Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6B407DC62A1311EFBC9B4212C4F9AE02.roa
File: 6B407DC62A1311EFBC9B4212C4F9AE02.roa (raw, json)
Hash identifier: CW8NcsikgVwrrg5dK6eugNyVdqVDD/Q+t68I+e2ohG8=
Subject key identifier: B4:46:5C:70:A3:FE:F1:20:91:EE:DB:B1:0F:B7:0F:9D:4B:CC:15:0D
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3647
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6B407DC62A1311EFBC9B4212C4F9AE02.roa
Signing time: Fri 21 Jun 2024 06:48:05 +0000
ROA not before: Fri 21 Jun 2024 06:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149419
IP address blocks: 115.186.62.0/24 maxlen: 24
115.186.117.0/24 maxlen: 24
115.186.118.0/24 maxlen: 24
115.186.119.0/24 maxlen: 24
115.186.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 11:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13895 (0x3647)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Jun 21 06:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66752224-59d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:45:eb:5c:51:39:8b:20:c4:2b:d4:0c:9b:8c:
a2:b8:ef:51:9f:5d:34:58:11:79:1f:de:27:48:b7:
7a:05:c2:05:c0:64:cb:1e:bd:54:28:5b:e8:32:1c:
c8:d6:bf:37:f0:ab:29:a9:82:0d:05:27:18:c8:aa:
ad:16:a3:fe:21:3c:8a:75:a9:01:86:65:fe:db:18:
c9:48:d4:bd:0a:af:cb:28:59:bd:5e:ea:a8:1e:c0:
a5:18:2a:43:5e:36:22:9a:c7:7e:f4:bd:9d:ee:83:
24:d8:dc:d2:00:0a:4c:9c:59:7a:9f:47:fa:07:4b:
97:8e:05:d9:f4:3d:73:bf:34:b1:d9:e5:c9:40:3e:
f1:34:e4:da:30:2c:fd:8f:ee:95:d0:e2:3f:5a:6a:
96:58:8d:d9:ed:60:e1:25:89:82:22:d6:43:f9:5d:
96:d7:e4:a9:01:6f:70:e6:71:b5:4c:3a:ea:a4:6a:
a4:f9:04:4e:78:ca:d8:e7:d1:5a:ee:a9:0e:95:c9:
44:61:7c:fe:40:49:cb:d5:52:27:ce:03:23:2c:f7:
b9:c8:0a:98:8b:87:81:88:ce:b1:d3:fc:c5:f4:1f:
d1:77:5f:35:77:6f:67:f4:51:aa:d4:9b:ba:c3:ab:
68:1d:ea:58:86:64:e0:f8:ce:f3:10:58:2c:55:ef:
f4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:46:5C:70:A3:FE:F1:20:91:EE:DB:B1:0F:B7:0F:9D:4B:CC:15:0D
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6B407DC62A1311EFBC9B4212C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.186.62.0/24
115.186.117.0-115.186.120.255
Signature Algorithm: sha256WithRSAEncryption
28:08:a4:23:67:1a:70:44:59:8f:b6:a9:9a:1b:9d:a4:66:c5:
64:90:d5:e3:a4:3d:90:44:1d:39:bd:3d:cd:a2:3d:21:f9:b2:
f1:d4:74:20:b3:01:b3:a9:9a:b3:55:c7:f6:d4:b6:00:de:36:
95:48:3a:91:01:50:d6:5e:80:7a:63:51:d3:83:01:16:c2:89:
20:ef:a9:a0:49:08:0a:5b:09:da:9a:17:9e:65:6b:d0:2f:d8:
f8:de:d7:1b:76:e4:c0:33:e2:50:ae:fc:7c:3d:b5:2d:ff:90:
75:b0:52:3c:09:02:fd:fa:04:b6:c6:0e:35:b7:1c:fc:6b:d9:
21:fd:26:68:af:72:49:ce:68:3d:82:19:1f:21:25:0a:5a:94:
a6:39:9e:18:3b:ce:86:56:f3:99:c6:8f:fa:33:02:f9:f5:57:
01:ad:08:57:46:af:bd:5e:5c:a4:0a:f0:47:82:0f:30:4b:39:
e5:2e:63:eb:2d:0e:b4:cb:b6:eb:dd:d2:f2:db:e0:58:e3:dc:
7d:e9:c9:00:e1:0f:4e:c6:f7:75:07:7d:45:51:d2:cc:5c:60:
dc:a4:aa:0e:32:63:d6:2e:f9:42:25:d2:26:6e:a4:ac:81:46:
5f:49:d6:97:cc:8d:6c:f8:01:0a:be:b3:33:ec:7d:c1:93:3c:
dd:c8:90:8e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICNkcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjQwNjIxMDY0ODA0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc1MjIyNC01OWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArkXrXFE5iyDEK9QMm4yiuO9Rn100WBF5H94nSLd6BcIFwGTLHr1UKFvoMhzI
1r838KspqYINBScYyKqtFqP+ITyKdakBhmX+2xjJSNS9Cq/LKFm9XuqoHsClGCpD
XjYimsd+9L2d7oMk2NzSAApMnFl6n0f6B0uXjgXZ9D1zvzSx2eXJQD7xNOTaMCz9
j+6V0OI/WmqWWI3Z7WDhJYmCItZD+V2W1+SpAW9w5nG1TDrqpGqk+QROeMrY59Fa
7qkOlclEYXz+QEnL1VInzgMjLPe5yAqYi4eBiM6x0/zF9B/Rd181d29n9FGq1Ju6
w6toHepYhmTg+M7zEFgsVe/0zQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFLRGXHCj
/vEgke7bsQ+3D51LzBUNMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvNkI0MDdEQzYy
QTEzMTFFRkJDOUI0MjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBABzuj4wDAMEAHO6dQMEAHO6eDANBgkqhkiG9w0BAQsFAAOC
AQEAKAikI2cacERZj7apmhudpGbFZJDV46Q9kEQdOb09zaI9Ifmy8dR0ILMBs6ma
s1XH9tS2AN42lUg6kQFQ1l6AemNR04MBFsKJIO+poEkIClsJ2poXnmVr0C/Y+N7X
G3bkwDPiUK78fD21Lf+QdbBSPAkC/foEtsYONbcc/GvZIf0maK9ySc5oPYIZHyEl
ClqUpjmeGDvOhlbzmcaP+jMC+fVXAa0IV0avvV5cpArwR4IPMEs55S5j6y0OtMu2
693S8tvgWOPcfenJAOEPTsb3dQd9RVHSzFxg3KSqDjJj1i75QiXSJm6krIFGX0nW
l8yNbPgBCr6zM+x9wZM83ciQjg==
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:45:34 2024 by rpki-client on console-fra.rpki-client.org