Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/BB7431D2C00711EEB5557977C4F9AE02.roa
File: BB7431D2C00711EEB5557977C4F9AE02.roa (raw, json)
Hash identifier: aJuhbOpMeOBbvLrqz6sFQpOJtHParTGp6W1GdxicM6Q=
Subject key identifier: 86:69:CB:BD:BE:35:ED:9E:64:79:90:C2:8B:14:0D:24:A7:23:76:1F
Certificate issuer: /CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Certificate serial: 0942
Authority key identifier: B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/BB7431D2C00711EEB5557977C4F9AE02.roa
Signing time: Wed 31 Jan 2024 07:13:32 +0000
ROA not before: Wed 31 Jan 2024 07:13:32 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 64079
IP address blocks: 61.29.244.0/22 maxlen: 22
61.29.245.0/24 maxlen: 24
61.29.254.0/23 maxlen: 23
146.196.78.0/23 maxlen: 23
2400:9380:f200::/40 maxlen: 40
2400:9380:f300::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 01 Feb 2024 02:42:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2370 (0x942)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Validity
Not Before: Jan 31 07:13:32 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65b9f31c-b1be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:32:f5:ed:a8:e6:d6:9a:ed:b7:4e:94:b1:3c:
f2:c8:77:e4:c8:a3:c2:d0:db:42:ca:57:08:01:cf:
56:1d:ad:bf:47:e2:a1:8b:ff:1f:76:00:a7:a4:72:
64:f3:b8:2d:0d:8b:3b:78:94:85:cd:c3:c8:87:fe:
ac:92:2c:c7:01:3f:06:d8:ca:a4:8a:6d:6c:65:32:
4e:77:b9:e1:29:42:87:ae:e1:13:cd:26:cf:94:27:
6c:ef:ff:35:a1:ff:67:99:40:f6:a9:12:62:01:71:
f3:ba:07:82:d9:dc:7f:b5:a5:a5:3c:9d:24:9b:b9:
21:9a:04:a3:1d:f9:71:7d:b8:4d:f2:16:9c:72:12:
9e:08:0f:c7:55:da:d1:c1:7c:c7:40:8d:1d:67:79:
8e:b2:fa:93:87:57:29:e8:e1:24:3d:93:a6:01:81:
6d:00:bd:7a:cd:cd:32:bb:46:d4:eb:a1:0f:9c:91:
ef:62:6f:15:53:b8:e5:bb:ff:9e:50:80:3d:d3:ad:
15:7b:39:b3:b8:99:88:e9:65:5e:bf:3d:ed:7d:0a:
96:f9:58:47:ea:10:6a:29:e6:a1:a9:2b:2c:8e:96:
48:2c:d5:5b:be:60:de:84:c2:c6:fa:96:04:84:e5:
29:aa:79:5b:ba:09:bd:8e:c4:1a:35:25:ab:c9:04:
3e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:69:CB:BD:BE:35:ED:9E:64:79:90:C2:8B:14:0D:24:A7:23:76:1F
X509v3 Authority Key Identifier:
keyid:B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/BB7431D2C00711EEB5557977C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.29.244.0/22
61.29.254.0/23
146.196.78.0/23
IPv6:
2400:9380:f200::/39
Signature Algorithm: sha256WithRSAEncryption
6b:78:79:0b:90:27:d9:34:ba:2c:53:9d:2c:02:93:ab:35:c9:
17:ec:95:46:2d:50:4e:df:e1:ca:68:85:85:4c:34:97:b7:4b:
d5:c2:ac:cf:a2:11:f9:08:06:f5:61:b5:ba:80:ce:7a:ba:36:
4f:94:c7:71:b6:56:72:9c:2b:c4:c1:12:f5:d7:b5:d3:f7:05:
35:80:8f:5f:74:8a:cd:d3:02:7f:73:68:26:4d:ad:c7:f7:26:
22:56:51:5a:5d:d0:58:27:bc:76:ce:cb:f0:d2:8d:23:a6:5a:
57:0c:cc:35:33:f7:23:b7:68:69:75:be:4a:24:36:00:07:da:
97:2a:8a:e8:28:16:4d:a8:7f:cc:5a:cb:72:a7:df:72:ad:1c:
56:be:23:6b:0e:26:9b:4b:7f:6a:10:64:36:4a:37:bd:dd:f9:
10:20:aa:79:8d:1b:f3:11:6f:19:a1:fa:ab:57:7d:59:fa:1d:
4f:79:e7:cd:05:43:67:4d:7a:0e:3c:42:0a:f6:03:e5:44:b7:
88:4c:b7:05:f2:61:ca:d2:b5:99:e1:ed:87:e2:97:6d:36:8d:
b1:29:7e:cc:84:96:cd:13:ba:84:20:ae:85:c8:68:47:4d:4c:
7c:3a:83:e3:44:31:e3:c1:60:66:f5:8e:dc:48:72:d7:4d:c1:
28:5c:78:69
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICCUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU3NkQxMTAvBgNVBAUTKEIxRTg0RkFDRkFDQkMwQjc4Mzg1NjFFRjIxRTI4RjJG
QUNGNURGRUMwHhcNMjQwMTMxMDcxMzMyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5ZjMxYy1iMWJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArjL17ajm1prtt06UsTzyyHfkyKPC0NtCylcIAc9WHa2/R+Khi/8fdgCnpHJk
87gtDYs7eJSFzcPIh/6skizHAT8G2Mqkim1sZTJOd7nhKUKHruETzSbPlCds7/81
of9nmUD2qRJiAXHzugeC2dx/taWlPJ0km7khmgSjHflxfbhN8hacchKeCA/HVdrR
wXzHQI0dZ3mOsvqTh1cp6OEkPZOmAYFtAL16zc0yu0bU66EPnJHvYm8VU7jlu/+e
UIA9060VezmzuJmI6WVevz3tfQqW+VhH6hBqKeahqSssjpZILNVbvmDehMLG+pYE
hOUpqnlbugm9jsQaNSWryQQ+FQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFIZpy72+
Ne2eZHmQwosUDSSnI3YfMB8GA1UdIwQYMBaAFLHoT6z6y8C3g4Vh7yHijy+s9d/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTc2RC8zNjg3MkE1RTgy
Q0QxMUVBODk1QzdCNUNDNEY5QUUwMi9zZWhQclByTHdMZURoV0h2SWVLUEw2ejEz
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NlaFByUHJMd0xlRGhXSHZJZUtQTDZ6MTMtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU3NkQvMzY4NzJBNUU4MkNEMTFFQTg5NUM3QjVDQzRGOUFFMDIvQkI3NDMxRDJD
MDA3MTFFRUI1NTU3OTc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMBgEAgABMBIDBAI9HfQDBAE9Hf4DBAGSxE4wDgQCAAIwCAMGASQAk4DyMA0G
CSqGSIb3DQEBCwUAA4IBAQBreHkLkCfZNLosU50sApOrNckX7JVGLVBO3+HKaIWF
TDSXt0vVwqzPohH5CAb1YbW6gM56ujZPlMdxtlZynCvEwRL117XT9wU1gI9fdIrN
0wJ/c2gmTa3H9yYiVlFaXdBYJ7x2zsvw0o0jplpXDMw1M/cjt2hpdb5KJDYAB9qX
KoroKBZNqH/MWstyp99yrRxWviNrDiabS39qEGQ2Sje93fkQIKp5jRvzEW8Zofqr
V31Z+h1PeefNBUNnTXoOPEIK9gPlRLeITLcF8mHK0rWZ4e2H4pdtNo2xKX7MhJbN
E7qEIK6FyGhHTUx8OoPjRDHjwWBm9Y7cSHLXTcEoXHhp
-----END CERTIFICATE-----
Generated at Thu Feb 1 03:52:01 2024 by rpki-client on console-fra.rpki-client.org