Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/D275D80246EC11EE8F50671DC4F9AE02.roa
File: D275D80246EC11EE8F50671DC4F9AE02.roa (raw, json)
Hash identifier: C6cWaZbgrsOv0bNxKgZfbuhWIH1dpjLMS/syaks1VxI=
Subject key identifier: 78:E7:23:D7:E4:D2:E7:16:F9:5F:0C:01:CD:58:D4:9C:33:04:C5:53
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 348B
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/D275D80246EC11EE8F50671DC4F9AE02.roa
Signing time: Wed 30 Aug 2023 04:22:25 +0000
ROA not before: Wed 30 Aug 2023 04:22:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23750
IP address blocks: 111.88.232.0/21 maxlen: 23
111.88.232.0/24 maxlen: 24
111.88.235.0/24 maxlen: 24
111.88.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 18:09:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13451 (0x348b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Aug 30 04:22:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64eec401-7530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2e:3e:45:18:87:d9:a0:1f:85:1f:32:ee:0b:
cc:ce:31:9e:3b:46:57:3e:66:e3:bf:2b:d1:b9:a6:
27:d9:30:5e:c7:00:02:2d:12:4a:f2:ff:cd:26:1c:
f0:9f:5a:fc:c0:70:77:53:23:f2:04:33:35:78:1d:
4b:ae:87:19:39:82:aa:8a:fa:b0:c5:5d:d3:2e:6e:
28:df:12:04:31:66:a1:92:53:38:8f:db:5f:de:a7:
9f:15:a7:fa:ff:11:43:ef:07:a3:0b:41:f6:b9:26:
29:47:7c:73:c4:2e:25:cc:46:8b:10:6c:d5:ae:42:
19:ef:7b:da:6a:58:96:06:5c:20:a8:cd:48:5b:49:
21:5c:27:2e:2e:da:8e:a4:e7:c6:56:f1:ed:35:20:
c9:50:93:da:6a:48:41:92:e6:7f:f6:20:a8:7b:d1:
3c:e8:38:73:c2:49:d3:e2:0b:86:f3:75:a7:e1:2a:
20:48:18:fc:f4:aa:b7:bb:22:3b:ce:de:16:4f:58:
f6:c6:96:99:ab:90:95:e1:d8:74:d8:41:de:0e:bf:
4c:45:9a:9a:ca:c0:f9:bb:bf:90:15:39:6b:a0:1b:
c6:44:fe:8e:43:47:95:80:0c:6a:ec:37:35:b4:3e:
d8:1e:0c:60:a1:a6:cc:87:c1:f6:b5:59:c0:6c:31:
dc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E7:23:D7:E4:D2:E7:16:F9:5F:0C:01:CD:58:D4:9C:33:04:C5:53
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/D275D80246EC11EE8F50671DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.232.0/21
Signature Algorithm: sha256WithRSAEncryption
94:f8:6c:b0:ea:b6:82:bb:9f:cf:86:f2:0b:07:69:61:b5:31:
f7:2b:db:6f:70:97:a7:fe:ba:c1:2a:50:60:7f:a5:d6:d7:95:
cc:07:8c:30:5e:05:bb:55:8e:c9:ce:fe:b5:5b:90:46:50:11:
dc:07:56:8c:5a:83:44:ed:92:3c:54:36:f8:bf:e3:58:64:da:
cf:37:08:10:5a:12:d0:fd:dd:0d:e7:15:bb:42:b6:04:24:56:
d7:86:9b:1c:22:11:86:b4:ce:e1:e5:38:fe:87:dd:89:37:01:
32:b4:5d:97:7c:7f:b0:11:1c:68:1c:bc:dc:58:63:21:a2:b3:
7f:2c:a0:06:0a:eb:bf:38:61:8c:80:ef:aa:db:5c:78:1e:3d:
60:b3:3f:9c:2c:f7:d3:78:eb:68:3d:16:9b:24:56:ba:54:53:
91:f8:1c:6d:60:0a:b2:aa:47:94:57:b1:8c:ff:0a:18:8c:d9:
88:15:73:8f:d4:ec:f0:67:14:6a:76:24:c7:de:34:68:ae:3d:
a3:09:00:51:9e:96:27:fd:06:fb:8f:b5:c6:a2:fc:a2:32:dd:
34:da:30:41:36:e2:2e:bd:cb:53:10:0b:e6:ef:e0:c2:a6:fe:
33:19:76:f9:4c:9f:8d:fd:47:c0:8b:af:e0:dd:14:3f:dd:dd:
6b:59:85:19
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMwODMwMDQyMjI1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVlYzQwMS03NTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvC4+RRiH2aAfhR8y7gvMzjGeO0ZXPmbjvyvRuaYn2TBexwACLRJK8v/NJhzw
n1r8wHB3UyPyBDM1eB1LrocZOYKqivqwxV3TLm4o3xIEMWahklM4j9tf3qefFaf6
/xFD7wejC0H2uSYpR3xzxC4lzEaLEGzVrkIZ73vaaliWBlwgqM1IW0khXCcuLtqO
pOfGVvHtNSDJUJPaakhBkuZ/9iCoe9E86DhzwknT4guG83Wn4SogSBj89Kq3uyI7
zt4WT1j2xpaZq5CV4dh02EHeDr9MRZqaysD5u7+QFTlroBvGRP6OQ0eVgAxq7Dc1
tD7YHgxgoabMh8H2tVnAbDHcdQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHjnI9fk
0ucW+V8MAc1Y1JwzBMVTMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvRDI3NUQ4MDI0
NkVDMTFFRThGNTA2NzFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBANvWOgwDQYJKoZIhvcNAQELBQADggEBAJT4bLDqtoK7n8+G
8gsHaWG1Mfcr229wl6f+usEqUGB/pdbXlcwHjDBeBbtVjsnO/rVbkEZQEdwHVoxa
g0TtkjxUNvi/41hk2s83CBBaEtD93Q3nFbtCtgQkVteGmxwiEYa0zuHlOP6H3Yk3
ATK0XZd8f7ARHGgcvNxYYyGis38soAYK6784YYyA76rbXHgePWCzP5ws99N462g9
FpskVrpUU5H4HG1gCrKqR5RXsYz/ChiM2YgVc4/U7PBnFGp2JMfeNGiuPaMJAFGe
lif9BvuPtcai/KIy3TTaMEE24i69y1MQC+bv4MKm/jMZdvlMn439R8CLr+DdFD/d
3WtZhRk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org