Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/206CBC5CF76811EEAF5CBE5FC4F9AE02.roa
File: 206CBC5CF76811EEAF5CBE5FC4F9AE02.roa (raw, json)
Hash identifier: Zbfa5MMYIb5XjdO39IICaP2hG6ZT9IQx+CLPJhnO76o=
Subject key identifier: AE:9E:85:EB:09:29:E1:C0:70:7D:13:5B:01:EF:1C:E8:00:E9:85:4E
Certificate issuer: /CN=A91A192D/serialNumber=A81D0D61F7B730DDB742CC48ADD88A04D46FD024
Certificate serial: 69
Authority key identifier: A8:1D:0D:61:F7:B7:30:DD:B7:42:CC:48:AD:D8:8A:04:D4:6F:D0:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0NYfe3MN23QsxIrdiKBNRv0CQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/206CBC5CF76811EEAF5CBE5FC4F9AE02.roa
Signing time: Wed 10 Apr 2024 18:37:51 +0000
ROA not before: Wed 10 Apr 2024 18:37:51 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 137707
IP address blocks: 36.50.240.0/24 maxlen: 31
36.50.241.0/24 maxlen: 31
2001:df3:5240::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 Jul 2024 23:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105 (0x69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A192D/serialNumber=A81D0D61F7B730DDB742CC48ADD88A04D46FD024
Validity
Not Before: Apr 10 18:37:51 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6616dc7f-c7d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7c:3c:07:47:23:ba:d9:b5:da:d5:a5:2c:35:
2d:16:a9:af:8e:bb:5c:28:16:ec:26:19:5b:39:83:
a6:b7:51:43:71:09:e5:2c:7e:7f:62:c8:e0:1f:95:
75:4f:04:7b:ac:7d:d4:68:a0:3b:b0:19:eb:90:04:
4f:1e:a2:e9:f8:b8:d1:88:19:4f:f4:68:6b:6d:f3:
58:a7:04:1e:47:94:63:66:dd:0f:90:09:c1:06:d3:
72:ca:cc:ee:65:ce:6e:eb:3f:45:e1:88:81:31:a4:
eb:0f:e0:02:d4:52:a0:f5:f6:9f:13:8a:1e:6f:ec:
85:db:44:b3:ba:21:1f:9e:99:26:b9:39:c7:f7:79:
0c:d0:b6:37:3b:c6:bb:d5:ec:73:02:70:6f:85:23:
0e:f7:fd:63:1c:c0:a8:d7:71:a4:a3:3a:a6:0e:95:
0e:fb:55:38:86:39:b2:64:95:fe:d5:08:76:e0:dd:
5a:18:01:9e:65:61:0a:5d:7a:8d:a3:e9:e9:0b:bf:
c0:e4:0c:13:29:b1:4e:34:64:19:de:64:e9:62:e2:
e4:21:cb:0a:1c:dc:e7:88:0a:db:0e:1b:8e:69:b2:
6f:80:44:cc:68:cf:3a:3f:14:98:bd:aa:a7:b7:08:
d0:59:c5:f1:1d:6f:11:84:14:bf:35:51:87:0d:02:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9E:85:EB:09:29:E1:C0:70:7D:13:5B:01:EF:1C:E8:00:E9:85:4E
X509v3 Authority Key Identifier:
keyid:A8:1D:0D:61:F7:B7:30:DD:B7:42:CC:48:AD:D8:8A:04:D4:6F:D0:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/qB0NYfe3MN23QsxIrdiKBNRv0CQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0NYfe3MN23QsxIrdiKBNRv0CQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/206CBC5CF76811EEAF5CBE5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.240.0/23
IPv6:
2001:df3:5240::/48
Signature Algorithm: sha256WithRSAEncryption
c1:eb:4b:9e:33:08:be:54:3f:2d:81:de:f8:6d:33:95:fb:61:
0b:a0:bd:d5:44:7e:d4:d0:87:77:9f:ef:d7:dd:bd:d1:8b:c6:
01:7c:cb:3f:98:08:64:8c:67:2c:6b:98:a1:0c:cf:d8:40:e2:
e7:61:45:e1:58:88:3d:f6:b2:e6:22:8f:64:97:bf:f3:bb:53:
79:b3:6b:61:39:df:ff:93:a9:60:d0:fb:81:1a:ef:d2:59:83:
57:9f:a3:47:69:62:f1:f0:4d:d7:96:9a:ad:47:7b:d0:1d:0d:
f7:71:b3:62:8f:e3:76:b6:77:57:8b:56:a0:a7:80:0e:ae:92:
e2:f9:42:40:ac:8e:3e:d6:ef:b5:25:6d:2c:bc:65:03:a8:1b:
04:52:ff:b1:2e:2c:3e:66:a7:a1:a9:b0:66:11:a7:21:52:6c:
16:2a:f0:8a:2d:18:1c:4a:73:2a:33:97:d1:96:e6:73:86:cf:
d8:b6:7b:b9:88:d9:2e:c0:92:a0:ce:f2:40:b0:0e:d4:df:cc:
10:db:a0:9b:2a:11:1d:a7:6e:43:6c:d2:d3:b9:27:79:ea:b0:
36:8a:e8:88:ad:d3:21:0b:f8:5d:3a:55:fb:6d:7e:a7:dd:ad:
5c:8e:a9:d5:a4:49:55:61:fd:02:ca:87:62:9b:be:75:cf:8d:
41:1d:1c:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBaTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MTkyRDExMC8GA1UEBRMoQTgxRDBENjFGN0I3MzBEREI3NDJDQzQ4QUREODhBMDRE
NDZGRDAyNDAeFw0yNDA0MTAxODM3NTFaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTZkYzdmLWM3ZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQChfDwHRyO62bXa1aUsNS0Wqa+Ou1woFuwmGVs5g6a3UUNxCeUsfn9iyOAflXVP
BHusfdRooDuwGeuQBE8eoun4uNGIGU/0aGtt81inBB5HlGNm3Q+QCcEG03LKzO5l
zm7rP0XhiIExpOsP4ALUUqD19p8Tih5v7IXbRLO6IR+emSa5Ocf3eQzQtjc7xrvV
7HMCcG+FIw73/WMcwKjXcaSjOqYOlQ77VTiGObJklf7VCHbg3VoYAZ5lYQpdeo2j
6ekLv8DkDBMpsU40ZBneZOli4uQhywoc3OeICtsOG45psm+ARMxozzo/FJi9qqe3
CNBZxfEdbxGEFL81UYcNAuUJAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUrp6F6wkp
4cBwfRNbAe8c6ADphU4wHwYDVR0jBBgwFoAUqB0NYfe3MN23QsxIrdiKBNRv0CQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUExOTJEL0NDNjdEMjUyQTRC
QzExRUU5RTVBNUQ3MkM0RjlBRTAyL3FCME5ZZmUzTU4yM1FzeElyZGlLQk5SdjBD
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcUIwTllmZTNNTjIzUXN4SXJkaUtCTlJ2MENRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MTkyRC9DQzY3RDI1MkE0QkMxMUVFOUU1QTVENzJDNEY5QUUwMi8yMDZDQkM1Q0Y3
NjgxMUVFQUY1Q0JFNUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEASQy8DAPBAIAAjAJAwcAIAEN81JAMA0GCSqGSIb3DQEBCwUA
A4IBAQDB60ueMwi+VD8tgd74bTOV+2ELoL3VRH7U0Id3n+/X3b3Ri8YBfMs/mAhk
jGcsa5ihDM/YQOLnYUXhWIg99rLmIo9kl7/zu1N5s2thOd//k6lg0PuBGu/SWYNX
n6NHaWLx8E3XlpqtR3vQHQ33cbNij+N2tndXi1agp4AOrpLi+UJArI4+1u+1JW0s
vGUDqBsEUv+xLiw+ZqehqbBmEachUmwWKvCKLRgcSnMqM5fRluZzhs/Ytnu5iNku
wJKgzvJAsA7U38wQ26CbKhEdp25DbNLTuSd56rA2iuiIrdMhC/hdOlX7bX6n3a1c
jqnVpElVYf0Cyodim751z41BHRw+
-----END CERTIFICATE-----
Generated at Thu Jul 25 03:28:17 2024 by rpki-client on console-ams.rpki-client.org