Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/BCC494D27D3611EEA9032B69C4F9AE02.roa
File: BCC494D27D3611EEA9032B69C4F9AE02.roa (raw, json)
Hash identifier: 6oh881CAHlNlWDquNFe6GyRJJz4/nbl2XQ8uEzwW+ss=
Subject key identifier: 11:67:DA:93:64:67:94:23:57:76:90:E4:B0:4F:FE:D2:D7:5D:46:02
Certificate issuer: /CN=A91864A7/serialNumber=FF42B3436044954696FFE08B0EE1975C6C5B8D6D
Certificate serial: 86
Authority key identifier: FF:42:B3:43:60:44:95:46:96:FF:E0:8B:0E:E1:97:5C:6C:5B:8D:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0KzQ2BElUaW_-CLDuGXXGxbjW0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/BCC494D27D3611EEA9032B69C4F9AE02.roa
Signing time: Sun 03 Dec 2023 05:35:56 +0000
ROA not before: Sun 03 Dec 2023 05:35:56 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 137471
IP address blocks: 119.15.8.0/24 maxlen: 24
119.15.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 21:38:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134 (0x86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91864A7/serialNumber=FF42B3436044954696FFE08B0EE1975C6C5B8D6D
Validity
Not Before: Dec 3 05:35:56 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=656c13bb-b188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:62:0a:71:bd:bc:a1:ac:4b:b6:67:8b:1c:dd:
38:83:b7:68:48:4f:52:1d:f8:94:e4:65:f4:79:1d:
08:a9:a4:d0:c8:d5:82:5a:ea:6b:63:b8:ce:7d:b6:
24:d6:1d:8a:cc:8d:39:63:1a:23:25:03:b4:7c:9f:
b0:7d:d2:2e:71:31:bc:4f:2d:46:47:74:1c:93:73:
cc:bf:f2:89:b3:32:cf:2f:1a:f6:1f:be:18:97:f2:
91:c5:ba:65:5c:81:a0:e7:26:3a:fe:c4:32:dd:7e:
0a:0d:72:db:df:cf:6e:a3:99:b6:3a:a7:9e:76:2b:
77:28:54:4b:a7:ee:53:4d:7e:30:3f:b3:72:0a:51:
1d:38:7e:2e:ef:64:87:9d:c2:7f:e6:0b:28:14:ba:
e0:cd:cf:60:38:2f:16:b4:04:d0:24:cd:49:38:0d:
6d:b5:64:41:3e:cb:f7:45:40:a0:31:2b:25:e8:f4:
ce:25:d6:49:74:17:de:b1:ad:61:bd:ac:c0:38:3c:
fa:aa:17:0e:fa:2e:7f:43:55:36:d1:e4:08:ba:f5:
38:61:8e:58:34:86:34:1d:31:f4:da:db:60:19:ca:
c6:a6:48:4e:45:e4:50:8b:3f:05:5b:68:47:ff:77:
fd:1d:76:6a:e4:ea:e7:7e:1f:c5:09:19:b5:6f:c4:
c2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:67:DA:93:64:67:94:23:57:76:90:E4:B0:4F:FE:D2:D7:5D:46:02
X509v3 Authority Key Identifier:
keyid:FF:42:B3:43:60:44:95:46:96:FF:E0:8B:0E:E1:97:5C:6C:5B:8D:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/_0KzQ2BElUaW_-CLDuGXXGxbjW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0KzQ2BElUaW_-CLDuGXXGxbjW0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/BCC494D27D3611EEA9032B69C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.8.0/23
Signature Algorithm: sha256WithRSAEncryption
16:d0:e1:54:5b:86:1a:10:be:17:52:b0:4f:00:af:26:44:b9:
8f:92:93:db:10:da:3d:00:4a:71:dd:9c:28:96:41:04:82:e3:
45:d0:53:dd:58:79:48:bb:3f:ec:af:b3:c8:e4:4f:3c:56:90:
64:f3:55:f9:6b:f4:82:3b:29:c6:c6:5f:d2:94:40:dd:27:b6:
f1:86:1f:25:cd:2d:8a:38:d1:f4:6c:0b:a1:61:3b:09:77:49:
1a:63:b3:ce:91:00:cc:f2:fe:2b:1c:01:e4:08:ec:29:54:f6:
5b:65:d1:56:fe:27:75:e6:1a:64:15:b1:01:83:41:bd:58:e6:
f6:1d:b7:77:c0:98:89:8d:ab:03:84:38:67:42:fc:f7:4e:87:
07:18:a3:00:1b:e1:1b:21:1d:bf:be:93:45:8f:5b:97:01:15:
0f:ac:68:df:c9:56:82:9d:74:b3:61:eb:81:a6:5b:2c:c2:bf:
45:0d:1e:9b:c3:66:c1:38:0a:0a:76:5c:ab:a4:8d:76:a7:99:
70:59:19:ef:6b:bd:bd:f4:6f:37:c9:99:7d:e5:57:46:75:1e:
7f:df:0a:98:de:4d:47:a2:ef:f3:f0:d7:4e:c8:3b:19:e9:ec:
24:7e:03:dc:a8:af:c8:8e:28:3e:eb:59:7a:39:af:31:f0:a3:
36:05:d6:ce
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODY0QTcxMTAvBgNVBAUTKEZGNDJCMzQzNjA0NDk1NDY5NkZGRTA4QjBFRTE5NzVD
NkM1QjhENkQwHhcNMjMxMjAzMDUzNTU2WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZjMTNiYi1iMTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz2IKcb28oaxLtmeLHN04g7doSE9SHfiU5GX0eR0IqaTQyNWCWuprY7jOfbYk
1h2KzI05YxojJQO0fJ+wfdIucTG8Ty1GR3Qck3PMv/KJszLPLxr2H74Yl/KRxbpl
XIGg5yY6/sQy3X4KDXLb389uo5m2Oqeedit3KFRLp+5TTX4wP7NyClEdOH4u72SH
ncJ/5gsoFLrgzc9gOC8WtATQJM1JOA1ttWRBPsv3RUCgMSsl6PTOJdZJdBfesa1h
vazAODz6qhcO+i5/Q1U20eQIuvU4YY5YNIY0HTH02ttgGcrGpkhOReRQiz8FW2hH
/3f9HXZq5Ornfh/FCRm1b8TCAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBFn2pNk
Z5QjV3aQ5LBP/tLXXUYCMB8GA1UdIwQYMBaAFP9Cs0NgRJVGlv/giw7hl1xsW41t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjRBNy9DODA1NUZENkM5
MjUxMUVEODA5MzYxNDlDNEY5QUUwMi9fMEt6UTJCRWxVYVdfLUNMRHVHWFhHeGJq
VzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18wS3pRMkJFbFVhV18tQ0xEdUdYWEd4YmpXMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODY0QTcvQzgwNTVGRDZDOTI1MTFFRDgwOTM2MTQ5QzRGOUFFMDIvQkNDNDk0RDI3
RDM2MTFFRUE5MDMyQjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAF3DwgwDQYJKoZIhvcNAQELBQADggEBABbQ4VRbhhoQvhdS
sE8AryZEuY+Sk9sQ2j0ASnHdnCiWQQSC40XQU91YeUi7P+yvs8jkTzxWkGTzVflr
9II7KcbGX9KUQN0ntvGGHyXNLYo40fRsC6FhOwl3SRpjs86RAMzy/iscAeQI7ClU
9ltl0Vb+J3XmGmQVsQGDQb1Y5vYdt3fAmImNqwOEOGdC/PdOhwcYowAb4RshHb++
k0WPW5cBFQ+saN/JVoKddLNh64GmWyzCv0UNHpvDZsE4Cgp2XKukjXanmXBZGe9r
vb30bzfJmX3lV0Z1Hn/fCpjeTUei7/Pw107IOxnp7CR+A9yor8iOKD7rWXo5rzHw
ozYF1s4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org