Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/96E9AF687CEF11EF8A08BA3DC4F9AE02.roa
File: 96E9AF687CEF11EF8A08BA3DC4F9AE02.roa (raw, json)
Hash identifier: waxlRhbyTNUu/Cb2vGo/DgMozn0vPxgTRmFCS9BxeRU=
Subject key identifier: 44:C9:1B:3E:F4:47:1F:68:43:0C:DE:C7:2D:B0:5C:86:CB:01:83:6E
Certificate issuer: /CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Certificate serial: 0D55
Authority key identifier: 25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/96E9AF687CEF11EF8A08BA3DC4F9AE02.roa
Signing time: Fri 27 Sep 2024 16:43:14 +0000
ROA not before: Fri 27 Sep 2024 16:43:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137547
IP address blocks: 220.158.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 16:46:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3413 (0xd55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Validity
Not Before: Sep 27 16:43:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66f6e0a2-0d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0b:81:a6:0a:d5:3d:b9:af:02:df:ec:bb:7c:
67:b7:3f:64:d6:1c:60:85:d1:d6:18:34:25:22:4e:
76:ee:4e:67:e5:3b:2b:95:47:d0:35:80:82:57:a3:
35:d6:e3:5f:b8:1c:66:a2:13:18:57:77:79:1d:28:
20:52:08:40:09:72:c5:a6:54:28:7f:f4:15:57:07:
6d:19:93:d6:a8:19:54:98:90:f2:3c:ce:d3:87:39:
ea:0f:77:67:46:01:ee:16:1b:19:9f:c3:42:2c:10:
62:b2:39:06:09:c2:cc:89:55:e7:7e:f6:66:1c:68:
74:3a:09:22:21:e4:ed:f4:6e:e1:ed:35:93:f6:5d:
87:d8:98:8f:30:a7:7b:53:33:d9:bb:be:2c:e6:ea:
17:67:4d:1e:ef:63:2d:f7:a7:55:16:7b:11:2a:6d:
c1:52:01:73:14:57:50:13:8b:5d:16:21:76:9b:08:
13:5c:85:f2:16:a1:d8:6a:7b:b1:77:9b:9d:18:7d:
4b:c2:94:01:a1:df:f0:29:20:6f:53:82:bc:1f:85:
24:7c:fd:4d:6c:02:ea:ae:70:76:bf:68:b6:28:1d:
31:66:96:48:ff:e5:c3:53:5d:66:3c:d2:d6:d8:0d:
3c:81:19:4c:24:a4:b0:25:08:36:76:01:c1:01:8c:
0a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C9:1B:3E:F4:47:1F:68:43:0C:DE:C7:2D:B0:5C:86:CB:01:83:6E
X509v3 Authority Key Identifier:
keyid:25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/JVKQoBqpuRGLZu7aD5BfbUDbBa4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/96E9AF687CEF11EF8A08BA3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.158.194.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:b4:ad:2b:bf:1d:e7:f4:26:36:f0:1a:e8:e9:0c:fe:22:e8:
11:96:85:52:2f:a2:82:ee:97:50:be:bc:fe:a0:e8:6d:7a:fd:
cd:04:ea:b4:a3:a2:04:2f:fa:93:f6:f0:2d:50:4e:35:a1:12:
f5:f2:9d:bd:5d:3b:4b:22:86:70:67:db:bb:78:30:e1:e1:8a:
3d:d1:5a:32:0c:04:ef:d7:b8:e0:53:0e:4f:ce:ce:21:8b:89:
97:f3:66:69:5a:17:21:1e:08:a8:28:a3:a3:f5:bb:22:da:32:
e0:b0:38:21:0d:d8:44:4f:ce:b0:c2:b5:46:17:57:7a:ad:c1:
96:ce:f6:cb:36:dc:90:73:b6:60:b4:3d:62:7a:68:a1:75:5f:
80:85:00:27:fd:4b:3f:ff:0f:3f:a9:ea:fd:11:8c:5a:c5:0f:
30:22:d1:95:03:ab:fb:47:09:40:90:73:ca:1b:24:6d:6c:6e:
0d:03:ed:fe:be:69:53:1c:f4:5a:17:2d:e3:02:13:a4:43:b5:
3a:b9:b5:de:e2:8b:31:5e:e6:a5:32:22:d6:d2:85:dd:50:ba:
a8:21:85:11:3c:95:09:71:27:a9:07:c4:48:42:c1:19:55:98:
78:35:8f:58:47:8f:4b:be:9d:5d:46:19:02:47:ce:b9:58:24:
e4:4c:0b:f2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDVUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlFMTkxMTAvBgNVBAUTKDI1NTI5MEEwMUFBOUI5MTE4QjY2RUVEQTBGOTA1RjZE
NDBEQjA1QUUwHhcNMjQwOTI3MTY0MzE0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2ZTBhMi0wZDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArwuBpgrVPbmvAt/su3xntz9k1hxghdHWGDQlIk527k5n5TsrlUfQNYCCV6M1
1uNfuBxmohMYV3d5HSggUghACXLFplQof/QVVwdtGZPWqBlUmJDyPM7ThznqD3dn
RgHuFhsZn8NCLBBisjkGCcLMiVXnfvZmHGh0OgkiIeTt9G7h7TWT9l2H2JiPMKd7
UzPZu74s5uoXZ00e72Mt96dVFnsRKm3BUgFzFFdQE4tdFiF2mwgTXIXyFqHYanux
d5udGH1LwpQBod/wKSBvU4K8H4UkfP1NbALqrnB2v2i2KB0xZpZI/+XDU11mPNLW
2A08gRlMJKSwJQg2dgHBAYwKEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFETJGz70
Rx9oQwzexy2wXIbLAYNuMB8GA1UdIwQYMBaAFCVSkKAaqbkRi2bu2g+QX21A2wWu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUUxOS8zNTZGMkYzRUMx
QTUxMUU5QThCOEYzMzZDNEY5QUUwMi9KVktRb0JxcHVSR0xadTdhRDVCZmJVRGJC
YTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pWS1FvQnFwdVJHTFp1N2FENUJmYlVEYkJhNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlFMTkvMzU2RjJGM0VDMUE1MTFFOUE4QjhGMzM2QzRGOUFFMDIvOTZFOUFGNjg3
Q0VGMTFFRjhBMDhCQTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADcnsIwDQYJKoZIhvcNAQELBQADggEBAKW0rSu/Hef0Jjbw
GujpDP4i6BGWhVIvooLul1C+vP6g6G16/c0E6rSjogQv+pP28C1QTjWhEvXynb1d
O0sihnBn27t4MOHhij3RWjIMBO/XuOBTDk/OziGLiZfzZmlaFyEeCKgoo6P1uyLa
MuCwOCEN2ERPzrDCtUYXV3qtwZbO9ss23JBztmC0PWJ6aKF1X4CFACf9Sz//Dz+p
6v0RjFrFDzAi0ZUDq/tHCUCQc8obJG1sbg0D7f6+aVMc9FoXLeMCE6RDtTq5td7i
izFe5qUyItbShd1QuqghhRE8lQlxJ6kHxEhCwRlVmHg1j1hHj0u+nV1GGQJHzrlY
JORMC/I=
-----END CERTIFICATE-----
Generated at Fri Sep 27 20:06:52 2024 by rpki-client on console.sobornost.net