Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/BA017FB8837F11E98FD83E77C4F9AE02.roa
File: BA017FB8837F11E98FD83E77C4F9AE02.roa (raw, json)
Hash identifier: WjccH0phVrZJ3ER2AzjcuMNPHiYyJ7C2avF5tz2PLN4=
Subject key identifier: CE:C1:B1:7A:17:77:D3:2E:2B:62:2E:8F:6D:47:E5:F0:0C:C3:DD:B7
Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752
Certificate serial: 341F
Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/BA017FB8837F11E98FD83E77C4F9AE02.roa
Signing time: Wed 18 Oct 2023 14:40:27 +0000
ROA not before: Wed 18 Oct 2023 14:40:27 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 38385
IP address blocks: 219.69.248.0/24 maxlen: 24
219.69.249.0/24 maxlen: 24
219.69.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 07:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13343 (0x341f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752
Validity
Not Before: Oct 18 14:40:27 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=652fee5b-855b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:63:81:b7:a2:73:7d:04:6e:3d:91:be:1e:4f:
e9:f1:22:cb:d8:a9:fb:c1:f5:a7:fc:a7:5d:5e:cf:
45:83:51:3b:3a:dd:de:6c:48:26:6e:5a:e0:98:92:
ba:b0:9f:d5:4b:fa:0c:24:e9:9e:ff:9c:c9:60:46:
ba:eb:17:30:41:8f:76:5b:7f:ce:25:69:49:b3:65:
ac:f9:50:d9:c5:a2:e2:17:2b:e5:26:28:0e:87:77:
65:7e:2a:99:e4:6e:e0:b2:12:1e:e7:6d:92:ce:8d:
a1:7a:db:3d:4b:4c:b3:5d:3c:78:e5:89:7d:6b:b2:
28:e3:82:40:6d:03:67:5a:e1:a2:e6:a4:62:4b:2f:
92:43:57:0d:c2:71:bf:83:0d:56:14:f2:4b:a5:b7:
9b:fc:e8:84:1b:3c:ec:15:03:e7:c2:54:d6:33:d5:
10:b5:07:7d:ed:1c:f6:4a:a6:1f:03:1f:3a:5a:56:
76:c9:cf:db:71:03:b9:4f:a6:fd:ab:f2:f2:c7:0e:
5a:9c:6b:54:a7:1c:15:e6:c4:64:0a:6f:36:da:88:
21:71:5d:02:60:59:b8:1b:fa:f6:bf:05:09:9c:27:
09:dc:30:45:33:2a:ca:0e:81:9a:1a:bf:b8:d2:1c:
a8:b4:3a:b0:ea:6b:50:cb:63:91:54:e1:df:51:92:
33:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C1:B1:7A:17:77:D3:2E:2B:62:2E:8F:6D:47:E5:F0:0C:C3:DD:B7
X509v3 Authority Key Identifier:
keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/BA017FB8837F11E98FD83E77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
219.69.248.0-219.69.250.255
Signature Algorithm: sha256WithRSAEncryption
bd:8a:87:64:c6:a6:b9:71:0c:a7:22:04:b1:0e:da:09:d8:e2:
7e:8d:43:1c:c8:6a:34:ad:6e:f8:8f:57:be:0b:00:0b:d6:82:
55:93:84:fc:e6:e5:6d:10:b9:98:b5:18:ac:1d:b4:dd:a4:1e:
1f:bf:26:97:8d:b9:15:3b:bd:5c:09:3a:56:6e:0b:8e:25:0d:
ed:74:f3:2f:97:47:78:ae:72:2a:37:39:38:5c:1a:07:c9:e9:
5e:99:4b:13:ec:94:25:fa:c3:14:87:ba:85:ba:dc:0c:9b:03:
5b:63:75:06:79:25:17:84:a3:8d:de:9a:bb:df:7b:f6:9f:b1:
d8:1d:69:a9:c0:ec:59:15:72:db:0c:be:45:40:fd:1b:ba:37:
71:20:2e:3d:c6:0e:8d:22:2e:3a:00:66:a8:ed:ff:d3:03:c5:
c9:23:8d:cf:7e:d1:ea:85:50:0e:65:b5:c8:dc:57:46:69:8d:
76:02:cc:9c:cd:62:e2:14:32:7d:3b:2c:d0:a1:5c:7a:14:34:
4e:5f:53:02:48:04:20:43:f9:32:7e:69:be:c4:8f:63:56:4a:
52:62:99:dd:90:23:05:2c:ab:8c:f6:43:04:f6:6c:cb:2a:d5:
f9:38:fe:70:31:75:d3:0c:f3:b8:f2:d9:af:7e:aa:bd:8f:81:
5b:ff:8d:bc
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICNB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5
MEZFNzM3NTIwHhcNMjMxMDE4MTQ0MDI3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTJmZWU1Yi04NTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7WOBt6JzfQRuPZG+Hk/p8SLL2Kn7wfWn/KddXs9Fg1E7Ot3ebEgmblrgmJK6
sJ/VS/oMJOme/5zJYEa66xcwQY92W3/OJWlJs2Ws+VDZxaLiFyvlJigOh3dlfiqZ
5G7gshIe522Szo2hets9S0yzXTx45Yl9a7Io44JAbQNnWuGi5qRiSy+SQ1cNwnG/
gw1WFPJLpbeb/OiEGzzsFQPnwlTWM9UQtQd97Rz2SqYfAx86WlZ2yc/bcQO5T6b9
q/Lyxw5anGtUpxwV5sRkCm822oghcV0CYFm4G/r2vwUJnCcJ3DBFMyrKDoGaGr+4
0hyotDqw6mtQy2ORVOHfUZIzmwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFM7BsXoX
d9MuK2Iuj21H5fAMw923MB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE
ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZGNDcvQjRBODZDMzgxRDg0MTFFMjk2OUZDNURBMDhCMDJDRDIvQkEwMTdGQjg4
MzdGMTFFOThGRDgzRTc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA9tF+AMEANtF+jANBgkqhkiG9w0BAQsFAAOCAQEAvYqH
ZMamuXEMpyIEsQ7aCdjifo1DHMhqNK1u+I9XvgsAC9aCVZOE/OblbRC5mLUYrB20
3aQeH78ml425FTu9XAk6Vm4LjiUN7XTzL5dHeK5yKjc5OFwaB8npXplLE+yUJfrD
FIe6hbrcDJsDW2N1BnklF4Sjjd6au9979p+x2B1pqcDsWRVy2wy+RUD9G7o3cSAu
PcYOjSIuOgBmqO3/0wPFySONz37R6oVQDmW1yNxXRmmNdgLMnM1i4hQyfTss0KFc
ehQ0Tl9TAkgEIEP5Mn5pvsSPY1ZKUmKZ3ZAjBSyrjPZDBPZsyyrV+Tj+cDF10wzz
uPLZr36qvY+BW/+NvA==
-----END CERTIFICATE-----
Generated at Tue Jan 9 11:02:42 2024 by rpki-client on console-ams.rpki-client.org