Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E782F/6D2075F6407011EFBDA9D66FC4F9AE02/C0AFD28448B311EFB8A4C178C4F9AE02.roa
File: C0AFD28448B311EFB8A4C178C4F9AE02.roa (raw, json)
Hash identifier: 0jR6SMGur8YbRBe2hWbB22MZ9lJvwfEtYt+XMmZXqZc=
Subject key identifier: 17:E1:04:D7:1E:54:EB:60:71:5A:5B:7C:FA:EA:F9:6B:ED:AA:33:36
Certificate issuer: /CN=A91E782F/serialNumber=C8603657552448ED5BBAED71724D2220F03BF7C6
Certificate serial: 08
Authority key identifier: C8:60:36:57:55:24:48:ED:5B:BA:ED:71:72:4D:22:20:F0:3B:F7:C6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yGA2V1UkSO1buu1xck0iIPA798Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E782F/6D2075F6407011EFBDA9D66FC4F9AE02/C0AFD28448B311EFB8A4C178C4F9AE02.roa
Signing time: Tue 23 Jul 2024 05:23:54 +0000
ROA not before: Tue 23 Jul 2024 05:23:54 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 4755
IP address blocks: 192.8.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 06:04:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E782F/serialNumber=C8603657552448ED5BBAED71724D2220F03BF7C6
Validity
Not Before: Jul 23 05:23:54 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=669f3e6a-6fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:dd:a3:56:17:47:27:71:b0:81:c3:d9:a7:57:
60:27:b7:ae:36:c4:5c:8b:3c:a0:6d:7a:c3:ec:b4:
47:5c:4e:a4:ff:29:46:f7:fa:93:38:23:1b:53:37:
bd:96:90:48:bb:0f:51:a4:b2:f0:51:d1:54:73:17:
29:a0:61:2b:ea:3d:64:4f:4b:71:b7:b5:ee:98:39:
b0:64:f6:cc:86:2a:e8:b9:f8:bf:50:5a:6e:5a:61:
02:3d:31:e6:4f:6d:ec:f5:c4:bd:0f:a2:b1:cb:d9:
2d:07:71:22:61:13:62:3b:03:50:b5:b0:2d:b7:19:
0b:d3:48:45:34:7e:11:1c:5b:cb:96:20:e5:a7:d8:
d9:df:0d:6d:ac:85:11:d7:12:17:27:a9:19:7f:73:
92:22:df:b4:33:37:29:5a:4b:2c:2f:0c:1f:ee:5c:
2e:08:1a:70:78:f2:84:23:12:a2:f9:9d:db:25:6e:
b6:c4:45:2e:91:67:1e:15:92:ff:65:22:cf:5a:5c:
55:ab:54:94:f4:a8:90:72:a2:d0:ce:8c:2f:7f:d0:
75:b1:a5:f9:ba:96:c3:2a:e2:ec:df:71:d5:89:e6:
36:da:7f:c0:af:2d:56:b4:79:ad:59:44:77:06:f7:
f5:94:6b:d5:af:f9:02:09:32:ce:3e:c8:3f:09:65:
86:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E1:04:D7:1E:54:EB:60:71:5A:5B:7C:FA:EA:F9:6B:ED:AA:33:36
X509v3 Authority Key Identifier:
keyid:C8:60:36:57:55:24:48:ED:5B:BA:ED:71:72:4D:22:20:F0:3B:F7:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E782F/6D2075F6407011EFBDA9D66FC4F9AE02/yGA2V1UkSO1buu1xck0iIPA798Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yGA2V1UkSO1buu1xck0iIPA798Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E782F/6D2075F6407011EFBDA9D66FC4F9AE02/C0AFD28448B311EFB8A4C178C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.8.238.0/24
Signature Algorithm: sha256WithRSAEncryption
00:b7:68:ca:80:c3:b2:20:82:20:8a:74:54:ac:dc:ba:2c:b2:
b4:d4:c2:a0:10:a8:21:5e:59:3a:e2:62:5d:0c:83:70:fa:30:
2a:88:30:4c:ef:40:83:72:62:92:2d:b1:c1:0d:ee:59:3b:45:
ce:cd:b0:56:3a:54:a7:8d:69:d3:07:6c:f1:13:34:61:e4:15:
be:4b:02:42:92:af:12:7d:54:80:d7:b4:f0:e4:fc:43:89:40:
06:76:c3:97:01:15:04:8c:7d:2b:ba:a1:30:98:e2:e1:ff:ce:
9f:18:c6:75:77:2c:36:01:81:1c:12:8b:57:17:c3:0f:91:72:
b0:cd:2b:6d:e6:87:71:0a:2e:c4:bc:ca:29:35:ed:79:ac:3b:
f7:bd:c2:f5:71:50:4a:b3:bc:b3:dd:15:a3:b6:5b:48:02:a0:
c4:61:cf:a7:3a:50:8c:ee:28:97:4f:68:12:5c:5a:06:a6:a3:
ee:7b:0f:e2:2c:4d:c4:1d:c9:c3:67:ad:4c:b5:c9:ba:31:4d:
1f:b1:db:f3:b4:76:86:67:bf:3d:62:c6:ba:bc:df:25:ad:3f:
f7:ee:69:d2:ab:fa:d9:68:08:00:74:57:8f:9c:76:c7:cf:f0:
30:18:2f:f8:52:cf:9d:c9:36:53:2f:f5:78:5e:a6:7b:9a:53:
f3:02:7c:d3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
NzgyRjExMC8GA1UEBRMoQzg2MDM2NTc1NTI0NDhFRDVCQkFFRDcxNzI0RDIyMjBG
MDNCRjdDNjAeFw0yNDA3MjMwNTIzNTRaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OWYzZTZhLTZmYjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDF3aNWF0cncbCBw9mnV2Ant642xFyLPKBtesPstEdcTqT/KUb3+pM4IxtTN72W
kEi7D1GksvBR0VRzFymgYSvqPWRPS3G3te6YObBk9syGKui5+L9QWm5aYQI9MeZP
bez1xL0PorHL2S0HcSJhE2I7A1C1sC23GQvTSEU0fhEcW8uWIOWn2NnfDW2shRHX
EhcnqRl/c5Ii37QzNylaSywvDB/uXC4IGnB48oQjEqL5ndslbrbERS6RZx4Vkv9l
Is9aXFWrVJT0qJByotDOjC9/0HWxpfm6lsMq4uzfcdWJ5jbaf8CvLVa0ea1ZRHcG
9/WUa9Wv+QIJMs4+yD8JZYblAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUF+EE1x5U
62BxWlt8+ur5a+2qMzYwHwYDVR0jBBgwFoAUyGA2V1UkSO1buu1xck0iIPA798Yw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3ODJGLzZEMjA3NUY2NDA3
MDExRUZCREE5RDY2RkM0RjlBRTAyL3lHQTJWMVVrU08xYnV1MXhjazBpSVBBNzk4
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIveUdBMlYxVWtTTzFidXUxeGNrMGlJUEE3OThZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NzgyRi82RDIwNzVGNjQwNzAxMUVGQkRBOUQ2NkZDNEY5QUUwMi9DMEFGRDI4NDQ4
QjMxMUVGQjhBNEMxNzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMAI7jANBgkqhkiG9w0BAQsFAAOCAQEAALdoyoDDsiCCIIp0
VKzcuiyytNTCoBCoIV5ZOuJiXQyDcPowKogwTO9Ag3Jiki2xwQ3uWTtFzs2wVjpU
p41p0wds8RM0YeQVvksCQpKvEn1UgNe08OT8Q4lABnbDlwEVBIx9K7qhMJji4f/O
nxjGdXcsNgGBHBKLVxfDD5FysM0rbeaHcQouxLzKKTXteaw7973C9XFQSrO8s90V
o7ZbSAKgxGHPpzpQjO4ol09oElxaBqaj7nsP4ixNxB3Jw2etTLXJujFNH7Hb87R2
hme/PWLGurzfJa0/9+5p0qv62WgIAHRXj5x2x8/wMBgv+FLPnck2Uy/1eF6me5pT
8wJ80w==
-----END CERTIFICATE-----
Generated at Tue Jul 23 09:23:38 2024 by rpki-client on console-ams.rpki-client.org