Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/48CB1752384611EE93FBCE11C4F9AE02.roa
File: 48CB1752384611EE93FBCE11C4F9AE02.roa (raw, json)
Hash identifier: rcne8tLxx9oBqGAqwD++Q4NKVvwBOBb8Embq3ts5rS8=
Subject key identifier: 7D:31:A7:9C:35:B0:B4:6D:E8:75:AF:B6:1B:04:D7:29:71:51:68:AF
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 347F
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/48CB1752384611EE93FBCE11C4F9AE02.roa
Signing time: Fri 11 Aug 2023 12:55:01 +0000
ROA not before: Fri 11 Aug 2023 12:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23750
IP address blocks: 111.88.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Aug 2023 04:22:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13439 (0x347f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Aug 11 12:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64d62fa5-823d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8e:e6:35:05:e9:82:90:98:ef:dd:05:f5:42:
e7:5e:fb:a7:ab:66:e4:6f:be:07:fa:88:56:e7:e9:
40:2f:bc:54:f2:11:d1:1a:34:b2:34:5d:c8:0e:29:
7c:f9:10:3e:40:65:1a:3f:fc:b1:9d:f6:50:e2:3f:
cd:18:dc:48:13:4e:cd:22:1d:55:cb:c6:d9:59:97:
5f:fa:4a:cb:1d:f6:93:64:3e:4c:0e:20:9a:8e:52:
bf:bd:d1:e5:54:8a:3f:bf:8f:44:1b:2e:0f:51:f7:
b2:09:ef:f8:36:08:ec:86:9f:30:1b:b5:82:d6:25:
c1:56:e3:6f:ff:5e:d6:ee:29:23:73:41:c2:4a:f4:
d7:ac:fd:09:8c:a8:50:fd:c3:f5:34:2c:54:ee:1b:
d2:b6:ca:46:4a:1d:d5:c4:5c:5a:64:8c:3f:9f:31:
26:02:86:52:67:95:5f:64:ba:3d:8d:fd:d6:4f:fa:
13:8c:9f:bf:9f:a3:cc:ab:62:0b:32:16:14:b0:6f:
fa:f1:89:46:b2:f4:ad:75:0e:20:d3:7b:60:1c:4c:
2f:76:af:e3:35:b4:ff:4a:62:c7:b0:34:6f:cf:18:
ef:7c:cd:37:0b:d9:da:24:82:f9:23:e5:07:bc:2e:
e4:5a:83:46:80:0c:0d:79:7b:2b:cc:80:69:1b:6e:
1d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:31:A7:9C:35:B0:B4:6D:E8:75:AF:B6:1B:04:D7:29:71:51:68:AF
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/48CB1752384611EE93FBCE11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.232.0/21
Signature Algorithm: sha256WithRSAEncryption
09:8d:b2:b9:45:b7:23:d9:d3:b5:05:2d:0c:f8:cf:34:67:6e:
ff:8b:00:d0:e3:f2:91:28:f5:9a:a6:b3:e5:c5:d1:3f:85:3d:
6f:56:64:50:eb:04:4f:ca:ba:92:35:4e:e9:41:86:f0:d5:a7:
0d:f3:87:22:02:25:fc:2f:69:7a:21:d2:75:f0:bb:b2:89:d9:
a5:e5:07:ea:cf:e6:60:6d:90:95:78:c2:bd:bb:a1:77:1d:ef:
2e:21:ec:90:89:37:a2:52:30:5a:74:2b:81:ed:6f:6a:20:c4:
7b:a1:f2:1e:25:66:5e:1f:4c:11:87:6b:f4:d1:9f:b7:00:d3:
13:2f:aa:79:9a:9f:d8:6a:56:65:28:5d:14:46:1f:d9:b7:90:
4c:bc:02:48:e0:f9:73:f1:2f:a3:3d:84:d8:fb:39:2a:27:6a:
86:7b:ae:73:b1:07:0b:cf:d8:f9:63:72:3b:74:7d:33:70:d4:
d6:27:0f:e7:40:e9:86:43:09:81:38:68:9f:54:12:c4:3d:1a:
9a:4a:18:4a:f2:66:78:8e:41:5c:07:21:11:fc:f5:30:79:86:
1b:fb:1d:c6:54:52:80:8e:3b:6a:53:d0:7a:8a:a1:67:e8:fd:
d5:6f:f6:65:82:bb:75:f3:83:5d:90:6b:e7:a9:72:7e:3a:3f:
b4:54:e6:90
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNH8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMwODExMTI1NTAxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ2MmZhNS04MjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1o7mNQXpgpCY790F9ULnXvunq2bkb74H+ohW5+lAL7xU8hHRGjSyNF3IDil8
+RA+QGUaP/yxnfZQ4j/NGNxIE07NIh1Vy8bZWZdf+krLHfaTZD5MDiCajlK/vdHl
VIo/v49EGy4PUfeyCe/4Ngjshp8wG7WC1iXBVuNv/17W7ikjc0HCSvTXrP0JjKhQ
/cP1NCxU7hvStspGSh3VxFxaZIw/nzEmAoZSZ5VfZLo9jf3WT/oTjJ+/n6PMq2IL
MhYUsG/68YlGsvStdQ4g03tgHEwvdq/jNbT/SmLHsDRvzxjvfM03C9naJIL5I+UH
vC7kWoNGgAwNeXsrzIBpG24d4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFH0xp5w1
sLRt6HWvthsE1ylxUWivMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvNDhDQjE3NTIz
ODQ2MTFFRTkzRkJDRTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBANvWOgwDQYJKoZIhvcNAQELBQADggEBAAmNsrlFtyPZ07UF
LQz4zzRnbv+LANDj8pEo9Zqms+XF0T+FPW9WZFDrBE/KupI1TulBhvDVpw3zhyIC
JfwvaXoh0nXwu7KJ2aXlB+rP5mBtkJV4wr27oXcd7y4h7JCJN6JSMFp0K4Htb2og
xHuh8h4lZl4fTBGHa/TRn7cA0xMvqnman9hqVmUoXRRGH9m3kEy8Akjg+XPxL6M9
hNj7OSonaoZ7rnOxBwvP2Pljcjt0fTNw1NYnD+dA6YZDCYE4aJ9UEsQ9GppKGEry
ZniOQVwHIRH89TB5hhv7HcZUUoCOO2pT0HqKoWfo/dVv9mWCu3Xzg12Qa+epcn46
P7RU5pA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org