Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/610185D0D50F11EDB0FE7576C4F9AE02.roa
File: 610185D0D50F11EDB0FE7576C4F9AE02.roa (raw, json)
Hash identifier: UX4c6jmnczdIlQxddmIqPl4yzZYzvczB679YY5VKGhI=
Subject key identifier: 81:85:C6:45:4D:51:BD:E3:2E:21:F6:E2:D3:85:CB:52:A4:F9:09:63
Certificate issuer: /CN=A917E1FE/serialNumber=EDEB96F04C8D3EDCCBEEBA40C4242922A8136B53
Certificate serial: 0552
Authority key identifier: ED:EB:96:F0:4C:8D:3E:DC:CB:EE:BA:40:C4:24:29:22:A8:13:6B:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7euW8EyNPtzL7rpAxCQpIqgTa1M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/610185D0D50F11EDB0FE7576C4F9AE02.roa
Signing time: Fri 02 Jun 2023 07:28:42 +0000
ROA not before: Fri 02 Jun 2023 07:28:41 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 36.255.196.0/24 maxlen: 24
36.255.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Jun 2023 14:26:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1362 (0x552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E1FE/serialNumber=EDEB96F04C8D3EDCCBEEBA40C4242922A8136B53
Validity
Not Before: Jun 2 07:28:41 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64799a29-b29a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f6:11:28:8a:c3:51:d9:94:7a:e1:57:45:83:
b4:cb:6f:cb:9b:ff:ac:93:5a:a2:61:b3:55:cb:8a:
35:53:60:ff:e6:92:84:25:7a:98:46:39:9d:5e:24:
55:14:11:31:b3:77:dc:e9:c8:be:c8:44:43:b4:7f:
9f:e6:30:7f:3a:be:5c:54:a7:9d:87:82:3f:72:2b:
6b:9c:d7:a8:ff:e9:20:ea:21:7a:cb:a1:a7:02:d2:
2b:c9:f2:ff:96:e6:12:33:d2:f4:39:38:88:bb:e1:
73:78:20:76:f9:e1:d0:cf:6b:00:1a:5a:48:3e:19:
36:0d:da:79:bc:71:1f:e3:03:1a:9d:fd:44:0f:c1:
89:31:02:08:79:c2:85:f2:d6:5d:88:62:0e:02:49:
c1:a4:7e:bf:03:1d:c5:a7:b1:20:93:bc:2d:17:ed:
0c:e7:bb:be:90:46:e7:ee:41:4b:14:c1:7f:53:c0:
0c:aa:56:88:d5:96:c0:68:b4:28:6f:a1:86:a2:17:
31:26:68:eb:8a:4a:ef:25:3a:56:1a:f2:b9:55:32:
62:13:6b:6b:13:fb:52:48:69:a0:45:51:70:e7:8b:
c0:3a:b1:2d:3a:9d:35:bb:26:f9:eb:0e:40:7c:1d:
a8:d2:87:c5:c4:d4:8d:c7:fe:23:4e:7c:b3:10:c9:
3d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:85:C6:45:4D:51:BD:E3:2E:21:F6:E2:D3:85:CB:52:A4:F9:09:63
X509v3 Authority Key Identifier:
keyid:ED:EB:96:F0:4C:8D:3E:DC:CB:EE:BA:40:C4:24:29:22:A8:13:6B:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/7euW8EyNPtzL7rpAxCQpIqgTa1M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7euW8EyNPtzL7rpAxCQpIqgTa1M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/610185D0D50F11EDB0FE7576C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.196.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:01:09:d7:16:9e:d7:a8:85:65:33:26:bd:63:76:f9:c5:93:
2a:23:a9:ea:69:7c:9e:b8:fa:f0:67:9b:1c:4f:81:4d:93:7f:
5a:92:da:a3:7d:7e:2f:48:7f:42:2b:c1:10:a5:1a:09:9b:b6:
1f:a4:5f:be:9c:c9:b4:3b:1b:27:64:d0:b7:b2:88:a8:3a:b0:
73:b8:e9:63:ed:42:42:1a:eb:23:08:18:e7:29:f8:eb:1e:f9:
8d:de:d7:aa:23:80:68:bc:75:b2:0e:3c:0f:66:9a:21:77:0f:
2a:3f:0c:79:44:75:f2:9e:e5:13:54:a0:19:ed:07:de:13:3e:
78:f2:6e:4c:f4:15:ad:ed:08:a1:1c:2b:4a:d0:54:6a:05:29:
3d:fe:53:da:df:2f:77:a1:02:12:b6:cb:8e:36:e2:25:a0:22:
5a:82:33:cd:43:5c:1f:5c:ba:3f:4b:bf:0e:d3:95:d1:e3:46:
0f:e0:68:4c:69:dc:7f:0d:35:d8:a4:31:8b:92:44:6c:99:7a:
63:da:49:21:26:e1:7a:29:74:95:cd:47:ed:37:18:e9:86:19:
67:70:1e:6b:cf:36:36:b3:7f:d8:47:67:9b:ed:9f:8f:74:4e:
82:6d:97:73:3b:53:17:57:4e:4a:93:7d:0d:ef:eb:01:ab:3b:
aa:a5:49:36
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBVIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0UxRkUxMTAvBgNVBAUTKEVERUI5NkYwNEM4RDNFRENDQkVFQkE0MEM0MjQyOTIy
QTgxMzZCNTMwHhcNMjMwNjAyMDcyODQxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc5OWEyOS1iMjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2/YRKIrDUdmUeuFXRYO0y2/Lm/+sk1qiYbNVy4o1U2D/5pKEJXqYRjmdXiRV
FBExs3fc6ci+yERDtH+f5jB/Or5cVKedh4I/citrnNeo/+kg6iF6y6GnAtIryfL/
luYSM9L0OTiIu+FzeCB2+eHQz2sAGlpIPhk2Ddp5vHEf4wManf1ED8GJMQIIecKF
8tZdiGIOAknBpH6/Ax3Fp7Egk7wtF+0M57u+kEbn7kFLFMF/U8AMqlaI1ZbAaLQo
b6GGohcxJmjrikrvJTpWGvK5VTJiE2trE/tSSGmgRVFw54vAOrEtOp01uyb56w5A
fB2o0ofFxNSNx/4jTnyzEMk9zwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIGFxkVN
Ub3jLiH24tOFy1Kk+QljMB8GA1UdIwQYMBaAFO3rlvBMjT7cy+66QMQkKSKoE2tT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTFGRS8zODYyMzVGMDZG
ODgxMUVCQTg2QkY2NEFDNEY5QUUwMi83ZXVXOEV5TlB0ekw3cnBBeENRcElxZ1Rh
MU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdldVc4RXlOUHR6TDdycEF4Q1FwSXFnVGExTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UxRkUvMzg2MjM1RjA2Rjg4MTFFQkE4NkJGNjRBQzRGOUFFMDIvNjEwMTg1RDBE
NTBGMTFFREIwRkU3NTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEk/8QwDQYJKoZIhvcNAQELBQADggEBACoBCdcWnteohWUz
Jr1jdvnFkyojqeppfJ64+vBnmxxPgU2Tf1qS2qN9fi9If0IrwRClGgmbth+kX76c
ybQ7Gydk0LeyiKg6sHO46WPtQkIa6yMIGOcp+Ose+Y3e16ojgGi8dbIOPA9mmiF3
Dyo/DHlEdfKe5RNUoBntB94TPnjybkz0Fa3tCKEcK0rQVGoFKT3+U9rfL3ehAhK2
y4424iWgIlqCM81DXB9cuj9Lvw7TldHjRg/gaExp3H8NNdikMYuSRGyZemPaSSEm
4XopdJXNR+03GOmGGWdwHmvPNjazf9hHZ5vtn490ToJtl3M7UxdXTkqTfQ3v6wGr
O6qlSTY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org