Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/3BDAF86884C711EFAD9CEE6AC4F9AE02.roa
File: 3BDAF86884C711EFAD9CEE6AC4F9AE02.roa (raw, json)
Hash identifier: 3kaqWSRjSxI0U2djvcIFwm1fjL7nc1yYMa3VnkP0tRw=
Subject key identifier: 67:18:03:96:E3:2F:8D:D1:4B:A7:E2:DC:20:5C:C0:08:BE:D5:C8:27
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1C75
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/3BDAF86884C711EFAD9CEE6AC4F9AE02.roa
Signing time: Mon 07 Oct 2024 16:14:31 +0000
ROA not before: Mon 07 Oct 2024 16:14:31 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 55154
IP address blocks: 115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 12:03:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7285 (0x1c75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Oct 7 16:14:31 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=670408e7-6542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:be:23:a2:0f:9f:2e:81:77:c1:94:9c:2a:38:
c0:2c:3e:f3:0b:c3:b0:57:54:1c:47:90:be:3b:51:
c1:43:1d:b9:75:be:7f:32:42:ca:ad:8b:30:ac:de:
6c:d0:2d:7d:57:94:83:65:73:88:fb:fa:cb:85:17:
1c:b6:ca:62:7a:92:ce:b2:f3:a0:c4:6b:9b:17:f1:
00:67:53:27:2e:0c:8d:cd:3d:34:4b:74:fb:50:14:
bc:e6:cb:4f:1c:de:56:11:b2:6e:ee:a5:dd:77:3d:
a7:1c:a1:63:8e:bf:0a:50:a6:1e:23:11:88:30:09:
55:6a:d4:50:4f:18:2d:4b:24:f4:80:aa:75:f3:dd:
cc:53:4f:8b:a9:ee:95:75:5b:28:1e:1f:e1:cc:c9:
af:ce:a4:76:48:1a:48:4f:40:b8:cd:bd:01:f3:21:
d3:96:83:8d:47:06:e1:a8:1f:60:89:06:0b:98:43:
70:9f:66:b8:ed:dd:d8:a4:9b:aa:03:b1:7d:ed:75:
76:81:f8:1f:e1:74:5d:c4:91:89:e0:43:d4:5f:ed:
37:6b:43:c7:de:6b:8a:4a:a5:68:37:bb:bf:fa:dd:
44:e1:b4:62:1a:3d:b8:2c:60:64:e5:06:28:4d:10:
fe:4a:64:4a:58:49:e5:26:9d:03:c7:0b:d7:91:e0:
65:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:18:03:96:E3:2F:8D:D1:4B:A7:E2:DC:20:5C:C0:08:BE:D5:C8:27
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/3BDAF86884C711EFAD9CEE6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.42.68.0-115.42.70.255
Signature Algorithm: sha256WithRSAEncryption
75:8b:b4:c6:b0:2d:a1:96:33:ef:af:d3:f8:49:df:08:e7:fc:
ce:20:0c:1d:87:32:0c:e6:b0:10:69:82:4d:e3:d9:57:bb:f6:
d0:c0:32:e3:7b:ed:e4:42:91:2a:be:a4:ff:df:5c:04:34:6b:
9e:6c:61:70:68:bb:cb:07:62:69:b0:cc:20:c0:a9:60:f4:7b:
18:4e:9c:bb:f8:54:1e:c8:5d:ad:c3:f3:da:2d:5c:77:c9:10:
88:58:d1:36:eb:20:df:e5:38:47:e5:ea:62:70:e0:a0:7c:cc:
b0:db:36:41:03:55:9f:a1:a9:40:ea:2b:47:af:11:07:96:c0:
7b:a6:64:74:b5:19:57:e3:d4:81:e6:a3:d8:f0:71:1a:9a:ba:
df:90:d1:a3:f5:35:e8:3a:8c:12:8a:66:7c:54:9c:14:1f:78:
c3:82:6c:d3:70:35:fa:e6:be:b1:59:64:b5:bf:71:14:66:88:
62:e6:8c:bb:c8:5c:01:ea:85:3e:ac:62:b9:36:3b:cc:80:cf:
1e:eb:4b:55:c5:45:da:61:0b:31:c4:00:49:20:03:d0:c8:b1:
ef:69:bd:b1:9b:8b:89:12:c0:91:ef:30:05:d0:8b:9a:aa:c5:
8b:ef:1f:14:46:8c:38:8c:9f:8d:ec:28:72:fd:26:01:2f:98:
13:87:b9:25
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICHHUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjQxMDA3MTYxNDMxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA0MDhlNy02NTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtL4jog+fLoF3wZScKjjALD7zC8OwV1QcR5C+O1HBQx25db5/MkLKrYswrN5s
0C19V5SDZXOI+/rLhRcctspiepLOsvOgxGubF/EAZ1MnLgyNzT00S3T7UBS85stP
HN5WEbJu7qXddz2nHKFjjr8KUKYeIxGIMAlVatRQTxgtSyT0gKp1893MU0+Lqe6V
dVsoHh/hzMmvzqR2SBpIT0C4zb0B8yHTloONRwbhqB9giQYLmENwn2a47d3YpJuq
A7F97XV2gfgf4XRdxJGJ4EPUX+03a0PH3muKSqVoN7u/+t1E4bRiGj24LGBk5QYo
TRD+SmRKWEnlJp0DxwvXkeBlOwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFGcYA5bj
L43RS6fi3CBcwAi+1cgnMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvM0JEQUY4Njg4
NEM3MTFFRkFEOUNFRTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAnMqRAMEAHMqRjANBgkqhkiG9w0BAQsFAAOCAQEAdYu0
xrAtoZYz76/T+EnfCOf8ziAMHYcyDOawEGmCTePZV7v20MAy43vt5EKRKr6k/99c
BDRrnmxhcGi7ywdiabDMIMCpYPR7GE6cu/hUHshdrcPz2i1cd8kQiFjRNusg3+U4
R+XqYnDgoHzMsNs2QQNVn6GpQOorR68RB5bAe6ZkdLUZV+PUgeaj2PBxGpq635DR
o/U16DqMEopmfFScFB94w4Js03A1+ua+sVlktb9xFGaIYuaMu8hcAeqFPqxiuTY7
zIDPHutLVcVF2mELMcQASSAD0Mix72m9sZuLiRLAke8wBdCLmqrFi+8fFEaMOIyf
jewocv0mAS+YE4e5JQ==
-----END CERTIFICATE-----
Generated at Mon Oct 14 14:17:45 2024 by rpki-client on console-ams.rpki-client.org