Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/A4687598642C11EE95A9B746C4F9AE02.roa
File: A4687598642C11EE95A9B746C4F9AE02.roa (raw, json)
Hash identifier: EMQ6vTt+suoUrmqxZI6Z0gpnyzLNYQEVL8bgdc+4d7c=
Subject key identifier: 7B:F1:DD:D5:C3:0D:7B:FF:37:C3:1D:AA:24:1A:43:4A:9B:8F:FA:25
Certificate issuer: /CN=A9172B7E/serialNumber=A43739BB5F20C14CC5FC49E375587DB3B72237AF
Certificate serial: 24
Authority key identifier: A4:37:39:BB:5F:20:C1:4C:C5:FC:49:E3:75:58:7D:B3:B7:22:37:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDc5u18gwUzF_EnjdVh9s7ciN68.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/A4687598642C11EE95A9B746C4F9AE02.roa
Signing time: Fri 06 Oct 2023 09:42:19 +0000
ROA not before: Fri 06 Oct 2023 09:42:19 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 4648
IP address blocks: 27.96.24.0/21 maxlen: 21
27.96.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 09:16:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36 (0x24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172B7E/serialNumber=A43739BB5F20C14CC5FC49E375587DB3B72237AF
Validity
Not Before: Oct 6 09:42:19 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=651fd67b-c0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a6:6b:2b:fe:d3:7b:c8:2f:41:20:70:19:da:
c0:a1:a1:2f:87:f1:c8:2e:a2:a7:16:60:32:5b:92:
ed:5d:16:f8:0f:d7:8e:15:c8:31:5d:9a:60:0f:ea:
0b:28:bb:c3:9d:f6:2d:5f:82:be:fa:ed:a0:f1:98:
d5:3f:42:27:32:61:4e:08:e6:bf:ec:0c:79:49:37:
40:da:d2:4a:17:b3:a8:e5:ae:33:6b:12:42:03:d4:
0c:f9:6a:28:5a:8f:34:07:f8:df:28:65:55:4a:b5:
25:1e:4c:39:7f:dc:85:57:e9:16:2f:69:6a:ae:2d:
0a:32:6a:f6:54:b7:c6:9d:2b:83:db:48:8f:0f:e2:
b8:0d:69:14:4f:57:aa:cb:47:d9:3a:c3:59:66:5e:
fc:e2:87:5e:06:33:47:9c:54:f4:9e:0f:19:90:b6:
04:b1:06:19:20:fc:3d:b8:63:31:72:fb:6d:a2:b2:
4b:c7:aa:c6:f0:dc:eb:6b:bb:cd:73:e6:ff:ca:d2:
b1:a9:39:c3:f5:eb:9e:d6:de:84:18:d9:67:c2:30:
83:e9:f3:00:33:6f:18:04:63:01:eb:52:0f:11:1d:
ef:54:2d:d3:9f:4b:2b:af:8e:19:db:36:0f:28:ec:
c3:cc:c5:85:3c:69:36:2d:cf:74:12:cd:41:a6:ad:
6c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F1:DD:D5:C3:0D:7B:FF:37:C3:1D:AA:24:1A:43:4A:9B:8F:FA:25
X509v3 Authority Key Identifier:
keyid:A4:37:39:BB:5F:20:C1:4C:C5:FC:49:E3:75:58:7D:B3:B7:22:37:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/pDc5u18gwUzF_EnjdVh9s7ciN68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDc5u18gwUzF_EnjdVh9s7ciN68.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/A4687598642C11EE95A9B746C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.24.0/21
Signature Algorithm: sha256WithRSAEncryption
03:37:03:86:6f:b0:82:46:0b:ec:91:b4:5e:e7:0f:39:ab:48:
85:54:12:0d:89:f1:5b:d2:d8:74:8c:12:b6:52:ef:97:88:37:
fa:d8:03:34:d9:c9:1a:22:be:4c:a7:49:ef:1a:d8:ff:52:93:
a3:61:61:0a:e8:2e:1f:c2:a6:77:2c:3f:63:e9:5d:8d:8b:2c:
03:e8:00:d0:2e:45:ba:f1:eb:71:b4:b4:fc:41:d7:ec:fb:41:
79:f2:98:c9:e1:01:73:0a:a1:03:9b:4d:42:5e:cf:82:04:6e:
ca:9b:fb:e4:5e:8f:8f:75:21:9a:93:8d:50:a6:7c:4b:d6:b9:
3e:0d:c2:66:9f:19:03:19:a0:93:39:77:ba:85:6c:77:01:f1:
36:f5:d0:20:b9:98:a2:84:6b:03:4c:f1:2b:99:52:3b:ba:44:
12:f7:6f:a0:05:21:d2:76:77:16:34:00:17:f3:e6:34:03:20:
0c:20:ab:69:e9:2c:ce:07:3e:15:4b:e6:e9:98:f8:19:cf:15:
79:a9:d6:88:14:0d:e6:79:c4:41:c2:63:3c:51:2b:73:8d:7d:
3b:09:78:db:e1:da:f6:02:78:50:ad:5e:68:03:22:bf:6a:6b:
ea:4c:2f:17:a6:c8:44:c1:4d:d4:de:54:b4:15:12:b2:2d:02:
e9:0e:68:f8
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkI3RTExMC8GA1UEBRMoQTQzNzM5QkI1RjIwQzE0Q0M1RkM0OUUzNzU1ODdEQjNC
NzIyMzdBRjAeFw0yMzEwMDYwOTQyMTlaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MWZkNjdiLWMwZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3pmsr/tN7yC9BIHAZ2sChoS+H8cguoqcWYDJbku1dFvgP144VyDFdmmAP6gso
u8Od9i1fgr767aDxmNU/QicyYU4I5r/sDHlJN0Da0koXs6jlrjNrEkID1Az5aiha
jzQH+N8oZVVKtSUeTDl/3IVX6RYvaWquLQoyavZUt8adK4PbSI8P4rgNaRRPV6rL
R9k6w1lmXvzih14GM0ecVPSeDxmQtgSxBhkg/D24YzFy+22iskvHqsbw3Otru81z
5v/K0rGpOcP1657W3oQY2WfCMIPp8wAzbxgEYwHrUg8RHe9ULdOfSyuvjhnbNg8o
7MPMxYU8aTYtz3QSzUGmrWwLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUe/Hd1cMN
e/83wx2qJBpDSpuP+iUwHwYDVR0jBBgwFoAUpDc5u18gwUzF/EnjdVh9s7ciN68w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQjdFLzczQkM3QUFDNDcx
NzExRUVBNDQ2RTM0NkM0RjlBRTAyL3BEYzV1MThnd1V6Rl9FbmpkVmg5czdjaU42
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcERjNXUxOGd3VXpGX0VuamRWaDlzN2NpTjY4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkI3RS83M0JDN0FBQzQ3MTcxMUVFQTQ0NkUzNDZDNEY5QUUwMi9BNDY4NzU5ODY0
MkMxMUVFOTVBOUI3NDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAxtgGDANBgkqhkiG9w0BAQsFAAOCAQEAAzcDhm+wgkYL7JG0
XucPOatIhVQSDYnxW9LYdIwStlLvl4g3+tgDNNnJGiK+TKdJ7xrY/1KTo2FhCugu
H8Kmdyw/Y+ldjYssA+gA0C5FuvHrcbS0/EHX7PtBefKYyeEBcwqhA5tNQl7PggRu
ypv75F6Pj3UhmpONUKZ8S9a5Pg3CZp8ZAxmgkzl3uoVsdwHxNvXQILmYooRrA0zx
K5lSO7pEEvdvoAUh0nZ3FjQAF/PmNAMgDCCraekszgc+FUvm6Zj4Gc8VeanWiBQN
5nnEQcJjPFErc419Owl42+Ha9gJ4UK1eaAMiv2pr6kwvF6bIRMFN1N5UtBUSsi0C
6Q5o+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org