Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/EFD55190D09711EEB3D6CA27C4F9AE02.roa
File: EFD55190D09711EEB3D6CA27C4F9AE02.roa (raw, json)
Hash identifier: j/0plHTVmj//glebMbSVca2Xl8ZHQwnVE5f4Yew255U=
Subject key identifier: FB:B5:FF:B4:45:80:6F:09:67:31:59:44:79:1B:72:D1:EE:19:BE:9F
Certificate issuer: /CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Certificate serial: 0331
Authority key identifier: F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/EFD55190D09711EEB3D6CA27C4F9AE02.roa
Signing time: Fri 29 Mar 2024 03:05:05 +0000
ROA not before: Fri 29 Mar 2024 03:05:05 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 136272
IP address blocks: 116.204.140.0/22 maxlen: 22
116.204.140.0/23 maxlen: 23
116.204.141.0/24 maxlen: 24
116.204.142.0/23 maxlen: 23
116.204.142.0/24 maxlen: 24
116.204.143.0/24 maxlen: 24
2400:c7c0::/32 maxlen: 32
2400:c7c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 30 Mar 2024 07:14:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 817 (0x331)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Validity
Not Before: Mar 29 03:05:05 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66062fe1-c71b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a2:9b:e9:fb:31:e2:7a:81:20:aa:0e:86:d2:
b1:0d:b6:84:69:74:ce:47:79:20:44:8a:c6:4d:97:
0f:fd:3f:93:f1:93:f4:84:3f:35:a6:7b:8a:95:5e:
19:b8:13:8d:d1:c9:c9:6b:bf:30:ec:de:5c:54:7f:
1c:82:b4:8e:f9:62:13:8f:5e:f8:46:c2:49:7a:e6:
62:f4:0d:13:cc:3a:f4:51:2d:e3:60:2e:b5:91:ad:
eb:3a:cb:f9:68:7d:87:40:ab:ac:f1:64:ab:6e:89:
3d:e3:f7:37:78:7e:ba:20:c6:50:7e:70:cc:f8:c2:
7d:8b:31:d5:c4:ab:d4:6f:23:0d:7f:50:13:b0:5c:
be:8f:b2:fd:bb:66:fc:5b:2a:d6:08:07:57:9a:87:
63:c6:7c:07:08:e4:63:6f:bc:e8:1f:b5:e1:23:65:
c8:f1:97:a5:79:e1:c7:3f:83:5a:6b:46:b0:40:02:
40:ab:0f:5f:c0:e5:0b:7b:b2:82:de:0c:05:2f:8e:
81:c0:c5:67:89:f9:82:fa:e3:f8:c9:39:2d:9c:94:
85:81:02:27:f7:11:d7:4a:ec:da:13:d6:0c:d0:96:
18:e3:16:f5:75:92:cd:11:34:d6:59:f2:fa:9a:ce:
7c:77:51:84:01:df:b9:ca:a2:eb:65:db:00:39:0d:
4c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B5:FF:B4:45:80:6F:09:67:31:59:44:79:1B:72:D1:EE:19:BE:9F
X509v3 Authority Key Identifier:
keyid:F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/EFD55190D09711EEB3D6CA27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.204.140.0/22
IPv6:
2400:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
50:1c:0d:b9:5b:0a:28:3b:13:8a:52:18:6b:5b:cf:4b:fc:8e:
21:f2:4f:0e:af:08:68:88:35:b1:30:0f:90:95:5b:02:94:66:
14:b7:2b:11:1c:10:b0:cd:d6:2e:06:c9:97:36:fc:d7:61:92:
ac:0a:af:ed:7e:d1:a8:2a:76:12:72:99:9e:24:f2:6f:fa:e9:
3a:32:8d:21:54:eb:55:f0:c9:65:fd:fe:99:ad:4c:f3:52:ab:
dc:d9:43:3b:b7:a4:3c:f2:67:e5:cb:6c:44:1d:78:af:f1:84:
3c:31:46:2f:6b:80:cd:18:1f:8a:6e:50:a4:8f:19:fb:27:5b:
51:a6:46:25:c8:f7:23:35:47:29:84:26:28:3a:16:1b:1d:2d:
e3:d3:8e:4e:f7:0b:4a:06:0a:24:90:39:f9:f3:ea:53:29:9d:
af:f4:fc:dc:51:a5:fb:cc:ea:e6:ea:d8:84:ab:47:dd:70:9c:
ed:7f:ba:93:de:4f:10:9d:e3:da:21:47:e4:7b:e0:bf:9c:7d:
d0:e1:fb:16:7a:3b:ca:de:cb:33:4e:d6:93:d1:ba:b3:1c:c6:
15:51:72:c1:76:06:63:45:2e:f3:43:d6:71:66:99:d5:21:5d:
a1:b7:ff:f9:88:76:a5:70:c7:0f:5c:a6:f5:2f:d2:ad:bd:98:
33:60:ec:58
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM2MUIxMTAvBgNVBAUTKEY1MzkyOTE5MTlDREUxNDRCMDM0RUYyODhCMEE2MzQ3
ODNFODJDN0YwHhcNMjQwMzI5MDMwNTA1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA2MmZlMS1jNzFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvaKb6fsx4nqBIKoOhtKxDbaEaXTOR3kgRIrGTZcP/T+T8ZP0hD81pnuKlV4Z
uBON0cnJa78w7N5cVH8cgrSO+WITj174RsJJeuZi9A0TzDr0US3jYC61ka3rOsv5
aH2HQKus8WSrbok94/c3eH66IMZQfnDM+MJ9izHVxKvUbyMNf1ATsFy+j7L9u2b8
WyrWCAdXmodjxnwHCORjb7zoH7XhI2XI8ZeleeHHP4Naa0awQAJAqw9fwOULe7KC
3gwFL46BwMVnifmC+uP4yTktnJSFgQIn9xHXSuzaE9YM0JYY4xb1dZLNETTWWfL6
ms58d1GEAd+5yqLrZdsAOQ1MEwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPu1/7RF
gG8JZzFZRHkbctHuGb6fMB8GA1UdIwQYMBaAFPU5KRkZzeFEsDTvKIsKY0eD6Cx/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzYxQi81MUVGRkEzMDgy
NjkxMUVDQUQyRTk1MjRDNEY5QUUwMi85VGtwR1JuTjRVU3dOTzhvaXdwalI0UG9M
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlUa3BHUm5ONFVTd05POG9pd3BqUjRQb0xIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM2MUIvNTFFRkZBMzA4MjY5MTFFQ0FEMkU5NTI0QzRGOUFFMDIvRUZENTUxOTBE
MDk3MTFFRUIzRDZDQTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJ0zIwwDQQCAAIwBwMFACQAx8AwDQYJKoZIhvcNAQELBQAD
ggEBAFAcDblbCig7E4pSGGtbz0v8jiHyTw6vCGiINbEwD5CVWwKUZhS3KxEcELDN
1i4GyZc2/NdhkqwKr+1+0agqdhJymZ4k8m/66ToyjSFU61XwyWX9/pmtTPNSq9zZ
Qzu3pDzyZ+XLbEQdeK/xhDwxRi9rgM0YH4puUKSPGfsnW1GmRiXI9yM1RymEJig6
FhsdLePTjk73C0oGCiSQOfnz6lMpna/0/NxRpfvM6ubq2ISrR91wnO1/upPeTxCd
49ohR+R74L+cfdDh+xZ6O8reyzNO1pPRurMcxhVRcsF2BmNFLvND1nFmmdUhXaG3
//mIdqVwxw9cpvUv0q29mDNg7Fg=
-----END CERTIFICATE-----
Generated at Sat Mar 30 08:43:33 2024 by rpki-client on console-fra.rpki-client.org