Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/ED2D2346471C11EEBC996766C4F9AE02.roa
File: ED2D2346471C11EEBC996766C4F9AE02.roa (raw, json)
Hash identifier: RZBgyHv8PbHlsYuwQTTKnJ/iLVygR9w+Byj32N6tf9I=
Subject key identifier: B6:83:F2:1F:A8:95:CA:AD:BB:26:B0:68:66:88:0D:67:37:2B:10:E4
Certificate issuer: /CN=A9172B7E/serialNumber=A43739BB5F20C14CC5FC49E375587DB3B72237AF
Certificate serial: 06
Authority key identifier: A4:37:39:BB:5F:20:C1:4C:C5:FC:49:E3:75:58:7D:B3:B7:22:37:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDc5u18gwUzF_EnjdVh9s7ciN68.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/ED2D2346471C11EEBC996766C4F9AE02.roa
Signing time: Wed 30 Aug 2023 10:06:46 +0000
ROA not before: Wed 30 Aug 2023 10:06:46 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 4648
IP address blocks: 27.96.24.0/21 maxlen: 21
27.96.24.0/24 maxlen: 24
27.96.26.0/24 maxlen: 24
27.96.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172B7E/serialNumber=A43739BB5F20C14CC5FC49E375587DB3B72237AF
Validity
Not Before: Aug 30 10:06:46 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64ef14b6-cb24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ce:cc:34:1b:f1:f6:4b:d9:e6:48:97:eb:54:
cd:4f:6d:8c:f2:2e:5d:c8:0d:a5:01:83:b5:70:4a:
1d:66:a9:8c:ff:d0:b0:cf:00:d3:26:b4:3c:fd:b3:
cf:bb:5e:f2:a8:af:7b:15:7d:e8:94:e4:5a:e4:8d:
0e:56:45:e6:58:9a:27:96:7e:35:4e:d9:0d:d0:1f:
cf:6a:cd:a6:92:ef:88:7f:58:b2:77:24:54:87:b3:
77:e8:d3:a5:f1:61:63:e8:a8:c9:2c:f0:15:a5:14:
fe:39:da:71:5e:13:37:27:b7:0e:04:35:42:fd:17:
84:be:94:af:ec:cf:da:fc:30:b2:74:44:87:87:46:
9e:48:8b:e8:b7:00:4c:2f:1e:ca:cd:cb:22:92:a0:
5e:12:18:43:68:ed:e0:78:90:58:4f:61:5b:10:dc:
80:95:27:33:9a:89:f5:ec:a6:e5:56:ec:10:8f:eb:
c1:b1:cd:83:07:57:bc:30:27:f7:f1:7a:68:df:44:
5e:92:60:56:0b:97:af:1d:32:66:16:1f:0c:b0:94:
be:f2:12:29:a8:54:65:66:72:a7:6b:df:91:4e:47:
bc:23:fc:fe:66:6c:73:61:bc:b1:6a:d6:13:4e:68:
c5:17:74:35:b4:9c:1d:4d:0a:a1:ff:f0:c6:6d:d1:
2d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:83:F2:1F:A8:95:CA:AD:BB:26:B0:68:66:88:0D:67:37:2B:10:E4
X509v3 Authority Key Identifier:
keyid:A4:37:39:BB:5F:20:C1:4C:C5:FC:49:E3:75:58:7D:B3:B7:22:37:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/pDc5u18gwUzF_EnjdVh9s7ciN68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDc5u18gwUzF_EnjdVh9s7ciN68.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/ED2D2346471C11EEBC996766C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.24.0/21
Signature Algorithm: sha256WithRSAEncryption
b9:3f:c8:45:cd:af:da:44:fc:13:6d:03:b9:8a:b5:66:63:02:
84:c8:5a:eb:db:59:73:61:8d:63:bf:c9:65:a5:76:47:5c:19:
46:5b:20:b3:11:b9:09:15:95:f3:0a:5c:e0:e6:df:03:36:fd:
c6:39:54:c5:0e:7f:80:84:fb:42:7e:a3:4f:e2:1f:da:3c:f2:
e9:74:0e:48:8e:d9:38:d8:03:98:28:33:15:46:c9:a4:42:1b:
b3:49:df:b3:22:c5:d8:ed:05:b2:95:c8:57:1e:98:a4:fc:b9:
13:01:99:3e:dd:b6:f7:d4:56:c5:01:5c:c0:68:4d:5d:cd:9b:
d0:3f:93:bb:ec:fb:7e:1b:cb:95:a3:35:87:bd:37:fb:33:02:
db:c7:5b:7f:38:0d:91:99:45:5f:df:70:93:b0:50:c6:a9:94:
e1:81:3b:cd:31:3f:73:d9:a0:89:8f:66:e0:32:2a:f1:72:64:
cc:f6:97:86:12:a3:41:fd:1e:8d:eb:ca:1c:29:d1:50:3a:35:
a5:a6:86:88:c1:00:eb:dd:52:6c:b7:8a:0d:0e:6e:d2:5b:23:
4d:b1:7d:72:7b:6a:82:d7:e4:06:07:5f:6e:6b:65:35:7c:f0:
d1:b6:09:ff:c1:ca:59:8f:78:a4:2a:e7:b8:eb:fb:a0:fa:a0:
34:0a:77:2d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkI3RTExMC8GA1UEBRMoQTQzNzM5QkI1RjIwQzE0Q0M1RkM0OUUzNzU1ODdEQjNC
NzIyMzdBRjAeFw0yMzA4MzAxMDA2NDZaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZWYxNGI2LWNiMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6zsw0G/H2S9nmSJfrVM1PbYzyLl3IDaUBg7VwSh1mqYz/0LDPANMmtDz9s8+7
XvKor3sVfeiU5FrkjQ5WReZYmieWfjVO2Q3QH89qzaaS74h/WLJ3JFSHs3fo06Xx
YWPoqMks8BWlFP452nFeEzcntw4ENUL9F4S+lK/sz9r8MLJ0RIeHRp5Ii+i3AEwv
HsrNyyKSoF4SGENo7eB4kFhPYVsQ3ICVJzOaifXspuVW7BCP68GxzYMHV7wwJ/fx
emjfRF6SYFYLl68dMmYWHwywlL7yEimoVGVmcqdr35FOR7wj/P5mbHNhvLFq1hNO
aMUXdDW0nB1NCqH/8MZt0S3zAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUtoPyH6iV
yq27JrBoZogNZzcrEOQwHwYDVR0jBBgwFoAUpDc5u18gwUzF/EnjdVh9s7ciN68w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQjdFLzczQkM3QUFDNDcx
NzExRUVBNDQ2RTM0NkM0RjlBRTAyL3BEYzV1MThnd1V6Rl9FbmpkVmg5czdjaU42
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcERjNXUxOGd3VXpGX0VuamRWaDlzN2NpTjY4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkI3RS83M0JDN0FBQzQ3MTcxMUVFQTQ0NkUzNDZDNEY5QUUwMi9FRDJEMjM0NjQ3
MUMxMUVFQkM5OTY3NjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAxtgGDANBgkqhkiG9w0BAQsFAAOCAQEAuT/IRc2v2kT8E20D
uYq1ZmMChMha69tZc2GNY7/JZaV2R1wZRlsgsxG5CRWV8wpc4ObfAzb9xjlUxQ5/
gIT7Qn6jT+If2jzy6XQOSI7ZONgDmCgzFUbJpEIbs0nfsyLF2O0FspXIVx6YpPy5
EwGZPt2299RWxQFcwGhNXc2b0D+Tu+z7fhvLlaM1h703+zMC28dbfzgNkZlFX99w
k7BQxqmU4YE7zTE/c9mgiY9m4DIq8XJkzPaXhhKjQf0ejevKHCnRUDo1paaGiMEA
691SbLeKDQ5u0lsjTbF9cntqgtfkBgdfbmtlNXzw0bYJ/8HKWY94pCrnuOv7oPqg
NAp3LQ==
-----END CERTIFICATE-----
Generated at Thu Sep 14 04:35:39 2023 by rpki-client on console-ams.rpki-client.org