Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/CB74CBEC0C1911EF90D8414CC4F9AE02.roa
File: CB74CBEC0C1911EF90D8414CC4F9AE02.roa (raw, json)
Hash identifier: iZVnbJC9L9Gx2r91Nufdy5eF7E8+JGi6wWvzi79w1E0=
Subject key identifier: DB:79:75:46:74:4B:EA:4A:5D:98:73:89:28:6A:89:69:CA:FC:87:CD
Certificate issuer: /CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Certificate serial: 07E2
Authority key identifier: 7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/CB74CBEC0C1911EF90D8414CC4F9AE02.roa
Signing time: Tue 28 May 2024 23:03:08 +0000
ROA not before: Tue 28 May 2024 23:03:08 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 21859
IP address blocks: 169.136.82.0/24 maxlen: 24
169.136.85.0/24 maxlen: 24
169.136.105.0/24 maxlen: 24
169.136.109.0/24 maxlen: 24
169.136.122.0/24 maxlen: 24
169.136.128.0/24 maxlen: 24
169.136.129.0/24 maxlen: 24
169.136.130.0/24 maxlen: 24
169.136.134.0/24 maxlen: 24
169.136.135.0/24 maxlen: 24
169.136.138.0/24 maxlen: 24
169.136.142.0/24 maxlen: 24
169.136.143.0/24 maxlen: 24
169.136.146.0/24 maxlen: 24
169.136.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 04:18:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2018 (0x7e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Validity
Not Before: May 28 23:03:08 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=665662ac-3aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:0c:e6:98:3e:ff:65:23:6f:b6:37:8e:f9:c4:
f3:12:da:5c:e2:e4:80:8a:40:ee:0b:74:50:e9:50:
59:5d:f2:f7:8a:b6:ff:a1:df:13:38:ca:a5:94:17:
d5:19:8f:d5:b7:26:5b:32:03:ed:c1:cc:ca:20:77:
e4:5f:22:7d:f1:25:ce:c7:17:f3:0c:94:4f:aa:66:
4e:d1:59:35:98:b6:74:42:77:d0:6f:e1:d5:2c:c2:
88:3d:e8:2c:f1:4b:1f:12:ee:7b:b4:11:f9:2a:3d:
f8:c1:fe:08:4c:af:e8:9e:4a:e0:d4:78:a0:28:af:
9e:0d:ec:06:6c:ff:72:b1:62:e2:07:d9:79:8c:83:
c8:c1:f1:6a:e6:0c:9a:aa:bd:6c:96:3b:4e:39:da:
b4:a8:1b:27:dd:e5:d0:99:41:1e:e0:6d:5e:f7:96:
00:44:3e:d2:bf:e4:c4:32:f8:96:e6:5d:08:5a:7a:
24:f6:b6:2e:5d:d2:91:45:8f:ff:0d:af:04:13:e8:
b3:0f:a9:99:34:1e:85:e1:8e:5f:f4:26:11:86:01:
90:da:58:24:f0:2d:1c:42:e2:81:30:4b:d7:e7:7f:
36:c7:de:95:fb:c9:31:c5:c2:78:d1:35:34:89:f3:
b7:e9:71:3e:fb:56:54:43:e2:f6:08:52:22:7a:f2:
72:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:79:75:46:74:4B:EA:4A:5D:98:73:89:28:6A:89:69:CA:FC:87:CD
X509v3 Authority Key Identifier:
keyid:7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/CB74CBEC0C1911EF90D8414CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.136.82.0/24
169.136.85.0/24
169.136.105.0/24
169.136.109.0/24
169.136.122.0/24
169.136.128.0-169.136.130.255
169.136.134.0/23
169.136.138.0/24
169.136.142.0/23
169.136.146.0/24
169.136.191.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c5:3d:04:44:dc:d2:8b:92:79:46:86:07:ed:e0:d4:fa:fa:
cc:21:b0:ca:76:b2:a8:d6:1d:d4:91:81:2e:b8:03:b0:41:c0:
a4:7e:7d:9a:db:8e:b7:74:4a:ad:36:1a:6e:6f:4d:62:f0:6e:
7d:56:bf:35:f5:9a:ff:bd:30:1d:92:be:7c:5d:48:5f:48:56:
23:dd:c8:15:ea:44:68:ba:96:19:a8:f2:8c:ed:8c:12:2e:6e:
60:b4:39:3a:69:c6:fd:c1:d0:e2:83:60:f1:a5:e6:ed:17:49:
fb:62:6a:2e:74:46:b9:e2:70:ce:71:4a:67:1f:88:f8:69:cd:
ad:65:69:ed:19:87:7b:19:c7:11:bb:59:0b:d3:93:06:27:54:
88:00:2c:d4:0d:1d:81:b5:77:38:58:6e:49:df:8a:38:7d:15:
fb:79:d1:76:a2:a0:89:96:7e:33:4f:d6:b9:df:15:63:7b:38:
46:36:5a:0b:d8:67:9d:85:06:c5:38:47:1f:f3:a6:55:db:ad:
f9:01:61:39:5f:95:e4:87:88:5e:ee:02:fb:e6:88:7f:fa:f5:
52:ad:a0:15:da:58:6b:bf:ae:63:ba:2e:8d:83:0c:a6:75:c9:
19:a4:03:f1:73:63:aa:d9:f4:b5:49:ae:80:3d:d9:ec:66:eb:
ec:65:ff:a9
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICB+IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY5M0ExMTAvBgNVBAUTKDdFMjQ0MzEwRDdBNDU2RUIxMjdCOTI2QzQyRjI2RDc5
RTlBQ0RCODgwHhcNMjQwNTI4MjMwMzA4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU2NjJhYy0zYWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4wzmmD7/ZSNvtjeO+cTzEtpc4uSAikDuC3RQ6VBZXfL3irb/od8TOMqllBfV
GY/VtyZbMgPtwczKIHfkXyJ98SXOxxfzDJRPqmZO0Vk1mLZ0QnfQb+HVLMKIPegs
8UsfEu57tBH5Kj34wf4ITK/onkrg1HigKK+eDewGbP9ysWLiB9l5jIPIwfFq5gya
qr1sljtOOdq0qBsn3eXQmUEe4G1e95YARD7Sv+TEMviW5l0IWnok9rYuXdKRRY//
Da8EE+izD6mZNB6F4Y5f9CYRhgGQ2lgk8C0cQuKBMEvX5382x96V+8kxxcJ40TU0
ifO36XE++1ZUQ+L2CFIievJy0QIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFNt5dUZ0
S+pKXZhziShqiWnK/IfNMB8GA1UdIwQYMBaAFH4kQxDXpFbrEnuSbELybXnprNuI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GN0RGQTcyRUU1
RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9maVJERU5la1Z1c1NlNUpzUXZKdGVlbXMy
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2ZpUkRFTmVrVnVzU2U1SnNRdkp0ZWVtczI0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY5M0EvRjdERkE3MkVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvQ0I3NENCRUMw
QzE5MTFFRjkwRDg0MTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMFAEAgABMEoDBACpiFIDBACpiFUDBACpiGkDBACpiG0DBACpiHowDAMEB6mI
gAMEAKmIggMEAamIhgMEAKmIigMEAamIjgMEAKmIkgMEAKmIvzANBgkqhkiG9w0B
AQsFAAOCAQEAQsU9BETc0ouSeUaGB+3g1Pr6zCGwynayqNYd1JGBLrgDsEHApH59
mtuOt3RKrTYabm9NYvBufVa/NfWa/70wHZK+fF1IX0hWI93IFepEaLqWGajyjO2M
Ei5uYLQ5OmnG/cHQ4oNg8aXm7RdJ+2JqLnRGueJwznFKZx+I+GnNrWVp7RmHexnH
EbtZC9OTBidUiAAs1A0dgbV3OFhuSd+KOH0V+3nRdqKgiZZ+M0/Wud8VY3s4RjZa
C9hnnYUGxThHH/OmVdut+QFhOV+V5IeIXu4C++aIf/r1Uq2gFdpYa7+uY7oujYMM
pnXJGaQD8XNjqtn0tUmugD3Z7Gbr7GX/qQ==
-----END CERTIFICATE-----
Generated at Fri Sep 20 09:07:15 2024 by rpki-client on console-ams.rpki-client.org