Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170982/CF205C60AC1311ECB776B209C4F9AE02/14C46870AC2711EC9977D033C4F9AE02.roa
File: 14C46870AC2711EC9977D033C4F9AE02.roa (raw, json)
Hash identifier: 33FnBakoRexDzsMRHSuSOVEGleMMnDW66uVT94J5oPA=
Subject key identifier: 8A:4F:2A:9C:6E:E4:FC:52:18:4E:0C:0B:A8:30:AC:7D:CC:47:EE:A4
Certificate issuer: /CN=A9170982/serialNumber=41BFBEBE63521FB04ED8123C68E5C0CDAF5D05CD
Certificate serial: 0271
Authority key identifier: 41:BF:BE:BE:63:52:1F:B0:4E:D8:12:3C:68:E5:C0:CD:AF:5D:05:CD
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Qb--vmNSH7BO2BI8aOXAza9dBc0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170982/CF205C60AC1311ECB776B209C4F9AE02/14C46870AC2711EC9977D033C4F9AE02.roa
Signing time: Sat 09 Dec 2023 02:54:17 +0000
ROA not before: Sat 09 Dec 2023 02:54:17 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 19905
IP address blocks: 167.208.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 09:25:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 625 (0x271)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170982/serialNumber=41BFBEBE63521FB04ED8123C68E5C0CDAF5D05CD
Validity
Not Before: Dec 9 02:54:17 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6573d6d9-2566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cd:6d:20:66:3a:0e:f9:c9:c9:6c:ca:5b:51:
db:9c:30:96:55:a0:9a:12:68:d0:8e:02:61:e4:69:
64:ed:ab:e0:15:30:2c:51:83:b2:ae:09:01:9d:f2:
00:bf:e8:98:0b:fe:1e:3c:73:78:c2:45:1e:fa:cc:
13:a1:65:44:14:45:fc:f5:9c:80:ca:53:01:cc:30:
54:e3:d5:ed:cd:bc:b0:3f:cb:27:d8:b5:d0:0d:01:
ce:2b:c6:8c:52:fc:cb:b1:1d:0a:18:5b:ac:8e:d4:
78:c3:c3:7a:11:77:32:0b:45:0f:9a:60:15:3e:a4:
21:6c:58:03:f6:d4:24:30:40:96:0e:15:0a:72:da:
85:1c:5a:d8:33:05:c6:14:28:51:5b:91:64:95:3e:
c6:fb:11:4f:08:7c:d8:12:8b:16:5a:b2:c7:3b:e5:
66:6c:5a:9d:61:2c:de:63:a1:90:0d:ce:a9:84:3b:
f3:5f:6a:60:62:5d:e2:35:68:e0:cb:bd:f1:c4:22:
2b:4d:33:26:a2:c8:5a:5b:ea:76:5f:b5:63:ff:fc:
6f:4a:a4:42:5f:ab:05:62:b8:d8:e8:85:d9:27:8b:
42:82:65:5c:15:ab:c2:e5:6e:0f:86:86:51:f5:53:
69:c1:c4:75:fb:20:4a:2e:19:49:1b:ce:28:c4:ab:
8f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4F:2A:9C:6E:E4:FC:52:18:4E:0C:0B:A8:30:AC:7D:CC:47:EE:A4
X509v3 Authority Key Identifier:
keyid:41:BF:BE:BE:63:52:1F:B0:4E:D8:12:3C:68:E5:C0:CD:AF:5D:05:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170982/CF205C60AC1311ECB776B209C4F9AE02/Qb--vmNSH7BO2BI8aOXAza9dBc0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Qb--vmNSH7BO2BI8aOXAza9dBc0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170982/CF205C60AC1311ECB776B209C4F9AE02/14C46870AC2711EC9977D033C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
167.208.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:6f:81:84:ea:0d:e2:64:c5:80:e0:76:fb:b5:dd:8e:9e:35:
bb:5b:52:fd:0c:07:97:3e:04:a3:dd:13:7a:b3:f6:5d:b2:92:
c7:ea:89:ad:19:4f:55:d8:bf:8b:c6:e7:b3:10:16:2e:54:02:
9c:a4:78:a3:0e:f6:30:48:9a:cb:81:03:3e:b2:85:f6:cc:5b:
4f:b7:13:24:89:1d:1f:e8:b7:e7:6d:86:3f:25:75:5e:19:a3:
5e:ea:c1:11:a0:96:36:d0:cc:54:3e:f6:db:9d:ad:52:f9:7c:
a8:8a:67:a2:d6:63:4a:db:12:19:43:ac:b8:bc:46:d7:4e:d8:
bd:a6:ac:69:d6:9c:b2:38:3b:d7:d9:d8:a2:29:59:00:fb:b9:
e5:69:2b:41:d0:1d:17:5a:c6:17:02:b4:31:3f:d0:62:30:d5:
98:22:47:e1:ed:c1:44:41:7b:50:46:e1:dc:57:7b:67:61:d2:
c0:79:ff:d6:57:9b:0d:75:b1:17:59:60:9e:b5:93:c0:69:94:
86:78:6f:0b:f0:f5:76:bb:09:ea:56:03:5a:8b:d3:3c:71:dc:
ab:a1:38:96:cd:8b:68:54:30:29:21:b3:53:3f:10:3d:af:ca:
19:18:0c:f0:24:a4:a2:6c:33:4b:5f:6c:f3:ec:d0:9d:04:80:
d1:6b:3f:a3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICAnEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzA5ODIxMTAvBgNVBAUTKDQxQkZCRUJFNjM1MjFGQjA0RUQ4MTIzQzY4RTVDMENE
QUY1RDA1Q0QwHhcNMjMxMjA5MDI1NDE3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTczZDZkOS0yNTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsM1tIGY6DvnJyWzKW1HbnDCWVaCaEmjQjgJh5Glk7avgFTAsUYOyrgkBnfIA
v+iYC/4ePHN4wkUe+swToWVEFEX89ZyAylMBzDBU49XtzbywP8sn2LXQDQHOK8aM
UvzLsR0KGFusjtR4w8N6EXcyC0UPmmAVPqQhbFgD9tQkMECWDhUKctqFHFrYMwXG
FChRW5FklT7G+xFPCHzYEosWWrLHO+VmbFqdYSzeY6GQDc6phDvzX2pgYl3iNWjg
y73xxCIrTTMmoshaW+p2X7Vj//xvSqRCX6sFYrjY6IXZJ4tCgmVcFavC5W4PhoZR
9VNpwcR1+yBKLhlJG84oxKuPBQIDAQABo4IClDCCApAwHQYDVR0OBBYEFIpPKpxu
5PxSGE4MC6gwrH3MR+6kMB8GA1UdIwQYMBaAFEG/vr5jUh+wTtgSPGjlwM2vXQXN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDk4Mi9DRjIwNUM2MEFD
MTMxMUVDQjc3NkIyMDlDNEY5QUUwMi9RYi0tdm1OU0g3Qk8yQkk4YU9YQXphOWRC
YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1FiLS12bU5TSDdCTzJCSThhT1hBemE5ZEJjMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzA5ODIvQ0YyMDVDNjBBQzEzMTFFQ0I3NzZCMjA5QzRGOUFFMDIvMTRDNDY4NzBB
QzI3MTFFQzk5NzdEMDMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCn0DANBgkqhkiG9w0BAQsFAAOCAQEAcG+BhOoN4mTFgOB2
+7Xdjp41u1tS/QwHlz4Eo90TerP2XbKSx+qJrRlPVdi/i8bnsxAWLlQCnKR4ow72
MEiay4EDPrKF9sxbT7cTJIkdH+i3522GPyV1XhmjXurBEaCWNtDMVD72252tUvl8
qIpnotZjStsSGUOsuLxG107Yvaasadacsjg719nYoilZAPu55WkrQdAdF1rGFwK0
MT/QYjDVmCJH4e3BREF7UEbh3Fd7Z2HSwHn/1lebDXWxF1lgnrWTwGmUhnhvC/D1
drsJ6lYDWovTPHHcq6E4ls2LaFQwKSGzUz8QPa/KGRgM8CSkomwzS19s8+zQnQSA
0Ws/ow==
-----END CERTIFICATE-----
Generated at Tue Sep 17 10:55:43 2024 by rpki-client on console-ams.rpki-client.org