjQwMjIxMDkxNTQ5WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ1YmY0NC01YzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8ctDFsDDsXEZdYCimxXkJ9MeulAqqtuQUxK47wtxtPF8vHmpy6OTy/+9FnNJ
yyf31AitwpTsZvkLKvWLXHIv+rXhSpiIGWQswxKZh43QFh1VxPiWclJAVsVXXfi4
mtc4SgH0Dy4jwLf69jq8G3tAPlwaE/aYaCNooHE94LkTA0s8r+3OUHPUk0A9vHvA
gGlZ/L1d4sfxsPr+dZBMFb+jTTz8/t0+6+gm8Xm+gv6tgb6YrBhTheFm5orE0abj
PYzVLoBAAEhjToGdGCnC3QEAy+YGGadgt6XfNLs0L2RtsRhF/9myenVZo3+vKcqm
KUoCiK7yVk48V8++t3CyRuIoTwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEkekYaa
MhtWAO4t/FrGS5HD1yIGMB8GA1UdIwQYMBaAFPU5KRkZzeFEsDTvKIsKY0eD6Cx/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzYxQi81MUVGRkEzMDgy
NjkxMUVDQUQyRTk1MjRDNEY5QUUwMi85VGtwR1JuTjRVU3dOTzhvaXdwalI0UG9M
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlUa3BHUm5ONFVTd05POG9pd3BqUjRQb0xIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM2MUIvNTFFRkZBMzA4MjY5MTFFQ0FEMkU5NTI0QzRGOUFFMDIvMDY2NDhBREVE
MDk4MTFFRTg5RDEzQjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAF0zIwwDQYJKoZIhvcNAQELBQADggEBAE3gaEsAij2786+k
WYnUQLezne6yiIVOMCVbzfJRry6KcW9qgqJsBtGiTO98AWhPlVit2TOooGgrupNy
59BtloEgzIehq5J8MlugsxJDNIrKtdvWw+C9T+KGQ1XckeZEJdRLBTVd34ZogTGM
SbVC0X2KW5sR5bSXYCJzpYckuKXLPl5xp+/BXUnqfU8eW/G6LyhEXYhaBxpgB74i
lUJ3KXbgjf6BP00gE4i/wr3OvnXV3JtBE7pZ/tIBwcgjVzUvauSNLROHnj9r8p+L
WGkwc8ukwQQD0wqakTn2k0cmEmyZ1/SGz5qziq1rdTK2iKHvGg5C3EsBK0Riz6XD
/AGf02o=
-----END CERTIFICATE-----
Generated at Thu Feb 22 09:35:26 2024 by rpki-client on console-fra.rpki-client.org