Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916E377/8A6D10B6883C11EE9556BB6EC4F9AE02/258E27C08A7B11EE8FAB4037C4F9AE02.roa
File: 258E27C08A7B11EE8FAB4037C4F9AE02.roa (raw, json)
Hash identifier: R+dTTQJhXcWx3wuY4em0xoniPS5OMwwo/bjsKbG+bds=
Subject key identifier: 35:C6:75:73:A4:6A:C2:24:8C:FF:AB:EB:CE:FC:D1:43:73:B2:E5:F7
Certificate issuer: /CN=A916E377/serialNumber=E79493F30A3EE9F0EE40522FF19D685C8062BA6E
Certificate serial: 4C
Authority key identifier: E7:94:93:F3:0A:3E:E9:F0:EE:40:52:2F:F1:9D:68:5C:80:62:BA:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/55ST8wo-6fDuQFIv8Z1oXIBium4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916E377/8A6D10B6883C11EE9556BB6EC4F9AE02/258E27C08A7B11EE8FAB4037C4F9AE02.roa
Signing time: Wed 03 Apr 2024 08:09:53 +0000
ROA not before: Wed 03 Apr 2024 08:09:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 124.110.200.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 09:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76 (0x4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916E377/serialNumber=E79493F30A3EE9F0EE40522FF19D685C8062BA6E
Validity
Not Before: Apr 3 08:09:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660d0ed1-fec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ec:a0:f9:11:69:a4:5a:08:d7:dd:f5:cc:06:
d4:00:da:7a:fb:93:29:e6:00:0f:d8:fe:84:be:5b:
a0:91:1f:ba:ae:3c:f1:0d:19:d5:6e:c7:76:af:44:
0c:7e:8d:cd:e6:f0:a1:68:45:5b:47:07:86:55:6a:
55:16:6b:24:d3:06:7e:6c:d3:a6:b7:b2:07:30:68:
9e:d5:46:5e:c3:c8:59:78:13:e9:ed:6f:05:2d:e9:
a8:38:c9:7e:b4:09:8d:f4:ed:cd:71:6f:f0:3e:de:
72:b6:93:36:fc:d2:09:25:f6:08:01:85:3f:38:b2:
20:d3:8c:08:3f:2f:ed:0b:3f:9a:51:d2:ba:82:48:
31:54:90:66:4f:1b:d3:34:ec:6b:ce:c3:e7:9a:22:
e1:8a:6d:26:f1:14:ea:5c:fc:86:a9:87:fd:e0:3a:
8f:ef:89:09:48:f7:71:c4:1c:8d:9b:1e:e0:7b:e2:
bd:a2:ca:df:e6:ba:12:bf:f7:5a:36:bf:98:fb:74:
60:f0:f3:27:58:ee:f4:3f:c8:04:44:38:66:71:f4:
f0:7f:b5:90:53:d0:fb:6a:d1:2d:62:16:22:4a:74:
45:d8:c9:63:d4:0f:2c:be:b2:5c:0e:15:d2:5e:8d:
7c:6f:86:62:28:20:23:4e:d7:b2:14:be:b0:33:ca:
47:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C6:75:73:A4:6A:C2:24:8C:FF:AB:EB:CE:FC:D1:43:73:B2:E5:F7
X509v3 Authority Key Identifier:
keyid:E7:94:93:F3:0A:3E:E9:F0:EE:40:52:2F:F1:9D:68:5C:80:62:BA:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916E377/8A6D10B6883C11EE9556BB6EC4F9AE02/55ST8wo-6fDuQFIv8Z1oXIBium4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/55ST8wo-6fDuQFIv8Z1oXIBium4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916E377/8A6D10B6883C11EE9556BB6EC4F9AE02/258E27C08A7B11EE8FAB4037C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
124.110.200.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:f1:b5:31:d1:75:49:6b:28:36:fb:dd:f3:11:1c:32:f9:8a:
26:12:97:fb:c4:08:31:e2:87:e4:a1:1e:e4:2a:37:47:08:a2:
47:82:94:55:25:8c:07:02:a2:7b:40:19:e4:67:6f:a7:22:03:
93:f0:a9:83:31:0f:33:c4:2b:3a:7c:19:f4:8e:64:1c:6d:b1:
ab:1b:56:69:da:3f:b3:dc:b0:58:42:8d:6e:68:7e:e8:75:aa:
1f:6f:4e:58:ab:29:34:5e:b9:93:a4:a9:37:36:91:66:8d:6d:
21:0e:f3:b0:6a:43:38:9f:3f:e4:83:69:7a:b8:c1:5c:6c:71:
91:fd:ba:e9:13:ce:eb:15:86:cc:32:41:85:69:bb:16:1b:b1:
b8:91:c1:55:ca:9b:62:3b:7b:39:53:f5:ab:2a:23:dd:6a:62:
e6:8f:68:b1:d7:87:ff:ca:e4:53:bf:29:a9:1f:56:62:30:3b:
43:36:f4:74:72:53:48:bb:55:5d:9a:a2:ba:26:b3:88:2e:21:
d5:61:a5:13:d0:69:33:13:d8:fe:4f:6c:a3:3a:4e:20:3e:ba:
f2:c9:a5:ae:40:39:df:bb:09:3b:63:41:75:df:68:f9:94:fd:
7d:94:1b:a2:c8:49:85:be:94:af:59:e8:f5:51:38:a0:d8:6c:
f0:cc:2d:cc
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBTDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
RTM3NzExMC8GA1UEBRMoRTc5NDkzRjMwQTNFRTlGMEVFNDA1MjJGRjE5RDY4NUM4
MDYyQkE2RTAeFw0yNDA0MDMwODA5NTNaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MGQwZWQxLWZlYzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDj7KD5EWmkWgjX3fXMBtQA2nr7kynmAA/Y/oS+W6CRH7quPPENGdVux3avRAx+
jc3m8KFoRVtHB4ZValUWayTTBn5s06a3sgcwaJ7VRl7DyFl4E+ntbwUt6ag4yX60
CY307c1xb/A+3nK2kzb80gkl9ggBhT84siDTjAg/L+0LP5pR0rqCSDFUkGZPG9M0
7GvOw+eaIuGKbSbxFOpc/Iaph/3gOo/viQlI93HEHI2bHuB74r2iyt/muhK/91o2
v5j7dGDw8ydY7vQ/yAREOGZx9PB/tZBT0Ptq0S1iFiJKdEXYyWPUDyy+slwOFdJe
jXxvhmIoICNO17IUvrAzykdfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNcZ1c6Rq
wiSM/6vrzvzRQ3Oy5fcwHwYDVR0jBBgwFoAU55ST8wo+6fDuQFIv8Z1oXIBium4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZFMzc3LzhBNkQxMEI2ODgz
QzExRUU5NTU2QkI2RUM0RjlBRTAyLzU1U1Q4d28tNmZEdVFGSXY4WjFvWElCaXVt
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNTVTVDh3by02ZkR1UUZJdjhaMW9YSUJpdW00LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
RTM3Ny84QTZEMTBCNjg4M0MxMUVFOTU1NkJCNkVDNEY5QUUwMi8yNThFMjdDMDhB
N0IxMUVFOEZBQjQwMzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAXxuyDANBgkqhkiG9w0BAQsFAAOCAQEAW/G1MdF1SWsoNvvd
8xEcMvmKJhKX+8QIMeKH5KEe5Co3RwiiR4KUVSWMBwKie0AZ5GdvpyIDk/CpgzEP
M8QrOnwZ9I5kHG2xqxtWado/s9ywWEKNbmh+6HWqH29OWKspNF65k6SpNzaRZo1t
IQ7zsGpDOJ8/5INperjBXGxxkf266RPO6xWGzDJBhWm7FhuxuJHBVcqbYjt7OVP1
qyoj3Wpi5o9osdeH/8rkU78pqR9WYjA7Qzb0dHJTSLtVXZqiuiaziC4h1WGlE9Bp
MxPY/k9sozpOID668smlrkA537sJO2NBdd9o+ZT9fZQboshJhb6Ur1no9VE4oNhs
8MwtzA==
-----END CERTIFICATE-----
Generated at Fri Jun 21 13:17:25 2024 by rpki-client on console-fra.rpki-client.org