Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91758DF/53191046DC2411EABD057F16C4F9AE02/15097D94C6E611EEAEFF385AC4F9AE02.roa
File: 15097D94C6E611EEAEFF385AC4F9AE02.roa (raw, json)
Hash identifier: 8Llgoyco3MxNlzKsnoSXtlpAjJyAhG04GIvkRDoMUV4=
Subject key identifier: A0:0D:7A:35:7B:06:8D:D4:19:48:BD:52:1E:0E:28:36:53:AF:45:14
Certificate issuer: /CN=A91758DF/serialNumber=426B620C040C83946A4B7586436ECBD0FC4546CF
Certificate serial: 078B
Authority key identifier: 42:6B:62:0C:04:0C:83:94:6A:4B:75:86:43:6E:CB:D0:FC:45:46:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QmtiDAQMg5RqS3WGQ27L0PxFRs8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91758DF/53191046DC2411EABD057F16C4F9AE02/15097D94C6E611EEAEFF385AC4F9AE02.roa
Signing time: Tue 02 Jul 2024 22:10:09 +0000
ROA not before: Tue 02 Jul 2024 22:10:09 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 397763
IP address blocks: 14.1.94.0/23 maxlen: 24
2406:2d40:8200::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 05 Sep 2024 19:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1931 (0x78b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91758DF/serialNumber=426B620C040C83946A4B7586436ECBD0FC4546CF
Validity
Not Before: Jul 2 22:10:09 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66847ac0-d233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e4:dc:52:b0:cf:12:8f:a2:e4:37:2a:4f:af:
f3:ba:e2:91:bc:36:dc:21:81:55:22:d9:9c:22:e3:
f9:ad:95:f5:1f:3d:6a:73:36:d9:5e:93:3b:46:04:
5c:a0:ac:85:63:70:09:e9:ae:c4:af:77:ca:08:c6:
37:64:d5:2f:52:62:0d:d0:23:f4:b9:20:c9:75:5e:
f3:38:6e:42:08:d6:f6:5d:a1:dd:fe:cb:a5:37:0a:
a3:1c:87:bd:84:6a:8a:5c:8d:82:ff:23:b0:b0:c8:
93:69:27:6b:88:a7:1e:1f:40:d2:95:0c:4f:f9:99:
56:30:61:6c:8f:ef:97:a3:71:81:cc:03:38:a1:ed:
4d:55:79:bb:f2:6d:d4:36:59:5a:12:ad:62:04:6c:
ff:49:41:04:8f:ef:09:3d:b9:3a:8e:9f:68:62:36:
bb:50:bb:10:3a:49:37:29:1a:2b:5f:a5:b4:97:03:
2c:f2:ef:99:90:d3:ea:67:fb:aa:8e:d7:ea:78:d4:
4f:f5:dc:62:27:0a:02:05:8f:65:10:7c:ce:ff:7b:
da:b4:aa:78:cd:9f:ed:b6:5e:3c:67:e6:ad:68:d5:
ea:a7:1d:85:72:3b:3c:d4:5f:36:f1:73:4b:cf:93:
7b:52:88:9a:e4:08:1d:46:63:66:ee:5a:97:b5:41:
e1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0D:7A:35:7B:06:8D:D4:19:48:BD:52:1E:0E:28:36:53:AF:45:14
X509v3 Authority Key Identifier:
keyid:42:6B:62:0C:04:0C:83:94:6A:4B:75:86:43:6E:CB:D0:FC:45:46:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91758DF/53191046DC2411EABD057F16C4F9AE02/QmtiDAQMg5RqS3WGQ27L0PxFRs8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QmtiDAQMg5RqS3WGQ27L0PxFRs8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91758DF/53191046DC2411EABD057F16C4F9AE02/15097D94C6E611EEAEFF385AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.94.0/23
IPv6:
2406:2d40:8200::/40
Signature Algorithm: sha256WithRSAEncryption
8d:90:54:00:ee:21:92:1f:c7:7b:2f:d9:f2:e7:19:6a:7a:40:
f8:a6:ad:68:8b:0b:a6:bc:cb:3d:05:8e:eb:b0:77:a0:e0:f4:
47:b0:7d:35:9f:60:cf:05:4c:69:64:68:1f:6b:aa:2d:5a:46:
2e:97:70:4f:9e:e5:c7:7d:77:73:46:bb:e1:6f:e0:32:02:2f:
1d:b0:a3:98:a8:99:41:e3:d2:ba:a9:d4:47:bc:41:2d:74:2b:
7f:81:ad:c1:a9:e2:63:dd:2b:2c:62:62:33:07:fa:bd:b4:ab:
82:5c:1d:12:e9:49:1a:bb:82:e8:20:e9:16:cc:d1:58:4e:df:
f4:e4:b8:cc:3b:18:c8:87:71:93:1b:2e:be:9d:ac:f4:57:88:
ce:64:52:07:a1:ff:22:2c:67:1f:2e:56:97:0c:7d:21:21:c0:
06:23:ec:9c:d0:d7:a8:02:fd:8d:20:ce:f5:b4:81:f5:71:1a:
d6:dc:1b:2b:06:28:fb:94:25:2e:86:85:6d:bb:cb:c3:fc:93:
64:00:12:4d:f9:22:8d:26:04:fa:fe:57:f9:27:61:fd:f1:6a:
9a:4e:e5:47:aa:d7:8d:f1:eb:6c:e2:1a:fe:8d:64:00:da:45:
01:01:b8:2c:79:73:02:24:96:af:e9:69:19:14:85:63:65:91:
c6:5b:9e:ae
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICB4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU4REYxMTAvBgNVBAUTKDQyNkI2MjBDMDQwQzgzOTQ2QTRCNzU4NjQzNkVDQkQw
RkM0NTQ2Q0YwHhcNMjQwNzAyMjIxMDA5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0N2FjMC1kMjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7+TcUrDPEo+i5DcqT6/zuuKRvDbcIYFVItmcIuP5rZX1Hz1qczbZXpM7RgRc
oKyFY3AJ6a7Er3fKCMY3ZNUvUmIN0CP0uSDJdV7zOG5CCNb2XaHd/sulNwqjHIe9
hGqKXI2C/yOwsMiTaSdriKceH0DSlQxP+ZlWMGFsj++Xo3GBzAM4oe1NVXm78m3U
NllaEq1iBGz/SUEEj+8JPbk6jp9oYja7ULsQOkk3KRorX6W0lwMs8u+ZkNPqZ/uq
jtfqeNRP9dxiJwoCBY9lEHzO/3vatKp4zZ/ttl48Z+ataNXqpx2Fcjs81F828XNL
z5N7Uoia5AgdRmNm7lqXtUHhRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKANejV7
Bo3UGUi9Uh4OKDZTr0UUMB8GA1UdIwQYMBaAFEJrYgwEDIOUakt1hkNuy9D8RUbP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NThERi81MzE5MTA0NkRD
MjQxMUVBQkQwNTdGMTZDNEY5QUUwMi9RbXRpREFRTWc1UnFTM1dHUTI3TDBQeEZS
czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FtdGlEQVFNZzVScVMzV0dRMjdMMFB4RlJzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU4REYvNTMxOTEwNDZEQzI0MTFFQUJEMDU3RjE2QzRGOUFFMDIvMTUwOTdEOTRD
NkU2MTFFRUFFRkYzODVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAEOAV4wDgQCAAIwCAMGACQGLUCCMA0GCSqGSIb3DQEBCwUA
A4IBAQCNkFQA7iGSH8d7L9ny5xlqekD4pq1oiwumvMs9BY7rsHeg4PRHsH01n2DP
BUxpZGgfa6otWkYul3BPnuXHfXdzRrvhb+AyAi8dsKOYqJlB49K6qdRHvEEtdCt/
ga3BqeJj3SssYmIzB/q9tKuCXB0S6Ukau4LoIOkWzNFYTt/05LjMOxjIh3GTGy6+
naz0V4jOZFIHof8iLGcfLlaXDH0hIcAGI+yc0NeoAv2NIM71tIH1cRrW3BsrBij7
lCUuhoVtu8vD/JNkABJN+SKNJgT6/lf5J2H98WqaTuVHqteN8ets4hr+jWQA2kUB
AbgseXMCJJav6WkZFIVjZZHGW56u
-----END CERTIFICATE-----
Generated at Thu Sep 5 21:53:22 2024 by rpki-client on console-ams.rpki-client.org