Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9189099/8AEFB1D25F0F11EB8D8B2616C4F9AE02/151EB0A05F1111EBB1A05A17C4F9AE02.roa
File: 151EB0A05F1111EBB1A05A17C4F9AE02.roa (raw, json)
Hash identifier: /46rFJ7LdFWGQZqR6iIRPMcHc32N6BP6xDg4cnqOwW0=
Subject key identifier: CA:E0:F9:84:F2:07:65:E4:F6:8B:38:A7:F3:D4:C2:1C:C6:EE:F5:94
Certificate issuer: /CN=A9189099/serialNumber=6200B157ADBA2569FA7B88B7DA2FB5AE3FF6A3B6
Certificate serial: 065A
Authority key identifier: 62:00:B1:57:AD:BA:25:69:FA:7B:88:B7:DA:2F:B5:AE:3F:F6:A3:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YgCxV626JWn6e4i32i-1rj_2o7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9189099/8AEFB1D25F0F11EB8D8B2616C4F9AE02/151EB0A05F1111EBB1A05A17C4F9AE02.roa
Signing time: Thu 26 Sep 2024 22:21:47 +0000
ROA not before: Thu 26 Sep 2024 22:21:47 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 132209
IP address blocks: 116.93.14.0/24 maxlen: 24
116.93.94.0/24 maxlen: 24
116.93.98.0/24 maxlen: 24
116.93.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 10:29:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1626 (0x65a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9189099/serialNumber=6200B157ADBA2569FA7B88B7DA2FB5AE3FF6A3B6
Validity
Not Before: Sep 26 22:21:47 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f5de7b-468f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3f:71:2d:84:5a:5a:35:51:1f:3d:fc:ce:de:
25:e4:b0:e8:5c:92:52:71:a5:0a:f4:bc:43:90:1c:
a1:1f:02:6c:b3:29:9c:86:58:1f:e4:2b:5d:9f:fd:
d5:79:31:4d:9b:2a:dd:f2:c9:85:34:43:dc:05:92:
77:70:de:76:70:f6:31:82:16:92:2e:e1:b1:65:e8:
70:91:b8:b2:d2:5f:7b:5a:70:17:1c:e2:f7:7f:0b:
c1:9a:1e:8c:cb:21:24:db:f8:63:0c:83:4c:68:8b:
6c:95:8b:00:03:90:ef:fe:8f:98:91:d6:93:c7:b6:
f5:df:67:c6:23:b7:77:88:85:4a:82:3c:a8:2e:8b:
33:df:e4:90:81:b7:31:49:98:b4:39:77:70:16:d0:
8f:c5:c5:7d:93:bb:fc:13:b3:69:52:fc:51:ea:f8:
48:84:28:4f:ba:0e:a1:00:1f:73:2c:10:58:22:bd:
66:01:e6:2f:88:bf:1a:0a:2a:79:6b:05:3f:b1:ac:
00:26:81:35:90:43:ba:4e:f6:56:65:31:e1:27:7f:
26:43:98:dd:06:be:b1:cf:d6:d7:3f:4f:11:69:c0:
30:23:96:df:56:49:2b:18:12:45:49:57:85:13:66:
3b:c8:2e:55:a3:aa:8a:38:9d:29:ca:82:b2:c2:bf:
79:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E0:F9:84:F2:07:65:E4:F6:8B:38:A7:F3:D4:C2:1C:C6:EE:F5:94
X509v3 Authority Key Identifier:
keyid:62:00:B1:57:AD:BA:25:69:FA:7B:88:B7:DA:2F:B5:AE:3F:F6:A3:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9189099/8AEFB1D25F0F11EB8D8B2616C4F9AE02/YgCxV626JWn6e4i32i-1rj_2o7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YgCxV626JWn6e4i32i-1rj_2o7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189099/8AEFB1D25F0F11EB8D8B2616C4F9AE02/151EB0A05F1111EBB1A05A17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.93.14.0/24
116.93.94.0/24
116.93.98.0/24
116.93.116.0/24
Signature Algorithm: sha256WithRSAEncryption
61:e0:dd:4b:1a:0b:82:48:c4:ad:ab:8d:04:cd:ad:b7:c4:c0:
ec:77:72:bc:df:75:3e:71:f2:12:14:cf:2f:d8:b1:95:21:5c:
fd:48:95:c8:ab:bb:a8:1c:40:dc:78:42:62:e9:66:e1:9f:50:
9f:ad:d2:1e:03:65:d1:69:8c:1c:a5:0d:5c:a4:28:66:7a:a8:
8a:cd:f7:09:5d:68:59:fc:22:35:23:5f:f0:d7:c2:a1:6f:2b:
34:31:33:b5:68:fa:fe:ff:95:3a:07:8c:6e:fe:4e:ed:b6:3a:
44:47:5e:46:30:21:8a:ca:41:da:f1:dc:81:0f:47:49:2b:32:
14:8d:c4:d0:0a:ec:f6:64:e7:bd:06:f6:0a:dc:b3:46:f5:81:
ba:14:bb:de:f8:90:15:30:2b:9c:25:70:85:8f:77:96:65:70:
c5:55:71:94:a1:e0:42:98:ca:8e:d5:0b:0c:7b:eb:c4:b3:3a:
40:b2:84:5b:d8:48:df:20:95:74:de:53:61:66:12:d6:0b:22:
04:10:f0:bd:5d:8a:8c:79:40:40:0f:df:82:49:7b:52:05:a1:
47:0d:a0:8f:85:62:f5:67:fe:b4:f9:77:80:19:09:c4:f5:b5:
0c:75:16:bb:eb:e0:23:4a:ca:f4:4f:18:ee:f9:68:8f:ed:72:
18:87:cc:f1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODkwOTkxMTAvBgNVBAUTKDYyMDBCMTU3QURCQTI1NjlGQTdCODhCN0RBMkZCNUFF
M0ZGNkEzQjYwHhcNMjQwOTI2MjIyMTQ3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY1ZGU3Yi00NjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApj9xLYRaWjVRHz38zt4l5LDoXJJScaUK9LxDkByhHwJssymchlgf5Ctdn/3V
eTFNmyrd8smFNEPcBZJ3cN52cPYxghaSLuGxZehwkbiy0l97WnAXHOL3fwvBmh6M
yyEk2/hjDINMaItslYsAA5Dv/o+YkdaTx7b132fGI7d3iIVKgjyoLosz3+SQgbcx
SZi0OXdwFtCPxcV9k7v8E7NpUvxR6vhIhChPug6hAB9zLBBYIr1mAeYviL8aCip5
awU/sawAJoE1kEO6TvZWZTHhJ38mQ5jdBr6xz9bXP08RacAwI5bfVkkrGBJFSVeF
E2Y7yC5Vo6qKOJ0pyoKywr951wIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFMrg+YTy
B2Xk9os4p/PUwhzG7vWUMB8GA1UdIwQYMBaAFGIAsVetuiVp+nuIt9ovta4/9qO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTA5OS84QUVGQjFEMjVG
MEYxMUVCOEQ4QjI2MTZDNEY5QUUwMi9ZZ0N4VjYyNkpXbjZlNGkzMmktMXJqXzJv
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lnQ3hWNjI2SlduNmU0aTMyaS0xcmpfMm83WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODkwOTkvOEFFRkIxRDI1RjBGMTFFQjhEOEIyNjE2QzRGOUFFMDIvMTUxRUIwQTA1
RjExMTFFQkIxQTA1QTE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAB0XQ4DBAB0XV4DBAB0XWIDBAB0XXQwDQYJKoZIhvcNAQEL
BQADggEBAGHg3UsaC4JIxK2rjQTNrbfEwOx3crzfdT5x8hIUzy/YsZUhXP1Ilcir
u6gcQNx4QmLpZuGfUJ+t0h4DZdFpjBylDVykKGZ6qIrN9wldaFn8IjUjX/DXwqFv
KzQxM7Vo+v7/lToHjG7+Tu22OkRHXkYwIYrKQdrx3IEPR0krMhSNxNAK7PZk570G
9grcs0b1gboUu974kBUwK5wlcIWPd5ZlcMVVcZSh4EKYyo7VCwx768SzOkCyhFvY
SN8glXTeU2FmEtYLIgQQ8L1diox5QEAP34JJe1IFoUcNoI+FYvVn/rT5d4AZCcT1
tQx1Frvr4CNKyvRPGO75aI/tchiHzPE=
-----END CERTIFICATE-----
Generated at Tue Oct 15 14:42:39 2024 by rpki-client on console-ams.rpki-client.org