Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/618F268E332011ECB63E811FC4F9AE02.roa
File: 618F268E332011ECB63E811FC4F9AE02.roa (raw, json)
Hash identifier: wr2Anofa7TzVcVKwrRG48SL8LS7HzDVNAfgFmjEC2q8=
Subject key identifier: 63:68:8A:BE:51:0A:49:CF:18:89:A3:BB:1F:F4:64:EF:EA:60:CD:73
Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Certificate serial: 064B
Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/618F268E332011ECB63E811FC4F9AE02.roa
Signing time: Tue 01 Oct 2024 09:17:15 +0000
ROA not before: Tue 01 Oct 2024 09:17:15 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 55740
IP address blocks: 14.97.20.0/24 maxlen: 24
2406:e00:800::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 01 Oct 2024 12:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1611 (0x64b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Validity
Not Before: Oct 1 09:17:15 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66fbbe1b-edb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:82:83:d1:4f:11:a6:13:b4:e6:6d:77:95:0f:
a2:5c:61:77:5d:7b:46:4b:6e:04:31:7a:2a:aa:21:
a5:54:14:8f:b2:60:09:69:ac:48:a7:15:4c:96:82:
91:54:bb:44:3a:a7:93:30:e0:e0:f4:2a:c9:c7:7f:
d8:be:55:58:c3:d6:d7:3c:66:79:69:34:a1:95:7e:
ea:58:de:3c:99:e9:35:e8:e7:10:b4:02:2f:df:f4:
04:7c:4e:75:f3:3b:a4:dc:2a:4a:bd:9c:0e:fa:d5:
c0:4c:ba:8d:9c:62:35:a3:73:1c:71:62:78:71:52:
57:cf:4f:48:a7:1d:1f:bf:33:33:22:a1:07:42:b9:
33:da:0e:37:fa:63:c9:8d:de:0b:28:4c:2d:b1:74:
3d:7c:e2:44:77:0f:0e:6b:6e:44:74:fd:5c:56:42:
b0:10:eb:0b:bd:8b:e7:8d:a6:2d:5a:b2:0e:c3:1e:
05:dd:b6:59:cb:0d:e9:a2:fa:6b:a7:89:69:ca:6d:
f8:2b:93:bf:08:ce:5e:65:92:e5:0e:b3:70:c2:f4:
98:a0:e8:98:d5:f5:3a:ca:08:27:f2:e5:2c:c6:7a:
60:e2:2d:8a:5e:c9:12:3c:c6:8f:72:05:91:76:05:
af:66:e6:33:39:2a:fc:53:9e:08:86:f8:09:35:a5:
a8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:68:8A:BE:51:0A:49:CF:18:89:A3:BB:1F:F4:64:EF:EA:60:CD:73
X509v3 Authority Key Identifier:
keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/618F268E332011ECB63E811FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.97.20.0/24
IPv6:
2406:e00:800::/48
Signature Algorithm: sha256WithRSAEncryption
c1:55:c2:01:ed:d3:bf:58:b6:6c:72:a6:29:5c:dc:be:c2:15:
e8:e6:c5:f4:b2:1f:b6:36:f2:0a:97:1b:65:6f:bd:ad:b0:5c:
d1:c4:52:c6:4f:78:f5:66:22:72:e4:e5:dd:4a:45:36:74:ff:
d3:9e:02:34:ad:10:11:8c:bf:a0:da:7d:59:b1:36:7b:0e:c7:
51:d8:4b:c8:2f:48:11:72:b0:65:15:5d:8e:a3:24:09:69:2d:
7f:14:5f:3e:c6:a2:38:8a:2e:01:6e:a7:4f:95:19:d7:05:ad:
74:ea:27:7d:88:06:78:8b:b0:e1:ca:8e:ea:ed:74:e8:62:1b:
e5:ea:43:6d:30:5e:b3:71:76:c2:98:54:a7:8b:e2:0e:af:62:
94:f3:2a:3f:06:41:6c:ee:04:58:e9:3d:c6:c1:81:82:94:2f:
d2:09:e0:52:62:b2:24:dd:f4:05:19:6c:9d:7c:69:04:ee:0b:
e6:f5:eb:98:ed:cf:d8:85:6b:5c:a0:cc:f2:16:a1:42:05:7f:
46:22:87:3c:9a:dc:ec:8f:11:fd:b3:fd:af:69:35:b3:30:c0:
82:7a:75:5c:3d:31:45:da:a3:bb:6f:e1:57:ee:70:7e:40:e7:
5f:a2:c6:89:3f:4c:e7:90:5a:b3:71:ac:80:60:51:8a:50:20:
4d:f1:22:75
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBkswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw
OTQ5NERCQzgwHhcNMjQxMDAxMDkxNzE1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZiYmUxYi1lZGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyoKD0U8RphO05m13lQ+iXGF3XXtGS24EMXoqqiGlVBSPsmAJaaxIpxVMloKR
VLtEOqeTMODg9CrJx3/YvlVYw9bXPGZ5aTShlX7qWN48mek16OcQtAIv3/QEfE51
8zuk3CpKvZwO+tXATLqNnGI1o3MccWJ4cVJXz09Ipx0fvzMzIqEHQrkz2g43+mPJ
jd4LKEwtsXQ9fOJEdw8Oa25EdP1cVkKwEOsLvYvnjaYtWrIOwx4F3bZZyw3povpr
p4lpym34K5O/CM5eZZLlDrNwwvSYoOiY1fU6yggn8uUsxnpg4i2KXskSPMaPcgWR
dgWvZuYzOSr8U54IhvgJNaWoXQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGNoir5R
CknPGImjux/0ZO/qYM1zMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4
MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvNjE4RjI2OEUz
MzIwMTFFQ0I2M0U4MTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAAOYRQwDwQCAAIwCQMHACQGDgAIADANBgkqhkiG9w0BAQsF
AAOCAQEAwVXCAe3Tv1i2bHKmKVzcvsIV6ObF9LIftjbyCpcbZW+9rbBc0cRSxk94
9WYicuTl3UpFNnT/054CNK0QEYy/oNp9WbE2ew7HUdhLyC9IEXKwZRVdjqMkCWkt
fxRfPsaiOIouAW6nT5UZ1wWtdOonfYgGeIuw4cqO6u106GIb5epDbTBes3F2wphU
p4viDq9ilPMqPwZBbO4EWOk9xsGBgpQv0gngUmKyJN30BRlsnXxpBO4L5vXrmO3P
2IVrXKDM8hahQgV/RiKHPJrc7I8R/bP9r2k1szDAgnp1XD0xRdqju2/hV+5wfkDn
X6LGiT9M55Bas3GsgGBRilAgTfEidQ==
-----END CERTIFICATE-----
Generated at Tue Oct 1 13:52:15 2024 by rpki-client on console-fra.rpki-client.org