Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/58F98858C9DD11ECAB46CE87C4F9AE02.roa
File: 58F98858C9DD11ECAB46CE87C4F9AE02.roa (raw, json)
Hash identifier: u7HsOeEdWGSalHW6jKo2shNidNqPQYpwghEYvFw4Tac=
Subject key identifier: 99:2A:37:6E:BA:F5:A2:73:11:0B:F1:10:48:9A:BA:A4:13:C6:4E:24
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6A87
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/58F98858C9DD11ECAB46CE87C4F9AE02.roa
Signing time: Wed 10 May 2023 16:15:13 +0000
ROA not before: Wed 10 May 2023 16:15:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133589
IP address blocks: 45.114.176.0/22 maxlen: 24
103.43.80.0/22 maxlen: 24
2001:df0:9fc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Feb 2024 11:11:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27271 (0x6a87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:15:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc311-524d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d9:77:52:6e:1a:f3:6e:bc:50:fc:b7:3c:21:
2e:a7:b1:0e:61:b4:47:8d:b0:71:03:d3:88:fa:1f:
17:e1:55:80:39:89:55:d3:ed:e5:2f:03:2c:33:36:
5b:26:94:0d:fc:36:e1:98:97:a1:c8:8a:c0:f2:68:
94:83:92:9e:72:3f:e7:96:f9:bb:28:6e:30:16:26:
b3:eb:82:a2:1b:26:5a:06:32:f0:10:95:25:91:c2:
29:f4:c3:21:ad:b0:e1:4c:78:01:8e:bf:9e:53:21:
62:19:2d:5c:3a:4d:5c:06:ef:42:76:30:c2:b7:7f:
6a:ee:c9:bd:63:bd:7b:b5:48:d1:f5:d2:d2:35:0d:
df:4e:81:6b:b6:f7:c7:0c:e5:3c:3b:17:6c:e8:d0:
56:2e:3b:6e:51:fe:87:cc:d6:b6:7e:16:cf:5e:4b:
c1:59:9a:f6:a9:b1:60:c1:10:01:bd:62:2a:e3:cd:
5b:30:12:3a:2d:76:53:d8:5e:9f:2b:8d:99:e9:2a:
fd:78:2b:7c:65:c9:70:d1:65:fe:e7:f4:63:f4:78:
92:21:4f:6b:8a:e2:96:35:07:72:14:f5:dc:31:c7:
ff:20:6a:7c:bf:9a:55:09:b4:43:fa:ae:ac:18:8c:
03:93:aa:6d:8b:ac:35:b3:d0:6d:3f:80:e1:bd:72:
e8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2A:37:6E:BA:F5:A2:73:11:0B:F1:10:48:9A:BA:A4:13:C6:4E:24
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/58F98858C9DD11ECAB46CE87C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.176.0/22
103.43.80.0/22
IPv6:
2001:df0:9fc0::/48
Signature Algorithm: sha256WithRSAEncryption
b5:50:38:7a:ba:16:21:d4:cd:37:5c:39:d3:54:04:97:c2:80:
17:82:03:7f:f9:7b:f4:96:e5:44:a0:f2:04:8d:88:c2:78:db:
dc:07:76:54:cd:13:e1:f5:cb:59:29:79:b0:74:19:72:35:60:
1f:c8:dc:b1:4a:67:89:31:02:c0:e5:62:ca:eb:35:1b:1d:e5:
57:ba:9a:d9:5a:a2:ad:d0:1f:77:9d:d9:01:ee:54:e2:7a:8a:
e0:19:62:d9:59:0a:02:c2:da:69:42:f4:64:a8:0e:d6:5d:b1:
61:e3:db:d8:4e:7e:c6:0b:01:4c:f1:63:60:92:77:46:a9:29:
8d:ae:e7:99:a6:0c:92:9c:d5:21:ae:46:ce:2b:93:1d:f0:9f:
89:db:38:bb:f0:58:1e:4b:9e:b7:62:54:97:b5:ec:3b:c3:82:
e8:ee:5d:77:4b:a7:60:28:a7:53:93:0a:8f:3b:11:7c:89:0a:
33:42:66:e7:bb:86:b7:3a:20:0f:52:7f:3b:14:08:d6:c1:0b:
36:0c:cc:58:e5:23:f2:33:23:8b:19:a1:ed:4c:05:aa:13:09:
dd:33:86:2a:2e:7d:d3:d8:0b:14:a3:22:1c:9d:e0:20:e2:7f:
57:4c:20:52:7e:7f:05:ec:ef:e8:e8:c8:55:fc:06:35:1d:c3:
53:36:e6:83
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICaocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYxNTEzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzMxMS01MjRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Nl3Um4a8268UPy3PCEup7EOYbRHjbBxA9OI+h8X4VWAOYlV0+3lLwMsMzZb
JpQN/DbhmJehyIrA8miUg5Kecj/nlvm7KG4wFiaz64KiGyZaBjLwEJUlkcIp9MMh
rbDhTHgBjr+eUyFiGS1cOk1cBu9CdjDCt39q7sm9Y717tUjR9dLSNQ3fToFrtvfH
DOU8Oxds6NBWLjtuUf6HzNa2fhbPXkvBWZr2qbFgwRABvWIq481bMBI6LXZT2F6f
K42Z6Sr9eCt8Zclw0WX+5/Rj9HiSIU9riuKWNQdyFPXcMcf/IGp8v5pVCbRD+q6s
GIwDk6pti6w1s9BtP4DhvXLo7QIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFJkqN266
9aJzEQvxEEiauqQTxk4kMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNThGOTg4NThD
OUREMTFFQ0FCNDZDRTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAItcrADBAJnK1AwDwQCAAIwCQMHACABDfCfwDANBgkqhkiG
9w0BAQsFAAOCAQEAtVA4eroWIdTNN1w501QEl8KAF4IDf/l79JblRKDyBI2Iwnjb
3Ad2VM0T4fXLWSl5sHQZcjVgH8jcsUpniTECwOViyus1Gx3lV7qa2VqirdAfd53Z
Ae5U4nqK4Bli2VkKAsLaaUL0ZKgO1l2xYePb2E5+xgsBTPFjYJJ3Rqkpja7nmaYM
kpzVIa5GziuTHfCfids4u/BYHkuet2JUl7XsO8OC6O5dd0unYCinU5MKjzsRfIkK
M0Jm57uGtzogD1J/OxQI1sELNgzMWOUj8jMjixmh7UwFqhMJ3TOGKi5909gLFKMi
HJ3gIOJ/V0wgUn5/Bezv6OjIVfwGNR3DUzbmgw==
-----END CERTIFICATE-----
Generated at Tue Feb 27 15:32:17 2024 by rpki-client on console-fra.rpki-client.org