Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/D6B2AAAEF6B311EEBE14EA54C4F9AE02.roa
File: D6B2AAAEF6B311EEBE14EA54C4F9AE02.roa (raw, json)
Hash identifier: LdNIBUhhh4uz7esBZrOr4lh+mE3iBD7a5aY+Ibh8neY=
Subject key identifier: 13:E1:E2:58:FE:99:38:AA:A6:35:94:B5:34:AA:BA:25:BB:FF:F7:12
Certificate issuer: /CN=A91864A7/serialNumber=FF42B3436044954696FFE08B0EE1975C6C5B8D6D
Certificate serial: CA
Authority key identifier: FF:42:B3:43:60:44:95:46:96:FF:E0:8B:0E:E1:97:5C:6C:5B:8D:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0KzQ2BElUaW_-CLDuGXXGxbjW0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/D6B2AAAEF6B311EEBE14EA54C4F9AE02.roa
Signing time: Tue 09 Apr 2024 20:57:56 +0000
ROA not before: Tue 09 Apr 2024 20:57:56 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 9500
IP address blocks: 119.15.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 21:38:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 202 (0xca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91864A7/serialNumber=FF42B3436044954696FFE08B0EE1975C6C5B8D6D
Validity
Not Before: Apr 9 20:57:56 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6615abd3-6b3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0d:91:67:dd:22:a2:94:d9:99:f8:f9:76:13:
65:0d:3e:b9:ff:55:03:48:33:d4:d0:11:c6:25:3e:
73:65:8c:eb:f8:41:cd:1f:73:80:c3:0d:ea:80:fa:
80:2f:77:7e:00:2f:8c:c8:30:c9:57:d6:5c:14:ec:
ba:3b:bf:14:4a:20:21:e6:1e:0b:fe:22:13:b9:10:
a5:82:94:29:a0:50:20:71:c3:1c:bd:f9:94:64:71:
f3:53:79:2b:59:0f:7b:3b:52:29:67:d1:0a:3c:54:
af:57:f2:22:81:28:52:c9:47:3e:2c:ba:82:43:6c:
f3:dd:e0:28:08:b1:e7:be:7a:db:7b:ce:9e:7f:69:
63:63:6b:7b:e2:74:53:3b:2d:f7:a4:de:2f:ec:22:
29:a8:5e:61:3c:1c:15:ea:c2:3f:56:96:2e:b9:d2:
fe:cb:de:e9:1c:3a:fb:ce:1e:1e:39:5e:18:14:49:
11:d8:6b:f4:d0:1b:ca:5f:9d:b7:3b:21:d6:5c:89:
35:55:05:f4:ea:a6:f2:11:17:80:b2:19:66:ae:f5:
c1:26:01:cd:ee:37:43:a8:a1:c8:fc:a0:ab:1e:71:
5e:c7:49:60:88:13:e5:66:0b:c6:97:47:1e:6a:31:
d7:02:e4:b5:16:07:1f:5f:ad:46:47:20:cd:a6:57:
d7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E1:E2:58:FE:99:38:AA:A6:35:94:B5:34:AA:BA:25:BB:FF:F7:12
X509v3 Authority Key Identifier:
keyid:FF:42:B3:43:60:44:95:46:96:FF:E0:8B:0E:E1:97:5C:6C:5B:8D:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/_0KzQ2BElUaW_-CLDuGXXGxbjW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0KzQ2BElUaW_-CLDuGXXGxbjW0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/D6B2AAAEF6B311EEBE14EA54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.8.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:51:6b:17:4b:72:c0:a9:5c:13:1e:57:c2:42:cf:12:45:be:
04:c0:63:05:f1:26:73:bb:54:e3:b3:64:ff:1c:90:70:d4:7b:
82:3c:32:a1:a0:74:f2:51:4c:f9:82:33:f7:ab:bf:fc:71:cc:
98:72:4a:12:70:fb:dc:9e:4f:50:8e:e2:2c:12:c2:fc:2c:57:
f4:54:cd:4d:e4:af:4e:8e:56:25:ad:18:b0:cd:06:39:33:f4:
e6:52:97:b9:20:31:d3:4b:e4:ca:7c:8d:fa:9b:05:ba:d2:99:
8d:ec:2f:35:d7:da:a9:ef:35:b0:b2:f7:0f:ce:9c:c0:a8:22:
f8:fd:30:08:54:6b:51:c6:2c:38:88:1a:a4:cb:24:9e:66:69:
48:5e:a8:65:1b:b4:7f:20:64:cc:17:e1:10:08:85:96:ff:4c:
17:60:15:a0:99:d0:ca:3e:3f:44:34:e8:b2:86:5b:c0:c6:57:
36:f9:60:58:bc:c5:b5:32:a3:5c:ca:4b:5d:1f:ab:04:3c:0e:
92:1a:a3:2d:88:f2:06:cc:be:84:c2:ff:7c:a4:d4:5e:65:48:
35:ac:99:62:5c:7d:6a:5a:72:31:11:9d:81:06:e3:66:d9:2c:
7d:dd:a5:18:8a:6e:c9:dc:54:38:38:1c:7e:30:84:ae:55:d3:
9e:53:7c:3a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODY0QTcxMTAvBgNVBAUTKEZGNDJCMzQzNjA0NDk1NDY5NkZGRTA4QjBFRTE5NzVD
NkM1QjhENkQwHhcNMjQwNDA5MjA1NzU2WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE1YWJkMy02YjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuw2RZ90iopTZmfj5dhNlDT65/1UDSDPU0BHGJT5zZYzr+EHNH3OAww3qgPqA
L3d+AC+MyDDJV9ZcFOy6O78USiAh5h4L/iITuRClgpQpoFAgccMcvfmUZHHzU3kr
WQ97O1IpZ9EKPFSvV/IigShSyUc+LLqCQ2zz3eAoCLHnvnrbe86ef2ljY2t74nRT
Oy33pN4v7CIpqF5hPBwV6sI/VpYuudL+y97pHDr7zh4eOV4YFEkR2Gv00BvKX523
OyHWXIk1VQX06qbyEReAshlmrvXBJgHN7jdDqKHI/KCrHnFex0lgiBPlZgvGl0ce
ajHXAuS1FgcfX61GRyDNplfXBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBPh4lj+
mTiqpjWUtTSquiW7//cSMB8GA1UdIwQYMBaAFP9Cs0NgRJVGlv/giw7hl1xsW41t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjRBNy9DODA1NUZENkM5
MjUxMUVEODA5MzYxNDlDNEY5QUUwMi9fMEt6UTJCRWxVYVdfLUNMRHVHWFhHeGJq
VzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18wS3pRMkJFbFVhV18tQ0xEdUdYWEd4YmpXMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODY0QTcvQzgwNTVGRDZDOTI1MTFFRDgwOTM2MTQ5QzRGOUFFMDIvRDZCMkFBQUVG
NkIzMTFFRUJFMTRFQTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB3DwgwDQYJKoZIhvcNAQELBQADggEBAA9RaxdLcsCpXBMe
V8JCzxJFvgTAYwXxJnO7VOOzZP8ckHDUe4I8MqGgdPJRTPmCM/erv/xxzJhyShJw
+9yeT1CO4iwSwvwsV/RUzU3kr06OViWtGLDNBjkz9OZSl7kgMdNL5Mp8jfqbBbrS
mY3sLzXX2qnvNbCy9w/OnMCoIvj9MAhUa1HGLDiIGqTLJJ5maUheqGUbtH8gZMwX
4RAIhZb/TBdgFaCZ0Mo+P0Q06LKGW8DGVzb5YFi8xbUyo1zKS10fqwQ8DpIaoy2I
8gbMvoTC/3yk1F5lSDWsmWJcfWpacjERnYEG42bZLH3dpRiKbsncVDg4HH4whK5V
055TfDo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org