Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEC2/2DDDD26CC2C011EA93D5857FC4F9AE02/A4154DB0C2C111EA9F8F8F84C4F9AE02.roa
File: A4154DB0C2C111EA9F8F8F84C4F9AE02.roa (raw, json)
Hash identifier: T88Hj4v2D/WYsatfK+wz8TTMwwSIVeo1rmiQiy69Bww=
Subject key identifier: 19:F6:E3:E5:AD:28:28:81:52:2C:98:5B:5F:83:4F:ED:36:08:EF:D9
Certificate issuer: /CN=A91AAEC2/serialNumber=3D3891A46CBCBAB47478DEA40D2908F67CCE3B2A
Certificate serial: 0726
Authority key identifier: 3D:38:91:A4:6C:BC:BA:B4:74:78:DE:A4:0D:29:08:F6:7C:CE:3B:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PTiRpGy8urR0eN6kDSkI9nzOOyo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEC2/2DDDD26CC2C011EA93D5857FC4F9AE02/A4154DB0C2C111EA9F8F8F84C4F9AE02.roa
Signing time: Thu 10 Aug 2023 21:38:19 +0000
ROA not before: Thu 10 Aug 2023 21:38:19 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 135580
IP address blocks: 45.255.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Sep 2023 05:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1830 (0x726)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AAEC2/serialNumber=3D3891A46CBCBAB47478DEA40D2908F67CCE3B2A
Validity
Not Before: Aug 10 21:38:19 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64d558cb-fd64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0c:78:17:90:66:04:e1:f6:5e:60:42:5f:18:
c2:c9:bb:85:42:4e:3f:26:ed:4a:0f:06:37:c3:b2:
d4:c6:93:cf:fb:b4:32:bc:95:0c:62:69:63:c1:1e:
5d:87:7c:55:46:f6:2c:82:24:6f:e0:06:8e:b2:8e:
3a:53:ce:08:69:ab:14:d9:e7:32:4a:b7:a3:17:2a:
c1:e1:dc:de:57:c0:2c:bf:2d:e2:25:91:f1:5f:7a:
33:a2:c5:ce:d1:ad:43:d0:af:0f:3e:26:c0:8d:6f:
2a:5d:31:39:8f:33:28:b3:00:7f:f1:61:bb:7f:0e:
45:0d:0c:a7:ac:63:ad:60:fa:6e:96:05:e6:b3:20:
45:00:41:e6:1b:73:5e:91:76:f8:3e:55:18:88:11:
bc:c1:b6:ed:ce:19:0c:2e:1f:0d:6c:96:eb:eb:c9:
c3:20:a1:ab:88:67:ab:46:d1:86:df:95:17:9d:69:
57:04:9d:dd:3f:f0:fa:1f:a9:e1:92:e4:0b:31:3b:
74:88:cf:c0:2f:07:9a:37:f3:b5:62:a3:97:47:ca:
66:ac:f3:ef:9f:94:71:c1:bd:0e:72:5b:5f:5f:d3:
bd:5d:c2:07:49:b3:2d:a9:58:72:72:f4:ef:a7:b3:
e9:d2:3f:a8:9c:7d:c7:c0:1a:1a:0a:e6:71:09:12:
40:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F6:E3:E5:AD:28:28:81:52:2C:98:5B:5F:83:4F:ED:36:08:EF:D9
X509v3 Authority Key Identifier:
keyid:3D:38:91:A4:6C:BC:BA:B4:74:78:DE:A4:0D:29:08:F6:7C:CE:3B:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AAEC2/2DDDD26CC2C011EA93D5857FC4F9AE02/PTiRpGy8urR0eN6kDSkI9nzOOyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PTiRpGy8urR0eN6kDSkI9nzOOyo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEC2/2DDDD26CC2C011EA93D5857FC4F9AE02/A4154DB0C2C111EA9F8F8F84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.255.252.0/24
Signature Algorithm: sha256WithRSAEncryption
83:2a:ca:50:f9:ba:9e:bf:b3:9f:57:4c:52:5f:a2:12:e3:28:
17:73:48:35:37:1e:6b:57:d8:0f:09:a8:cb:18:5b:a4:5a:08:
2c:78:a6:cd:67:b5:16:21:47:3b:77:57:5c:dd:28:2b:67:f4:
79:c4:79:e9:38:f5:20:c7:66:e3:96:73:f6:10:09:17:2e:38:
e1:fe:e7:70:7a:1d:3a:c7:9f:e7:70:ed:9b:19:c0:50:45:97:
eb:71:14:92:cd:fd:81:43:bc:01:28:b9:c5:b8:f8:e4:93:9e:
0f:5c:66:20:0f:38:b2:49:8c:3a:fd:28:fb:e4:ff:83:b2:de:
c4:e1:68:b3:2b:8b:82:50:25:18:ef:d2:b1:94:e5:c1:c6:e7:
55:a9:a4:88:30:04:e3:30:11:9b:bd:5a:5d:12:2d:b5:b1:75:
5a:61:c6:f0:56:3b:9a:10:86:f1:9e:39:2a:a1:46:19:53:c9:
a7:d6:73:48:d8:07:ed:e1:4c:f3:7a:d6:52:87:7a:58:64:28:
e8:7c:0d:31:bc:fb:15:3f:26:50:52:35:81:d5:29:a4:83:91:
df:dc:3e:78:02:70:4e:a8:0b:5a:61:07:3e:68:97:e9:e4:d2:
c7:a6:27:65:37:dd:43:bd:41:10:cc:8a:80:9b:76:23:97:9b:
ce:9b:0e:f9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICByYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFFQzIxMTAvBgNVBAUTKDNEMzg5MUE0NkNCQ0JBQjQ3NDc4REVBNDBEMjkwOEY2
N0NDRTNCMkEwHhcNMjMwODEwMjEzODE5WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ1NThjYi1mZDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwQx4F5BmBOH2XmBCXxjCybuFQk4/Ju1KDwY3w7LUxpPP+7QyvJUMYmljwR5d
h3xVRvYsgiRv4AaOso46U84IaasU2ecySrejFyrB4dzeV8Asvy3iJZHxX3ozosXO
0a1D0K8PPibAjW8qXTE5jzMoswB/8WG7fw5FDQynrGOtYPpulgXmsyBFAEHmG3Ne
kXb4PlUYiBG8wbbtzhkMLh8NbJbr68nDIKGriGerRtGG35UXnWlXBJ3dP/D6H6nh
kuQLMTt0iM/ALweaN/O1YqOXR8pmrPPvn5Rxwb0OcltfX9O9XcIHSbMtqVhycvTv
p7Pp0j+onH3HwBoaCuZxCRJAjQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBn24+Wt
KCiBUiyYW1+DT+02CO/ZMB8GA1UdIwQYMBaAFD04kaRsvLq0dHjepA0pCPZ8zjsq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVDMi8yRERERDI2Q0My
QzAxMUVBOTNENTg1N0ZDNEY5QUUwMi9QVGlScEd5OHVyUjBlTjZrRFNrSTluek9P
eW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BUaVJwR3k4dXJSMGVONmtEU2tJOW56T095by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFFQzIvMkREREQyNkNDMkMwMTFFQTkzRDU4NTdGQzRGOUFFMDIvQTQxNTREQjBD
MkMxMTFFQTlGOEY4Rjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAt//wwDQYJKoZIhvcNAQELBQADggEBAIMqylD5up6/s59X
TFJfohLjKBdzSDU3HmtX2A8JqMsYW6RaCCx4ps1ntRYhRzt3V1zdKCtn9HnEeek4
9SDHZuOWc/YQCRcuOOH+53B6HTrHn+dw7ZsZwFBFl+txFJLN/YFDvAEoucW4+OST
ng9cZiAPOLJJjDr9KPvk/4Oy3sThaLMri4JQJRjv0rGU5cHG51WppIgwBOMwEZu9
Wl0SLbWxdVphxvBWO5oQhvGeOSqhRhlTyafWc0jYB+3hTPN61lKHelhkKOh8DTG8
+xU/JlBSNYHVKaSDkd/cPngCcE6oC1phBz5ol+nk0semJ2U33UO9QRDMioCbdiOX
m86bDvk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org