Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/BE867E089C8011EDBB33893DC4F9AE02.roa
File: BE867E089C8011EDBB33893DC4F9AE02.roa (raw, json)
Hash identifier: eJg2fwom/6Z13La9j2/lFeAWXY72sAX9kQpEYWUOik0=
Subject key identifier: 34:6A:15:D5:12:55:50:89:B5:E6:C4:35:4F:D0:28:CE:4A:9C:1C:EE
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 342A
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/BE867E089C8011EDBB33893DC4F9AE02.roa
Signing time: Sat 06 May 2023 14:50:35 +0000
ROA not before: Sat 06 May 2023 14:50:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140210
IP address blocks: 111.88.251.0/24 maxlen: 24
111.88.252.0/24 maxlen: 24
111.88.253.0/24 maxlen: 24
111.88.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 12:27:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13354 (0x342a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: May 6 14:50:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6456693b-dee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ad:ee:a7:6e:de:98:7e:93:7c:95:7f:37:e1:
eb:e1:aa:df:9b:80:f7:d7:08:61:a8:59:cd:19:00:
78:83:c0:df:90:34:ba:41:36:7c:a2:e6:a5:14:af:
53:b6:30:b9:a7:b0:7b:4a:e2:c7:7d:3d:7a:93:ed:
d6:26:d5:a3:6a:1a:53:c6:41:88:63:36:ce:6d:09:
0d:bd:ab:5d:a4:6a:28:b7:aa:40:83:b9:9e:fa:b1:
55:18:cc:8f:fc:12:88:e4:d6:0e:00:92:b2:0c:0d:
28:06:13:f7:92:e1:04:78:cc:d0:cb:37:df:2e:b8:
16:54:f6:18:2a:df:89:f0:db:42:db:20:13:37:3e:
1e:b9:5d:1e:31:5c:a5:f4:2e:9d:6b:35:d8:09:ad:
51:11:87:ea:38:79:1e:a3:4d:cd:6e:37:9f:d1:48:
aa:36:8f:db:1c:b1:3f:ba:eb:69:6f:4d:17:ff:d4:
f3:34:dd:21:73:19:ca:26:20:da:85:c9:8f:84:ea:
b7:3f:56:05:c4:ca:19:7c:13:48:a3:92:6f:b9:da:
9c:37:ce:3d:b4:43:53:c0:48:1e:4e:19:05:68:d8:
fe:24:f9:63:8f:06:ef:8f:a4:f1:e3:ed:ec:ae:ce:
6c:14:32:8c:81:53:20:93:6e:1c:58:5f:29:b2:21:
30:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:6A:15:D5:12:55:50:89:B5:E6:C4:35:4F:D0:28:CE:4A:9C:1C:EE
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/BE867E089C8011EDBB33893DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.251.0-111.88.254.255
Signature Algorithm: sha256WithRSAEncryption
88:37:ff:24:b9:77:7f:5f:fd:66:d0:71:e8:45:72:61:bc:50:
ae:b5:8f:a5:51:1f:41:3c:d6:de:fb:24:34:0e:1c:73:2b:58:
07:0f:2c:14:44:bc:b9:20:e8:b6:2f:54:84:f8:00:fc:9c:bc:
9b:66:49:43:fb:29:a1:51:f3:8b:a5:74:c1:39:1b:2a:40:6f:
b7:53:c5:84:c6:e6:5b:78:95:21:23:94:f4:32:61:0b:b4:99:
d2:34:16:d7:5f:c6:1b:7b:61:c8:d9:04:e0:9f:6d:54:0e:19:
3f:c2:bf:e4:ac:6b:f6:e9:64:95:54:35:d5:50:c3:74:40:01:
9b:ce:a8:21:29:bc:15:f3:7d:d6:7c:09:b7:77:8e:b4:15:fa:
f1:38:d3:f1:11:71:23:27:d0:8d:70:4c:4d:b7:02:9e:e2:13:
17:45:e1:1f:45:19:dc:19:89:32:30:0f:6f:d6:c4:1a:48:cc:
10:66:bc:58:93:47:8b:74:11:88:35:91:1f:ed:5b:c9:30:ea:
65:d3:88:2a:55:53:b7:72:ea:c6:31:a6:ea:6f:9b:ed:99:8c:
b7:08:63:c9:02:88:38:f6:2f:4f:7b:33:27:3b:0f:89:32:19:
39:03:70:ea:f3:18:f8:79:e0:fa:d5:4e:42:d4:90:a0:55:b2:
90:4b:10:d6
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICNCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMwNTA2MTQ1MDM1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU2NjkzYi1kZWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6a3up27emH6TfJV/N+Hr4arfm4D31whhqFnNGQB4g8DfkDS6QTZ8oualFK9T
tjC5p7B7SuLHfT16k+3WJtWjahpTxkGIYzbObQkNvatdpGoot6pAg7me+rFVGMyP
/BKI5NYOAJKyDA0oBhP3kuEEeMzQyzffLrgWVPYYKt+J8NtC2yATNz4euV0eMVyl
9C6dazXYCa1REYfqOHkeo03Nbjef0UiqNo/bHLE/uutpb00X/9TzNN0hcxnKJiDa
hcmPhOq3P1YFxMoZfBNIo5JvudqcN849tENTwEgeThkFaNj+JPljjwbvj6Tx4+3s
rs5sFDKMgVMgk24cWF8psiEwvwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFDRqFdUS
VVCJtebENU/QKM5KnBzuMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvQkU4NjdFMDg5
QzgwMTFFREJCMzM4OTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAG9Y+wMEAG9Y/jANBgkqhkiG9w0BAQsFAAOCAQEAiDf/
JLl3f1/9ZtBx6EVyYbxQrrWPpVEfQTzW3vskNA4ccytYBw8sFES8uSDoti9UhPgA
/Jy8m2ZJQ/spoVHzi6V0wTkbKkBvt1PFhMbmW3iVISOU9DJhC7SZ0jQW11/GG3th
yNkE4J9tVA4ZP8K/5Kxr9ulklVQ11VDDdEABm86oISm8FfN91nwJt3eOtBX68TjT
8RFxIyfQjXBMTbcCnuITF0XhH0UZ3BmJMjAPb9bEGkjMEGa8WJNHi3QRiDWRH+1b
yTDqZdOIKlVTt3LqxjGm6m+b7ZmMtwhjyQKIOPYvT3szJzsPiTIZOQNw6vMY+Hng
+tVOQtSQoFWykEsQ1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org