Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/B2DA2D50DF9311EEBF6BC36DC4F9AE02.roa
File: B2DA2D50DF9311EEBF6BC36DC4F9AE02.roa (raw, json)
Hash identifier: dPCpjvmhOIBG1Y+47eKLxHfijPm18AvakRskjnkwaCc=
Subject key identifier: DD:4E:12:F4:5D:1C:83:F2:6D:8E:06:F6:5B:5E:F8:6B:D0:8D:F0:E9
Certificate issuer: /CN=A91AAE16/serialNumber=394EA086895C6F17D936548A32238B82CF79294D
Certificate serial: 0EC3
Authority key identifier: 39:4E:A0:86:89:5C:6F:17:D9:36:54:8A:32:23:8B:82:CF:79:29:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OU6gholcbxfZNlSKMiOLgs95KU0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/B2DA2D50DF9311EEBF6BC36DC4F9AE02.roa
Signing time: Mon 11 Mar 2024 10:39:55 +0000
ROA not before: Mon 11 Mar 2024 10:39:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21734
IP address blocks: 111.221.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 11:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3779 (0xec3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AAE16/serialNumber=394EA086895C6F17D936548A32238B82CF79294D
Validity
Not Before: Mar 11 10:39:55 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65eedf7b-fb7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:13:29:1c:99:bb:f6:cc:a0:b9:d5:2a:cd:46:
b7:89:2f:dc:dc:0f:f2:7d:26:87:5b:54:a9:43:e0:
29:a3:f6:34:8b:69:85:45:f6:eb:3a:0f:14:64:7f:
f5:a8:d7:cf:7b:19:45:fa:43:c8:e7:b2:78:d3:af:
51:94:64:3f:38:a4:8f:a9:79:32:e0:fb:71:fc:81:
ae:da:b6:3b:19:79:95:8f:ca:c8:8b:ec:57:05:fe:
04:47:13:3b:16:02:60:c9:2d:48:92:11:3b:97:2f:
2f:3e:33:2c:a6:3c:73:fb:3a:c0:82:6e:13:65:b0:
6e:d5:7a:f2:35:14:ca:06:8b:39:9a:15:2c:07:8c:
a7:2e:66:e1:b9:ea:3a:5f:e7:72:06:2b:25:df:9e:
66:f6:68:d4:c1:6a:e2:4c:8f:ca:df:9d:37:ff:57:
56:19:7e:56:bf:99:60:f8:0a:43:1c:a4:6f:6d:cc:
3a:7d:f7:b6:8e:3b:82:35:77:b6:87:6a:8f:e8:ea:
bc:d6:8b:f0:4e:a1:95:f0:55:f3:89:39:d0:6e:e2:
a1:43:58:1b:db:5c:ad:8e:10:79:83:58:3f:e8:11:
a6:f5:74:13:f9:77:35:c0:90:96:87:d3:0e:5a:9c:
83:e1:ad:ab:4f:31:93:3c:57:93:7b:82:30:68:ae:
ed:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4E:12:F4:5D:1C:83:F2:6D:8E:06:F6:5B:5E:F8:6B:D0:8D:F0:E9
X509v3 Authority Key Identifier:
keyid:39:4E:A0:86:89:5C:6F:17:D9:36:54:8A:32:23:8B:82:CF:79:29:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/OU6gholcbxfZNlSKMiOLgs95KU0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OU6gholcbxfZNlSKMiOLgs95KU0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/B2DA2D50DF9311EEBF6BC36DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.221.56.0/24
Signature Algorithm: sha256WithRSAEncryption
69:56:86:38:ac:c5:6c:1a:69:f7:7e:f5:1a:39:dd:2a:8a:be:
a2:19:13:54:52:1e:e4:17:1a:42:55:0b:ad:17:12:00:91:49:
ce:49:d4:45:63:a6:64:10:ce:ee:ab:9f:7e:ee:fa:d3:cb:46:
65:f9:c2:24:e7:7a:92:db:e4:6a:f1:f5:a7:06:3f:8c:5e:fe:
8c:c3:6f:14:2a:43:85:33:22:71:3d:9d:f2:5c:73:89:6a:44:
fd:fb:01:b0:74:c9:28:e8:ca:bf:ce:33:1b:ee:a1:f1:ad:bf:
e9:18:fe:12:f9:ac:d2:bc:09:fe:c4:5c:86:d4:d8:a3:8a:98:
a1:af:cb:28:7e:9d:e8:04:3f:6d:af:8d:9f:96:63:43:bd:ed:
c0:c7:55:e2:70:0d:ea:ff:c2:2b:99:f8:cf:cb:0b:40:14:76:
eb:ff:51:f9:1d:fc:57:f7:5d:e9:fb:23:c6:db:c8:20:9b:68:
f5:30:8d:76:9a:6c:a6:31:a7:e8:40:a6:eb:6d:96:34:64:f3:
82:0e:74:87:4c:55:1e:44:0a:7c:b8:3f:67:96:f1:ad:85:3c:
80:34:a4:3c:55:f9:49:96:1b:d5:3c:3b:dd:f3:05:b6:d8:15:
36:2c:6a:28:06:c9:0a:75:0a:a9:bf:c0:74:46:e9:15:13:b1:
cf:26:a7:f5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFFMTYxMTAvBgNVBAUTKDM5NEVBMDg2ODk1QzZGMTdEOTM2NTQ4QTMyMjM4Qjgy
Q0Y3OTI5NEQwHhcNMjQwMzExMTAzOTU1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWVlZGY3Yi1mYjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3BMpHJm79sygudUqzUa3iS/c3A/yfSaHW1SpQ+Apo/Y0i2mFRfbrOg8UZH/1
qNfPexlF+kPI57J4069RlGQ/OKSPqXky4Ptx/IGu2rY7GXmVj8rIi+xXBf4ERxM7
FgJgyS1IkhE7ly8vPjMspjxz+zrAgm4TZbBu1XryNRTKBos5mhUsB4ynLmbhueo6
X+dyBisl355m9mjUwWriTI/K3503/1dWGX5Wv5lg+ApDHKRvbcw6ffe2jjuCNXe2
h2qP6Oq81ovwTqGV8FXziTnQbuKhQ1gb21ytjhB5g1g/6BGm9XQT+Xc1wJCWh9MO
WpyD4a2rTzGTPFeTe4IwaK7tuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFN1OEvRd
HIPybY4G9lte+GvQjfDpMB8GA1UdIwQYMBaAFDlOoIaJXG8X2TZUijIji4LPeSlN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUUxNi8xNzQ4ODU1MDVC
QjExMUU5OEIxMDNCMTNDNEY5QUUwMi9PVTZnaG9sY2J4ZlpObFNLTWlPTGdzOTVL
VTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09VNmdob2xjYnhmWk5sU0tNaU9MZ3M5NUtVMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFFMTYvMTc0ODg1NTA1QkIxMTFFOThCMTAzQjEzQzRGOUFFMDIvQjJEQTJENTBE
RjkzMTFFRUJGNkJDMzZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABv3TgwDQYJKoZIhvcNAQELBQADggEBAGlWhjisxWwaafd+
9Ro53SqKvqIZE1RSHuQXGkJVC60XEgCRSc5J1EVjpmQQzu6rn37u+tPLRmX5wiTn
epLb5Grx9acGP4xe/ozDbxQqQ4UzInE9nfJcc4lqRP37AbB0ySjoyr/OMxvuofGt
v+kY/hL5rNK8Cf7EXIbU2KOKmKGvyyh+negEP22vjZ+WY0O97cDHVeJwDer/wiuZ
+M/LC0AUduv/Ufkd/Ff3Xen7I8bbyCCbaPUwjXaabKYxp+hAputtljRk84IOdIdM
VR5ECny4P2eW8a2FPIA0pDxV+UmWG9U8O93zBbbYFTYsaigGyQp1Cqm/wHRG6RUT
sc8mp/U=
-----END CERTIFICATE-----
Generated at Mon Mar 11 17:50:00 2024 by rpki-client on console.sobornost.net