Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/2E7F8E687F5111ED8691F00BC4F9AE02.roa
File: 2E7F8E687F5111ED8691F00BC4F9AE02.roa (raw, json)
Hash identifier: w3GtsGXCWAtR3Mk02avq6MAoKEr7Z7INSWgDVWGQzrM=
Subject key identifier: 42:BA:1F:42:AB:C1:8E:8C:8E:C1:B0:BA:07:00:00:59:0F:9F:BE:D4
Certificate issuer: /CN=A91A3E3F/serialNumber=943D3E10B8BBE138B47734554B69053110D45BE3
Certificate serial: 0C
Authority key identifier: 94:3D:3E:10:B8:BB:E1:38:B4:77:34:55:4B:69:05:31:10:D4:5B:E3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lD0-ELi74Ti0dzRVS2kFMRDUW-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/2E7F8E687F5111ED8691F00BC4F9AE02.roa
Signing time: Mon 19 Dec 2022 04:21:05 +0000
ROA not before: Mon 19 Dec 2022 04:21:05 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 8075
IP address blocks: 40.162.0.0/16 maxlen: 16
128.94.0.0/16 maxlen: 16
135.149.0.0/16 maxlen: 16
138.239.0.0/16 maxlen: 16
147.145.0.0/16 maxlen: 16
148.7.0.0/16 maxlen: 16
155.62.0.0/16 maxlen: 16
158.23.0.0/16 maxlen: 16
158.158.0.0/16 maxlen: 16
167.105.0.0/16 maxlen: 16
167.220.240.0/22 maxlen: 24
169.138.0.0/16 maxlen: 16
170.165.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A3E3F/serialNumber=943D3E10B8BBE138B47734554B69053110D45BE3
Validity
Not Before: Dec 19 04:21:05 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=639fe6b1-6e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:60:2a:b8:b3:40:4a:e1:31:0d:58:e4:6c:89:
12:46:33:89:dd:d5:ae:c5:7c:5b:ef:44:c8:2d:90:
ab:ab:61:c5:80:3c:57:73:cc:54:a0:07:a7:62:f9:
03:b9:be:dc:41:43:8b:49:b7:20:b4:e4:4f:0f:4c:
22:d3:52:4c:51:ac:48:36:73:80:45:6b:1d:41:a3:
68:35:da:3f:f2:c2:55:84:d5:14:09:53:21:0c:5c:
c1:af:f3:8c:00:e5:dc:23:10:a1:78:0d:70:2a:19:
3f:40:db:c6:76:db:91:67:5f:6d:14:87:f8:fa:24:
fb:5e:43:27:40:5e:30:5d:dc:96:66:35:92:1e:bd:
15:fe:0a:bf:fe:10:82:ac:ff:58:9c:d9:89:2c:53:
49:16:a5:2d:57:bd:cc:3b:41:0f:0d:3f:82:e1:1d:
44:da:6d:5a:0e:74:91:0c:ac:c3:1c:d2:f4:6d:2f:
d8:8d:e0:06:8a:74:e9:de:8a:5c:47:12:0f:be:b2:
c5:4c:dc:7a:09:94:81:85:ae:ba:d2:d6:43:cd:c9:
48:47:6f:b6:f7:94:29:56:6c:c5:3a:12:27:7e:8c:
2a:b6:85:3d:7e:8d:5e:6d:e7:10:e4:bf:e9:ac:86:
40:8d:79:d4:d3:32:f0:76:3c:17:b3:20:05:41:b8:
62:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BA:1F:42:AB:C1:8E:8C:8E:C1:B0:BA:07:00:00:59:0F:9F:BE:D4
X509v3 Authority Key Identifier:
keyid:94:3D:3E:10:B8:BB:E1:38:B4:77:34:55:4B:69:05:31:10:D4:5B:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/lD0-ELi74Ti0dzRVS2kFMRDUW-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lD0-ELi74Ti0dzRVS2kFMRDUW-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/2E7F8E687F5111ED8691F00BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
40.162.0.0/16
128.94.0.0/16
135.149.0.0/16
138.239.0.0/16
147.145.0.0/16
148.7.0.0/16
155.62.0.0/16
158.23.0.0/16
158.158.0.0/16
167.105.0.0/16
167.220.240.0/22
169.138.0.0/16
170.165.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:91:8e:c0:63:63:d4:c0:68:6a:dd:3c:7e:20:99:14:f7:76:
bb:3d:9b:2d:8f:89:08:01:90:85:76:0a:41:21:1d:1f:51:24:
b8:47:28:01:68:66:9c:4e:86:3e:8a:d4:3e:14:5f:e8:74:14:
f4:14:2a:95:66:b2:d3:9b:45:c9:d4:b7:5f:97:f4:4e:4d:fe:
1d:e3:fd:84:a7:30:36:fe:19:cd:17:47:35:36:f5:dd:5d:a0:
0b:39:98:ee:b4:58:b9:a8:7e:1f:4e:5a:e0:1f:9a:0e:95:cf:
9f:58:f0:f9:0e:5b:1e:df:a2:7b:7d:f1:a1:bd:d5:07:ac:f1:
3c:da:30:32:f1:cc:7f:fb:21:78:04:8f:ec:b0:35:ba:cb:1d:
70:70:01:66:52:53:55:2f:e5:76:9b:57:3f:38:47:da:fe:2f:
99:f4:1d:d0:97:a9:52:0a:17:21:0e:89:33:fb:84:04:b0:16:
ae:2f:78:90:bf:b2:56:2c:c9:ea:53:d8:bd:f5:8a:1d:cc:5f:
e2:e1:3a:ac:42:04:24:d0:26:b0:a6:fb:a8:40:65:77:b7:f2:
3e:80:d2:a6:ca:46:4c:3d:d1:a9:70:39:dc:cf:f7:6b:e4:90:
48:00:83:82:67:31:1e:c7:8d:d0:41:9f:1f:97:df:1f:d7:2d:
1a:69:7b:3c
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
M0UzRjExMC8GA1UEBRMoOTQzRDNFMTBCOEJCRTEzOEI0NzczNDU1NEI2OTA1MzEx
MEQ0NUJFMzAeFw0yMjEyMTkwNDIxMDVaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOWZlNmIxLTZlMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXYCq4s0BK4TENWORsiRJGM4nd1a7FfFvvRMgtkKurYcWAPFdzzFSgB6di+QO5
vtxBQ4tJtyC05E8PTCLTUkxRrEg2c4BFax1Bo2g12j/ywlWE1RQJUyEMXMGv84wA
5dwjEKF4DXAqGT9A28Z225FnX20Uh/j6JPteQydAXjBd3JZmNZIevRX+Cr/+EIKs
/1ic2YksU0kWpS1Xvcw7QQ8NP4LhHUTabVoOdJEMrMMc0vRtL9iN4AaKdOneilxH
Eg++ssVM3HoJlIGFrrrS1kPNyUhHb7b3lClWbMU6Eid+jCq2hT1+jV5t5xDkv+ms
hkCNedTTMvB2PBezIAVBuGJ3AgMBAAGjggLRMIICzTAdBgNVHQ4EFgQUQrofQqvB
joyOwbC6BwAAWQ+fvtQwHwYDVR0jBBgwFoAUlD0+ELi74Ti0dzRVS2kFMRDUW+Mw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEzRTNGLzMwNUVCODc2N0NE
QjExRURBQjg0NEMxOUM0RjlBRTAyL2xEMC1FTGk3NFRpMGR6UlZTMmtGTVJEVVct
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbEQwLUVMaTc0VGkwZHpSVlMya0ZNUkRVVy1NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
M0UzRi8zMDVFQjg3NjdDREIxMUVEQUI4NDRDMTlDNEY5QUUwMi8yRTdGOEU2ODdG
NTExMUVEODY5MUYwMEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBbBggrBgEFBQcBBwEB/wRM
MEowSAQCAAEwQgMDACiiAwMAgF4DAwCHlQMDAIrvAwMAk5EDAwCUBwMDAJs+AwMA
nhcDAwCengMDAKdpAwQCp9zwAwMAqYoDAwCqpTANBgkqhkiG9w0BAQsFAAOCAQEA
r5GOwGNj1MBoat08fiCZFPd2uz2bLY+JCAGQhXYKQSEdH1EkuEcoAWhmnE6GPorU
PhRf6HQU9BQqlWay05tFydS3X5f0Tk3+HeP9hKcwNv4ZzRdHNTb13V2gCzmY7rRY
uah+H05a4B+aDpXPn1jw+Q5bHt+ie33xob3VB6zxPNowMvHMf/sheASP7LA1ussd
cHABZlJTVS/ldptXPzhH2v4vmfQd0JepUgoXIQ6JM/uEBLAWri94kL+yVizJ6lPY
vfWKHcxf4uE6rEIEJNAmsKb7qEBld7fyPoDSpspGTD3RqXA53M/3a+SQSACDgmcx
HseN0EGfH5ffH9ctGml7PA==
-----END CERTIFICATE-----
Generated at Thu Oct 5 21:42:37 2023 by rpki-client on console-ams.rpki-client.org