Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/62FE95BCA3BD11EEA65D1C84C4F9AE02.roa
File: 62FE95BCA3BD11EEA65D1C84C4F9AE02.roa (raw, json)
Hash identifier: ufgs8Vyzfz8GjlHB3hnQ4CfjKKV+5VZRtASo91ca7J8=
Subject key identifier: E8:81:72:54:B7:29:AE:F9:46:E0:55:7F:76:E6:38:B2:FA:EE:9C:AC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 809C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/62FE95BCA3BD11EEA65D1C84C4F9AE02.roa
Signing time: Tue 26 Dec 2023 07:07:10 +0000
ROA not before: Tue 26 Dec 2023 07:07:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151157
IP address blocks: 36.50.166.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 05:59:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32924 (0x809c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 26 07:07:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=658a7b9e-d280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d5:9b:e4:18:aa:da:6d:01:a7:b4:f9:c5:99:
36:d8:5f:90:1e:b1:b8:ef:5f:04:5f:88:9e:f7:6c:
d3:b5:b3:b9:3a:e2:c5:fd:04:e9:60:6c:9b:d4:c7:
5e:7d:77:14:bc:0c:31:4b:d1:63:8e:b6:27:9d:ff:
11:96:f3:71:31:35:52:20:18:2b:af:3d:fc:52:51:
f6:6f:0d:81:98:e7:2f:6d:d1:cc:90:e8:78:e7:be:
c7:28:d4:22:54:eb:61:90:8c:00:37:6f:92:11:72:
d6:93:85:26:cc:ba:88:94:1d:13:0e:fe:1f:bc:f4:
a2:42:69:bb:19:9f:f1:b7:1f:8a:f0:8c:79:53:e3:
12:5c:e9:a9:c9:7c:bb:74:99:d3:b5:f8:31:bd:c7:
1c:21:c2:95:59:91:6f:ff:5c:ff:a8:ac:c2:cd:2d:
e1:5f:18:51:af:a1:4e:9f:81:fc:84:7b:cd:44:c1:
c3:40:cc:83:4e:3c:6a:8e:22:cf:78:e9:b1:94:5e:
3e:25:3c:98:d3:6c:0f:6a:82:c3:e7:9a:22:dd:f8:
4d:da:ac:7d:4b:62:56:c4:49:db:0a:0a:e1:1f:64:
f3:a7:07:c0:4f:6d:a3:b3:3d:5b:86:03:50:df:ff:
40:18:03:38:5b:07:6e:56:85:8f:de:4a:2b:1b:68:
2f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:81:72:54:B7:29:AE:F9:46:E0:55:7F:76:E6:38:B2:FA:EE:9C:AC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/62FE95BCA3BD11EEA65D1C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.166.0/23
Signature Algorithm: sha256WithRSAEncryption
86:6e:08:f4:90:8a:d9:4d:c3:55:b2:8d:7a:15:39:5a:81:f3:
8e:d9:7b:52:cc:d0:80:ce:2f:61:a4:2f:99:f4:8a:53:be:0f:
3c:e8:a4:6f:5d:00:0a:ba:21:85:fa:30:d2:78:e4:32:e9:78:
28:65:62:12:91:e2:ae:bf:23:0b:7f:95:eb:6b:c2:b7:ab:28:
82:9c:93:03:e2:51:eb:df:cf:53:91:e5:1c:99:4c:50:3f:75:
e9:af:2f:74:67:38:6d:bc:54:c4:a9:09:88:22:02:d2:ce:8e:
80:08:6e:ef:c9:6c:b1:3a:62:02:cb:33:e2:a8:f3:58:4e:7b:
30:d0:b7:60:3d:04:64:07:04:6a:b4:c4:7e:97:e8:99:96:23:
d0:d6:13:69:2e:2b:74:94:32:f2:8f:df:44:b7:9e:ec:28:91:
7f:83:a3:e2:5b:45:5b:43:af:d5:23:2e:d9:9f:4b:c5:aa:c8:
bf:5c:fc:35:14:15:c5:7c:b9:f9:36:91:2a:62:26:ff:21:78:
75:3d:19:ea:14:f4:7b:31:40:7f:1f:a5:ca:0a:e2:9b:09:da:
86:eb:5c:a3:b6:13:4e:a9:83:ec:de:70:be:11:a4:54:f6:c6:
52:c8:a9:01:7b:47:81:e5:44:aa:43:c0:9b:20:17:60:90:31:
eb:ef:1b:81
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAICcMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTIzMTIyNjA3MDcxMFoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjU4YTdiOWUtZDI4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrVm+QYqtptAae0+cWZNthfkB6xuO9fBF+Invds07WzuTrixf0E6WBsm9TH
Xn13FLwMMUvRY462J53/EZbzcTE1UiAYK689/FJR9m8NgZjnL23RzJDoeOe+xyjU
IlTrYZCMADdvkhFy1pOFJsy6iJQdEw7+H7z0okJpuxmf8bcfivCMeVPjElzpqcl8
u3SZ07X4Mb3HHCHClVmRb/9c/6isws0t4V8YUa+hTp+B/IR7zUTBw0DMg048ao4i
z3jpsZRePiU8mNNsD2qCw+eaIt34TdqsfUtiVsRJ2woK4R9k86cHwE9to7M9W4YD
UN//QBgDOFsHblaFj95KKxtoL9kCAwEAAaOCApUwggKRMB0GA1UdDgQWBBTogXJU
tymu+UbgVX925jiy+u6crDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzYyRkU5NUJD
QTNCRDExRUVBNjVEMUM4NEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBJDKmMA0GCSqGSIb3DQEBCwUAA4IBAQCGbgj0kIrZTcNV
so16FTlagfOO2XtSzNCAzi9hpC+Z9IpTvg886KRvXQAKuiGF+jDSeOQy6XgoZWIS
keKuvyMLf5Xra8K3qyiCnJMD4lHr389TkeUcmUxQP3Xpry90ZzhtvFTEqQmIIgLS
zo6ACG7vyWyxOmICyzPiqPNYTnsw0LdgPQRkBwRqtMR+l+iZliPQ1hNpLit0lDLy
j99Et57sKJF/g6PiW0VbQ6/VIy7Zn0vFqsi/XPw1FBXFfLn5NpEqYib/IXh1PRnq
FPR7MUB/H6XKCuKbCdqG61yjthNOqYPs3nC+EaRU9sZSyKkBe0eB5USqQ8CbIBdg
kDHr7xuB
-----END CERTIFICATE-----
Generated at Tue Jan 9 07:14:14 2024 by rpki-client on console-fra.rpki-client.org