Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/7C20A6985F5611EFA2EEFA2AC4F9AE02.roa
File: 7C20A6985F5611EFA2EEFA2AC4F9AE02.roa (raw, json)
Hash identifier: YE3eAbN6zxCNl10pWrY4m1t5FKm4l9LsTyYy/JS4B0s=
Subject key identifier: EC:37:54:2A:F6:66:53:92:F7:CA:78:9F:0D:08:13:8E:36:E7:4B:11
Certificate issuer: /CN=A9179672/serialNumber=91AA7783FB027819838C4A91C91C60D41FB3EEAB
Certificate serial: 02
Authority key identifier: 91:AA:77:83:FB:02:78:19:83:8C:4A:91:C9:1C:60:D4:1F:B3:EE:AB
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kap3g_sCeBmDjEqRyRxg1B-z7qs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/7C20A6985F5611EFA2EEFA2AC4F9AE02.roa
Signing time: Wed 21 Aug 2024 00:44:13 +0000
ROA not before: Wed 21 Aug 2024 00:44:13 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 14618
IP address blocks: 192.206.156.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 02:17:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9179672/serialNumber=91AA7783FB027819838C4A91C91C60D41FB3EEAB
Validity
Not Before: Aug 21 00:44:13 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66c5385c-3fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:fd:b9:24:39:ac:b6:c9:92:d6:af:d3:fd:ca:
fd:e0:9f:93:c3:3f:84:ec:6c:63:cc:b7:09:39:da:
e5:7d:41:d0:d7:84:d9:86:94:33:fe:13:0e:47:eb:
82:33:a6:f2:b2:4c:a4:f4:cd:63:93:ac:fd:dc:bb:
2f:be:fe:fe:97:39:e1:a7:3d:0e:e9:9a:f7:12:65:
0a:db:72:6b:01:31:5a:f0:ca:4c:24:56:16:38:70:
d2:91:b8:69:95:14:e0:f1:3d:20:00:84:f7:4a:d1:
1d:22:82:41:dc:60:38:06:5b:cd:22:2d:9b:45:36:
b0:df:75:50:d1:dd:b6:29:36:51:3b:14:21:8a:a7:
aa:e6:04:31:da:5c:54:5d:4b:53:58:93:e7:02:0b:
07:02:b6:4b:35:c4:76:8a:1e:95:d6:0d:4d:60:51:
65:c8:bc:fe:d7:0e:d5:5b:fb:57:7d:0b:8e:42:0f:
dd:96:9b:65:a2:ac:57:c1:8b:a5:87:ab:63:a9:c2:
2b:cc:84:5c:de:7b:4f:fa:0f:c3:f9:1f:50:a5:ee:
ff:65:a4:ff:86:ea:d8:2b:b5:0f:3b:21:e3:6d:47:
95:b6:e2:c5:b7:c9:1a:24:29:72:4c:33:4f:d6:f9:
63:af:82:ff:c1:34:6d:46:40:50:e5:9d:10:89:6d:
e3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:37:54:2A:F6:66:53:92:F7:CA:78:9F:0D:08:13:8E:36:E7:4B:11
X509v3 Authority Key Identifier:
keyid:91:AA:77:83:FB:02:78:19:83:8C:4A:91:C9:1C:60:D4:1F:B3:EE:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/kap3g_sCeBmDjEqRyRxg1B-z7qs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kap3g_sCeBmDjEqRyRxg1B-z7qs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/7C20A6985F5611EFA2EEFA2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.206.156.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:da:f2:b9:d4:2a:0b:85:9c:d9:71:7f:e9:59:a4:00:1e:27:
8c:bd:89:87:63:b8:ca:4f:9d:c0:25:dd:36:c5:32:a4:4e:01:
92:fb:b3:72:13:65:09:62:41:ad:6b:61:65:d4:8c:b4:f4:45:
5d:f5:3f:93:f3:51:51:a2:8f:e8:ed:57:ab:09:54:9b:a6:c2:
06:33:87:0b:bf:21:9e:28:6a:8f:76:58:41:c7:50:a0:30:92:
b8:fc:98:c3:24:35:3c:86:aa:0c:46:19:08:4c:96:43:8a:71:
4f:dd:ef:a6:17:78:70:ad:c3:9d:4f:1a:79:5d:b7:0d:ab:0b:
2f:d9:11:e4:ee:19:18:12:d0:e6:94:f9:5a:9a:70:27:a9:82:
69:f7:a2:88:9a:64:86:51:a4:f2:86:a5:37:f0:57:37:a3:b9:
32:5b:f7:8e:65:a2:44:51:67:21:63:85:92:9a:a1:4c:ce:9a:
42:9b:d2:5b:e0:44:01:0a:46:31:5b:71:ed:28:49:d2:62:af:
d5:7f:02:38:8c:e6:93:f8:70:bd:21:04:e2:8f:6a:a3:88:d1:
e9:22:94:d7:2d:18:07:d2:25:97:94:6f:72:f6:9a:da:43:8f:
28:02:66:8e:eb:ed:db:d3:3c:00:cd:ac:fb:db:1e:9d:9f:16:
52:54:8a:c3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OTY3MjExMC8GA1UEBRMoOTFBQTc3ODNGQjAyNzgxOTgzOEM0QTkxQzkxQzYwRDQx
RkIzRUVBQjAeFw0yNDA4MjEwMDQ0MTNaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YzUzODVjLTNmY2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDf/bkkOay2yZLWr9P9yv3gn5PDP4TsbGPMtwk52uV9QdDXhNmGlDP+Ew5H64Iz
pvKyTKT0zWOTrP3cuy++/v6XOeGnPQ7pmvcSZQrbcmsBMVrwykwkVhY4cNKRuGmV
FODxPSAAhPdK0R0igkHcYDgGW80iLZtFNrDfdVDR3bYpNlE7FCGKp6rmBDHaXFRd
S1NYk+cCCwcCtks1xHaKHpXWDU1gUWXIvP7XDtVb+1d9C45CD92Wm2WirFfBi6WH
q2OpwivMhFzee0/6D8P5H1Cl7v9lpP+G6tgrtQ87IeNtR5W24sW3yRokKXJMM0/W
+WOvgv/BNG1GQFDlnRCJbeN7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU7DdUKvZm
U5L3ynifDQgTjjbnSxEwHwYDVR0jBBgwFoAUkap3g/sCeBmDjEqRyRxg1B+z7qsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc5NjcyL0U1RjQ1QUQwNUY1
NDExRUY4RDE4QkUyM0M0RjlBRTAyL2thcDNnX3NDZUJtRGpFcVJ5UnhnMUItejdx
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIva2FwM2dfc0NlQm1EakVxUnlSeGcxQi16N3FzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OTY3Mi9FNUY0NUFEMDVGNTQxMUVGOEQxOEJFMjNDNEY5QUUwMi83QzIwQTY5ODVG
NTYxMUVGQTJFRUZBMkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcDOnDANBgkqhkiG9w0BAQsFAAOCAQEAatryudQqC4Wc2XF/
6VmkAB4njL2Jh2O4yk+dwCXdNsUypE4BkvuzchNlCWJBrWthZdSMtPRFXfU/k/NR
UaKP6O1XqwlUm6bCBjOHC78hnihqj3ZYQcdQoDCSuPyYwyQ1PIaqDEYZCEyWQ4px
T93vphd4cK3DnU8aeV23DasLL9kR5O4ZGBLQ5pT5WppwJ6mCafeiiJpkhlGk8oal
N/BXN6O5Mlv3jmWiRFFnIWOFkpqhTM6aQpvSW+BEAQpGMVtx7ShJ0mKv1X8COIzm
k/hwvSEE4o9qo4jR6SKU1y0YB9Ill5Rvcvaa2kOPKAJmjuvt29M8AM2s+9senZ8W
UlSKww==
-----END CERTIFICATE-----
Generated at Wed Aug 21 04:57:50 2024 by rpki-client on console.sobornost.net