Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49B4224C8D3211EB9BFE873BC4F9AE02.roa
File: 49B4224C8D3211EB9BFE873BC4F9AE02.roa (raw, json)
Hash identifier: ewKrjJE5mqr/1DiX0Ep9aH5TDs/671Us2k+0508W3WY=
Subject key identifier: BF:4C:6E:90:D1:DE:99:2F:D6:65:98:13:DF:A3:51:19:FE:BE:A7:44
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 777E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49B4224C8D3211EB9BFE873BC4F9AE02.roa
Signing time: Wed 16 Aug 2023 04:49:39 +0000
ROA not before: Wed 16 Aug 2023 04:49:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132323
IP address blocks: 45.115.188.0/22 maxlen: 24
45.116.116.0/22 maxlen: 24
103.12.132.0/22 maxlen: 24
2001:df2:9ac0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30590 (0x777e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 16 04:49:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64dc5563-2834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:13:81:da:92:3e:7a:2e:5b:da:a0:b0:fd:f4:
73:da:e7:42:87:e7:4c:5f:09:c1:f1:31:15:f8:d5:
a2:8a:63:08:05:8b:df:26:03:1b:0f:39:20:0e:ae:
03:c5:f6:2a:d6:7b:ee:db:48:8c:04:1f:43:1e:5b:
b3:33:f3:24:2e:4d:9c:03:6a:2d:b3:18:20:72:67:
51:27:a9:77:6b:86:1e:66:9a:ae:5f:a6:ab:1e:b1:
8a:d8:db:58:5e:fa:e6:4f:a3:c2:7c:a1:08:ac:da:
1c:8d:73:e2:45:37:76:f3:3c:16:a5:19:ee:e5:53:
8f:ba:bc:2b:4b:0c:1b:6d:15:49:e4:07:ab:18:27:
cb:c1:a9:09:00:98:70:04:40:6d:c9:f7:21:47:21:
9c:a9:a1:66:65:2b:eb:1b:df:74:69:66:c6:e0:e2:
1f:4c:45:e0:c9:57:e8:71:5d:d8:05:bd:51:85:c3:
bd:47:d9:16:da:09:d6:9f:72:c7:39:23:27:35:5f:
e8:96:45:41:b3:0a:59:c2:83:4d:51:c0:bc:4c:ed:
dc:bd:99:f2:9c:4d:c9:3c:53:d3:59:ba:1c:de:8d:
2e:15:bf:32:44:fb:47:31:db:d4:ed:e4:a4:90:88:
5a:03:56:1f:4c:6d:e4:90:a3:9c:57:19:d4:f6:19:
20:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:4C:6E:90:D1:DE:99:2F:D6:65:98:13:DF:A3:51:19:FE:BE:A7:44
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49B4224C8D3211EB9BFE873BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.115.188.0/22
45.116.116.0/22
103.12.132.0/22
IPv6:
2001:df2:9ac0::/48
Signature Algorithm: sha256WithRSAEncryption
b3:b0:59:45:a4:63:58:0b:19:d5:ed:27:8e:7c:d4:e6:df:19:
f9:cd:00:9c:e5:9b:d5:cf:70:a9:cd:df:94:d9:e6:ca:ad:b7:
37:02:c0:56:12:db:03:1c:4a:ec:0b:91:c0:69:4f:0a:0b:9f:
2f:1e:74:a7:21:d6:a8:a9:3a:4b:b4:51:84:b6:f7:c1:72:9b:
2f:4a:d7:bc:a6:7b:e6:15:a7:df:0c:f2:9c:2b:94:17:5c:a4:
ab:60:61:0f:de:f5:71:74:90:e2:c3:04:c3:c2:ac:2f:2e:59:
9c:c2:8a:21:f0:4b:2b:b9:f9:20:1b:26:4b:30:ee:e2:a9:77:
4c:99:f6:d0:f6:a2:73:32:51:bb:01:0d:8c:fd:ea:68:e4:34:
3b:a6:75:c4:db:15:51:69:fa:fd:34:89:69:ed:f2:92:8d:16:
a8:60:f7:b5:f9:f1:7c:ac:f5:af:f5:c5:a1:d4:68:ee:97:a7:
df:f1:c3:20:3f:f8:21:43:c6:3a:49:46:ad:58:7f:0a:f3:61:
ff:e9:6f:dd:08:6d:d2:d5:21:ef:92:85:24:9a:48:58:ec:ad:
1a:4b:25:a3:3b:86:6d:5c:e3:4f:1c:1e:aa:75:2e:81:43:ed:
af:78:f4:63:6c:17:37:eb:75:d4:71:c6:7a:c2:f3:13:17:89:
1e:c6:c4:fb
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICd34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODE2MDQ0OTM5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRjNTU2My0yODM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtROB2pI+ei5b2qCw/fRz2udCh+dMXwnB8TEV+NWiimMIBYvfJgMbDzkgDq4D
xfYq1nvu20iMBB9DHluzM/MkLk2cA2otsxggcmdRJ6l3a4YeZpquX6arHrGK2NtY
XvrmT6PCfKEIrNocjXPiRTd28zwWpRnu5VOPurwrSwwbbRVJ5AerGCfLwakJAJhw
BEBtyfchRyGcqaFmZSvrG990aWbG4OIfTEXgyVfocV3YBb1RhcO9R9kW2gnWn3LH
OSMnNV/olkVBswpZwoNNUcC8TO3cvZnynE3JPFPTWboc3o0uFb8yRPtHMdvU7eSk
kIhaA1YfTG3kkKOcVxnU9hkg1QIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFL9MbpDR
3pkv1mWYE9+jURn+vqdEMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDlCNDIyNEM4
RDMyMTFFQjlCRkU4NzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAItc7wDBAItdHQDBAJnDIQwDwQCAAIwCQMHACABDfKawDAN
BgkqhkiG9w0BAQsFAAOCAQEAs7BZRaRjWAsZ1e0njnzU5t8Z+c0AnOWb1c9wqc3f
lNnmyq23NwLAVhLbAxxK7AuRwGlPCgufLx50pyHWqKk6S7RRhLb3wXKbL0rXvKZ7
5hWn3wzynCuUF1ykq2BhD971cXSQ4sMEw8KsLy5ZnMKKIfBLK7n5IBsmSzDu4ql3
TJn20PaiczJRuwENjP3qaOQ0O6Z1xNsVUWn6/TSJae3yko0WqGD3tfnxfKz1r/XF
odRo7pen3/HDID/4IUPGOklGrVh/CvNh/+lv3Qht0tUh75KFJJpIWOytGkslozuG
bVzjTxweqnUugUPtr3j0Y2wXN+t11HHGesLzExeJHsbE+w==
-----END CERTIFICATE-----
Generated at Tue Aug 22 07:53:13 2023 by rpki-client on console-ams.rpki-client.org