Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/43AE2396838011EFAB6A7D64C4F9AE02.roa
File: 43AE2396838011EFAB6A7D64C4F9AE02.roa (raw, json)
Hash identifier: sy3Q9OIdd7HdBggkvMjbU47B99TYXJpr9/yT+yr0vl8=
Subject key identifier: 27:A1:D5:39:25:F8:61:A7:FB:39:81:C4:81:98:00:48:F3:65:75:00
Certificate issuer: /CN=A91A7169/serialNumber=E50CB250BFAD0863E85C2902EA0219D53CC0812E
Certificate serial: 6D
Authority key identifier: E5:0C:B2:50:BF:AD:08:63:E8:5C:29:02:EA:02:19:D5:3C:C0:81:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/43AE2396838011EFAB6A7D64C4F9AE02.roa
Signing time: Tue 22 Oct 2024 23:25:33 +0000
ROA not before: Tue 22 Oct 2024 23:25:33 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 53813
IP address blocks: 175.107.190.0/24 maxlen: 24
2400:7aa0:1d00::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 23 Oct 2024 18:22:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109 (0x6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7169/serialNumber=E50CB250BFAD0863E85C2902EA0219D53CC0812E
Validity
Not Before: Oct 22 23:25:33 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6718346d-8800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d8:11:2e:ab:30:8e:4b:62:7d:3e:c0:1a:66:
29:b2:cc:03:bd:aa:9b:04:e8:81:e6:be:2b:8b:58:
5e:ec:f4:f8:5c:01:27:7c:69:2f:0c:c3:b0:30:c7:
b4:95:fd:e2:eb:e7:99:58:17:3b:01:7b:af:1d:52:
96:69:4f:e2:1d:43:bf:31:95:7e:b3:fe:6c:d6:15:
4c:58:55:52:8f:c4:fc:3b:99:50:5e:b8:ef:7b:81:
59:42:a5:cf:46:c2:a5:18:89:73:6c:ba:da:a7:86:
91:ae:68:29:aa:81:c0:f8:54:78:8c:33:4c:c5:87:
8f:c4:9f:0f:23:83:69:2b:48:4c:3f:33:bc:1b:56:
07:46:83:35:ef:f2:31:37:61:3d:a9:ab:d4:e2:66:
1d:3a:40:a1:ce:3e:11:43:36:c3:2a:84:24:95:df:
81:a5:b5:53:a9:9a:0f:b5:35:e8:a8:ad:fb:55:2c:
61:9f:66:2a:48:63:e6:3c:10:52:d5:1e:3e:a6:59:
bf:a0:ec:78:00:d0:41:93:0d:38:e3:d2:6b:43:1c:
72:83:24:7b:5e:a4:c4:34:1b:39:2d:81:53:9e:81:
e3:7c:6e:68:6e:af:72:a5:89:e7:6b:cc:8c:b3:28:
4f:d0:64:49:a1:b8:a3:71:90:80:e7:fe:e7:f1:0c:
ce:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A1:D5:39:25:F8:61:A7:FB:39:81:C4:81:98:00:48:F3:65:75:00
X509v3 Authority Key Identifier:
keyid:E5:0C:B2:50:BF:AD:08:63:E8:5C:29:02:EA:02:19:D5:3C:C0:81:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/43AE2396838011EFAB6A7D64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.107.190.0/24
IPv6:
2400:7aa0:1d00::/40
Signature Algorithm: sha256WithRSAEncryption
76:04:8d:ac:0d:b2:d6:b7:14:2c:19:e8:7c:f2:d0:fe:0d:ee:
1a:ba:81:74:02:e4:b5:d6:ba:ab:5b:90:fc:06:c8:3f:ae:0e:
71:bf:5e:bc:a4:9b:63:38:f6:6d:da:2a:66:b0:18:e0:10:fd:
49:71:f6:50:88:99:c5:d2:5d:ad:aa:a9:60:a2:7f:de:64:67:
49:f7:72:b0:bb:cc:3c:60:b9:33:2f:a7:11:9e:f0:3e:08:80:
ad:39:19:e5:28:b7:7d:92:dd:36:eb:d5:60:09:ca:4b:58:09:
72:02:c0:a8:ec:e3:3b:a5:9a:3b:66:03:0c:7d:86:d6:fe:76:
23:eb:1f:c7:c6:73:5d:84:20:34:18:84:8f:9c:8a:42:c8:24:
f9:33:2f:4b:08:4d:53:d7:6a:a8:10:bd:a4:fb:39:1b:a8:26:
43:f1:b2:47:2c:68:d2:fd:bd:f8:df:c0:18:a6:6f:54:d4:48:
74:26:4f:82:2b:30:63:e1:bc:39:c7:9b:78:e4:37:dd:93:b3:
bc:05:8b:95:c4:72:62:a8:c5:82:7d:f5:c0:a9:dd:a5:3e:a3:
3c:f9:b2:c6:0e:06:b7:92:dc:c0:8a:c6:42:12:54:74:ea:cd:
f6:77:6b:2d:87:67:fa:23:c4:8d:0e:8e:9d:80:db:9d:7a:2b:
e2:d5:76:e3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIBbTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NzE2OTExMC8GA1UEBRMoRTUwQ0IyNTBCRkFEMDg2M0U4NUMyOTAyRUEwMjE5RDUz
Q0MwODEyRTAeFw0yNDEwMjIyMzI1MzNaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MTgzNDZkLTg4MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/2BEuqzCOS2J9PsAaZimyzAO9qpsE6IHmviuLWF7s9PhcASd8aS8Mw7Awx7SV
/eLr55lYFzsBe68dUpZpT+IdQ78xlX6z/mzWFUxYVVKPxPw7mVBeuO97gVlCpc9G
wqUYiXNsutqnhpGuaCmqgcD4VHiMM0zFh4/Enw8jg2krSEw/M7wbVgdGgzXv8jE3
YT2pq9TiZh06QKHOPhFDNsMqhCSV34GltVOpmg+1NeiorftVLGGfZipIY+Y8EFLV
Hj6mWb+g7HgA0EGTDTjj0mtDHHKDJHtepMQ0GzktgVOegeN8bmhur3KliedrzIyz
KE/QZEmhuKNxkIDn/ufxDM5TAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJ6HVOSX4
Yaf7OYHEgZgASPNldQAwHwYDVR0jBBgwFoAU5QyyUL+tCGPoXCkC6gIZ1TzAgS4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3MTY5LzZCN0Y5OTNDRUJB
RTExRUU4QTBFRDk2NEM0RjlBRTAyLzVReXlVTC10Q0dQb1hDa0M2Z0laMVR6QWdT
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNVF5eVVMLXRDR1BvWENrQzZnSVoxVHpBZ1M0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NzE2OS82QjdGOTkzQ0VCQUUxMUVFOEEwRUQ5NjRDNEY5QUUwMi80M0FFMjM5Njgz
ODAxMUVGQUI2QTdENjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAvBggrBgEFBQcBBwEB/wQg
MB4wDAQCAAEwBgMEAK9rvjAOBAIAAjAIAwYAJAB6oB0wDQYJKoZIhvcNAQELBQAD
ggEBAHYEjawNsta3FCwZ6Hzy0P4N7hq6gXQC5LXWuqtbkPwGyD+uDnG/Xrykm2M4
9m3aKmawGOAQ/Ulx9lCImcXSXa2qqWCif95kZ0n3crC7zDxguTMvpxGe8D4IgK05
GeUot32S3Tbr1WAJyktYCXICwKjs4zulmjtmAwx9htb+diPrH8fGc12EIDQYhI+c
ikLIJPkzL0sITVPXaqgQvaT7ORuoJkPxskcsaNL9vfjfwBimb1TUSHQmT4IrMGPh
vDnHm3jkN92Ts7wFi5XEcmKoxYJ99cCp3aU+ozz5ssYOBreS3MCKxkISVHTqzfZ3
ay2HZ/ojxI0Ojp2A2516K+LVduM=
-----END CERTIFICATE-----
Generated at Wed Oct 23 22:04:18 2024 by rpki-client on console-ams.rpki-client.org