Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150CF2/D00DB76EF4EE11E9AEFEA819C4F9AE02/5EDD4AA2959311EDB77DA179C4F9AE02.roa
File: 5EDD4AA2959311EDB77DA179C4F9AE02.roa (raw, json)
Hash identifier: OjQsSEQeijp0mXvic7U84FkAfqaZ4ckf5yK9L6/tI5A=
Subject key identifier: DF:F6:7E:84:B3:40:DC:8E:2F:A7:31:3D:9C:AD:32:B4:CD:EF:1C:DE
Certificate issuer: /CN=A9150CF2/serialNumber=B03E7BFB2B4BDAFA2EAA50AB7990F74FFCBCADD7
Certificate serial: 0B33
Authority key identifier: B0:3E:7B:FB:2B:4B:DA:FA:2E:AA:50:AB:79:90:F7:4F:FC:BC:AD:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sD57-ytL2vouqlCreZD3T_y8rdc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150CF2/D00DB76EF4EE11E9AEFEA819C4F9AE02/5EDD4AA2959311EDB77DA179C4F9AE02.roa
Signing time: Thu 18 May 2023 20:00:17 +0000
ROA not before: Thu 18 May 2023 20:00:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138482
IP address blocks: 49.128.1.0/24 maxlen: 24
182.161.67.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2867 (0xb33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150CF2/serialNumber=B03E7BFB2B4BDAFA2EAA50AB7990F74FFCBCADD7
Validity
Not Before: May 18 20:00:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=646683d0-e1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a1:1a:eb:5f:d6:16:70:e2:5b:95:c0:01:61:
d9:11:25:15:13:07:d6:cc:2b:9b:17:a5:31:aa:9c:
f3:b3:f4:7b:95:01:dd:db:1e:b8:7f:f9:38:b5:14:
9c:ef:e6:27:31:4f:0c:cc:aa:02:ca:5f:00:0a:f7:
91:cf:93:8c:71:44:5a:f6:2c:9d:38:88:09:e3:96:
a8:7d:90:b4:d2:01:37:9f:49:b7:16:7e:ac:1d:c9:
ed:f1:ce:91:c6:d0:b5:61:6a:41:6b:27:4a:8e:11:
86:6b:ca:91:89:05:f3:60:4b:09:f1:63:e5:8a:4a:
57:af:a2:09:c5:2b:64:fe:d6:7e:57:11:cf:f0:86:
f4:f2:72:1d:d6:3d:3c:4f:2f:69:ea:ce:d2:7f:8f:
65:3d:de:98:28:89:8a:c5:1e:41:dd:0d:1a:37:f6:
7c:a2:e4:4d:d9:87:d1:0f:8b:0b:b2:a2:64:92:8a:
4b:9f:50:33:e2:cc:0a:6f:0f:7f:45:94:b5:41:55:
b6:f0:4a:19:db:bd:f7:c2:a3:51:a5:42:2c:9b:1b:
7f:bc:43:2b:57:43:7a:49:c7:db:b8:3a:82:21:3b:
b4:f7:e6:a0:1d:da:a3:de:1c:37:85:6a:ee:a5:b6:
27:1e:67:73:6d:d7:2a:fa:c9:8b:2e:29:18:72:61:
23:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F6:7E:84:B3:40:DC:8E:2F:A7:31:3D:9C:AD:32:B4:CD:EF:1C:DE
X509v3 Authority Key Identifier:
keyid:B0:3E:7B:FB:2B:4B:DA:FA:2E:AA:50:AB:79:90:F7:4F:FC:BC:AD:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150CF2/D00DB76EF4EE11E9AEFEA819C4F9AE02/sD57-ytL2vouqlCreZD3T_y8rdc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sD57-ytL2vouqlCreZD3T_y8rdc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150CF2/D00DB76EF4EE11E9AEFEA819C4F9AE02/5EDD4AA2959311EDB77DA179C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.128.1.0/24
182.161.67.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:8d:0d:06:87:f4:f9:b4:36:1f:f6:f3:ed:1e:65:ef:d6:7f:
8a:a3:95:1f:aa:4f:06:f8:3a:36:30:13:53:4f:2a:c5:83:ab:
45:22:8b:73:b5:ef:d4:e0:50:8e:09:34:cc:b9:62:d6:b9:9d:
b4:e1:73:dd:a5:18:80:27:c2:dc:9a:be:01:f5:61:3a:c1:5b:
aa:d6:c3:fd:f9:29:21:f5:32:cc:ce:39:c2:f6:8f:ad:3f:63:
a0:46:83:5d:98:34:3b:14:4a:b6:8a:7e:38:99:32:c6:31:3f:
46:68:20:9e:54:34:5b:8c:2d:03:36:ad:65:6f:cf:28:84:60:
3a:44:04:6a:56:33:79:0c:99:46:0f:84:56:e4:76:61:d5:e1:
e9:cf:0b:df:d5:a7:c4:66:48:44:bc:16:0f:f5:d0:31:89:7c:
11:06:e7:db:34:c7:ea:ad:a0:ef:8d:43:da:19:44:97:e0:5a:
1b:50:09:89:b7:3b:eb:2c:f2:5a:f8:dd:65:38:93:6a:a0:4f:
b0:b4:d9:1b:3f:10:35:2f:dc:92:5e:31:dc:35:c7:ce:bb:a2:
05:49:ae:81:9f:74:d4:a4:67:a6:eb:3d:72:2f:da:ba:32:b3:
25:47:64:02:2d:50:ba:c2:93:ab:2a:6d:05:b3:c0:66:04:b5:
2e:ef:b0:6e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCzMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBDRjIxMTAvBgNVBAUTKEIwM0U3QkZCMkI0QkRBRkEyRUFBNTBBQjc5OTBGNzRG
RkNCQ0FERDcwHhcNMjMwNTE4MjAwMDE3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY2ODNkMC1lMWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0qEa61/WFnDiW5XAAWHZESUVEwfWzCubF6Uxqpzzs/R7lQHd2x64f/k4tRSc
7+YnMU8MzKoCyl8ACveRz5OMcURa9iydOIgJ45aofZC00gE3n0m3Fn6sHcnt8c6R
xtC1YWpBaydKjhGGa8qRiQXzYEsJ8WPlikpXr6IJxStk/tZ+VxHP8Ib08nId1j08
Ty9p6s7Sf49lPd6YKImKxR5B3Q0aN/Z8ouRN2YfRD4sLsqJkkopLn1Az4swKbw9/
RZS1QVW28EoZ2733wqNRpUIsmxt/vEMrV0N6ScfbuDqCITu09+agHdqj3hw3hWru
pbYnHmdzbdcq+smLLikYcmEjewIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN/2foSz
QNyOL6cxPZytMrTN7xzeMB8GA1UdIwQYMBaAFLA+e/srS9r6LqpQq3mQ90/8vK3X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MENGMi9EMDBEQjc2RUY0
RUUxMUU5QUVGRUE4MTlDNEY5QUUwMi9zRDU3LXl0TDJ2b3VxbENyZVpEM1RfeThy
ZGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NENTcteXRMMnZvdXFsQ3JlWkQzVF95OHJkYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBDRjIvRDAwREI3NkVGNEVFMTFFOUFFRkVBODE5QzRGOUFFMDIvNUVERDRBQTI5
NTkzMTFFREI3N0RBMTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAxgAEDBAC2oUMwDQYJKoZIhvcNAQELBQADggEBALKNDQaH
9Pm0Nh/28+0eZe/Wf4qjlR+qTwb4OjYwE1NPKsWDq0Uii3O179TgUI4JNMy5Yta5
nbThc92lGIAnwtyavgH1YTrBW6rWw/35KSH1MszOOcL2j60/Y6BGg12YNDsUSraK
fjiZMsYxP0ZoIJ5UNFuMLQM2rWVvzyiEYDpEBGpWM3kMmUYPhFbkdmHV4enPC9/V
p8RmSES8Fg/10DGJfBEG59s0x+qtoO+NQ9oZRJfgWhtQCYm3O+ss8lr43WU4k2qg
T7C02Rs/EDUv3JJeMdw1x867ogVJroGfdNSkZ6brPXIv2roysyVHZAItULrCk6sq
bQWzwGYEtS7vsG4=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:22 2023 by rpki-client on console.sobornost.net