Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FECDA/9BA971A26F9C11E9A5074B2FC4F9AE02/5BCA77886F9D11E99D2E7930C4F9AE02.roa
File: 5BCA77886F9D11E99D2E7930C4F9AE02.roa (raw, json)
Hash identifier: b25VcZYMDfs49OQfgsskSpXwWTTGC5hsGjWI6ebwJQk=
Subject key identifier: 54:54:DC:25:67:D4:08:9B:26:61:E5:6E:D2:B1:7B:FA:F7:3D:91:D2
Certificate issuer: /CN=A91FECDA/serialNumber=CCCE54EEAFBF93213CD992BCA1E5267D5052B3C7
Certificate serial: 0EDC
Authority key identifier: CC:CE:54:EE:AF:BF:93:21:3C:D9:92:BC:A1:E5:26:7D:50:52:B3:C7
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/zM5U7q-_kyE82ZK8oeUmfVBSs8c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FECDA/9BA971A26F9C11E9A5074B2FC4F9AE02/5BCA77886F9D11E99D2E7930C4F9AE02.roa
Signing time: Thu 24 Oct 2024 17:56:07 +0000
ROA not before: Thu 24 Oct 2024 17:56:07 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132899
IP address blocks: 193.119.0.0/24 maxlen: 24
193.119.1.0/24 maxlen: 24
193.119.2.0/24 maxlen: 24
193.119.3.0/24 maxlen: 24
193.119.4.0/24 maxlen: 24
193.119.5.0/24 maxlen: 24
193.119.6.0/24 maxlen: 24
193.119.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 16:19:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3804 (0xedc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FECDA/serialNumber=CCCE54EEAFBF93213CD992BCA1E5267D5052B3C7
Validity
Not Before: Oct 24 17:56:07 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=671a8a37-f52a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e6:ac:23:ac:dc:62:bb:0e:77:49:b3:9c:84:
78:c2:dd:36:8e:fd:20:cc:48:56:a0:16:66:ec:f5:
42:b6:8f:17:7d:44:40:a9:71:83:17:3c:c6:f8:d5:
fc:17:84:24:e3:46:65:23:ef:7d:e5:bf:17:38:24:
49:c3:4b:d5:54:9a:d7:1a:a4:95:d8:42:64:10:46:
16:16:ed:02:d5:99:0d:b3:7e:ce:53:27:b4:50:71:
21:70:f3:33:64:e5:7f:d8:7a:95:7b:bd:cb:50:63:
e5:13:e2:65:9e:e6:f3:c8:69:99:e2:df:e2:4a:44:
8b:d3:6a:22:dd:5b:53:0f:93:ec:38:91:b2:73:e8:
30:65:37:18:f5:f4:7a:67:8a:1e:cd:ac:82:e7:4c:
93:33:ec:f1:b7:80:b3:cc:fa:63:4b:5b:bd:7e:b3:
cf:df:d0:a0:de:39:fc:09:f3:bc:4e:f3:97:b4:6b:
e6:b2:df:b8:6c:5c:3c:84:9f:14:9a:03:80:f7:b5:
d3:3b:e1:09:bb:fc:50:62:3b:a0:bf:f5:bc:05:c0:
26:34:8a:85:ce:d3:18:30:ac:77:86:ab:e9:ec:a0:
d3:45:20:31:5e:98:32:a7:86:bd:87:81:92:46:46:
47:38:cc:74:5e:4b:bb:bd:db:10:3f:1a:1c:f6:1b:
ea:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:54:DC:25:67:D4:08:9B:26:61:E5:6E:D2:B1:7B:FA:F7:3D:91:D2
X509v3 Authority Key Identifier:
keyid:CC:CE:54:EE:AF:BF:93:21:3C:D9:92:BC:A1:E5:26:7D:50:52:B3:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FECDA/9BA971A26F9C11E9A5074B2FC4F9AE02/zM5U7q-_kyE82ZK8oeUmfVBSs8c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/zM5U7q-_kyE82ZK8oeUmfVBSs8c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FECDA/9BA971A26F9C11E9A5074B2FC4F9AE02/5BCA77886F9D11E99D2E7930C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
193.119.0.0/21
Signature Algorithm: sha256WithRSAEncryption
12:df:e3:8c:8a:b9:20:c9:89:29:f4:fe:c3:81:65:aa:f8:78:
48:d4:d4:1c:8d:a6:64:b8:52:55:cc:59:2d:0f:6e:79:d7:fe:
14:4e:fb:81:c9:ee:69:e5:4c:67:5b:4a:60:1e:dc:7b:1f:47:
a3:e9:04:27:33:03:6f:35:f2:e6:5c:7d:8e:c7:7f:71:10:f0:
b7:86:c7:19:1b:1f:fa:db:b0:e8:ed:07:8d:0b:3d:a4:ab:70:
63:eb:2f:a4:24:1f:69:4b:fa:88:ef:41:2f:84:a5:4f:28:ca:
1c:a0:df:bb:8b:c6:c1:4d:58:12:b8:03:bc:f9:b8:23:52:a5:
44:b0:81:cb:d2:a6:0f:ee:41:b2:e1:7c:79:0b:8d:c0:7d:4f:
19:55:fd:68:a2:6a:2c:4c:c5:eb:75:6e:83:3f:1f:c0:77:41:
48:3a:a6:ba:d1:08:4e:01:62:ed:d9:e2:a8:51:67:da:42:fd:
33:35:b5:a4:d0:2d:8d:2e:17:11:74:27:ae:b4:44:5c:be:12:
4c:e1:85:21:11:ba:9c:ad:48:d2:43:f5:6e:02:cc:fd:b2:18:
9a:a4:ae:1c:d2:03:a1:38:13:b2:89:84:19:b6:dd:06:b8:e9:
73:4d:ca:5f:5c:2a:9d:3a:b6:86:7b:b3:1f:46:38:b5:98:e9:
fb:61:64:91
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDtwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkVDREExMTAvBgNVBAUTKENDQ0U1NEVFQUZCRjkzMjEzQ0Q5OTJCQ0ExRTUyNjdE
NTA1MkIzQzcwHhcNMjQxMDI0MTc1NjA3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFhOGEzNy1mNTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzeasI6zcYrsOd0mznIR4wt02jv0gzEhWoBZm7PVCto8XfURAqXGDFzzG+NX8
F4Qk40ZlI+995b8XOCRJw0vVVJrXGqSV2EJkEEYWFu0C1ZkNs37OUye0UHEhcPMz
ZOV/2HqVe73LUGPlE+JlnubzyGmZ4t/iSkSL02oi3VtTD5PsOJGyc+gwZTcY9fR6
Z4oezayC50yTM+zxt4CzzPpjS1u9frPP39Cg3jn8CfO8TvOXtGvmst+4bFw8hJ8U
mgOA97XTO+EJu/xQYjugv/W8BcAmNIqFztMYMKx3hqvp7KDTRSAxXpgyp4a9h4GS
RkZHOMx0Xku7vdsQPxoc9hvqrQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFRU3CVn
1AibJmHlbtKxe/r3PZHSMB8GA1UdIwQYMBaAFMzOVO6vv5MhPNmSvKHlJn1QUrPH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUNEQS85QkE5NzFBMjZG
OUMxMUU5QTUwNzRCMkZDNEY5QUUwMi96TTVVN3EtX2t5RTgyWks4b2VVbWZWQlNz
OGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL3pNNVU3cS1fa3lFODJaSzhvZVVtZlZCU3M4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkVDREEvOUJBOTcxQTI2RjlDMTFFOUE1MDc0QjJGQzRGOUFFMDIvNUJDQTc3ODg2
RjlEMTFFOTlEMkU3OTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPBdwAwDQYJKoZIhvcNAQELBQADggEBABLf44yKuSDJiSn0
/sOBZar4eEjU1ByNpmS4UlXMWS0PbnnX/hRO+4HJ7mnlTGdbSmAe3HsfR6PpBCcz
A2818uZcfY7Hf3EQ8LeGxxkbH/rbsOjtB40LPaSrcGPrL6QkH2lL+ojvQS+EpU8o
yhyg37uLxsFNWBK4A7z5uCNSpUSwgcvSpg/uQbLhfHkLjcB9TxlV/WiiaixMxet1
boM/H8B3QUg6prrRCE4BYu3Z4qhRZ9pC/TM1taTQLY0uFxF0J660RFy+EkzhhSER
upytSNJD9W4CzP2yGJqkrhzSA6E4E7KJhBm23Qa46XNNyl9cKp06toZ7sx9GOLWY
6fthZJE=
-----END CERTIFICATE-----
Generated at Thu Nov 14 18:30:08 2024 by rpki-client on console-fra.rpki-client.org