Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/116D9634E5DF11EA9E8E8D6AC4F9AE02.roa
File: 116D9634E5DF11EA9E8E8D6AC4F9AE02.roa (raw, json)
Hash identifier: hnqMAC9ZqQrJRPkkpvwFD0cRkfBj2RbAjFwQo75assE=
Subject key identifier: 95:F6:02:BA:74:68:B4:3B:9F:A2:80:00:8F:B1:47:CD:37:31:2E:F4
Certificate issuer: /CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B
Certificate serial: 0711
Authority key identifier: 21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/116D9634E5DF11EA9E8E8D6AC4F9AE02.roa
Signing time: Mon 16 Oct 2023 22:09:57 +0000
ROA not before: Mon 16 Oct 2023 22:09:57 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 24435
IP address blocks: 116.0.35.0/24 maxlen: 24
116.0.36.0/24 maxlen: 24
116.0.37.0/24 maxlen: 24
116.0.38.0/24 maxlen: 24
116.0.39.0/24 maxlen: 24
116.0.45.0/24 maxlen: 24
116.0.47.0/24 maxlen: 24
116.0.48.0/24 maxlen: 24
116.0.49.0/24 maxlen: 24
116.0.50.0/24 maxlen: 24
116.0.51.0/24 maxlen: 24
116.0.52.0/24 maxlen: 24
116.0.53.0/24 maxlen: 24
116.0.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 12:04:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1809 (0x711)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B
Validity
Not Before: Oct 16 22:09:57 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=652db4b4-ae3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fe:56:0e:6c:68:a0:94:5d:8a:7e:8f:fd:94:
af:03:4e:a5:c9:1d:56:f4:e3:b9:cd:be:de:2c:fb:
4e:f0:aa:a4:34:8a:48:ab:c3:77:61:4b:2c:29:f2:
04:d2:de:ac:7d:6d:09:ea:98:da:0f:e1:fc:03:b6:
bb:a6:03:e2:ec:ba:c2:a4:fa:bf:b2:d6:49:f8:38:
8f:70:56:e9:79:95:2e:b5:c7:4e:5c:9c:15:1b:65:
2e:b1:29:5c:30:23:58:15:99:e4:a5:ee:a8:18:c7:
89:dc:95:48:df:9d:81:97:46:a9:b4:0b:e5:b3:cc:
05:c6:ea:1b:a0:c9:81:54:51:20:9b:4d:54:28:0c:
cf:41:27:a4:93:a4:72:d5:8c:2b:ad:11:db:18:41:
46:e7:05:dc:45:df:b9:d1:4d:73:95:77:10:9f:b2:
06:fa:66:65:50:c1:96:a9:76:94:88:d5:27:5c:e1:
a3:eb:64:cf:26:3b:8b:d2:0e:cc:c8:dc:9f:f8:67:
11:9b:6c:a9:29:01:77:95:08:c6:8a:f4:dc:7c:5f:
59:74:da:01:02:f1:77:f3:00:1a:3a:ee:96:78:16:
44:54:e3:e8:b9:15:88:0b:bc:98:bf:a3:03:34:ca:
ad:2b:86:15:71:57:f1:2d:f3:69:fc:65:8f:c4:82:
17:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F6:02:BA:74:68:B4:3B:9F:A2:80:00:8F:B1:47:CD:37:31:2E:F4
X509v3 Authority Key Identifier:
keyid:21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/116D9634E5DF11EA9E8E8D6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.0.35.0-116.0.39.255
116.0.45.0/24
116.0.47.0-116.0.54.255
Signature Algorithm: sha256WithRSAEncryption
21:8c:91:05:87:ce:a8:f9:81:60:f3:16:51:d7:88:b6:97:e4:
83:fe:a6:39:35:b2:0d:f9:80:62:b4:e7:2a:df:15:9a:9b:63:
2f:0f:3e:c3:c2:09:ca:f8:9b:a8:a8:1e:2e:9d:39:f8:81:74:
54:82:bd:9d:ac:98:a6:90:3a:c5:61:f4:ec:ac:2e:d0:72:e7:
85:74:f9:f2:90:8a:d1:bf:3a:2d:83:58:a4:6f:09:5d:ae:cd:
fd:0e:d8:fb:20:11:46:07:d8:cd:2e:8d:77:9b:25:55:74:de:
23:13:69:87:4c:c1:ae:f5:65:d3:4f:79:e9:f6:0d:07:23:a0:
e1:9f:65:18:93:9c:c8:89:04:ec:5d:56:2c:31:3e:0f:87:0c:
a8:54:67:a1:86:59:c9:d7:13:24:c9:a2:3f:c3:40:5e:97:07:
bc:3d:1d:b1:50:9e:6e:08:ee:0d:a3:5f:a8:75:e7:a2:8e:5a:
8b:57:f0:4b:1d:05:a6:02:2b:11:c0:9d:b5:22:bc:2c:4f:09:
e2:40:dd:00:cb:19:bf:f2:13:19:71:ff:7a:f1:ab:d5:de:47:
66:6b:9b:1e:c5:af:c8:f5:20:b9:eb:77:59:b0:d0:c6:ec:57:
4a:e9:76:fb:2e:d1:71:17:eb:a9:5a:9c:71:a3:40:16:4a:80:
e5:66:52:85
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICBxEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTk2RDkxMTAvBgNVBAUTKDIxOUVBNjNDNkFDOTY2RERCMjg1ODg2QkQ3MTFDNzhB
MTRERjUxMkIwHhcNMjMxMDE2MjIwOTU3WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTJkYjRiNC1hZTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtv5WDmxooJRdin6P/ZSvA06lyR1W9OO5zb7eLPtO8KqkNIpIq8N3YUssKfIE
0t6sfW0J6pjaD+H8A7a7pgPi7LrCpPq/stZJ+DiPcFbpeZUutcdOXJwVG2UusSlc
MCNYFZnkpe6oGMeJ3JVI352Bl0aptAvls8wFxuoboMmBVFEgm01UKAzPQSekk6Ry
1YwrrRHbGEFG5wXcRd+50U1zlXcQn7IG+mZlUMGWqXaUiNUnXOGj62TPJjuL0g7M
yNyf+GcRm2ypKQF3lQjGivTcfF9ZdNoBAvF38wAaOu6WeBZEVOPouRWIC7yYv6MD
NMqtK4YVcVfxLfNp/GWPxIIXrQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFJX2Arp0
aLQ7n6KAAI+xR803MS70MB8GA1UdIwQYMBaAFCGepjxqyWbdsoWIa9cRx4oU31Er
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTZEOS84MERGREVDMEU1
REQxMUVBQjI0NjhENjVDNEY5QUUwMi9JWjZtUEdySlp0MnloWWhyMXhISGloVGZV
U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0laNm1QR3JKWnQyeWhZaHIxeEhIaWhUZlVTcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTk2RDkvODBERkRFQzBFNUREMTFFQUIyNDY4RDY1QzRGOUFFMDIvMTE2RDk2MzRF
NURGMTFFQTlFOEU4RDZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEAHQAIwMEA3QAIAMEAHQALTAMAwQAdAAvAwQAdAA2MA0G
CSqGSIb3DQEBCwUAA4IBAQAhjJEFh86o+YFg8xZR14i2l+SD/qY5NbIN+YBitOcq
3xWam2MvDz7DwgnK+JuoqB4unTn4gXRUgr2drJimkDrFYfTsrC7QcueFdPnykIrR
vzotg1ikbwldrs39Dtj7IBFGB9jNLo13myVVdN4jE2mHTMGu9WXTT3np9g0HI6Dh
n2UYk5zIiQTsXVYsMT4PhwyoVGehhlnJ1xMkyaI/w0Belwe8PR2xUJ5uCO4No1+o
deeijlqLV/BLHQWmAisRwJ21IrwsTwniQN0Ayxm/8hMZcf968avV3kdma5sexa/I
9SC563dZsNDG7FdK6Xb7LtFxF+upWpxxo0AWSoDlZlKF
-----END CERTIFICATE-----
Generated at Fri Jul 12 14:49:05 2024 by rpki-client on console-fra.rpki-client.org