Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/3E59C0B407EA11EB978D6673C4F9AE02.roa
File: 3E59C0B407EA11EB978D6673C4F9AE02.roa (raw, json)
Hash identifier: jvFurXwhieg/hOGmdy0ANLPBGOLoDUQ9+RNN7n0WRm4=
Subject key identifier: 78:7A:46:B3:48:01:2B:B0:A6:DA:A2:AD:7F:82:02:C0:DD:DF:06:FD
Certificate issuer: /CN=A919E9A5/serialNumber=7AAC67DBC1EB928E2951362E0BC6AC7677E2DC7B
Certificate serial: 335F
Authority key identifier: 7A:AC:67:DB:C1:EB:92:8E:29:51:36:2E:0B:C6:AC:76:77:E2:DC:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eqxn28Hrko4pUTYuC8asdnfi3Hs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/3E59C0B407EA11EB978D6673C4F9AE02.roa
Signing time: Wed 06 Sep 2023 14:40:30 +0000
ROA not before: Wed 06 Sep 2023 14:40:30 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 63939
IP address blocks: 119.148.21.0/24 maxlen: 24
119.148.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 21:16:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13151 (0x335f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919E9A5/serialNumber=7AAC67DBC1EB928E2951362E0BC6AC7677E2DC7B
Validity
Not Before: Sep 6 14:40:30 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64f88f5e-08d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f1:f2:b5:58:dc:46:d0:cc:5e:71:01:30:d4:
47:6d:2f:bd:03:84:7f:71:4c:df:c5:91:c9:cc:b4:
f6:fc:7f:d8:ef:b0:f6:97:39:d0:f4:17:6a:64:43:
20:b4:c3:d3:d4:6e:13:7b:49:f1:af:95:70:55:5d:
78:6f:92:df:19:16:96:ed:48:83:52:e8:d3:90:b4:
f6:54:3a:12:d9:5c:2a:50:cc:f8:7e:d8:03:c0:8a:
de:a7:08:47:7c:29:d4:dd:1c:91:36:62:10:3b:32:
94:71:62:1b:1e:28:e0:42:7e:21:78:78:23:26:34:
70:ea:6b:a3:72:ba:d5:df:6f:7e:09:ff:80:55:8f:
96:1e:15:3e:1b:f1:a9:1f:27:79:ae:7c:ec:68:a6:
e0:95:22:86:af:1b:b7:03:94:77:66:59:9b:12:7f:
ea:8e:93:46:5a:3f:54:09:8b:ff:78:77:2e:d4:b5:
d0:b7:6b:b0:f7:dd:a6:67:60:04:62:57:1d:6c:c4:
0a:a1:ae:03:ad:fd:35:91:20:1a:30:a5:86:b1:f1:
dd:70:01:32:b1:43:fd:3a:13:b1:72:3c:c3:b8:73:
bc:15:19:29:71:33:52:2a:97:5e:e2:9c:48:eb:a3:
dd:a7:94:07:44:e3:8f:61:71:76:3c:18:c8:95:81:
64:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:7A:46:B3:48:01:2B:B0:A6:DA:A2:AD:7F:82:02:C0:DD:DF:06:FD
X509v3 Authority Key Identifier:
keyid:7A:AC:67:DB:C1:EB:92:8E:29:51:36:2E:0B:C6:AC:76:77:E2:DC:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/eqxn28Hrko4pUTYuC8asdnfi3Hs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eqxn28Hrko4pUTYuC8asdnfi3Hs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/3E59C0B407EA11EB978D6673C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.148.21.0-119.148.22.255
Signature Algorithm: sha256WithRSAEncryption
b3:72:e1:08:9b:0f:1c:f9:88:ab:7c:dc:8f:b1:b1:8b:52:9a:
d8:52:b2:6d:d0:9f:98:9a:68:11:c8:e7:5a:6a:d8:c9:54:8b:
5f:6b:1d:02:1c:60:b1:42:43:b3:a9:05:96:a3:59:12:41:7e:
49:48:06:a3:88:b6:80:04:51:4e:94:ff:5c:51:24:b0:74:c2:
35:da:3f:ff:4f:19:8b:54:4b:89:68:59:0b:1b:57:bb:54:c8:
a5:8e:57:f5:f1:26:8d:18:a4:12:f5:cf:e6:54:7e:53:67:df:
5d:4f:a0:93:77:93:97:83:2d:c7:b9:76:c2:37:36:14:7a:8d:
c1:61:7a:16:ca:36:9b:1a:65:ca:cd:32:8e:4c:0c:5a:af:68:
69:7e:18:a8:13:ce:1c:91:62:1f:78:4d:25:b4:28:65:1f:48:
5f:51:32:c1:a4:36:e3:c1:ad:ac:a6:5c:4d:b2:9b:65:97:41:
66:75:21:2c:e2:60:d9:fb:ea:da:07:57:7e:61:28:a8:82:f4:
19:a1:4d:f8:3a:04:af:e0:5b:2f:22:d6:16:30:c0:a7:9e:61:
32:fd:57:53:c5:83:1a:80:e2:8a:65:2d:6f:a9:3b:43:ff:6e:
c3:1d:af:61:16:54:e2:51:06:5a:7d:dc:c2:62:e7:df:5b:ff:
2d:2e:8e:61
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICM18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUU5QTUxMTAvBgNVBAUTKDdBQUM2N0RCQzFFQjkyOEUyOTUxMzYyRTBCQzZBQzc2
NzdFMkRDN0IwHhcNMjMwOTA2MTQ0MDMwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY4OGY1ZS0wOGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwPHytVjcRtDMXnEBMNRHbS+9A4R/cUzfxZHJzLT2/H/Y77D2lznQ9BdqZEMg
tMPT1G4Te0nxr5VwVV14b5LfGRaW7UiDUujTkLT2VDoS2VwqUMz4ftgDwIrepwhH
fCnU3RyRNmIQOzKUcWIbHijgQn4heHgjJjRw6mujcrrV329+Cf+AVY+WHhU+G/Gp
Hyd5rnzsaKbglSKGrxu3A5R3ZlmbEn/qjpNGWj9UCYv/eHcu1LXQt2uw992mZ2AE
YlcdbMQKoa4Drf01kSAaMKWGsfHdcAEysUP9OhOxcjzDuHO8FRkpcTNSKpde4pxI
66Pdp5QHROOPYXF2PBjIlYFkdwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFHh6RrNI
ASuwptqirX+CAsDd3wb9MB8GA1UdIwQYMBaAFHqsZ9vB65KOKVE2LgvGrHZ34tx7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTlBNS9BMzJFRkVCODFE
ODkxMUUyOTJFNEZERTIwOEIwMkNEMi9lcXhuMjhIcmtvNHBVVFl1Qzhhc2RuZmkz
SHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VxeG4yOEhya280cFVUWXVDOGFzZG5maTNIcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUU5QTUvQTMyRUZFQjgxRDg5MTFFMjkyRTRGREUyMDhCMDJDRDIvM0U1OUMwQjQw
N0VBMTFFQjk3OEQ2NjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAHeUFQMEAHeUFjANBgkqhkiG9w0BAQsFAAOCAQEAs3Lh
CJsPHPmIq3zcj7Gxi1Ka2FKybdCfmJpoEcjnWmrYyVSLX2sdAhxgsUJDs6kFlqNZ
EkF+SUgGo4i2gARRTpT/XFEksHTCNdo//08Zi1RLiWhZCxtXu1TIpY5X9fEmjRik
EvXP5lR+U2ffXU+gk3eTl4Mtx7l2wjc2FHqNwWF6Fso2mxplys0yjkwMWq9oaX4Y
qBPOHJFiH3hNJbQoZR9IX1EywaQ248GtrKZcTbKbZZdBZnUhLOJg2fvq2gdXfmEo
qIL0GaFN+DoEr+BbLyLWFjDAp55hMv1XU8WDGoDiimUtb6k7Q/9uwx2vYRZU4lEG
Wn3cwmLn31v/LS6OYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org