Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/D9DC0DC6C0AB11EEAD1F4376C4F9AE02.roa
File: D9DC0DC6C0AB11EEAD1F4376C4F9AE02.roa (raw, json)
Hash identifier: 1WqSNjt/x3MXgpqiYWw5J8lQnOjtMG2ort1QI7GgURM=
Subject key identifier: 64:0A:7C:4B:1A:98:67:C7:4E:0F:29:15:30:B2:8A:C6:AF:02:6F:4A
Certificate issuer: /CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Certificate serial: 094A
Authority key identifier: B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/D9DC0DC6C0AB11EEAD1F4376C4F9AE02.roa
Signing time: Thu 01 Feb 2024 02:45:50 +0000
ROA not before: Thu 01 Feb 2024 02:45:50 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 64079
IP address blocks: 61.29.244.0/22 maxlen: 24
61.29.254.0/23 maxlen: 23
146.196.78.0/23 maxlen: 23
2400:9380:f200::/40 maxlen: 40
2400:9380:f300::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 01 Feb 2024 02:57:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2378 (0x94a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Validity
Not Before: Feb 1 02:45:50 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65bb05dd-bd5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:dd:ca:fb:97:c8:03:b4:48:36:c9:bc:79:9c:
b3:e9:e5:46:be:81:62:53:d5:6f:aa:a3:4a:ee:a7:
49:6b:3f:fc:1b:04:a7:d3:fa:33:bd:e6:6b:7f:dd:
f5:62:fd:15:c7:84:f4:c8:e7:8b:01:2e:1c:e7:2e:
75:9a:ff:a1:32:6b:db:e0:6c:6f:00:79:92:60:6a:
12:d5:2b:d1:27:64:2b:ab:ef:4b:01:26:5a:14:ca:
8f:5a:2a:d6:cd:4a:99:ea:56:e4:c5:55:c3:d7:82:
f0:b7:17:e7:28:ee:78:69:f9:0d:40:8b:05:e9:8e:
d3:73:ef:19:ed:4f:24:8e:bf:5c:83:fb:58:06:2d:
cc:c6:0e:91:30:f6:f0:7a:69:5e:7f:11:91:d0:5e:
93:30:37:d4:f1:b1:d3:27:92:b2:18:72:dd:f4:16:
db:af:e7:19:0d:61:ab:bf:7c:c7:0d:51:54:e9:4a:
58:5e:8b:a0:2c:28:2e:d4:0b:69:62:b7:1d:fe:ba:
d3:32:4a:67:8e:0d:a3:13:d4:91:63:4c:75:1d:37:
eb:fc:95:84:b9:49:8e:67:00:90:03:d1:ea:41:b2:
4c:17:26:aa:6d:39:89:3c:1a:fd:2a:e5:86:41:1b:
e1:ad:09:7f:9d:5e:c4:d4:9b:a8:99:e4:47:15:36:
ee:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0A:7C:4B:1A:98:67:C7:4E:0F:29:15:30:B2:8A:C6:AF:02:6F:4A
X509v3 Authority Key Identifier:
keyid:B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/D9DC0DC6C0AB11EEAD1F4376C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.29.244.0/22
61.29.254.0/23
146.196.78.0/23
IPv6:
2400:9380:f200::/39
Signature Algorithm: sha256WithRSAEncryption
80:99:04:a5:0e:dd:7e:98:ea:4b:c4:16:56:18:03:8b:73:25:
f2:cc:52:1e:9e:3d:1c:74:96:a0:d1:1b:7d:42:f5:61:9f:39:
05:21:76:f6:d1:62:cc:4d:83:76:f6:fe:1e:56:e9:25:32:22:
89:ea:5e:51:6a:3d:2a:0a:7d:df:12:6e:fa:b6:ff:3a:ca:36:
c8:88:32:e6:5c:86:87:b2:5d:5a:74:5e:6d:a5:7b:1e:47:cf:
b5:77:fe:08:76:07:e3:0a:cf:a0:1c:b8:c4:35:3b:c9:96:b8:
4a:25:a1:1f:30:43:84:17:0a:7b:af:0e:1f:9b:d6:d6:e3:df:
42:be:c9:e2:5e:b8:2d:7c:2f:63:06:e7:3d:5f:2b:e3:3e:9a:
b4:d4:9b:2f:ad:7b:ba:8c:d1:90:e6:1c:81:11:0c:d4:3e:49:
7f:ab:87:06:6a:83:d0:18:87:bf:4e:fe:f4:86:1f:bd:88:19:
e7:ae:98:cb:c9:67:7a:35:c6:e1:7c:00:55:60:9c:b4:c0:63:
5e:93:a2:3c:e8:d7:81:a0:0c:a0:fd:b9:b2:d1:a7:d7:56:44:
a6:5a:05:29:8e:a3:41:62:ae:ba:85:b5:46:ca:c9:dd:df:f6:
0f:54:9c:a0:67:db:89:0c:48:af:d1:2f:56:dc:65:f6:6a:f6:
05:d1:4d:83
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICCUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU3NkQxMTAvBgNVBAUTKEIxRTg0RkFDRkFDQkMwQjc4Mzg1NjFFRjIxRTI4RjJG
QUNGNURGRUMwHhcNMjQwMjAxMDI0NTUwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJiMDVkZC1iZDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2t3K+5fIA7RINsm8eZyz6eVGvoFiU9VvqqNK7qdJaz/8GwSn0/ozveZrf931
Yv0Vx4T0yOeLAS4c5y51mv+hMmvb4GxvAHmSYGoS1SvRJ2Qrq+9LASZaFMqPWirW
zUqZ6lbkxVXD14LwtxfnKO54afkNQIsF6Y7Tc+8Z7U8kjr9cg/tYBi3Mxg6RMPbw
emlefxGR0F6TMDfU8bHTJ5KyGHLd9Bbbr+cZDWGrv3zHDVFU6UpYXougLCgu1Atp
Yrcd/rrTMkpnjg2jE9SRY0x1HTfr/JWEuUmOZwCQA9HqQbJMFyaqbTmJPBr9KuWG
QRvhrQl/nV7E1JuomeRHFTbumwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFGQKfEsa
mGfHTg8pFTCyisavAm9KMB8GA1UdIwQYMBaAFLHoT6z6y8C3g4Vh7yHijy+s9d/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTc2RC8zNjg3MkE1RTgy
Q0QxMUVBODk1QzdCNUNDNEY5QUUwMi9zZWhQclByTHdMZURoV0h2SWVLUEw2ejEz
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NlaFByUHJMd0xlRGhXSHZJZUtQTDZ6MTMtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU3NkQvMzY4NzJBNUU4MkNEMTFFQTg5NUM3QjVDQzRGOUFFMDIvRDlEQzBEQzZD
MEFCMTFFRUFEMUY0Mzc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMBgEAgABMBIDBAI9HfQDBAE9Hf4DBAGSxE4wDgQCAAIwCAMGASQAk4DyMA0G
CSqGSIb3DQEBCwUAA4IBAQCAmQSlDt1+mOpLxBZWGAOLcyXyzFIenj0cdJag0Rt9
QvVhnzkFIXb20WLMTYN29v4eVuklMiKJ6l5Raj0qCn3fEm76tv86yjbIiDLmXIaH
sl1adF5tpXseR8+1d/4IdgfjCs+gHLjENTvJlrhKJaEfMEOEFwp7rw4fm9bW499C
vsniXrgtfC9jBuc9XyvjPpq01JsvrXu6jNGQ5hyBEQzUPkl/q4cGaoPQGIe/Tv70
hh+9iBnnrpjLyWd6NcbhfABVYJy0wGNek6I86NeBoAyg/bmy0afXVkSmWgUpjqNB
Yq66hbVGysnd3/YPVJygZ9uJDEiv0S9W3GX2avYF0U2D
-----END CERTIFICATE-----
Generated at Thu Feb 1 04:22:28 2024 by rpki-client on console-ams.rpki-client.org