Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/DC83E52CE12F11EEB059D53CC4F9AE02.roa
File: DC83E52CE12F11EEB059D53CC4F9AE02.roa (raw, json)
Hash identifier: 249vQRK+GvD/GCbeVcmTEXlgIHoMNFvIXLi9I4vUM34=
Subject key identifier: 63:86:CF:D2:FC:A8:39:E3:A4:CA:DF:80:9F:C8:29:37:37:66:5F:D9
Certificate issuer: /CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Certificate serial: 07A9
Authority key identifier: 7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/DC83E52CE12F11EEB059D53CC4F9AE02.roa
Signing time: Wed 13 Mar 2024 11:50:17 +0000
ROA not before: Wed 13 Mar 2024 11:50:17 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 21859
IP address blocks: 169.136.82.0/24 maxlen: 24
169.136.85.0/24 maxlen: 24
169.136.105.0/24 maxlen: 24
169.136.109.0/24 maxlen: 24
169.136.120.0/24 maxlen: 24
169.136.122.0/24 maxlen: 24
169.136.128.0/24 maxlen: 24
169.136.129.0/24 maxlen: 24
169.136.130.0/24 maxlen: 24
169.136.134.0/24 maxlen: 24
169.136.135.0/24 maxlen: 24
169.136.138.0/24 maxlen: 24
169.136.142.0/24 maxlen: 24
169.136.143.0/24 maxlen: 24
169.136.146.0/24 maxlen: 24
169.136.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 02:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1961 (0x7a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Validity
Not Before: Mar 13 11:50:17 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65f192f9-6690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:87:22:e3:2f:f1:22:b1:24:2a:e2:69:4a:15:
bd:5b:b4:aa:1d:d5:f0:cb:db:e3:77:6a:79:d8:f4:
57:76:7f:69:22:7e:9e:1f:0b:70:d4:cc:de:cb:b3:
fc:0a:ba:d3:10:a0:f6:01:6f:71:88:13:93:ee:ca:
dd:f8:84:5b:9b:40:41:d1:5e:32:04:22:2d:2a:ec:
2d:0f:05:8e:b0:6f:0e:30:98:c1:10:2e:27:65:f2:
94:ea:dc:c9:bb:68:6b:a2:5b:1c:6f:30:f1:22:4a:
42:78:3a:1f:1a:8e:90:16:bc:8c:60:33:23:97:e4:
74:5f:d0:bb:48:fb:06:f9:eb:c0:e0:5e:82:27:8a:
b0:51:78:bc:b6:2f:83:82:3c:53:cc:14:52:f2:2f:
59:93:bf:68:ca:69:04:a0:25:39:07:78:e8:8e:1e:
c1:6c:ca:ff:57:63:c5:2b:78:55:1c:f0:3e:0c:d1:
a2:d1:5c:2a:95:35:58:8b:21:c5:d1:e8:7f:a3:3b:
18:5f:4a:85:b7:4e:4b:a3:e0:bd:4a:ee:b0:ef:ec:
3b:5c:99:e9:27:25:3b:dd:e4:0e:7e:16:8a:eb:36:
de:39:c8:ed:48:a8:90:da:9f:1c:81:08:38:ac:fc:
d2:0a:57:55:11:e8:04:bf:8f:32:af:4e:4a:11:9c:
4d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:86:CF:D2:FC:A8:39:E3:A4:CA:DF:80:9F:C8:29:37:37:66:5F:D9
X509v3 Authority Key Identifier:
keyid:7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/DC83E52CE12F11EEB059D53CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.136.82.0/24
169.136.85.0/24
169.136.105.0/24
169.136.109.0/24
169.136.120.0/24
169.136.122.0/24
169.136.128.0-169.136.130.255
169.136.134.0/23
169.136.138.0/24
169.136.142.0/23
169.136.146.0/24
169.136.191.0/24
Signature Algorithm: sha256WithRSAEncryption
66:a5:91:1a:fe:cb:89:72:ac:a8:94:03:53:b6:9f:96:8f:63:
0d:b5:1f:b7:70:8a:7e:6f:33:1a:61:80:bc:5d:cd:1f:cb:13:
70:c4:a6:13:e4:89:22:fe:1d:e1:b1:91:85:85:da:d9:1e:39:
52:6e:e9:41:10:f2:30:40:33:37:27:e8:bd:02:e8:58:94:b1:
c9:eb:9b:b7:4d:37:8d:e2:0c:1d:28:ae:e3:c0:88:d4:86:fb:
0f:fb:b2:53:5a:9e:c4:df:89:40:64:3c:fc:31:49:5d:68:e7:
c9:95:fc:5f:ef:fa:9a:be:e4:99:10:6f:11:2e:96:03:8e:39:
97:d1:af:25:33:e3:e6:e3:ca:bd:1e:db:b9:fa:4b:ab:75:05:
bd:1d:09:54:cf:5c:a8:52:60:05:fb:79:e4:7e:cb:40:2c:ff:
1c:a5:a5:e6:66:fc:3f:01:f7:fa:0b:b7:4b:ad:6c:d9:7b:08:
c7:69:aa:5a:f0:24:14:1f:1a:df:b7:72:81:5d:db:8b:b0:3b:
df:c7:80:a1:5c:80:82:05:0a:29:18:dd:09:fa:8d:77:4d:a3:
32:c6:78:47:65:e8:df:33:f6:68:27:b6:46:82:35:8c:08:47:
ec:0b:1c:ab:d2:0c:64:7f:ba:4e:77:19:7e:f6:e8:26:33:5d:
11:b8:6a:94
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgICB6kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY5M0ExMTAvBgNVBAUTKDdFMjQ0MzEwRDdBNDU2RUIxMjdCOTI2QzQyRjI2RDc5
RTlBQ0RCODgwHhcNMjQwMzEzMTE1MDE3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYxOTJmOS02NjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA64ci4y/xIrEkKuJpShW9W7SqHdXwy9vjd2p52PRXdn9pIn6eHwtw1Mzey7P8
CrrTEKD2AW9xiBOT7srd+IRbm0BB0V4yBCItKuwtDwWOsG8OMJjBEC4nZfKU6tzJ
u2hrolscbzDxIkpCeDofGo6QFryMYDMjl+R0X9C7SPsG+evA4F6CJ4qwUXi8ti+D
gjxTzBRS8i9Zk79oymkEoCU5B3jojh7BbMr/V2PFK3hVHPA+DNGi0VwqlTVYiyHF
0eh/ozsYX0qFt05Lo+C9Su6w7+w7XJnpJyU73eQOfhaK6zbeOcjtSKiQ2p8cgQg4
rPzSCldVEegEv48yr05KEZxNtQIDAQABo4IC3zCCAtswHQYDVR0OBBYEFGOGz9L8
qDnjpMrfgJ/IKTc3Zl/ZMB8GA1UdIwQYMBaAFH4kQxDXpFbrEnuSbELybXnprNuI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GN0RGQTcyRUU1
RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9maVJERU5la1Z1c1NlNUpzUXZKdGVlbXMy
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2ZpUkRFTmVrVnVzU2U1SnNRdkp0ZWVtczI0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY5M0EvRjdERkE3MkVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvREM4M0U1MkNF
MTJGMTFFRUIwNTlENTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaQYIKwYBBQUHAQcBAf8E
WjBYMFYEAgABMFADBACpiFIDBACpiFUDBACpiGkDBACpiG0DBACpiHgDBACpiHow
DAMEB6mIgAMEAKmIggMEAamIhgMEAKmIigMEAamIjgMEAKmIkgMEAKmIvzANBgkq
hkiG9w0BAQsFAAOCAQEAZqWRGv7LiXKsqJQDU7aflo9jDbUft3CKfm8zGmGAvF3N
H8sTcMSmE+SJIv4d4bGRhYXa2R45Um7pQRDyMEAzNyfovQLoWJSxyeubt003jeIM
HSiu48CI1Ib7D/uyU1qexN+JQGQ8/DFJXWjnyZX8X+/6mr7kmRBvES6WA445l9Gv
JTPj5uPKvR7bufpLq3UFvR0JVM9cqFJgBft55H7LQCz/HKWl5mb8PwH3+gu3S61s
2XsIx2mqWvAkFB8a37dygV3bi7A738eAoVyAggUKKRjdCfqNd02jMsZ4R2Xo3zP2
aCe2RoI1jAhH7Ascq9IMZH+6TncZfvboJjNdEbhqlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:31 2024 by rpki-client on console-ams.rpki-client.org