Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/333C4712142911EE81123B18C4F9AE02.roa
File: 333C4712142911EE81123B18C4F9AE02.roa (raw, json)
Hash identifier: PCsHwbwQWtsCrbMhzx17tE5UxZ0evZ8A00mC9UXq1B0=
Subject key identifier: 1B:C4:3E:FA:C0:16:A8:6A:82:15:B0:5B:5A:5C:37:E9:74:3F:D5:4B
Certificate issuer: /CN=A917E1FE/serialNumber=EDEB96F04C8D3EDCCBEEBA40C4242922A8136B53
Certificate serial: 056C
Authority key identifier: ED:EB:96:F0:4C:8D:3E:DC:CB:EE:BA:40:C4:24:29:22:A8:13:6B:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7euW8EyNPtzL7rpAxCQpIqgTa1M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/333C4712142911EE81123B18C4F9AE02.roa
Signing time: Wed 05 Jul 2023 06:09:36 +0000
ROA not before: Wed 05 Jul 2023 06:09:36 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 36.255.196.0/24 maxlen: 24
36.255.197.0/24 maxlen: 24
36.255.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jul 2023 10:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1388 (0x56c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E1FE/serialNumber=EDEB96F04C8D3EDCCBEEBA40C4242922A8136B53
Validity
Not Before: Jul 5 06:09:36 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64a50920-7dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:68:bb:dc:08:2c:19:bf:13:f6:0c:49:62:b5:
31:ed:94:77:4b:e3:28:13:d1:05:b7:4e:b1:e9:d6:
9e:c9:2e:7c:36:06:82:16:90:bf:88:71:96:f2:e0:
fc:dd:63:4d:09:f2:0a:1c:d7:26:ae:76:e6:af:e5:
91:97:c2:a3:8c:11:5b:db:40:4e:89:e9:74:97:70:
c9:e9:2e:ad:65:eb:55:e7:20:77:2f:fb:9d:ee:82:
83:78:61:d3:49:b2:38:2c:0b:91:8c:59:c2:eb:c7:
c5:af:1a:a2:fd:80:26:ef:00:30:06:e5:74:43:49:
49:1e:2b:e9:45:17:46:9d:c7:63:50:16:3d:47:b0:
ec:f1:01:c9:7c:38:8e:64:3a:d7:9d:d2:e9:81:34:
72:ce:b6:31:78:0c:37:0b:4b:8e:3a:36:03:f8:81:
61:c5:65:bd:a5:ae:ef:02:65:12:63:46:52:bc:14:
a6:0d:da:79:9b:89:a8:6a:51:c1:fe:31:ab:31:94:
f4:23:73:f6:6e:94:49:81:75:7a:bc:97:37:51:92:
74:75:f3:4f:8a:ce:6a:fb:60:f0:91:df:9d:49:59:
86:89:30:18:a3:92:43:b6:8b:dd:cc:a3:c9:72:f6:
f8:de:49:41:81:ec:b4:39:68:8e:1d:0a:2a:e5:96:
02:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C4:3E:FA:C0:16:A8:6A:82:15:B0:5B:5A:5C:37:E9:74:3F:D5:4B
X509v3 Authority Key Identifier:
keyid:ED:EB:96:F0:4C:8D:3E:DC:CB:EE:BA:40:C4:24:29:22:A8:13:6B:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/7euW8EyNPtzL7rpAxCQpIqgTa1M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7euW8EyNPtzL7rpAxCQpIqgTa1M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/333C4712142911EE81123B18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.196.0/23
36.255.199.0/24
Signature Algorithm: sha256WithRSAEncryption
61:18:a3:98:36:8a:86:62:06:6a:1b:08:b5:c2:42:43:8f:dc:
cc:08:8f:3b:10:bc:52:35:60:78:28:f9:05:1a:63:3d:3d:85:
af:1e:3c:06:a1:be:c2:67:f0:68:13:cd:0c:06:b8:56:3c:33:
ae:93:d0:a1:1e:25:45:cd:74:d4:01:24:a4:3a:68:47:a0:9a:
cc:ed:38:5d:82:98:4e:d1:81:8b:8a:81:41:c7:35:b7:e3:4b:
fd:a4:07:a9:1a:d2:a7:c0:91:28:fc:83:d0:33:43:78:c7:3b:
f4:2a:98:ac:8e:d4:3e:8c:72:c7:b4:65:37:d6:99:b5:3c:11:
26:66:e6:f2:48:69:93:2b:f4:45:3b:fa:99:ca:54:cd:c5:1c:
81:b0:3b:d5:2a:86:44:dd:d0:2c:4f:b0:6d:f8:ed:0e:bc:28:
df:c9:79:25:f3:13:02:7d:82:48:d8:f5:a8:55:1b:a4:57:b7:
b8:cc:2f:27:98:b5:5d:7d:04:52:d3:15:0c:d4:aa:cb:e7:4b:
c6:2c:57:ed:f3:b0:94:c0:ef:02:1a:a5:73:45:fd:a6:bb:3c:
16:da:fa:4e:9a:81:8f:81:82:28:df:1f:e2:c9:41:66:30:31:
9d:95:80:19:a7:f6:ed:3f:1c:72:c7:38:cc:24:f5:e8:9b:e4:
c9:6f:5e:b3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0UxRkUxMTAvBgNVBAUTKEVERUI5NkYwNEM4RDNFRENDQkVFQkE0MEM0MjQyOTIy
QTgxMzZCNTMwHhcNMjMwNzA1MDYwOTM2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE1MDkyMC03ZGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Wi73AgsGb8T9gxJYrUx7ZR3S+MoE9EFt06x6daeyS58NgaCFpC/iHGW8uD8
3WNNCfIKHNcmrnbmr+WRl8KjjBFb20BOiel0l3DJ6S6tZetV5yB3L/ud7oKDeGHT
SbI4LAuRjFnC68fFrxqi/YAm7wAwBuV0Q0lJHivpRRdGncdjUBY9R7Ds8QHJfDiO
ZDrXndLpgTRyzrYxeAw3C0uOOjYD+IFhxWW9pa7vAmUSY0ZSvBSmDdp5m4moalHB
/jGrMZT0I3P2bpRJgXV6vJc3UZJ0dfNPis5q+2Dwkd+dSVmGiTAYo5JDtovdzKPJ
cvb43klBgey0OWiOHQoq5ZYCpQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBvEPvrA
FqhqghWwW1pcN+l0P9VLMB8GA1UdIwQYMBaAFO3rlvBMjT7cy+66QMQkKSKoE2tT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTFGRS8zODYyMzVGMDZG
ODgxMUVCQTg2QkY2NEFDNEY5QUUwMi83ZXVXOEV5TlB0ekw3cnBBeENRcElxZ1Rh
MU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdldVc4RXlOUHR6TDdycEF4Q1FwSXFnVGExTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UxRkUvMzg2MjM1RjA2Rjg4MTFFQkE4NkJGNjRBQzRGOUFFMDIvMzMzQzQ3MTIx
NDI5MTFFRTgxMTIzQjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEk/8QDBAAk/8cwDQYJKoZIhvcNAQELBQADggEBAGEYo5g2
ioZiBmobCLXCQkOP3MwIjzsQvFI1YHgo+QUaYz09ha8ePAahvsJn8GgTzQwGuFY8
M66T0KEeJUXNdNQBJKQ6aEegmsztOF2CmE7RgYuKgUHHNbfjS/2kB6ka0qfAkSj8
g9AzQ3jHO/QqmKyO1D6Mcse0ZTfWmbU8ESZm5vJIaZMr9EU7+pnKVM3FHIGwO9Uq
hkTd0CxPsG347Q68KN/JeSXzEwJ9gkjY9ahVG6RXt7jMLyeYtV19BFLTFQzUqsvn
S8YsV+3zsJTA7wIapXNF/aa7PBba+k6agY+BgijfH+LJQWYwMZ2VgBmn9u0/HHLH
OMwk9eib5MlvXrM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org