Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/74DADDB8F5B911EB90F4A13DC4F9AE02.roa
File: 74DADDB8F5B911EB90F4A13DC4F9AE02.roa (raw, json)
Hash identifier: l4THU+oEz79UhkxxqEQ5b/1X/kATXYKknjjdvabCs5U=
Subject key identifier: 6D:BD:BE:CE:16:4B:84:FE:32:19:4D:A8:98:58:68:CA:06:AF:40:D5
Certificate issuer: /CN=A91AABB1/serialNumber=EB7FE9892DF000255FCF3AC0B2B4D12AEA6FF806
Certificate serial: 34E3
Authority key identifier: EB:7F:E9:89:2D:F0:00:25:5F:CF:3A:C0:B2:B4:D1:2A:EA:6F:F8:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/63_piS3wACVfzzrAsrTRKupv-AY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/74DADDB8F5B911EB90F4A13DC4F9AE02.roa
Signing time: Thu 06 Jun 2024 15:11:06 +0000
ROA not before: Thu 06 Jun 2024 15:11:06 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 132602
IP address blocks: 114.130.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 08:33:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13539 (0x34e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AABB1/serialNumber=EB7FE9892DF000255FCF3AC0B2B4D12AEA6FF806
Validity
Not Before: Jun 6 15:11:06 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6661d18a-ecd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a5:46:f5:aa:20:47:03:31:5f:dc:de:96:f3:
6b:ae:b4:2a:7d:79:a8:1b:13:97:aa:42:df:ac:83:
b9:ed:67:35:61:95:91:05:82:a1:f5:9d:a1:a5:f7:
9e:fb:6b:c9:2d:ea:ce:46:4d:ab:35:bc:75:1b:1f:
22:23:44:fa:1d:b8:6e:46:e4:74:f0:ba:4a:55:a3:
eb:95:b0:c2:11:1a:86:71:28:2e:2a:ec:6a:36:08:
81:0d:eb:5c:60:f1:42:9a:7a:50:e9:e4:1f:c2:eb:
d2:12:3b:b1:6c:e5:d6:5b:a9:c5:9e:4f:f7:9c:19:
36:f8:27:10:e3:dc:63:88:d0:1d:d9:37:bd:e9:54:
57:ca:0a:b8:0d:d0:4b:a5:72:fc:1a:8a:3e:bf:06:
1d:a2:f0:d4:bd:be:9d:3f:59:35:b0:78:2a:ab:bf:
04:97:e8:de:ec:0a:f8:bb:77:a9:98:f4:11:59:32:
0d:56:2d:b0:9a:79:8a:fd:46:9a:71:82:be:c9:f0:
8e:84:a4:d3:ac:7f:6b:3a:34:4d:82:a1:e6:f6:67:
f7:ac:23:07:67:2e:1d:f6:58:dd:87:c1:a0:6b:00:
8b:16:b7:b9:4f:87:a2:88:83:f1:22:be:8c:8b:b4:
8d:94:41:d8:65:c4:da:95:b3:cd:f4:b7:49:49:6d:
84:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BD:BE:CE:16:4B:84:FE:32:19:4D:A8:98:58:68:CA:06:AF:40:D5
X509v3 Authority Key Identifier:
keyid:EB:7F:E9:89:2D:F0:00:25:5F:CF:3A:C0:B2:B4:D1:2A:EA:6F:F8:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/63_piS3wACVfzzrAsrTRKupv-AY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/63_piS3wACVfzzrAsrTRKupv-AY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/74DADDB8F5B911EB90F4A13DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.130.75.0/24
Signature Algorithm: sha256WithRSAEncryption
05:8e:b9:5d:09:d8:ee:57:23:e9:64:1e:5a:0a:3b:71:1a:59:
b8:7f:9f:70:f4:79:5c:3d:65:cd:9c:57:9c:67:0d:fa:1e:0a:
57:6a:30:26:8e:71:77:ec:0c:59:f3:b3:79:dd:70:2e:04:1d:
fc:25:04:e3:76:a8:e5:fb:d0:5f:08:14:08:50:60:7a:f8:0a:
d9:de:b1:79:27:e9:14:82:ad:4e:d2:2e:89:e9:a3:cd:49:88:
6d:67:36:ff:2a:65:f0:73:90:50:25:65:e1:7b:fe:b2:ad:fa:
6d:81:0b:75:59:0c:a7:3a:ea:25:de:cd:8a:c8:1a:ec:fd:1f:
f8:75:5d:c6:47:63:58:ed:5e:62:4e:fb:37:b4:55:ee:79:30:
c3:17:22:b9:2f:89:b3:1a:ac:7e:ed:c5:bc:2c:ab:cf:8c:1f:
c5:72:32:0a:69:db:6a:63:26:da:dc:a8:4a:47:3b:a5:d2:2d:
be:9f:0e:25:be:77:c3:5d:e5:77:8c:f5:cb:26:4d:10:7f:94:
ea:d6:f5:2d:a9:4f:4d:ff:46:d9:7f:30:2e:14:4e:62:71:2e:
cb:a4:73:fb:d3:82:1c:2e:95:cf:c9:c2:93:39:04:01:24:10:
1c:5f:22:51:41:c9:10:72:0e:52:36:29:20:1f:9b:83:76:71:
b5:0c:47:74
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFCQjExMTAvBgNVBAUTKEVCN0ZFOTg5MkRGMDAwMjU1RkNGM0FDMEIyQjREMTJB
RUE2RkY4MDYwHhcNMjQwNjA2MTUxMTA2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYxZDE4YS1lY2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA86VG9aogRwMxX9zelvNrrrQqfXmoGxOXqkLfrIO57Wc1YZWRBYKh9Z2hpfee
+2vJLerORk2rNbx1Gx8iI0T6HbhuRuR08LpKVaPrlbDCERqGcSguKuxqNgiBDetc
YPFCmnpQ6eQfwuvSEjuxbOXWW6nFnk/3nBk2+CcQ49xjiNAd2Te96VRXygq4DdBL
pXL8Goo+vwYdovDUvb6dP1k1sHgqq78El+je7Ar4u3epmPQRWTINVi2wmnmK/Uaa
cYK+yfCOhKTTrH9rOjRNgqHm9mf3rCMHZy4d9ljdh8GgawCLFre5T4eiiIPxIr6M
i7SNlEHYZcTalbPN9LdJSW2EGQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG29vs4W
S4T+MhlNqJhYaMoGr0DVMB8GA1UdIwQYMBaAFOt/6Ykt8AAlX886wLK00Srqb/gG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUJCMS84ODc0RTlFODFE
OTgxMUUyOTc4OEE5ODIwOEIwMkNEMi82M19waVMzd0FDVmZ6enJBc3JUUkt1cHYt
QVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzYzX3BpUzN3QUNWZnp6ckFzclRSS3Vwdi1BWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFCQjEvODg3NEU5RTgxRDk4MTFFMjk3ODhBOTgyMDhCMDJDRDIvNzREQUREQjhG
NUI5MTFFQjkwRjRBMTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABygkswDQYJKoZIhvcNAQELBQADggEBAAWOuV0J2O5XI+lk
HloKO3EaWbh/n3D0eVw9Zc2cV5xnDfoeCldqMCaOcXfsDFnzs3ndcC4EHfwlBON2
qOX70F8IFAhQYHr4CtnesXkn6RSCrU7SLonpo81JiG1nNv8qZfBzkFAlZeF7/rKt
+m2BC3VZDKc66iXezYrIGuz9H/h1XcZHY1jtXmJO+ze0Ve55MMMXIrkvibMarH7t
xbwsq8+MH8VyMgpp22pjJtrcqEpHO6XSLb6fDiW+d8Nd5XeM9csmTRB/lOrW9S2p
T03/Rtl/MC4UTmJxLsukc/vTghwulc/JwpM5BAEkEBxfIlFByRByDlI2KSAfm4N2
cbUMR3Q=
-----END CERTIFICATE-----
Generated at Mon Aug 5 10:16:19 2024 by rpki-client on console-ams.rpki-client.org