Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/BCC494D27D3611EEA9032B69C4F9AE02.roa
File: BCC494D27D3611EEA9032B69C4F9AE02.roa (raw, json)
Hash identifier: HSfSJWf46qxbUZ8Qanf757toFnX5pkBlS+8POuhNGcM=
Subject key identifier: F0:F5:82:0A:CA:83:86:D8:35:17:6F:C0:74:AD:A8:04:1F:23:4E:23
Certificate issuer: /CN=A91864A7/serialNumber=FF42B3436044954696FFE08B0EE1975C6C5B8D6D
Certificate serial: CC
Authority key identifier: FF:42:B3:43:60:44:95:46:96:FF:E0:8B:0E:E1:97:5C:6C:5B:8D:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0KzQ2BElUaW_-CLDuGXXGxbjW0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/BCC494D27D3611EEA9032B69C4F9AE02.roa
Signing time: Tue 09 Apr 2024 21:10:57 +0000
ROA not before: Tue 09 Apr 2024 21:10:57 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 137471
IP address blocks: 119.15.0.0/22 maxlen: 22
119.15.4.0/22 maxlen: 22
119.15.8.0/24 maxlen: 24
119.15.9.0/24 maxlen: 24
119.15.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 23:13:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 204 (0xcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91864A7/serialNumber=FF42B3436044954696FFE08B0EE1975C6C5B8D6D
Validity
Not Before: Apr 9 21:10:57 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6615aee1-83ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:02:52:47:de:16:bb:cd:51:5d:45:68:bd:75:
45:ca:78:3a:c2:f0:08:ae:45:6d:92:94:8f:49:f9:
bb:a0:9b:d4:c9:0b:dc:de:be:23:5d:d1:4a:82:50:
bb:35:78:97:54:52:68:08:92:e3:32:6d:59:e3:2d:
b9:a9:2e:fc:c9:9d:44:9e:18:9b:35:33:e3:cc:7d:
76:14:69:60:34:24:76:21:5f:9a:71:c0:fd:99:74:
41:cf:9a:7d:89:78:9e:81:2b:f4:f8:4e:54:bb:7e:
a7:f7:e2:0a:e2:66:38:36:0c:6d:43:18:86:13:93:
9d:a7:24:19:22:15:e7:8f:ad:7c:5d:d4:0d:34:16:
a5:dc:95:1e:3a:c3:f3:e4:04:ae:4b:d9:8e:40:d5:
45:de:2f:d5:52:d3:48:f6:48:e1:16:52:d0:b1:c9:
14:5e:8d:ee:94:8d:43:35:6e:94:73:a5:7d:f6:9e:
c2:60:bb:73:ce:80:36:29:a5:d4:ef:08:84:06:e8:
f2:6c:f6:70:c9:a8:95:f4:a1:b9:ac:07:c6:62:d5:
f6:2e:7a:d9:b1:7b:ab:62:6b:ca:1f:9a:7e:9a:2e:
08:bf:2d:d2:6e:73:a6:e5:d7:0e:23:42:ff:74:0e:
90:31:62:ee:1e:39:0b:1f:24:e3:f7:49:67:5a:d2:
ef:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F5:82:0A:CA:83:86:D8:35:17:6F:C0:74:AD:A8:04:1F:23:4E:23
X509v3 Authority Key Identifier:
keyid:FF:42:B3:43:60:44:95:46:96:FF:E0:8B:0E:E1:97:5C:6C:5B:8D:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/_0KzQ2BElUaW_-CLDuGXXGxbjW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0KzQ2BElUaW_-CLDuGXXGxbjW0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/BCC494D27D3611EEA9032B69C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.0.0-119.15.9.255
119.15.13.0/24
Signature Algorithm: sha256WithRSAEncryption
57:49:98:90:05:5e:cf:82:c1:af:2e:78:a8:9d:ae:27:4c:15:
c4:ac:9f:ea:94:2c:63:1e:c1:69:95:55:d8:45:63:74:0a:8b:
e4:18:ad:2f:74:04:96:52:82:4a:ea:67:55:79:a1:19:b6:23:
39:90:b4:ab:8c:fd:55:43:9e:75:8e:d9:05:c7:f8:84:91:88:
e1:9d:d6:8e:e5:bb:2b:76:ea:6e:a1:59:64:16:6d:8e:52:2b:
87:c2:47:df:d1:be:eb:27:3c:e5:71:5c:73:fd:fd:16:5a:6a:
a1:f0:83:49:24:45:fe:35:8e:60:cd:be:08:9e:e8:96:69:14:
55:80:74:77:99:b9:d4:44:a5:4a:32:06:9c:ef:da:c4:24:25:
47:82:d7:ca:0d:15:b5:f5:6f:b6:6d:c2:4e:c5:b5:bd:17:6d:
6a:66:69:13:2d:a1:2a:6c:6f:c7:91:a7:1c:04:74:66:37:9a:
e8:63:9c:2b:d8:03:bf:6f:87:e5:eb:85:dd:c6:c5:80:2b:ac:
53:09:a0:e7:59:54:e5:c7:71:99:57:c2:e3:71:4c:f2:e4:73:
d5:70:ba:29:0c:a1:b9:ad:47:50:26:14:72:b4:cb:98:f0:14:
47:39:1a:4a:2d:49:ba:b7:67:1b:36:6a:60:64:75:12:60:02:
60:06:b9:b5
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgICAMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODY0QTcxMTAvBgNVBAUTKEZGNDJCMzQzNjA0NDk1NDY5NkZGRTA4QjBFRTE5NzVD
NkM1QjhENkQwHhcNMjQwNDA5MjExMDU3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE1YWVlMS04M2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnQJSR94Wu81RXUVovXVFyng6wvAIrkVtkpSPSfm7oJvUyQvc3r4jXdFKglC7
NXiXVFJoCJLjMm1Z4y25qS78yZ1EnhibNTPjzH12FGlgNCR2IV+accD9mXRBz5p9
iXiegSv0+E5Uu36n9+IK4mY4NgxtQxiGE5OdpyQZIhXnj618XdQNNBal3JUeOsPz
5ASuS9mOQNVF3i/VUtNI9kjhFlLQsckUXo3ulI1DNW6Uc6V99p7CYLtzzoA2KaXU
7wiEBujybPZwyaiV9KG5rAfGYtX2LnrZsXurYmvKH5p+mi4Ivy3SbnOm5dcOI0L/
dA6QMWLuHjkLHyTj90lnWtLv2QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPD1ggrK
g4bYNRdvwHStqAQfI04jMB8GA1UdIwQYMBaAFP9Cs0NgRJVGlv/giw7hl1xsW41t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjRBNy9DODA1NUZENkM5
MjUxMUVEODA5MzYxNDlDNEY5QUUwMi9fMEt6UTJCRWxVYVdfLUNMRHVHWFhHeGJq
VzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18wS3pRMkJFbFVhV18tQ0xEdUdYWEd4YmpXMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODY0QTcvQzgwNTVGRDZDOTI1MTFFRDgwOTM2MTQ5QzRGOUFFMDIvQkNDNDk0RDI3
RDM2MTFFRUE5MDMyQjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E
HTAbMBkEAgABMBMwCwMDAHcPAwQBdw8IAwQAdw8NMA0GCSqGSIb3DQEBCwUAA4IB
AQBXSZiQBV7PgsGvLniona4nTBXErJ/qlCxjHsFplVXYRWN0CovkGK0vdASWUoJK
6mdVeaEZtiM5kLSrjP1VQ551jtkFx/iEkYjhndaO5bsrdupuoVlkFm2OUiuHwkff
0b7rJzzlcVxz/f0WWmqh8INJJEX+NY5gzb4InuiWaRRVgHR3mbnURKVKMgac79rE
JCVHgtfKDRW19W+2bcJOxbW9F21qZmkTLaEqbG/HkaccBHRmN5roY5wr2AO/b4fl
64XdxsWAK6xTCaDnWVTlx3GZV8LjcUzy5HPVcLopDKG5rUdQJhRytMuY8BRHORpK
LUm6t2cbNmpgZHUSYAJgBrm1
-----END CERTIFICATE-----
Generated at Wed Apr 10 01:20:27 2024 by rpki-client on console-fra.rpki-client.org