Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/9BD7144CE02311EAA7CA4E42C4F9AE02.roa
File: 9BD7144CE02311EAA7CA4E42C4F9AE02.roa (raw, json)
Hash identifier: zlDJ8lheurwwlG0l7fJEUUjPpty/DPAq1fiubX+Z/WQ=
Subject key identifier: 1C:B9:42:AB:AE:A7:E5:0F:F5:39:1B:2A:AC:2A:39:53:95:CB:74:68
Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752
Certificate serial: 341C
Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/9BD7144CE02311EAA7CA4E42C4F9AE02.roa
Signing time: Wed 18 Oct 2023 14:40:24 +0000
ROA not before: Wed 18 Oct 2023 14:40:24 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 132819
IP address blocks: 219.69.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 07:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13340 (0x341c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752
Validity
Not Before: Oct 18 14:40:24 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=652fee58-5391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:db:0a:34:c5:9d:ca:fd:47:a3:15:29:d8:05:
18:46:52:84:56:d7:75:45:9f:88:2e:39:b4:77:0a:
bc:6e:b3:0b:df:91:32:58:00:d0:ae:39:a1:74:c6:
b0:f6:44:53:8b:5f:f4:fa:a3:09:20:ad:56:78:e7:
f5:1c:1d:01:09:9d:9f:e1:84:77:35:13:ef:4d:e8:
62:37:9b:37:ce:4b:ee:2a:92:63:25:21:3b:a3:0a:
7c:50:b6:48:38:d8:af:96:d0:08:29:b6:ba:62:89:
d1:7b:74:4c:c7:4f:3f:3f:06:15:3f:be:43:04:ef:
fe:35:67:19:eb:b6:f9:bd:2f:8c:48:0b:a8:bf:8b:
a9:17:06:3f:6b:60:03:86:74:b7:67:07:94:f3:81:
13:5f:79:78:b1:7c:29:34:43:7a:85:15:86:fb:26:
cd:16:53:9d:3f:49:93:6e:06:b0:be:35:28:5b:f5:
2c:4b:d9:76:f1:7e:2b:6b:b6:b5:d7:44:9b:80:a6:
98:85:76:e8:f2:ff:30:cc:60:4d:37:c4:95:68:09:
a3:3f:0d:87:e7:ca:be:9e:7f:f4:c3:06:74:38:70:
7e:32:f9:c5:3a:2f:ee:a1:d2:fe:59:82:42:63:ba:
f6:8a:29:85:8c:59:0c:ce:04:5f:c8:f8:b6:c1:56:
c8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B9:42:AB:AE:A7:E5:0F:F5:39:1B:2A:AC:2A:39:53:95:CB:74:68
X509v3 Authority Key Identifier:
keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/9BD7144CE02311EAA7CA4E42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
219.69.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:3c:a9:67:05:f6:7a:b1:81:c5:02:d5:e2:a5:c5:60:35:d6:
d6:89:09:5d:25:25:7b:75:9b:09:01:12:8e:94:3f:13:e9:ec:
53:91:be:08:de:43:4a:fb:7a:dc:fa:e6:58:02:31:c4:68:41:
18:1f:3d:1d:d0:24:c3:ed:29:68:d9:6a:98:74:97:d4:84:99:
33:84:ca:db:ac:ed:78:73:5f:0e:83:42:f3:d6:75:20:6d:c9:
c6:ee:df:b1:55:a8:22:65:7d:81:1d:8d:f9:43:82:2c:aa:bb:
57:10:5a:6d:98:ac:18:2a:d2:40:7e:6a:cb:50:db:a9:ff:92:
d5:da:a4:06:ed:9a:4b:97:14:d3:f4:c9:ab:70:ae:35:33:7c:
cc:ef:41:8c:88:f6:bc:9d:cc:e2:f1:eb:3d:f4:f8:0d:ce:2c:
ed:a7:b7:b5:6c:90:a0:9d:1f:d0:19:27:c8:8d:11:98:51:95:
e0:02:40:11:fb:7f:7a:ca:52:1a:2a:43:c3:b9:a2:4c:31:88:
a6:22:95:d1:10:98:38:ad:f4:a8:ef:43:a9:9f:e7:5f:fb:ab:
ee:43:c4:9f:44:45:59:b9:a3:8c:63:e3:46:f0:66:32:b6:7a:
b2:12:12:6e:48:08:80:6c:a7:39:dd:ca:a7:7b:69:6c:09:9e:
38:e9:2e:48
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNBwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5
MEZFNzM3NTIwHhcNMjMxMDE4MTQ0MDI0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTJmZWU1OC01MzkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu9sKNMWdyv1HoxUp2AUYRlKEVtd1RZ+ILjm0dwq8brML35EyWADQrjmhdMaw
9kRTi1/0+qMJIK1WeOf1HB0BCZ2f4YR3NRPvTehiN5s3zkvuKpJjJSE7owp8ULZI
ONivltAIKba6YonRe3RMx08/PwYVP75DBO/+NWcZ67b5vS+MSAuov4upFwY/a2AD
hnS3ZweU84ETX3l4sXwpNEN6hRWG+ybNFlOdP0mTbgawvjUoW/UsS9l28X4ra7a1
10SbgKaYhXbo8v8wzGBNN8SVaAmjPw2H58q+nn/0wwZ0OHB+MvnFOi/uodL+WYJC
Y7r2iimFjFkMzgRfyPi2wVbI/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFBy5Qquu
p+UP9TkbKqwqOVOVy3RoMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE
ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZGNDcvQjRBODZDMzgxRDg0MTFFMjk2OUZDNURBMDhCMDJDRDIvOUJENzE0NENF
MDIzMTFFQUE3Q0E0RTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADbRfkwDQYJKoZIhvcNAQELBQADggEBAHw8qWcF9nqxgcUC
1eKlxWA11taJCV0lJXt1mwkBEo6UPxPp7FORvgjeQ0r7etz65lgCMcRoQRgfPR3Q
JMPtKWjZaph0l9SEmTOEytus7XhzXw6DQvPWdSBtycbu37FVqCJlfYEdjflDgiyq
u1cQWm2YrBgq0kB+astQ26n/ktXapAbtmkuXFNP0yatwrjUzfMzvQYyI9rydzOLx
6z30+A3OLO2nt7VskKCdH9AZJ8iNEZhRleACQBH7f3rKUhoqQ8O5okwxiKYildEQ
mDit9KjvQ6mf51/7q+5DxJ9ERVm5o4xj40bwZjK2erISEm5ICIBspzndyqd7aWwJ
njjpLkg=
-----END CERTIFICATE-----
Generated at Tue Jan 9 09:51:26 2024 by rpki-client on console-fra.rpki-client.org