Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/122C5C2AA2C611EEAA684A43C4F9AE02.roa
File: 122C5C2AA2C611EEAA684A43C4F9AE02.roa (raw, json)
Hash identifier: K5WSIf+yPP8CUTJ/zaeLRa2ya7nd4HeqbJM/abQME+I=
Subject key identifier: 78:C1:FB:1B:0B:AA:75:8F:E0:56:04:01:C0:FC:4D:5D:45:0D:BF:EA
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4169
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/122C5C2AA2C611EEAA684A43C4F9AE02.roa
Signing time: Mon 25 Dec 2023 01:36:49 +0000
ROA not before: Mon 25 Dec 2023 01:36:49 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 151884
IP address blocks: 36.50.174.0/23 maxlen: 23
2001:df3:4cc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Mar 2024 08:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16745 (0x4169)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Dec 25 01:36:49 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6588dcb0-48d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5a:df:d2:58:e6:60:cb:fe:d4:c3:e7:97:bc:
b4:db:ea:aa:b5:8d:c5:b6:89:39:44:cf:c7:8d:c3:
e5:10:15:74:67:27:3c:23:8e:e2:0d:af:7c:fe:eb:
07:df:71:4f:b9:1b:52:99:b6:62:10:38:d3:b7:a4:
a2:76:0b:fe:4d:ba:11:39:6d:4f:56:56:32:fb:fe:
ba:4e:84:96:64:eb:f5:cd:3a:63:6e:94:69:3d:4a:
f1:d4:28:56:de:33:9d:8a:b3:0a:09:12:eb:63:45:
4a:2e:8d:23:d2:df:2a:c5:be:b5:c5:36:7b:0f:eb:
ab:32:3f:de:a4:44:10:e4:1d:26:14:20:ef:75:d3:
93:04:39:dc:d4:0d:81:7c:dd:1c:2e:a1:fd:3a:5a:
a4:50:11:c4:60:89:16:79:0d:08:35:38:a3:93:00:
d0:8e:1d:c4:40:b3:09:8b:2e:13:87:65:34:1a:8c:
91:85:dc:eb:65:d9:93:7b:a7:fb:6f:b3:58:a0:28:
94:c5:13:58:fe:f4:6f:30:f7:10:01:b9:8f:a8:56:
10:9c:b8:ed:a0:51:70:09:6f:f7:ef:d8:05:06:7c:
ea:5a:24:95:fb:9b:25:fd:cd:63:2b:c1:86:3a:06:
2a:55:68:b4:66:60:15:23:3d:a5:fd:62:f9:87:42:
a1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C1:FB:1B:0B:AA:75:8F:E0:56:04:01:C0:FC:4D:5D:45:0D:BF:EA
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/122C5C2AA2C611EEAA684A43C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.174.0/23
IPv6:
2001:df3:4cc0::/48
Signature Algorithm: sha256WithRSAEncryption
6a:0b:ae:bf:d3:88:40:fc:b7:e0:f9:c5:1f:a6:48:43:82:19:
9d:88:e5:bf:b4:e5:88:d6:7f:4b:55:f5:01:87:82:57:a6:c3:
ea:49:4e:ac:9e:21:e2:23:e2:bd:19:aa:44:78:27:72:84:82:
f6:2e:ff:66:6a:c5:fa:dc:19:90:c2:07:a7:ed:7f:4a:35:a4:
f9:a2:df:cd:d8:fb:e2:06:50:ba:5d:d3:8f:89:0d:5a:a4:69:
91:26:3a:af:ff:71:74:28:55:c6:4d:32:2a:d4:60:55:ae:13:
6f:10:ca:83:5b:47:89:e1:5b:05:0c:4b:df:ee:d9:2f:ca:ec:
99:2a:c3:0b:c9:33:d0:71:4f:7c:74:7c:ff:9e:54:88:28:6c:
b1:1f:22:c0:7f:31:c0:af:ea:f0:31:63:a5:82:fc:58:aa:07:
f1:34:5d:53:07:6d:28:ce:b1:a0:56:85:9a:70:b9:46:88:b3:
33:a3:86:97:2b:e8:0d:70:e8:f7:9e:59:59:31:fb:32:35:6d:
20:b7:e9:e0:15:1e:10:13:cb:d3:c0:d4:1c:5a:66:57:e5:55:
af:c2:32:47:5c:10:03:d8:0a:c2:7d:57:e9:74:71:aa:13:41:
82:73:42:c2:ca:7b:d9:fa:01:c4:ac:41:ec:48:f7:fc:97:f3:
bd:f3:8c:4a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICQWkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMxMjI1MDEzNjQ5WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTg4ZGNiMC00OGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAulrf0ljmYMv+1MPnl7y02+qqtY3Ftok5RM/HjcPlEBV0Zyc8I47iDa98/usH
33FPuRtSmbZiEDjTt6Sidgv+TboROW1PVlYy+/66ToSWZOv1zTpjbpRpPUrx1ChW
3jOdirMKCRLrY0VKLo0j0t8qxb61xTZ7D+urMj/epEQQ5B0mFCDvddOTBDnc1A2B
fN0cLqH9OlqkUBHEYIkWeQ0INTijkwDQjh3EQLMJiy4Th2U0GoyRhdzrZdmTe6f7
b7NYoCiUxRNY/vRvMPcQAbmPqFYQnLjtoFFwCW/379gFBnzqWiSV+5sl/c1jK8GG
OgYqVWi0ZmAVIz2l/WL5h0KhhQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHjB+xsL
qnWP4FYEAcD8TV1FDb/qMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMTIyQzVDMkFB
MkM2MTFFRUFBNjg0QTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAEkMq4wDwQCAAIwCQMHACABDfNMwDANBgkqhkiG9w0BAQsF
AAOCAQEAaguuv9OIQPy34PnFH6ZIQ4IZnYjlv7TliNZ/S1X1AYeCV6bD6klOrJ4h
4iPivRmqRHgncoSC9i7/ZmrF+twZkMIHp+1/SjWk+aLfzdj74gZQul3Tj4kNWqRp
kSY6r/9xdChVxk0yKtRgVa4TbxDKg1tHieFbBQxL3+7ZL8rsmSrDC8kz0HFPfHR8
/55UiChssR8iwH8xwK/q8DFjpYL8WKoH8TRdUwdtKM6xoFaFmnC5RoizM6OGlyvo
DXDo955ZWTH7MjVtILfp4BUeEBPL08DUHFpmV+VVr8IyR1wQA9gKwn1X6XRxqhNB
gnNCwsp72foBxKxB7Ej3/JfzvfOMSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org