Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/53CBF5C66D1911E7A4448D81C4F9AE02.roa
File: 53CBF5C66D1911E7A4448D81C4F9AE02.roa (raw, json)
Hash identifier: AP8Bb/DnmyM2tgkL9jAKis+gWAoJdpiwH0PuM/5AeKw=
Subject key identifier: 3B:E1:19:7C:EB:7F:D3:DC:22:BA:D1:63:CA:01:FF:5D:A3:79:91:9A
Certificate issuer: /CN=A919EAF3/serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D
Certificate serial: 181B
Authority key identifier: 29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/53CBF5C66D1911E7A4448D81C4F9AE02.roa
Signing time: Mon 10 Jul 2023 16:53:25 +0000
ROA not before: Mon 10 Jul 2023 16:53:25 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 9234
IP address blocks: 168.245.188.0/22 maxlen: 22
168.245.191.0/24 maxlen: 24
198.246.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 08:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6171 (0x181b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EAF3/serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D
Validity
Not Before: Jul 10 16:53:25 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64ac3785-5caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:16:35:81:42:88:f6:5c:aa:70:37:c1:74:b4:
37:86:fa:5d:a7:02:b9:8b:c0:15:2e:7a:32:74:2d:
17:0d:ce:83:eb:16:94:20:f8:e6:49:37:cc:09:e2:
49:7a:76:f0:16:ed:60:cb:3c:83:1c:58:e3:42:46:
2f:b3:2e:8b:a3:17:2d:20:6d:b0:04:4c:b9:cd:ed:
d8:2c:91:5d:eb:09:94:29:1c:2f:e7:a5:be:5d:c5:
03:9c:00:45:c2:a6:64:34:52:d7:49:54:59:87:ce:
a8:b8:16:73:9d:02:77:fb:0b:b0:75:8f:f3:b5:59:
db:74:1e:a7:e7:ff:87:a7:de:b4:ab:79:d3:62:57:
1c:d3:e8:e0:85:ab:6d:93:00:ae:73:de:3e:e0:0e:
c9:79:3e:40:04:09:ed:4d:d1:f2:b9:c2:d4:19:79:
ce:40:3a:46:ac:66:b9:35:c1:38:a7:a1:3f:c5:cb:
1d:0c:02:6f:75:7c:32:5e:14:d4:c4:eb:31:41:5e:
19:ed:c8:2c:6a:cb:1d:45:50:e5:12:ae:17:63:d5:
a3:e6:53:a9:8f:dc:f0:a7:dc:86:6f:a4:da:91:03:
a4:52:bf:08:3d:73:53:1c:70:52:43:40:b1:30:9e:
10:8a:52:4c:97:c0:4c:bf:36:3f:ac:0e:35:34:83:
1f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E1:19:7C:EB:7F:D3:DC:22:BA:D1:63:CA:01:FF:5D:A3:79:91:9A
X509v3 Authority Key Identifier:
keyid:29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/53CBF5C66D1911E7A4448D81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.245.188.0/22
198.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:40:4b:53:d3:25:db:0c:cc:8c:83:a9:48:ff:49:76:63:cf:
11:de:0c:8b:cc:75:63:6c:a4:2b:19:5b:54:a6:3c:48:64:1b:
ab:df:48:0c:f5:ea:77:f4:64:fa:76:00:76:63:87:f3:3a:68:
9c:8d:2d:9c:0e:9d:04:1c:08:a9:29:ac:24:59:27:23:44:9d:
f1:22:b4:76:5d:a3:23:62:72:1f:12:d1:5d:4d:d2:16:d9:d9:
da:19:ab:d9:54:b5:00:83:73:e2:ab:6d:49:15:63:dd:63:52:
a0:6b:3e:bc:07:5a:b1:bc:4e:c5:04:bc:ad:cb:55:92:01:fe:
45:82:aa:9b:63:b1:ce:c6:06:d3:ac:a0:70:99:42:67:e3:9f:
4a:bb:c7:4a:d3:49:9a:80:2e:42:e2:8a:b3:b9:2a:70:08:d2:
4d:05:13:bb:43:44:42:1f:f2:a1:b3:de:40:a0:e0:18:b8:be:
7c:20:9d:57:71:0b:6f:8b:9f:ee:9c:fa:87:67:d2:37:33:16:
11:5d:f6:fc:18:27:8e:17:9b:6d:9b:e9:75:d7:d2:41:6e:9a:
d6:99:30:33:7a:02:13:37:7a:95:98:f0:7d:a6:70:ab:ef:f6:
92:ee:73:a9:14:5c:ed:58:8d:81:24:4b:33:1b:e2:26:f0:8e:
fd:d7:02:99
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICGBswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBRjMxMTAvBgNVBAUTKDI5QjZBODcwMkE0QUQ2NDRBODcxMDY0QjY0MDdBREU0
OTNFNjNBOEQwHhcNMjMwNzEwMTY1MzI1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFjMzc4NS01Y2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0xY1gUKI9lyqcDfBdLQ3hvpdpwK5i8AVLnoydC0XDc6D6xaUIPjmSTfMCeJJ
enbwFu1gyzyDHFjjQkYvsy6LoxctIG2wBEy5ze3YLJFd6wmUKRwv56W+XcUDnABF
wqZkNFLXSVRZh86ouBZznQJ3+wuwdY/ztVnbdB6n5/+Hp960q3nTYlcc0+jghatt
kwCuc94+4A7JeT5ABAntTdHyucLUGXnOQDpGrGa5NcE4p6E/xcsdDAJvdXwyXhTU
xOsxQV4Z7cgsassdRVDlEq4XY9Wj5lOpj9zwp9yGb6TakQOkUr8IPXNTHHBSQ0Cx
MJ4QilJMl8BMvzY/rA41NIMfwQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDvhGXzr
f9PcIrrRY8oB/12jeZGaMB8GA1UdIwQYMBaAFCm2qHAqStZEqHEGS2QHreST5jqN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFGMy85M0JCNTAyRTZE
MTgxMUU3QTgxNURBODBDNEY5QUUwMi9LYmFvY0NwSzFrU29jUVpMWkFldDVKUG1P
bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0tiYW9jQ3BLMWtTb2NRWkxaQWV0NUpQbU9vMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBRjMvOTNCQjUwMkU2RDE4MTFFN0E4MTVEQTgwQzRGOUFFMDIvNTNDQkY1QzY2
RDE5MTFFN0E0NDQ4RDgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAKo9bwDBADG9t8wDQYJKoZIhvcNAQELBQADggEBAC5AS1PT
JdsMzIyDqUj/SXZjzxHeDIvMdWNspCsZW1SmPEhkG6vfSAz16nf0ZPp2AHZjh/M6
aJyNLZwOnQQcCKkprCRZJyNEnfEitHZdoyNich8S0V1N0hbZ2doZq9lUtQCDc+Kr
bUkVY91jUqBrPrwHWrG8TsUEvK3LVZIB/kWCqptjsc7GBtOsoHCZQmfjn0q7x0rT
SZqALkLiirO5KnAI0k0FE7tDREIf8qGz3kCg4Bi4vnwgnVdxC2+Ln+6c+odn0jcz
FhFd9vwYJ44Xm22b6XXX0kFumtaZMDN6AhM3epWY8H2mcKvv9pLuc6kUXO1YjYEk
SzMb4ibwjv3XApk=
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:53:26 2024 by rpki-client on console-ams.rpki-client.org