Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/E4519400471711EE8B36FE59C4F9AE02.roa
File: E4519400471711EE8B36FE59C4F9AE02.roa (raw, json)
Hash identifier: ifNUbmcaZWVPuasbXGhx/VAnKX6OxPUm6FdgVBHtcnw=
Subject key identifier: D6:6C:B0:2A:D4:96:92:FC:D1:5C:D5:4B:51:B6:8E:7E:9B:EE:A5:50
Certificate issuer: /CN=A9172B7E/serialNumber=A43739BB5F20C14CC5FC49E375587DB3B72237AF
Certificate serial: 22
Authority key identifier: A4:37:39:BB:5F:20:C1:4C:C5:FC:49:E3:75:58:7D:B3:B7:22:37:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDc5u18gwUzF_EnjdVh9s7ciN68.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/E4519400471711EE8B36FE59C4F9AE02.roa
Signing time: Fri 06 Oct 2023 09:41:34 +0000
ROA not before: Fri 06 Oct 2023 09:41:34 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 55523
IP address blocks: 27.96.24.0/24 maxlen: 24
27.96.26.0/24 maxlen: 24
27.96.28.0/24 maxlen: 24
27.96.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 09:19:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172B7E/serialNumber=A43739BB5F20C14CC5FC49E375587DB3B72237AF
Validity
Not Before: Oct 6 09:41:34 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=651fd64e-8ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3f:bd:10:ed:8b:8f:31:7c:62:43:f1:1c:61:
a6:7f:2d:33:71:0a:cf:31:a5:6d:77:71:cc:f1:6c:
15:ce:ab:3d:77:4e:3b:04:e4:bb:21:7e:07:19:0f:
6e:6d:eb:d5:04:23:0d:9d:10:ae:02:ba:db:6b:6f:
be:91:ad:92:5c:72:5b:75:23:f7:12:b4:e0:80:62:
4a:25:cb:a7:c7:98:6a:55:7a:be:1c:fe:11:e2:5d:
b0:40:b9:10:76:37:82:12:f8:47:23:c3:74:e9:0a:
6c:82:ce:f6:f4:c1:d6:af:33:ab:b2:f8:4d:9e:0b:
5a:a9:7c:e6:22:bf:90:fc:f7:18:cc:b7:ca:fd:68:
a0:4d:47:7f:8b:9c:88:14:a4:96:97:5d:15:ad:0a:
8c:26:9e:35:a6:d1:ef:82:ab:a7:c8:30:39:ee:63:
9c:4f:da:b9:4a:7a:60:71:4a:35:01:ca:30:bb:f2:
33:81:1c:8e:c3:12:b1:84:60:c7:52:ac:8f:0e:65:
14:c0:19:b3:43:18:67:68:46:6c:9f:38:d6:ba:6f:
e7:b0:66:e1:a0:d0:ff:c4:65:42:36:ce:6a:0c:7c:
35:8b:de:2a:c2:d5:ed:b5:e3:c8:55:c2:68:9a:a3:
d5:fe:22:c5:a7:16:11:7c:8c:9e:b8:46:c6:51:b4:
cf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:6C:B0:2A:D4:96:92:FC:D1:5C:D5:4B:51:B6:8E:7E:9B:EE:A5:50
X509v3 Authority Key Identifier:
keyid:A4:37:39:BB:5F:20:C1:4C:C5:FC:49:E3:75:58:7D:B3:B7:22:37:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/pDc5u18gwUzF_EnjdVh9s7ciN68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDc5u18gwUzF_EnjdVh9s7ciN68.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/E4519400471711EE8B36FE59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.24.0/24
27.96.26.0/24
27.96.28.0/24
27.96.31.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:3e:02:c3:0e:14:e6:16:b5:5c:8e:f2:1a:fb:0e:81:00:d9:
a3:d6:e9:c2:ed:e9:43:af:91:e9:eb:86:19:96:d8:3c:cd:b5:
0c:1c:2f:39:b0:e5:79:c8:9b:af:a6:b5:16:90:5e:00:7b:7a:
0c:81:1c:84:e6:a8:b4:94:d0:09:00:37:b2:69:fd:83:bc:59:
58:f7:04:9c:3a:cb:2a:a5:20:56:d7:55:c8:b8:f0:ae:3a:3b:
3a:2e:16:49:ae:09:c8:e6:49:10:6b:e1:3f:09:f4:b3:05:c7:
96:d1:a3:6c:b0:07:4a:19:ab:ee:e4:dc:5c:dc:8b:d6:95:d7:
b9:de:96:eb:fb:9a:bd:55:b1:30:a3:89:35:e9:5c:f6:83:ec:
98:c5:be:01:5a:c4:9c:02:91:f2:a4:60:79:fe:7b:1f:5e:68:
95:ed:ac:ed:ab:a8:5f:4e:7f:2e:4c:4d:0c:26:42:81:41:05:
44:28:03:95:52:7f:b0:88:0d:50:aa:a4:40:10:73:c7:06:88:
4c:8d:c5:3d:ab:fb:e1:5d:04:29:ab:15:b3:93:83:bf:b2:42:
4e:90:e0:fd:6b:e3:61:aa:92:ad:f4:82:b1:72:f0:5e:4f:26:
f8:07:2f:d4:62:4a:45:aa:db:95:a5:93:87:14:3f:9c:6a:6c:
7c:3d:1a:a4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkI3RTExMC8GA1UEBRMoQTQzNzM5QkI1RjIwQzE0Q0M1RkM0OUUzNzU1ODdEQjNC
NzIyMzdBRjAeFw0yMzEwMDYwOTQxMzRaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MWZkNjRlLThlZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBP70Q7YuPMXxiQ/EcYaZ/LTNxCs8xpW13cczxbBXOqz13TjsE5LshfgcZD25t
69UEIw2dEK4Cuttrb76RrZJcclt1I/cStOCAYkoly6fHmGpVer4c/hHiXbBAuRB2
N4IS+Ecjw3TpCmyCzvb0wdavM6uy+E2eC1qpfOYiv5D89xjMt8r9aKBNR3+LnIgU
pJaXXRWtCowmnjWm0e+Cq6fIMDnuY5xP2rlKemBxSjUByjC78jOBHI7DErGEYMdS
rI8OZRTAGbNDGGdoRmyfONa6b+ewZuGg0P/EZUI2zmoMfDWL3irC1e2148hVwmia
o9X+IsWnFhF8jJ64RsZRtM9PAgMBAAGjggKnMIICozAdBgNVHQ4EFgQU1mywKtSW
kvzRXNVLUbaOfpvupVAwHwYDVR0jBBgwFoAUpDc5u18gwUzF/EnjdVh9s7ciN68w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQjdFLzczQkM3QUFDNDcx
NzExRUVBNDQ2RTM0NkM0RjlBRTAyL3BEYzV1MThnd1V6Rl9FbmpkVmg5czdjaU42
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcERjNXUxOGd3VXpGX0VuamRWaDlzN2NpTjY4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkI3RS83M0JDN0FBQzQ3MTcxMUVFQTQ0NkUzNDZDNEY5QUUwMi9FNDUxOTQwMDQ3
MTcxMUVFOEIzNkZFNTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAEwGAMEABtgGAMEABtgGgMEABtgHAMEABtgHzANBgkqhkiG9w0BAQsF
AAOCAQEAsj4Cww4U5ha1XI7yGvsOgQDZo9bpwu3pQ6+R6euGGZbYPM21DBwvObDl
ecibr6a1FpBeAHt6DIEchOaotJTQCQA3smn9g7xZWPcEnDrLKqUgVtdVyLjwrjo7
Oi4WSa4JyOZJEGvhPwn0swXHltGjbLAHShmr7uTcXNyL1pXXud6W6/uavVWxMKOJ
Nelc9oPsmMW+AVrEnAKR8qRgef57H15ole2s7auoX05/LkxNDCZCgUEFRCgDlVJ/
sIgNUKqkQBBzxwaITI3FPav74V0EKasVs5ODv7JCTpDg/WvjYaqSrfSCsXLwXk8m
+Acv1GJKRarblaWThxQ/nGpsfD0apA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org