Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/B3459B8ADF9311EEBF6BC36DC4F9AE02.roa
File: B3459B8ADF9311EEBF6BC36DC4F9AE02.roa (raw, json)
Hash identifier: CRI/Q5GuibE+a81vqNuDFSNyQo+JG3k/yPNmjwVXU+Q=
Subject key identifier: D1:A1:B6:9B:D3:35:40:B3:42:7A:F7:3F:B1:D8:18:B1:E7:2C:93:77
Certificate issuer: /CN=A91AAE16/serialNumber=394EA086895C6F17D936548A32238B82CF79294D
Certificate serial: 0EC4
Authority key identifier: 39:4E:A0:86:89:5C:6F:17:D9:36:54:8A:32:23:8B:82:CF:79:29:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OU6gholcbxfZNlSKMiOLgs95KU0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/B3459B8ADF9311EEBF6BC36DC4F9AE02.roa
Signing time: Mon 11 Mar 2024 10:39:56 +0000
ROA not before: Mon 11 Mar 2024 10:39:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4826
IP address blocks: 202.58.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 11:08:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3780 (0xec4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AAE16/serialNumber=394EA086895C6F17D936548A32238B82CF79294D
Validity
Not Before: Mar 11 10:39:56 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65eedf7b-3abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e8:25:39:cd:03:c5:be:ff:20:cf:00:5f:b7:
96:23:05:cc:3d:18:4a:c0:a7:d5:d8:5f:a2:65:5a:
90:16:a0:3d:40:06:7b:bc:36:33:71:56:d4:d1:0a:
aa:35:53:c3:07:a8:f2:4a:8a:9e:2e:19:e9:43:15:
52:45:b5:ca:91:00:93:60:47:39:15:31:33:d8:fe:
60:a9:33:0c:81:8d:39:6b:c5:f4:f6:88:72:e9:4a:
33:73:48:7a:1c:64:45:ca:de:cb:55:d3:26:e0:8e:
de:52:b2:8b:4c:26:e1:3d:8c:aa:5f:49:a7:7e:80:
5d:7d:1f:fb:26:c8:5b:15:c6:c8:e6:43:9c:d8:0b:
e4:ce:b5:11:7a:bc:1f:b3:77:7a:d1:60:05:c6:62:
77:45:0d:49:79:d9:40:6e:8b:e0:76:76:49:83:6d:
75:86:46:a4:ae:d8:4c:26:09:26:61:9c:0f:8b:e2:
b7:a2:53:ae:d8:7d:24:38:8e:e3:94:9c:e5:61:9d:
6a:e2:3d:5f:28:fc:93:89:c2:3f:61:55:8c:ea:37:
da:d9:d8:d5:bc:80:f6:c8:63:69:b4:d2:f8:74:d4:
b0:0d:38:66:12:a8:20:86:16:ce:5f:3a:be:13:5f:
a2:8b:5f:85:67:e2:86:7d:ce:09:eb:9e:31:d3:9c:
15:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A1:B6:9B:D3:35:40:B3:42:7A:F7:3F:B1:D8:18:B1:E7:2C:93:77
X509v3 Authority Key Identifier:
keyid:39:4E:A0:86:89:5C:6F:17:D9:36:54:8A:32:23:8B:82:CF:79:29:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/OU6gholcbxfZNlSKMiOLgs95KU0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OU6gholcbxfZNlSKMiOLgs95KU0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/B3459B8ADF9311EEBF6BC36DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.58.140.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:9b:25:27:9e:89:ec:a8:05:6b:b8:06:6c:e5:06:2a:0e:95:
be:4b:c0:54:d8:1c:66:a1:13:cb:e8:a7:81:7f:c4:6f:72:fc:
84:55:a5:61:ba:0f:ac:28:a0:8d:95:e8:76:87:14:83:6e:06:
84:11:21:49:ab:e4:18:8d:97:70:5c:65:de:c5:f7:30:c0:ea:
fa:27:b6:bd:74:77:33:55:90:c5:7f:e4:d7:fe:96:54:3a:c9:
ff:9f:55:2a:14:f9:59:a7:c0:35:73:f0:88:24:73:51:d3:ae:
8d:9e:b5:9d:19:9b:c5:07:6e:14:0c:95:49:da:f4:0c:00:ed:
a5:40:eb:75:c2:27:e1:45:fd:42:78:ed:e6:5c:17:d8:4f:b4:
92:e7:d9:ef:2b:7f:a5:bc:cd:f9:34:e0:6a:3e:96:3c:4c:fb:
07:df:3a:6e:77:bd:4d:3f:5b:e7:f5:c0:af:10:58:c2:eb:86:
1a:20:d0:63:d3:1b:b0:59:25:9b:4e:f1:e4:be:07:24:52:d0:
75:92:25:13:b0:15:06:a6:54:3d:5d:94:56:83:00:49:f5:dd:
5c:70:41:9f:5f:2a:2e:31:31:ed:53:9e:e2:79:46:56:d9:ab:
e5:74:58:46:a9:44:17:5f:a2:d9:0b:42:87:ec:79:b0:21:23:
aa:a8:26:99
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDsQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFFMTYxMTAvBgNVBAUTKDM5NEVBMDg2ODk1QzZGMTdEOTM2NTQ4QTMyMjM4Qjgy
Q0Y3OTI5NEQwHhcNMjQwMzExMTAzOTU2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWVlZGY3Yi0zYWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq+glOc0Dxb7/IM8AX7eWIwXMPRhKwKfV2F+iZVqQFqA9QAZ7vDYzcVbU0Qqq
NVPDB6jySoqeLhnpQxVSRbXKkQCTYEc5FTEz2P5gqTMMgY05a8X09ohy6Uozc0h6
HGRFyt7LVdMm4I7eUrKLTCbhPYyqX0mnfoBdfR/7JshbFcbI5kOc2AvkzrURerwf
s3d60WAFxmJ3RQ1JedlAbovgdnZJg211hkakrthMJgkmYZwPi+K3olOu2H0kOI7j
lJzlYZ1q4j1fKPyTicI/YVWM6jfa2djVvID2yGNptNL4dNSwDThmEqgghhbOXzq+
E1+ii1+FZ+KGfc4J654x05wVnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNGhtpvT
NUCzQnr3P7HYGLHnLJN3MB8GA1UdIwQYMBaAFDlOoIaJXG8X2TZUijIji4LPeSlN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUUxNi8xNzQ4ODU1MDVC
QjExMUU5OEIxMDNCMTNDNEY5QUUwMi9PVTZnaG9sY2J4ZlpObFNLTWlPTGdzOTVL
VTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09VNmdob2xjYnhmWk5sU0tNaU9MZ3M5NUtVMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFFMTYvMTc0ODg1NTA1QkIxMTFFOThCMTAzQjEzQzRGOUFFMDIvQjM0NTlCOEFE
RjkzMTFFRUJGNkJDMzZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKOowwDQYJKoZIhvcNAQELBQADggEBAJybJSeeieyoBWu4
BmzlBioOlb5LwFTYHGahE8vop4F/xG9y/IRVpWG6D6wooI2V6HaHFINuBoQRIUmr
5BiNl3BcZd7F9zDA6vontr10dzNVkMV/5Nf+llQ6yf+fVSoU+VmnwDVz8Igkc1HT
ro2etZ0Zm8UHbhQMlUna9AwA7aVA63XCJ+FF/UJ47eZcF9hPtJLn2e8rf6W8zfk0
4Go+ljxM+wffOm53vU0/W+f1wK8QWMLrhhog0GPTG7BZJZtO8eS+ByRS0HWSJROw
FQamVD1dlFaDAEn13VxwQZ9fKi4xMe1TnuJ5RlbZq+V0WEapRBdfotkLQofsebAh
I6qoJpk=
-----END CERTIFICATE-----
Generated at Mon Mar 11 17:50:00 2024 by rpki-client on console.sobornost.net