Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/4AD3BCFA14DF11EEAB46A86DC4F9AE02.roa
File: 4AD3BCFA14DF11EEAB46A86DC4F9AE02.roa (raw, json)
Hash identifier: 7F8SKKJQud6aGn3tt2OOQjvMkdbAPFNFkJC0A5jU+EY=
Subject key identifier: FC:A0:BE:CB:F1:0B:35:95:FF:1C:FF:8C:CE:68:9F:05:F7:F7:7B:6C
Certificate issuer: /CN=A91A4B1A/serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4
Certificate serial: 1D03
Authority key identifier: CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/4AD3BCFA14DF11EEAB46A86DC4F9AE02.roa
Signing time: Thu 28 Dec 2023 16:33:37 +0000
ROA not before: Thu 28 Dec 2023 16:33:37 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 38639
IP address blocks: 163.138.224.0/19 maxlen: 19
163.138.239.0/24 maxlen: 24
163.138.241.0/24 maxlen: 24
163.138.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 10:58:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7427 (0x1d03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4B1A/serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4
Validity
Not Before: Dec 28 16:33:37 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=658da361-a353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e1:b6:d1:e6:60:a9:27:c3:33:65:dc:3e:8e:
b1:b5:c7:7d:e9:ed:a1:dc:70:cc:d4:43:a9:76:14:
ba:98:a5:89:73:2a:56:46:6a:cd:14:24:5e:76:54:
d5:03:bd:5b:60:86:62:c4:d0:81:db:7a:22:9a:c2:
32:16:54:36:66:1c:28:ff:16:a7:b9:e1:d4:b0:83:
99:e4:ae:86:7b:47:fd:6d:27:18:ab:d9:dc:51:ff:
d1:25:20:5e:81:36:3c:3f:23:d1:38:63:99:4f:5c:
c7:4b:97:e2:3f:dc:c7:4d:1f:a3:16:3e:5a:3b:de:
32:9b:61:6e:02:76:6a:3c:b3:3a:99:db:f4:c8:e5:
87:a2:1c:c3:2f:f4:46:07:d3:4d:e6:32:8e:77:57:
3c:97:9c:7e:d8:a5:0e:94:d7:28:59:0e:5f:5f:1a:
28:bc:ee:c1:25:cf:60:3a:55:ae:24:fb:36:02:79:
c3:3d:df:76:65:26:ff:47:28:4d:e7:03:15:8e:e3:
84:b3:b0:13:07:f9:23:61:cd:93:a8:be:12:27:c7:
e8:1f:5d:79:a9:58:8f:c3:97:2e:cb:02:44:cf:35:
b6:86:71:c6:e4:c5:c1:20:9a:b5:b5:9e:b1:e0:4f:
e3:1f:ee:d0:99:f1:99:83:96:2b:58:35:3e:c5:56:
3e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A0:BE:CB:F1:0B:35:95:FF:1C:FF:8C:CE:68:9F:05:F7:F7:7B:6C
X509v3 Authority Key Identifier:
keyid:CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/4AD3BCFA14DF11EEAB46A86DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.138.224.0/19
Signature Algorithm: sha256WithRSAEncryption
82:87:f1:c6:6a:ae:fc:16:9c:2b:f7:ec:e6:fa:77:eb:62:0f:
91:a3:17:5c:7a:26:cb:68:c4:34:fc:0b:08:f5:6a:60:56:57:
43:18:fd:ff:3a:f2:13:ec:a0:40:13:ed:bc:7a:6b:75:8e:19:
a7:b4:fa:3c:ad:05:93:b0:2f:dc:71:f0:70:8b:eb:6b:68:fc:
78:8e:e1:4f:1f:d9:cb:56:75:a0:28:91:39:99:92:e1:46:50:
51:a7:07:a1:14:d5:bb:a4:ec:67:c4:65:91:2e:7d:ae:c4:d1:
50:60:51:67:0c:5b:9c:2b:30:3b:5b:f7:9d:be:cc:f7:75:94:
f8:72:50:56:59:4a:3b:13:32:3e:ed:46:16:aa:b9:29:ea:82:
75:6f:0a:f8:27:91:c9:85:82:4c:d3:27:84:51:72:db:c2:14:
c2:01:1b:56:5f:0b:5d:be:d7:6d:44:62:79:f3:43:5b:32:51:
77:c7:c8:8b:c5:00:da:85:69:ca:33:06:ea:63:8c:50:07:8d:
78:db:8c:71:27:b1:26:9e:81:b4:a1:83:29:40:07:ac:eb:7e:
ec:77:07:c0:2f:90:f2:07:68:1f:12:49:86:bc:a0:47:1f:1a:
06:16:fa:53:6e:04:9a:8a:03:17:35:c3:01:f9:ee:00:1b:ae:
37:93:0c:a9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHQMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCMUExMTAvBgNVBAUTKENFMTE0NjgwRkY2RjREOUJDM0YxODgwRDYxMEQ2QUVF
RUFFQkYwRDQwHhcNMjMxMjI4MTYzMzM3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThkYTM2MS1hMzUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2eG20eZgqSfDM2XcPo6xtcd96e2h3HDM1EOpdhS6mKWJcypWRmrNFCRedlTV
A71bYIZixNCB23oimsIyFlQ2Zhwo/xanueHUsIOZ5K6Ge0f9bScYq9ncUf/RJSBe
gTY8PyPROGOZT1zHS5fiP9zHTR+jFj5aO94ym2FuAnZqPLM6mdv0yOWHohzDL/RG
B9NN5jKOd1c8l5x+2KUOlNcoWQ5fXxoovO7BJc9gOlWuJPs2AnnDPd92ZSb/RyhN
5wMVjuOEs7ATB/kjYc2TqL4SJ8foH115qViPw5cuywJEzzW2hnHG5MXBIJq1tZ6x
4E/jH+7QmfGZg5YrWDU+xVY+AQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPygvsvx
CzWV/xz/jM5onwX393tsMB8GA1UdIwQYMBaAFM4RRoD/b02bw/GIDWENau7q6/DU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIxQS81REQ0OEFCNjg5
RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRadkQ4WWdOWVExcTd1cnI4
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3poRkdnUDl2VFp2RDhZZ05ZUTFxN3VycjhOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCMUEvNURENDhBQjY4OUYyMTFFNjlFNUY2MzM5QzRGOUFFMDIvNEFEM0JDRkEx
NERGMTFFRUFCNDZBODZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWjiuAwDQYJKoZIhvcNAQELBQADggEBAIKH8cZqrvwWnCv3
7Ob6d+tiD5GjF1x6JstoxDT8Cwj1amBWV0MY/f868hPsoEAT7bx6a3WOGae0+jyt
BZOwL9xx8HCL62to/HiO4U8f2ctWdaAokTmZkuFGUFGnB6EU1buk7GfEZZEufa7E
0VBgUWcMW5wrMDtb952+zPd1lPhyUFZZSjsTMj7tRhaquSnqgnVvCvgnkcmFgkzT
J4RRctvCFMIBG1ZfC12+121EYnnzQ1syUXfHyIvFANqFacozBupjjFAHjXjbjHEn
sSaegbShgylAB6zrfux3B8AvkPIHaB8SSYa8oEcfGgYW+lNuBJqKAxc1wwH57gAb
rjeTDKk=
-----END CERTIFICATE-----
Generated at Tue Jan 23 14:53:56 2024 by rpki-client on console-fra.rpki-client.org