Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/B8AFA69675D011EFA971985EC4F9AE02.roa
File: B8AFA69675D011EFA971985EC4F9AE02.roa (raw, json)
Hash identifier: r3+p6ZoKhjHm9wGwPHQZ2boheTMS5VMTbYmynKrtDsI=
Subject key identifier: E0:D1:8A:C1:6B:76:5E:A2:E4:EA:90:7F:9F:05:BD:E3:CD:4B:AB:B3
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1C61
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/B8AFA69675D011EFA971985EC4F9AE02.roa
Signing time: Mon 30 Sep 2024 16:24:16 +0000
ROA not before: Mon 30 Sep 2024 16:24:16 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 138910
IP address blocks: 115.42.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 14:59:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7265 (0x1c61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Sep 30 16:24:16 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fad0b0-f409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ab:ae:02:bd:2f:4a:66:04:d9:7b:8b:5f:ec:
86:d5:10:16:5c:70:79:2f:8d:d8:41:77:74:c9:c1:
8a:9c:74:10:c2:ee:f4:d2:ce:5d:c7:7a:8b:f2:4d:
fd:ea:43:4e:f8:9e:ad:1a:41:41:38:d0:28:a2:9d:
15:16:ce:81:d8:85:4e:b8:c4:d9:1d:a2:e8:98:88:
ec:3a:c0:e7:36:cf:f5:bc:b5:f7:a4:ef:52:b9:6a:
b9:61:ec:9a:73:88:05:e9:4a:a3:f6:a7:ff:75:91:
30:7b:51:05:53:2d:73:a3:09:9c:3f:0a:88:0e:a3:
3b:a1:35:99:56:08:13:c3:04:27:78:b2:e4:83:9c:
07:6a:f0:41:71:6c:fe:0f:e7:fc:ec:e6:7d:49:6e:
3e:f2:b2:51:b5:34:2d:6b:4a:a4:0e:41:87:8c:26:
ca:25:47:ef:d8:72:2b:e3:b5:27:3e:2a:9f:98:1d:
27:f3:dd:a4:f9:2b:b1:e6:04:52:dc:f8:53:1d:ef:
a2:7b:a2:01:7d:6c:b2:7c:b4:f5:63:58:fb:b1:79:
32:b0:d1:19:36:da:75:82:0d:e9:2b:ca:a1:c5:f5:
a9:7a:4d:0a:b2:32:7e:de:47:3e:0b:76:a0:fe:d2:
40:41:c0:b3:ec:05:56:0a:4b:56:b7:9e:88:22:6f:
a3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D1:8A:C1:6B:76:5E:A2:E4:EA:90:7F:9F:05:BD:E3:CD:4B:AB:B3
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/B8AFA69675D011EFA971985EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.42.71.0/24
Signature Algorithm: sha256WithRSAEncryption
51:de:4a:00:10:42:22:40:1f:2d:43:14:0b:3a:94:c3:20:47:
f8:d1:19:71:0b:d1:3a:bf:b6:84:f0:a0:54:08:d9:2e:17:28:
88:f0:bf:54:0e:41:47:4f:94:33:ed:d7:65:7c:2e:9f:b2:f8:
d7:f1:c6:fe:fd:4d:da:ac:05:20:9a:3e:93:47:ce:8a:c5:b8:
84:b2:9c:e6:80:3c:a7:75:3e:f1:64:51:0c:7a:ba:b7:57:ca:
23:89:2a:80:44:fd:cc:7c:2c:f2:f0:42:01:47:d9:f0:64:93:
8b:2f:b7:b2:cd:01:9a:4f:2e:64:41:eb:f0:53:b2:8d:85:73:
65:16:cd:9f:d1:86:50:00:e6:91:2a:08:bf:21:9d:26:ec:cb:
f0:50:c6:cb:4e:1e:bd:4f:d8:93:05:f0:e0:4d:54:54:28:13:
75:37:04:ac:73:9e:99:2b:93:e2:48:3c:38:34:f4:10:c8:91:
fd:87:b5:dc:af:68:07:3e:f1:7c:80:8f:60:9e:7f:09:a7:9e:
73:8f:9e:4f:97:0b:2b:e6:85:3a:e5:3a:fa:b8:0b:db:c6:da:
da:93:09:4c:46:3d:3a:d5:22:51:47:e0:d5:eb:b1:86:14:04:
d0:be:3b:79:b3:22:4e:33:67:31:0c:11:77:07:1a:f4:fe:0d:
65:b5:10:c9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHGEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjQwOTMwMTYyNDE2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZhZDBiMC1mNDA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt6uuAr0vSmYE2XuLX+yG1RAWXHB5L43YQXd0ycGKnHQQwu700s5dx3qL8k39
6kNO+J6tGkFBONAoop0VFs6B2IVOuMTZHaLomIjsOsDnNs/1vLX3pO9SuWq5Yeya
c4gF6Uqj9qf/dZEwe1EFUy1zowmcPwqIDqM7oTWZVggTwwQneLLkg5wHavBBcWz+
D+f87OZ9SW4+8rJRtTQta0qkDkGHjCbKJUfv2HIr47UnPiqfmB0n892k+Sux5gRS
3PhTHe+ie6IBfWyyfLT1Y1j7sXkysNEZNtp1gg3pK8qhxfWpek0KsjJ+3kc+C3ag
/tJAQcCz7AVWCktWt56IIm+jDQIDAQABo4IClTCCApEwHQYDVR0OBBYEFODRisFr
dl6i5OqQf58FvePNS6uzMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvQjhBRkE2OTY3
NUQwMTFFRkE5NzE5ODVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABzKkcwDQYJKoZIhvcNAQELBQADggEBAFHeSgAQQiJAHy1D
FAs6lMMgR/jRGXEL0Tq/toTwoFQI2S4XKIjwv1QOQUdPlDPt12V8Lp+y+Nfxxv79
TdqsBSCaPpNHzorFuISynOaAPKd1PvFkUQx6urdXyiOJKoBE/cx8LPLwQgFH2fBk
k4svt7LNAZpPLmRB6/BTso2Fc2UWzZ/RhlAA5pEqCL8hnSbsy/BQxstOHr1P2JMF
8OBNVFQoE3U3BKxznpkrk+JIPDg09BDIkf2HtdyvaAc+8XyAj2CefwmnnnOPnk+X
CyvmhTrlOvq4C9vG2tqTCUxGPTrVIlFH4NXrsYYUBNC+O3mzIk4zZzEMEXcHGvT+
DWW1EMk=
-----END CERTIFICATE-----
Generated at Wed Oct 2 17:42:41 2024 by rpki-client on console-fra.rpki-client.org