Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/53E6ACC03B3C11EE9AD03F6DC4F9AE02.roa
File: 53E6ACC03B3C11EE9AD03F6DC4F9AE02.roa (raw, json)
Hash identifier: faGszzaWLaTCikGs/18YPg+E9I+9uvfi401Vrv4g09A=
Subject key identifier: 36:AA:1F:7B:54:FE:D1:C9:03:F5:18:B6:74:A0:FD:E0:9A:C2:9E:03
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 3544
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/53E6ACC03B3C11EE9AD03F6DC4F9AE02.roa
Signing time: Tue 15 Aug 2023 07:21:19 +0000
ROA not before: Tue 15 Aug 2023 07:21:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140307
IP address blocks: 58.181.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 08:40:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13636 (0x3544)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Aug 15 07:21:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64db276e-5d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3c:07:39:1a:ba:0d:e4:16:a1:56:da:08:61:
e0:83:1c:ac:f9:56:f2:f1:db:73:ec:e0:6e:89:ff:
85:31:7c:51:e8:23:e9:5e:2d:2c:5d:d1:e4:22:cc:
f7:76:a5:aa:13:c1:c2:7e:2f:d0:a8:27:eb:2b:39:
80:92:21:4f:32:c1:ba:43:be:a5:95:9a:c3:a6:6f:
b3:a1:a7:f0:0c:0d:bf:74:77:5f:75:c4:f4:00:29:
ad:eb:4c:94:97:0c:14:ff:92:88:3d:10:12:42:85:
69:55:e5:e3:df:b4:40:ad:f3:71:60:a9:3f:60:19:
92:0b:b6:c3:a6:aa:04:1a:f7:67:26:d9:88:d7:4a:
43:0e:30:79:2e:13:0c:de:ba:4a:70:4a:1d:cd:25:
05:9a:dd:96:8a:2c:87:95:2c:78:28:35:1d:4a:74:
9a:82:ba:1a:fb:4f:5a:33:92:0d:df:5e:31:d2:53:
b4:7e:9a:75:b4:d7:60:2c:97:6d:29:93:5d:1d:c4:
85:e6:30:b3:bc:5a:87:39:39:6d:9a:91:02:2f:2d:
a4:f9:2f:54:a1:57:87:c1:60:6d:39:e3:c9:7e:8d:
e3:3c:d2:fb:86:ce:73:ca:c1:7f:ca:06:8a:9f:1c:
3b:64:fe:f7:9f:39:0e:31:d9:4a:66:e8:4b:95:2c:
ab:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AA:1F:7B:54:FE:D1:C9:03:F5:18:B6:74:A0:FD:E0:9A:C2:9E:03
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/53E6ACC03B3C11EE9AD03F6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.181.127.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:15:9e:0f:39:f3:65:60:5c:3f:08:54:59:31:dc:b3:ee:89:
00:35:d7:a2:fb:4f:db:34:6c:3b:11:4d:b2:01:03:76:33:63:
eb:1e:63:84:b2:66:ab:23:99:d0:1f:d9:52:f2:38:a7:cc:0c:
db:bf:97:b3:3b:7e:6b:25:a9:0e:8a:52:b8:1a:68:c3:69:f4:
97:4f:83:12:b9:83:d3:9c:bc:08:23:f0:2c:35:ff:1e:fb:5f:
cd:76:5b:1e:15:e5:0f:de:0e:01:c3:ab:dd:5c:21:da:4a:9b:
36:4f:9c:97:f6:37:b5:27:1c:39:8e:da:92:34:88:6a:ee:7d:
1e:eb:12:59:80:c8:8c:14:29:12:68:51:76:c3:fd:29:00:8a:
04:1d:7f:dd:94:cf:c1:02:6e:3a:d5:6a:5f:73:b4:3b:4e:f8:
73:ae:b7:5a:b8:f4:58:a0:66:0d:80:52:22:d4:05:bf:66:0b:
27:fc:ba:9d:9d:0c:a9:66:17:c4:66:62:ed:71:7b:32:d7:db:
ef:72:c8:24:d4:d0:4c:4b:0a:91:61:cc:76:56:7e:11:ae:b3:
0e:6e:e7:df:3e:33:6c:e3:db:f4:96:a4:f7:ce:df:1b:48:22:
f3:62:58:dc:be:ff:81:22:d0:1e:e6:3c:3d:32:27:ec:20:e8:
df:e4:66:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjMwODE1MDcyMTE5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRiMjc2ZS01ZDhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzTwHORq6DeQWoVbaCGHggxys+Vby8dtz7OBuif+FMXxR6CPpXi0sXdHkIsz3
dqWqE8HCfi/QqCfrKzmAkiFPMsG6Q76llZrDpm+zoafwDA2/dHdfdcT0ACmt60yU
lwwU/5KIPRASQoVpVeXj37RArfNxYKk/YBmSC7bDpqoEGvdnJtmI10pDDjB5LhMM
3rpKcEodzSUFmt2WiiyHlSx4KDUdSnSagroa+09aM5IN314x0lO0fpp1tNdgLJdt
KZNdHcSF5jCzvFqHOTltmpECLy2k+S9UoVeHwWBtOePJfo3jPNL7hs5zysF/ygaK
nxw7ZP73nzkOMdlKZuhLlSyrNQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDaqH3tU
/tHJA/UYtnSg/eCawp4DMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvNTNFNkFDQzAz
QjNDMTFFRTlBRDAzRjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAA6tX8wDQYJKoZIhvcNAQELBQADggEBALMVng8582VgXD8I
VFkx3LPuiQA116L7T9s0bDsRTbIBA3YzY+seY4SyZqsjmdAf2VLyOKfMDNu/l7M7
fmslqQ6KUrgaaMNp9JdPgxK5g9OcvAgj8Cw1/x77X812Wx4V5Q/eDgHDq91cIdpK
mzZPnJf2N7UnHDmO2pI0iGrufR7rElmAyIwUKRJoUXbD/SkAigQdf92Uz8ECbjrV
al9ztDtO+HOut1q49FigZg2AUiLUBb9mCyf8up2dDKlmF8RmYu1xezLX2+9yyCTU
0ExLCpFhzHZWfhGusw5u598+M2zj2/SWpPfO3xtIIvNiWNy+/4Ei0B7mPD0yJ+wg
6N/kZpg=
-----END CERTIFICATE-----
Generated at Wed Jan 24 13:24:17 2024 by rpki-client on console-fra.rpki-client.org