Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/7923B8A68F9311EE9CC9E648C4F9AE02.roa
File: 7923B8A68F9311EE9CC9E648C4F9AE02.roa (raw, json)
Hash identifier: AU9dJTrjZTz0l4l4fc5WfQIlxvxNkIVFd7Kg/xg/bFM=
Subject key identifier: 4F:46:BE:79:05:B0:B4:EF:C1:BB:44:9F:55:91:FF:F0:7C:3F:05:67
Certificate issuer: /CN=A917E1FE/serialNumber=EDEB96F04C8D3EDCCBEEBA40C4242922A8136B53
Certificate serial: 05C6
Authority key identifier: ED:EB:96:F0:4C:8D:3E:DC:CB:EE:BA:40:C4:24:29:22:A8:13:6B:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7euW8EyNPtzL7rpAxCQpIqgTa1M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/7923B8A68F9311EE9CC9E648C4F9AE02.roa
Signing time: Thu 30 Nov 2023 15:16:45 +0000
ROA not before: Thu 30 Nov 2023 15:16:45 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 36.255.197.0/24 maxlen: 24
36.255.198.0/24 maxlen: 24
36.255.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 12:43:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1478 (0x5c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E1FE/serialNumber=EDEB96F04C8D3EDCCBEEBA40C4242922A8136B53
Validity
Not Before: Nov 30 15:16:45 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6568a75d-ca20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2d:7a:57:ed:82:49:aa:cd:eb:25:7e:db:7c:
cb:dd:1b:48:4d:bc:5d:f1:71:5e:c6:eb:44:07:7e:
58:73:69:b3:f4:31:c7:39:b6:d6:6c:bf:37:cc:c9:
a9:a6:16:36:83:24:0e:c9:38:7e:39:d8:65:61:d4:
90:17:e6:41:08:09:54:a4:54:e6:08:8f:0e:cb:9e:
76:25:c8:c8:c6:f2:1a:06:d0:ea:7c:0b:7d:bc:5b:
3d:e5:49:a1:26:83:21:4f:3c:b6:96:2b:0e:be:28:
27:69:6c:4d:94:76:27:70:cd:3e:96:84:0f:d8:8c:
32:ca:6b:38:54:b2:1a:4f:57:72:a3:29:f9:66:b4:
bb:6c:21:0d:99:a8:67:03:14:0a:a5:bd:8e:f8:16:
61:16:38:3a:9a:de:69:58:7b:21:f9:38:39:c8:51:
b5:75:28:98:ef:85:67:6c:e0:3a:02:0d:99:0d:be:
d4:56:c3:74:19:3b:22:31:08:10:99:20:62:80:a4:
14:e4:45:4b:14:66:cf:2d:8a:89:76:20:e2:5c:83:
57:1d:17:8e:9e:79:df:06:43:d9:e9:b9:26:7b:d5:
2f:13:89:bf:05:5c:81:16:8c:a0:2b:2d:3b:a8:c8:
7d:12:64:f9:24:73:81:66:4c:85:d1:3b:6b:16:d7:
e3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:46:BE:79:05:B0:B4:EF:C1:BB:44:9F:55:91:FF:F0:7C:3F:05:67
X509v3 Authority Key Identifier:
keyid:ED:EB:96:F0:4C:8D:3E:DC:CB:EE:BA:40:C4:24:29:22:A8:13:6B:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/7euW8EyNPtzL7rpAxCQpIqgTa1M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7euW8EyNPtzL7rpAxCQpIqgTa1M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/7923B8A68F9311EE9CC9E648C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.197.0-36.255.199.255
Signature Algorithm: sha256WithRSAEncryption
42:b7:d6:92:ae:6c:45:64:07:70:7c:d0:41:3c:28:ff:e8:b2:
ae:5c:be:83:b8:68:14:78:81:1e:5d:5c:6a:16:e8:2c:a8:6f:
c9:86:b2:73:0f:7e:b3:7f:7d:19:31:a0:e5:5c:40:bc:a1:4e:
a8:2a:18:75:22:d1:7e:a3:ee:7b:18:65:be:08:78:65:62:a4:
21:94:8e:3f:e1:cd:44:83:d3:ab:87:d1:ce:2a:60:83:81:37:
c9:bb:8b:71:c3:76:67:61:7c:49:dc:45:e2:7d:ca:ff:69:a0:
0c:84:93:68:ea:c6:04:70:33:ca:26:19:31:a6:89:0c:ce:c5:
a6:6a:7e:e3:fa:40:a7:31:2e:5b:05:fb:d7:99:71:75:d1:b1:
1e:e2:80:77:9b:32:9d:80:32:3f:83:4d:ee:8b:d3:be:a2:f4:
1d:b0:c1:bb:3a:db:c0:0a:0a:22:01:31:d4:27:dc:5a:f0:4e:
9e:4d:81:6f:8f:7b:a0:af:6b:bf:13:53:20:a9:33:65:bd:d0:
3c:29:9f:ee:7c:8d:50:dd:37:4c:78:c3:b0:07:d1:53:af:22:
f1:8a:dd:7b:91:52:c1:22:86:58:c6:a8:6b:96:08:3b:20:f7:
36:85:46:ff:95:32:fc:9e:2f:55:f9:fb:da:e4:8a:ff:df:4c:
e8:51:8d:25
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0UxRkUxMTAvBgNVBAUTKEVERUI5NkYwNEM4RDNFRENDQkVFQkE0MEM0MjQyOTIy
QTgxMzZCNTMwHhcNMjMxMTMwMTUxNjQ1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY4YTc1ZC1jYTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwi16V+2CSarN6yV+23zL3RtITbxd8XFexutEB35Yc2mz9DHHObbWbL83zMmp
phY2gyQOyTh+OdhlYdSQF+ZBCAlUpFTmCI8Oy552JcjIxvIaBtDqfAt9vFs95Umh
JoMhTzy2lisOvignaWxNlHYncM0+loQP2Iwyyms4VLIaT1dyoyn5ZrS7bCENmahn
AxQKpb2O+BZhFjg6mt5pWHsh+Tg5yFG1dSiY74VnbOA6Ag2ZDb7UVsN0GTsiMQgQ
mSBigKQU5EVLFGbPLYqJdiDiXINXHReOnnnfBkPZ6bkme9UvE4m/BVyBFoygKy07
qMh9EmT5JHOBZkyF0TtrFtfjuwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFE9GvnkF
sLTvwbtEn1WR//B8PwVnMB8GA1UdIwQYMBaAFO3rlvBMjT7cy+66QMQkKSKoE2tT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTFGRS8zODYyMzVGMDZG
ODgxMUVCQTg2QkY2NEFDNEY5QUUwMi83ZXVXOEV5TlB0ekw3cnBBeENRcElxZ1Rh
MU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdldVc4RXlOUHR6TDdycEF4Q1FwSXFnVGExTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UxRkUvMzg2MjM1RjA2Rjg4MTFFQkE4NkJGNjRBQzRGOUFFMDIvNzkyM0I4QTY4
RjkzMTFFRTlDQzlFNjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEACT/xQMEAyT/wDANBgkqhkiG9w0BAQsFAAOCAQEAQrfW
kq5sRWQHcHzQQTwo/+iyrly+g7hoFHiBHl1cahboLKhvyYaycw9+s399GTGg5VxA
vKFOqCoYdSLRfqPuexhlvgh4ZWKkIZSOP+HNRIPTq4fRzipgg4E3ybuLccN2Z2F8
SdxF4n3K/2mgDISTaOrGBHAzyiYZMaaJDM7Fpmp+4/pApzEuWwX715lxddGxHuKA
d5synYAyP4NN7ovTvqL0HbDBuzrbwAoKIgEx1CfcWvBOnk2Bb497oK9rvxNTIKkz
Zb3QPCmf7nyNUN03THjDsAfRU68i8Yrde5FSwSKGWMaoa5YIOyD3NoVG/5Uy/J4v
Vfn72uSK/99M6FGNJQ==
-----END CERTIFICATE-----
Generated at Fri Mar 22 16:08:02 2024 by rpki-client on console-ams.rpki-client.org