Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7BDC/79EE0BC4E27211EEB83D606BC4F9AE02/EDED739CEC1E11EEBB363081C4F9AE02.roa
File: EDED739CEC1E11EEBB363081C4F9AE02.roa (raw, json)
Hash identifier: PjjTXRndgc6+pGnQI6sN/dMSS0N1bNy1oveUIqguvWs=
Subject key identifier: 3D:62:7C:22:9A:AB:EE:04:AA:17:65:EC:94:BC:EF:26:2F:0D:F9:9E
Certificate issuer: /CN=A91B7BDC/serialNumber=EF25A925BFBD4CBAEF52456AB3B309B747040DFE
Certificate serial: 23
Authority key identifier: EF:25:A9:25:BF:BD:4C:BA:EF:52:45:6A:B3:B3:09:B7:47:04:0D:FE
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/7yWpJb-9TLrvUkVqs7MJt0cEDf4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7BDC/79EE0BC4E27211EEB83D606BC4F9AE02/EDED739CEC1E11EEBB363081C4F9AE02.roa
Signing time: Tue 07 May 2024 02:11:50 +0000
ROA not before: Tue 07 May 2024 02:11:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132139
IP address blocks: 185.81.70.0/24 maxlen: 24
185.81.70.248/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 20 Jun 2024 02:21:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35 (0x23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7BDC/serialNumber=EF25A925BFBD4CBAEF52456AB3B309B747040DFE
Validity
Not Before: May 7 02:11:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66398de5-39da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f8:7e:43:ca:34:75:78:74:ac:c0:cf:84:a7:
23:a7:4a:f4:08:20:6a:f1:ec:54:b4:31:06:80:b9:
4c:92:4c:be:32:70:27:bd:b8:b2:57:11:4e:3a:3d:
89:42:6c:12:fd:20:46:d7:cd:fa:97:18:11:a0:73:
7c:c7:c3:28:a4:df:e1:9d:44:6c:80:3d:8c:38:1d:
ab:86:5a:13:f0:fd:e5:6e:18:74:a9:07:88:07:8c:
a2:c5:48:79:c9:8d:61:8a:9c:98:c1:b2:fc:49:1f:
64:56:78:81:f5:89:26:c4:10:ad:9d:70:f0:ce:c4:
ee:00:1e:bc:7e:4e:03:cd:fa:b7:cf:c0:61:b5:5f:
fa:d4:be:8d:f7:63:e3:aa:8e:dd:02:15:24:01:11:
b1:2d:5b:6d:59:ab:32:bf:01:a7:5e:c6:5b:8b:e7:
0c:77:89:0c:43:ab:55:2e:01:54:37:12:f5:44:b2:
39:9c:af:d3:0a:d1:5b:a3:a3:9e:20:dc:6b:51:3b:
2d:b5:6a:99:01:66:6b:8c:23:e1:35:88:ff:d3:49:
c5:98:44:ad:14:a0:55:16:c2:75:33:6b:af:4a:a3:
17:79:18:53:43:c6:92:66:6a:73:4c:1f:d5:e0:b4:
f5:09:96:6f:5d:6c:12:e7:db:14:f5:37:63:0a:33:
c0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:62:7C:22:9A:AB:EE:04:AA:17:65:EC:94:BC:EF:26:2F:0D:F9:9E
X509v3 Authority Key Identifier:
keyid:EF:25:A9:25:BF:BD:4C:BA:EF:52:45:6A:B3:B3:09:B7:47:04:0D:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7BDC/79EE0BC4E27211EEB83D606BC4F9AE02/7yWpJb-9TLrvUkVqs7MJt0cEDf4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/7yWpJb-9TLrvUkVqs7MJt0cEDf4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7BDC/79EE0BC4E27211EEB83D606BC4F9AE02/EDED739CEC1E11EEBB363081C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
185.81.70.0/24
Signature Algorithm: sha256WithRSAEncryption
25:60:d5:3c:e1:94:aa:1d:74:2b:c4:17:cf:07:68:69:0b:3d:
da:76:62:94:c9:89:4b:f1:53:7d:18:2a:02:6f:32:80:d9:fe:
85:25:cb:1f:f6:79:f1:f4:36:ec:2b:95:5c:c1:e3:f4:f7:de:
28:b8:a4:a3:29:b2:c2:a8:3e:de:44:e2:4b:cf:1b:b1:f6:d7:
fb:ce:50:d6:04:44:e1:4f:5a:f2:29:99:51:35:3b:73:c4:2e:
80:fe:28:49:5a:7d:77:3d:ad:8a:1c:77:29:6e:43:d2:ca:90:
ba:25:e7:de:e0:0a:1f:e8:14:0b:fd:da:c1:00:b8:f3:08:ce:
d5:19:c3:2b:9b:50:cf:83:10:4b:d3:3f:0d:fe:ea:ff:dd:66:
fa:5c:d1:6c:6a:27:99:cb:14:4a:0d:e3:f7:41:ff:c6:98:0e:
f4:9c:c9:2c:df:47:99:af:14:29:49:f4:40:ac:d3:c4:32:76:
2b:b4:e6:bc:69:29:fe:ff:6e:a4:12:09:29:f9:ec:ad:4a:ca:
8c:1c:8d:77:64:1f:35:53:60:55:5c:72:6c:6c:df:80:08:5e:
d0:b0:9e:5c:b3:e6:e4:8f:9a:a5:e5:8a:2f:53:d0:49:82:99:
7c:be:72:47:c8:dc:ec:e4:6c:61:2f:bf:a0:0a:af:33:c1:f6:
cf:39:49:c2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
N0JEQzExMC8GA1UEBRMoRUYyNUE5MjVCRkJENENCQUVGNTI0NTZBQjNCMzA5Qjc0
NzA0MERGRTAeFw0yNDA1MDcwMjExNTBaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2Mzk4ZGU1LTM5ZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCw+H5DyjR1eHSswM+EpyOnSvQIIGrx7FS0MQaAuUySTL4ycCe9uLJXEU46PYlC
bBL9IEbXzfqXGBGgc3zHwyik3+GdRGyAPYw4HauGWhPw/eVuGHSpB4gHjKLFSHnJ
jWGKnJjBsvxJH2RWeIH1iSbEEK2dcPDOxO4AHrx+TgPN+rfPwGG1X/rUvo33Y+Oq
jt0CFSQBEbEtW21ZqzK/AadexluL5wx3iQxDq1UuAVQ3EvVEsjmcr9MK0Vujo54g
3GtROy21apkBZmuMI+E1iP/TScWYRK0UoFUWwnUza69Koxd5GFNDxpJmanNMH9Xg
tPUJlm9dbBLn2xT1N2MKM8C9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUPWJ8Ipqr
7gSqF2XslLzvJi8N+Z4wHwYDVR0jBBgwFoAU7yWpJb+9TLrvUkVqs7MJt0cEDf4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3QkRDLzc5RUUwQkM0RTI3
MjExRUVCODNENjA2QkM0RjlBRTAyLzd5V3BKYi05VExydlVrVnFzN01KdDBjRURm
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG
RDFGRjIvN3lXcEpiLTlUTHJ2VWtWcXM3TUp0MGNFRGY0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
N0JEQy83OUVFMEJDNEUyNzIxMUVFQjgzRDYwNkJDNEY5QUUwMi9FREVENzM5Q0VD
MUUxMUVFQkIzNjMwODFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEALlRRjANBgkqhkiG9w0BAQsFAAOCAQEAJWDVPOGUqh10K8QX
zwdoaQs92nZilMmJS/FTfRgqAm8ygNn+hSXLH/Z58fQ27CuVXMHj9PfeKLikoymy
wqg+3kTiS88bsfbX+85Q1gRE4U9a8imZUTU7c8QugP4oSVp9dz2tihx3KW5D0sqQ
uiXn3uAKH+gUC/3awQC48wjO1RnDK5tQz4MQS9M/Df7q/91m+lzRbGonmcsUSg3j
90H/xpgO9JzJLN9Hma8UKUn0QKzTxDJ2K7TmvGkp/v9upBIJKfnsrUrKjByNd2Qf
NVNgVVxybGzfgAhe0LCeXLPm5I+apeWKL1PQSYKZfL5yR8jc7ORsYS+/oAqvM8H2
zzlJwg==
-----END CERTIFICATE-----
Generated at Thu Jun 20 03:53:32 2024 by rpki-client on console-ams.rpki-client.org