Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAA2/D2AB292C1D9911E2BA529A8608B02CD2/F2C1B32AD59511EC9A77CC14C4F9AE02.roa
File: F2C1B32AD59511EC9A77CC14C4F9AE02.roa (raw, json)
Hash identifier: o5nPJlP6N7gcpsslUyIxTvqwmrdgqkm1YZiDbGUBvSI=
Subject key identifier: 8B:00:E9:F2:F5:D2:FE:7E:CF:A0:A1:59:B5:81:2D:A6:98:2D:A0:80
Certificate issuer: /CN=A91CEAA2/serialNumber=FF495293CB5F15E5D14BACC2DB1052B2E2C825C8
Certificate serial: 3427
Authority key identifier: FF:49:52:93:CB:5F:15:E5:D1:4B:AC:C2:DB:10:52:B2:E2:C8:25:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0lSk8tfFeXRS6zC2xBSsuLIJcg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAA2/D2AB292C1D9911E2BA529A8608B02CD2/F2C1B32AD59511EC9A77CC14C4F9AE02.roa
Signing time: Fri 30 Aug 2024 15:20:57 +0000
ROA not before: Fri 30 Aug 2024 15:20:57 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 16509
IP address blocks: 116.214.100.0/24 maxlen: 24
116.214.101.0/24 maxlen: 24
116.214.120.0/24 maxlen: 24
116.214.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 23:11:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13351 (0x3427)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEAA2/serialNumber=FF495293CB5F15E5D14BACC2DB1052B2E2C825C8
Validity
Not Before: Aug 30 15:20:57 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d1e359-6633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:72:86:a6:b0:0b:a6:40:4d:37:24:45:df:57:
e0:85:0e:65:9e:b0:c8:6a:87:ba:b5:7f:1b:76:87:
cb:bf:53:7a:e6:13:88:44:f4:99:b7:a2:0f:40:ff:
a0:21:79:0a:8f:7b:89:64:0c:af:ea:46:3d:dd:13:
62:5a:33:cf:a0:92:6e:81:a2:99:bc:56:2d:52:60:
ee:62:13:01:6c:f5:ae:ce:20:40:8a:46:d7:83:c5:
f9:1e:44:2c:84:90:ca:ed:ca:08:78:19:ae:58:62:
ce:a1:ef:84:e5:6f:80:d5:74:2d:d3:96:0b:ca:b1:
74:76:56:e2:4b:b7:0a:7c:e6:70:10:a4:f2:1a:66:
1c:86:cf:35:23:95:8a:16:fd:af:90:97:7a:c5:f6:
38:f5:dd:79:07:cf:66:ce:3b:3e:ce:35:47:41:36:
3f:fc:7f:c2:49:be:a4:d1:47:f2:9e:1e:63:86:8a:
39:74:1d:5f:50:1a:f5:fd:11:d9:cc:2a:70:44:47:
ed:4f:06:d8:3c:57:4e:da:50:f4:ae:09:3c:8b:aa:
90:bd:aa:57:98:ea:d6:10:3a:01:2c:6c:94:52:d6:
70:c8:a3:9b:0b:01:a2:d3:1c:0c:c0:a7:81:b7:95:
ee:f5:bf:9e:3d:9c:e2:2c:d7:a8:0d:ba:d6:ed:33:
96:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:00:E9:F2:F5:D2:FE:7E:CF:A0:A1:59:B5:81:2D:A6:98:2D:A0:80
X509v3 Authority Key Identifier:
keyid:FF:49:52:93:CB:5F:15:E5:D1:4B:AC:C2:DB:10:52:B2:E2:C8:25:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEAA2/D2AB292C1D9911E2BA529A8608B02CD2/_0lSk8tfFeXRS6zC2xBSsuLIJcg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0lSk8tfFeXRS6zC2xBSsuLIJcg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAA2/D2AB292C1D9911E2BA529A8608B02CD2/F2C1B32AD59511EC9A77CC14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.214.100.0/23
116.214.120.0/23
Signature Algorithm: sha256WithRSAEncryption
05:74:62:74:08:c2:01:f9:d1:b2:6b:bc:04:71:ab:f5:a9:02:
a8:c7:2f:26:73:02:e3:98:03:ca:91:91:f1:6d:68:2f:cf:f7:
eb:f6:de:d6:72:cb:9d:64:b2:66:a7:c0:60:b6:cf:15:ad:20:
5f:41:2b:d9:86:9a:d1:19:73:87:58:2f:0d:b2:e6:0b:a2:49:
c8:5a:52:9a:c2:1e:dc:e6:9b:d1:e8:59:89:68:47:84:76:87:
24:12:67:a9:0a:8f:7a:87:02:12:70:af:73:61:17:2e:2d:26:
27:6a:06:4b:fa:49:32:c2:ba:cb:21:9c:87:7d:8c:ca:36:68:
74:23:5f:7c:65:3a:af:f4:04:19:0e:b6:03:a5:2d:cb:e7:7f:
29:db:46:19:12:1c:e5:3a:65:93:4a:32:d4:65:b0:be:9f:ea:
b4:fa:c6:a5:e1:79:8c:ed:39:17:a3:55:31:9c:20:d6:92:e5:
36:98:be:e1:1d:8b:d9:d4:51:73:de:77:0d:3d:47:07:32:aa:
f6:65:0f:f6:58:f9:f2:ac:a2:f2:24:74:d7:04:14:f4:e5:ab:
4c:0a:54:c6:37:46:1d:44:01:59:04:3c:f3:88:f4:c0:b5:dc:
24:88:5a:22:a1:fb:8a:eb:e2:21:22:0b:ce:b9:f1:39:3f:01:
5c:68:27:e4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNCcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0VBQTIxMTAvBgNVBAUTKEZGNDk1MjkzQ0I1RjE1RTVEMTRCQUNDMkRCMTA1MkIy
RTJDODI1QzgwHhcNMjQwODMwMTUyMDU3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQxZTM1OS02NjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0XKGprALpkBNNyRF31fghQ5lnrDIaoe6tX8bdofLv1N65hOIRPSZt6IPQP+g
IXkKj3uJZAyv6kY93RNiWjPPoJJugaKZvFYtUmDuYhMBbPWuziBAikbXg8X5HkQs
hJDK7coIeBmuWGLOoe+E5W+A1XQt05YLyrF0dlbiS7cKfOZwEKTyGmYchs81I5WK
Fv2vkJd6xfY49d15B89mzjs+zjVHQTY//H/CSb6k0Ufynh5jhoo5dB1fUBr1/RHZ
zCpwREftTwbYPFdO2lD0rgk8i6qQvapXmOrWEDoBLGyUUtZwyKObCwGi0xwMwKeB
t5Xu9b+ePZziLNeoDbrW7TOWtQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIsA6fL1
0v5+z6ChWbWBLaaYLaCAMB8GA1UdIwQYMBaAFP9JUpPLXxXl0UuswtsQUrLiyCXI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUFBMi9EMkFCMjkyQzFE
OTkxMUUyQkE1MjlBODYwOEIwMkNEMi9fMGxTazh0ZkZlWFJTNnpDMnhCU3N1TElK
Y2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18wbFNrOHRmRmVYUlM2ekMyeEJTc3VMSUpjZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0VBQTIvRDJBQjI5MkMxRDk5MTFFMkJBNTI5QTg2MDhCMDJDRDIvRjJDMUIzMkFE
NTk1MTFFQzlBNzdDQzE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAF01mQDBAF01ngwDQYJKoZIhvcNAQELBQADggEBAAV0YnQI
wgH50bJrvARxq/WpAqjHLyZzAuOYA8qRkfFtaC/P9+v23tZyy51ksmanwGC2zxWt
IF9BK9mGmtEZc4dYLw2y5guiSchaUprCHtzmm9HoWYloR4R2hyQSZ6kKj3qHAhJw
r3NhFy4tJidqBkv6STLCusshnId9jMo2aHQjX3xlOq/0BBkOtgOlLcvnfynbRhkS
HOU6ZZNKMtRlsL6f6rT6xqXheYztORejVTGcINaS5TaYvuEdi9nUUXPedw09Rwcy
qvZlD/ZY+fKsovIkdNcEFPTlq0wKVMY3Rh1EAVkEPPOI9MC13CSIWiKh+4rr4iEi
C8658Tk/AVxoJ+Q=
-----END CERTIFICATE-----
Generated at Tue Nov 19 00:48:05 2024 by rpki-client on console-fra.rpki-client.org