Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/32C8EFEC06C711EF9A0E1D0AC4F9AE02.roa
File: 32C8EFEC06C711EF9A0E1D0AC4F9AE02.roa (raw, json)
Hash identifier: WPBPl9QzUSKx4ThzniR2QUXZC/iqVXOScMM9N8Fa9F0=
Subject key identifier: 7E:10:7B:19:2F:21:EC:4F:70:D3:1F:D6:E0:62:B8:27:B2:37:51:03
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 34E8
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/32C8EFEC06C711EF9A0E1D0AC4F9AE02.roa
Signing time: Tue 30 Apr 2024 09:09:08 +0000
ROA not before: Tue 30 Apr 2024 09:09:08 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 150750
IP address blocks: 116.90.119.0/24 maxlen: 24
116.90.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 18:52:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13544 (0x34e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Apr 30 09:09:08 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6630b533-6451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a2:28:75:84:37:b7:e2:fc:2a:2b:ee:11:81:
bd:e7:77:81:9f:07:3c:a0:1e:4a:4f:08:03:04:af:
05:84:00:74:1f:71:ac:e9:ec:d3:0c:01:cf:9b:f7:
81:54:67:5b:04:3b:09:7d:21:5e:cc:60:0c:d4:3f:
1f:6b:23:aa:3b:cf:fa:f2:12:8a:53:56:c3:c4:75:
da:ba:d3:0e:34:2a:d7:38:b6:68:13:ed:36:7e:52:
fb:ce:26:af:b0:a8:80:ba:82:af:57:07:2f:cc:0f:
61:e3:3a:01:15:72:c1:fb:df:b0:0c:d1:b3:e9:17:
aa:ff:2f:5d:d0:4a:a5:4e:07:5f:d1:29:6e:36:8f:
6d:f4:97:e9:67:8a:30:ed:7b:50:a0:b2:bf:1e:57:
79:73:fd:d3:fe:8b:c7:0e:6d:b8:5e:9e:e7:ce:b0:
e6:f2:ae:7b:1f:b3:61:44:d7:0f:0b:c8:00:61:17:
b8:ae:94:43:05:29:a9:11:bf:29:97:9b:09:6a:2c:
6e:54:a9:1e:21:61:64:4b:58:55:5a:3d:72:1f:2b:
50:e0:7b:00:a6:24:58:03:89:f7:60:5f:cd:3c:c4:
b8:ae:33:fc:76:91:95:04:5e:ea:20:30:12:2a:1a:
96:6c:6c:72:f4:f1:34:58:3c:23:a1:f9:76:07:b6:
31:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:10:7B:19:2F:21:EC:4F:70:D3:1F:D6:E0:62:B8:27:B2:37:51:03
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/32C8EFEC06C711EF9A0E1D0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.119.0/24
116.90.121.0/24
Signature Algorithm: sha256WithRSAEncryption
38:b9:b6:a7:61:2b:ac:48:5e:cf:b2:22:df:5b:7d:b2:03:4a:
e6:31:f7:ca:89:94:6d:69:91:61:08:6d:a9:71:f0:a5:92:e3:
df:0b:23:cb:c3:d8:3e:c5:de:12:98:d2:a1:e3:76:f7:4e:8b:
f0:7b:63:07:99:43:59:70:55:21:50:89:b4:69:23:45:59:29:
71:86:23:ed:f6:bb:0c:ef:51:95:d8:48:15:73:3f:2f:07:d2:
08:f7:91:d2:49:5d:45:f4:66:1c:9e:8c:8f:51:d1:d0:ff:b5:
cc:d6:c8:f0:37:70:bc:b0:e9:fe:e3:5d:ae:4a:2e:ad:6e:63:
8e:99:a9:48:1d:5b:c3:f1:99:9b:ff:35:b5:df:dc:07:58:53:
c5:26:45:c1:1e:01:84:f8:c0:a8:ce:e5:67:e1:99:04:bb:df:
63:f2:31:fb:13:68:5e:a6:5a:89:8e:5f:cb:0b:c4:43:2d:b4:
eb:44:8a:27:4d:bd:8e:42:44:09:ae:8c:b2:f9:07:c4:b9:3e:
68:f4:b1:1a:bd:c3:43:3b:3f:16:be:f6:66:9e:dd:8c:3b:ba:
c4:07:c2:b3:12:4e:2f:54:9a:77:41:05:12:a6:72:33:7a:86:
97:95:eb:e5:ec:be:93:ef:5e:2c:62:ad:0b:ec:56:64:69:d3:
30:56:4d:b8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQwNDMwMDkwOTA4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMwYjUzMy02NDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw6IodYQ3t+L8KivuEYG953eBnwc8oB5KTwgDBK8FhAB0H3Gs6ezTDAHPm/eB
VGdbBDsJfSFezGAM1D8fayOqO8/68hKKU1bDxHXautMONCrXOLZoE+02flL7ziav
sKiAuoKvVwcvzA9h4zoBFXLB+9+wDNGz6Req/y9d0EqlTgdf0SluNo9t9JfpZ4ow
7XtQoLK/Hld5c/3T/ovHDm24Xp7nzrDm8q57H7NhRNcPC8gAYRe4rpRDBSmpEb8p
l5sJaixuVKkeIWFkS1hVWj1yHytQ4HsApiRYA4n3YF/NPMS4rjP8dpGVBF7qIDAS
KhqWbGxy9PE0WDwjofl2B7YxlQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFH4Qexkv
IexPcNMf1uBiuCeyN1EDMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvMzJDOEVGRUMw
NkM3MTFFRjlBMEUxRDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB0WncDBAB0WnkwDQYJKoZIhvcNAQELBQADggEBADi5tqdh
K6xIXs+yIt9bfbIDSuYx98qJlG1pkWEIbalx8KWS498LI8vD2D7F3hKY0qHjdvdO
i/B7YweZQ1lwVSFQibRpI0VZKXGGI+32uwzvUZXYSBVzPy8H0gj3kdJJXUX0Zhye
jI9R0dD/tczWyPA3cLyw6f7jXa5KLq1uY46ZqUgdW8PxmZv/NbXf3AdYU8UmRcEe
AYT4wKjO5WfhmQS732PyMfsTaF6mWomOX8sLxEMttOtEiidNvY5CRAmujLL5B8S5
Pmj0sRq9w0M7Pxa+9mae3Yw7usQHwrMSTi9UmndBBRKmcjN6hpeV6+XsvpPvXixi
rQvsVmRp0zBWTbg=
-----END CERTIFICATE-----
Generated at Tue Apr 30 22:16:22 2024 by rpki-client on console-fra.rpki-client.org