Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/31236860F0CA11EE918D7772C4F9AE02.roa
File: 31236860F0CA11EE918D7772C4F9AE02.roa (raw, json)
Hash identifier: 9Fwxye9E0Q/fAOQKYhJo47XnYQwxySIqxR6reohT5T8=
Subject key identifier: C4:1A:64:5B:D0:6F:04:FF:31:C2:1B:EF:3E:7C:A4:1D:30:0E:75:3E
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 34CA
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/31236860F0CA11EE918D7772C4F9AE02.roa
Signing time: Tue 02 Apr 2024 08:22:49 +0000
ROA not before: Tue 02 Apr 2024 08:22:49 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 174
IP address blocks: 116.90.100.0/24 maxlen: 24
116.90.101.0/24 maxlen: 24
116.90.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13514 (0x34ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Apr 2 08:22:49 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=660bc059-f6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:76:a5:02:42:bc:d4:09:af:56:49:62:90:51:
d6:50:f9:05:ce:e9:3a:c9:87:80:3d:76:8e:c2:ae:
1e:5e:2a:0a:2c:86:ce:b7:61:12:be:4f:b3:58:03:
57:2a:ad:51:73:ba:83:e4:a9:73:97:86:86:ea:b4:
a7:b5:a8:82:24:29:45:f8:d1:26:fa:56:7f:f9:75:
d6:03:bd:bb:af:9e:04:aa:d4:ca:d6:fa:4e:93:c4:
85:03:73:0b:b2:51:f0:a2:4a:62:6f:b5:b8:e9:2f:
18:a4:6a:58:06:bb:bf:34:67:b3:52:58:d8:63:9f:
27:05:e3:bc:67:0f:98:7e:d2:b5:d7:da:ac:b2:2b:
eb:f4:ea:b2:62:49:61:aa:26:71:d8:71:29:1b:51:
73:d7:a4:21:cc:33:3a:2d:d6:76:ff:29:38:2b:aa:
26:f3:18:d7:54:af:60:a3:21:f1:50:20:10:67:d2:
12:ac:a7:06:99:c6:2e:11:d5:2f:dd:8c:97:06:85:
6a:f6:c8:07:f6:c3:80:cc:f8:e4:42:28:de:7b:1a:
c9:00:d7:8b:f2:8b:2c:ed:0e:65:b2:35:e7:c4:ff:
b8:76:6e:ce:1a:50:fb:52:e5:72:83:e3:bf:70:0f:
a4:2e:c8:7f:ee:43:3c:a0:c0:72:5f:40:0d:48:ee:
21:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:1A:64:5B:D0:6F:04:FF:31:C2:1B:EF:3E:7C:A4:1D:30:0E:75:3E
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/31236860F0CA11EE918D7772C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.100.0/23
116.90.105.0/24
Signature Algorithm: sha256WithRSAEncryption
28:5f:41:bc:b8:32:35:9a:dd:39:85:62:74:67:de:f7:36:96:
c9:16:7e:a8:06:ed:c3:64:69:07:2f:57:01:25:16:1d:79:29:
33:82:1a:2b:21:42:f5:de:ae:40:48:d6:04:05:3c:13:c5:44:
21:4d:a8:1a:bf:ee:c9:0a:9f:32:4c:00:5d:7e:3d:1c:15:96:
99:0c:fe:75:6e:4c:5b:9f:4d:e1:ae:2b:d3:35:63:29:00:ce:
9e:99:ba:93:84:64:3c:ff:6c:cd:02:20:d4:7f:6c:68:7d:21:
60:3b:f5:c8:50:d0:c9:d9:cb:b3:87:1f:18:40:34:05:39:0a:
da:f5:ee:4c:4e:c3:27:f8:1a:60:b1:ee:16:9a:ec:63:ee:bf:
28:66:cf:0c:34:cd:65:9a:1a:48:d2:bf:08:e3:6c:80:f8:0d:
3d:12:da:29:36:fa:c9:b9:da:13:0f:f3:bc:a0:86:64:75:5f:
d5:d7:77:fd:68:ce:e6:62:f9:55:d2:f4:6f:a0:9f:2d:f9:97:
b1:c6:1b:2c:70:81:4b:de:17:2c:d9:27:d6:9a:1f:33:17:82:
a3:29:3b:a5:cb:c5:97:df:1e:79:a5:3f:c8:e0:2f:21:30:d7:
60:64:a6:66:52:a4:de:f6:d5:db:58:26:a4:25:73:4b:88:05:
34:90:42:d2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQwNDAyMDgyMjQ5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBiYzA1OS1mNmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx3alAkK81AmvVklikFHWUPkFzuk6yYeAPXaOwq4eXioKLIbOt2ESvk+zWANX
Kq1Rc7qD5Klzl4aG6rSntaiCJClF+NEm+lZ/+XXWA727r54EqtTK1vpOk8SFA3ML
slHwokpib7W46S8YpGpYBru/NGezUljYY58nBeO8Zw+YftK119qssivr9OqyYklh
qiZx2HEpG1Fz16QhzDM6LdZ2/yk4K6om8xjXVK9goyHxUCAQZ9ISrKcGmcYuEdUv
3YyXBoVq9sgH9sOAzPjkQijeexrJANeL8oss7Q5lsjXnxP+4dm7OGlD7UuVyg+O/
cA+kLsh/7kM8oMByX0ANSO4hjQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMQaZFvQ
bwT/McIb7z58pB0wDnU+MB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvMzEyMzY4NjBG
MENBMTFFRTkxOEQ3NzcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAF0WmQDBAB0WmkwDQYJKoZIhvcNAQELBQADggEBAChfQby4
MjWa3TmFYnRn3vc2lskWfqgG7cNkaQcvVwElFh15KTOCGishQvXerkBI1gQFPBPF
RCFNqBq/7skKnzJMAF1+PRwVlpkM/nVuTFufTeGuK9M1YykAzp6ZupOEZDz/bM0C
INR/bGh9IWA79chQ0MnZy7OHHxhANAU5Ctr17kxOwyf4GmCx7haa7GPuvyhmzww0
zWWaGkjSvwjjbID4DT0S2ik2+sm52hMP87yghmR1X9XXd/1ozuZi+VXS9G+gny35
l7HGGyxwgUveFyzZJ9aaHzMXgqMpO6XLxZffHnmlP8jgLyEw12BkpmZSpN721dtY
JqQlc0uIBTSQQtI=
-----END CERTIFICATE-----
Generated at Tue Apr 16 11:29:10 2024 by rpki-client on console-ams.rpki-client.org