Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/4204EB5C98C011EE8589663CC4F9AE02.roa
File: 4204EB5C98C011EE8589663CC4F9AE02.roa (raw, json)
Hash identifier: R5x1m3ldBBAQtAavV/rtQH/4sBmWbXAcQXVkjZApaa0=
Subject key identifier: 8B:D2:3C:B5:11:BC:85:6A:12:A6:8D:35:3C:0D:A4:20:B2:2E:DF:FE
Certificate issuer: /CN=A91F006D/serialNumber=46F972D7B83DCA061DB9DFAAF0177F2DDF1EE90A
Certificate serial: 04
Authority key identifier: 46:F9:72:D7:B8:3D:CA:06:1D:B9:DF:AA:F0:17:7F:2D:DF:1E:E9:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Rvly17g9ygYdud-q8Bd_Ld8e6Qo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/4204EB5C98C011EE8589663CC4F9AE02.roa
Signing time: Tue 12 Dec 2023 07:30:00 +0000
ROA not before: Tue 12 Dec 2023 07:30:00 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137970
IP address blocks: 36.50.74.0/23 maxlen: 24
36.50.74.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F006D/serialNumber=46F972D7B83DCA061DB9DFAAF0177F2DDF1EE90A
Validity
Not Before: Dec 12 07:30:00 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65780bf8-349d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:7d:6c:be:d9:d8:5b:c8:4b:a6:0a:86:1e:
47:b8:7b:6c:85:e6:73:2d:f3:f7:51:bc:a1:dd:65:
52:f3:5a:84:9f:ef:6d:6b:0e:54:51:f5:7f:a9:4b:
ed:ef:ae:68:29:75:0d:ed:49:46:5d:d6:28:15:40:
f0:d8:f8:b0:f6:bf:75:24:a6:c3:c1:86:62:99:bc:
96:14:bd:51:bc:3f:26:cd:4c:fe:d7:23:c8:36:f5:
59:1c:06:51:1d:df:f1:c9:dc:8d:d5:0d:1b:e1:7e:
91:c3:97:7e:c3:ec:78:88:e6:4f:d8:71:6e:9c:31:
f1:f2:7b:80:c0:83:24:43:ef:3e:48:8e:6d:62:cd:
33:4a:80:d2:ca:e3:bd:04:f0:3b:f9:c5:9f:65:72:
fb:d4:a8:32:91:ec:d9:52:b9:8e:80:35:5f:b5:a6:
ee:c4:a1:b1:25:0f:28:f8:10:f8:a3:3a:7f:e9:4c:
a0:7e:b7:4d:e0:82:cb:70:bb:02:a0:2f:98:46:69:
df:cd:0d:2c:c6:62:9a:58:eb:25:29:be:b4:21:3c:
09:27:8b:64:31:cd:66:43:a1:b4:40:f7:c9:2c:bb:
d2:4f:d6:79:44:87:9c:3a:32:e2:e5:78:83:94:c6:
c5:b9:f8:13:3c:b3:bf:4f:db:86:29:f7:c2:03:ea:
3a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D2:3C:B5:11:BC:85:6A:12:A6:8D:35:3C:0D:A4:20:B2:2E:DF:FE
X509v3 Authority Key Identifier:
keyid:46:F9:72:D7:B8:3D:CA:06:1D:B9:DF:AA:F0:17:7F:2D:DF:1E:E9:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/Rvly17g9ygYdud-q8Bd_Ld8e6Qo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Rvly17g9ygYdud-q8Bd_Ld8e6Qo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/4204EB5C98C011EE8589663CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.74.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:42:f0:62:ea:19:95:40:1b:74:62:f8:db:ea:84:ec:f7:0f:
b1:5d:b8:87:e0:cb:cc:2c:d2:8a:c6:4e:91:f8:22:fe:eb:df:
59:78:28:01:c8:86:80:c5:23:79:90:21:ac:fc:b4:3e:73:e6:
9c:6e:bc:b6:e7:f2:a2:3a:f1:a0:d2:32:87:20:66:81:f9:e1:
a8:7f:ab:2e:1f:cf:53:19:f0:a1:b8:2b:a2:b8:cc:b5:0c:77:
ad:4a:70:b4:15:99:ab:55:48:cb:da:8e:da:10:91:fc:d2:9c:
85:f7:3b:3f:b0:42:7a:35:43:54:95:14:4b:6e:6d:89:22:dc:
62:fe:ab:96:81:7b:ae:e2:6f:35:02:f4:f7:78:3f:19:a8:f2:
7a:cf:47:73:4a:93:66:f3:56:f9:3f:13:7a:b0:d0:b1:f9:c3:
66:c2:44:36:e7:58:0c:df:3c:ea:b6:af:69:49:da:85:26:d9:
f8:5c:30:92:d8:a7:d5:1d:8d:5a:7c:80:b4:69:30:1a:b2:4b:
63:95:13:36:24:b4:93:63:09:8c:37:12:58:b2:43:c2:59:80:
cf:bc:35:42:fa:ac:22:61:df:00:51:90:f0:5c:07:85:23:9e:
4f:f6:0c:1b:8f:7f:68:b2:5a:a5:5e:75:30:c2:ed:74:44:0d:
c0:d5:eb:78
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MDA2RDExMC8GA1UEBRMoNDZGOTcyRDdCODNEQ0EwNjFEQjlERkFBRjAxNzdGMkRE
RjFFRTkwQTAeFw0yMzEyMTIwNzMwMDBaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NzgwYmY4LTM0OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0XX1svtnYW8hLpgqGHke4e2yF5nMt8/dRvKHdZVLzWoSf721rDlRR9X+pS+3v
rmgpdQ3tSUZd1igVQPDY+LD2v3UkpsPBhmKZvJYUvVG8PybNTP7XI8g29VkcBlEd
3/HJ3I3VDRvhfpHDl37D7HiI5k/YcW6cMfHye4DAgyRD7z5Ijm1izTNKgNLK470E
8Dv5xZ9lcvvUqDKR7NlSuY6ANV+1pu7EobElDyj4EPijOn/pTKB+t03ggstwuwKg
L5hGad/NDSzGYppY6yUpvrQhPAkni2QxzWZDobRA98ksu9JP1nlEh5w6MuLleIOU
xsW5+BM8s79P24Yp98ID6jorAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUi9I8tRG8
hWoSpo01PA2kILIu3/4wHwYDVR0jBBgwFoAURvly17g9ygYdud+q8Bd/Ld8e6Qow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYwMDZELzNDMTAwQzkyOThC
RTExRUVCMURERTgzNUM0RjlBRTAyL1J2bHkxN2c5eWdZZHVkLXE4QmRfTGQ4ZTZR
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUnZseTE3Zzl5Z1lkdWQtcThCZF9MZDhlNlFvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MDA2RC8zQzEwMEM5Mjk4QkUxMUVFQjFEREU4MzVDNEY5QUUwMi80MjA0RUI1Qzk4
QzAxMUVFODU4OTY2M0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEASQySjANBgkqhkiG9w0BAQsFAAOCAQEATELwYuoZlUAbdGL4
2+qE7PcPsV24h+DLzCzSisZOkfgi/uvfWXgoAciGgMUjeZAhrPy0PnPmnG68tufy
ojrxoNIyhyBmgfnhqH+rLh/PUxnwobgrorjMtQx3rUpwtBWZq1VIy9qO2hCR/NKc
hfc7P7BCejVDVJUUS25tiSLcYv6rloF7ruJvNQL093g/Gajyes9Hc0qTZvNW+T8T
erDQsfnDZsJENudYDN886ravaUnahSbZ+Fwwktin1R2NWnyAtGkwGrJLY5UTNiS0
k2MJjDcSWLJDwlmAz7w1QvqsImHfAFGQ8FwHhSOeT/YMG49/aLJapV51MMLtdEQN
wNXreA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:56 2023 by rpki-client on console.sobornost.net