Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/8CB011646DAE11EE809B1717C4F9AE02.roa
File: 8CB011646DAE11EE809B1717C4F9AE02.roa (raw, json)
Hash identifier: RG2hgZKpiIrvwLUISKOJfZBzSS4VSHNYoZ+tPvVkpWE=
Subject key identifier: 12:73:F0:7B:6F:25:98:87:A7:91:F5:11:55:AB:31:28:B7:F8:0E:18
Certificate issuer: /CN=A917604B/serialNumber=A14BDAA31576A6367A0B5C3ACAB91C4E9F3118EF
Certificate serial: D1
Authority key identifier: A1:4B:DA:A3:15:76:A6:36:7A:0B:5C:3A:CA:B9:1C:4E:9F:31:18:EF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/8CB011646DAE11EE809B1717C4F9AE02.roa
Signing time: Mon 25 Nov 2024 04:08:18 +0000
ROA not before: Mon 25 Nov 2024 04:08:18 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 400384
IP address blocks: 36.50.32.0/24 maxlen: 24
36.50.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Dec 2024 12:08:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209 (0xd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917604B, serialNumber=A14BDAA31576A6367A0B5C3ACAB91C4E9F3118EF
Validity
Not Before: Nov 25 04:08:18 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6743f831-03bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:84:90:32:87:80:6b:83:86:10:11:1c:c7:11:
ed:1e:28:5a:f7:5c:b6:5b:7e:34:ab:27:3e:76:bf:
f1:a0:6e:f4:d7:95:c0:38:c0:90:5e:26:1c:62:2e:
9d:7b:de:cf:fc:65:78:51:80:14:80:4d:f6:13:71:
1c:0d:6e:d7:f3:53:a6:c8:e4:76:42:68:76:b0:94:
22:af:23:76:82:1f:b4:8d:3a:6e:02:e1:4b:85:20:
fb:2c:fa:72:91:03:57:07:4f:e6:ea:3d:df:e3:e1:
a9:49:3f:d1:95:07:30:75:1b:1a:70:55:b2:0d:1c:
c0:64:d9:be:34:f5:96:6b:76:0a:c1:70:e4:8b:08:
ac:37:42:1c:e0:f7:89:6a:cb:bf:3e:00:5b:ef:58:
11:0b:df:d5:87:fd:00:7e:fd:5c:93:55:7b:a4:7c:
72:61:4e:c7:72:70:7b:5a:cd:c6:9c:b2:f6:72:1e:
89:be:2a:51:c4:3f:d1:c1:db:3f:0f:ea:c9:82:1c:
b0:a9:b7:80:67:c8:06:54:da:29:05:b7:24:0b:13:
b8:a1:40:7d:4c:6c:c2:a0:a9:16:d7:19:2b:96:79:
35:cd:76:c0:d9:b5:79:71:3c:19:fb:a4:62:dc:c4:
28:79:fc:d4:29:01:9e:0a:c4:5b:3d:32:de:92:49:
62:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:73:F0:7B:6F:25:98:87:A7:91:F5:11:55:AB:31:28:B7:F8:0E:18
X509v3 Authority Key Identifier:
keyid:A1:4B:DA:A3:15:76:A6:36:7A:0B:5C:3A:CA:B9:1C:4E:9F:31:18:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/8CB011646DAE11EE809B1717C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.32.0/23
Signature Algorithm: sha256WithRSAEncryption
49:50:4c:ec:fe:39:d4:51:32:3a:8d:11:59:c8:62:58:7b:24:
b7:56:ea:b9:38:c9:26:7d:3a:dd:90:03:78:f6:46:28:84:e5:
53:67:ce:83:44:c4:81:22:0d:74:82:68:e5:08:0f:c5:33:4b:
89:77:39:58:1b:32:84:ff:52:8b:06:c7:2e:b6:22:52:9e:b3:
d7:3d:20:8d:e4:35:50:f9:06:51:f2:85:1a:72:0a:be:79:a9:
79:76:bb:ac:79:8b:b2:27:8e:26:70:c1:4f:e9:e5:23:5b:a5:
be:96:29:09:80:2a:19:c7:c5:e9:04:a7:0c:70:22:5a:25:59:
5e:4f:72:07:77:20:83:7c:7f:d1:e6:f3:b6:eb:be:58:8d:db:
15:66:36:34:a8:8b:2f:25:d4:eb:0b:73:41:89:05:5b:c6:31:
1a:ea:5f:44:9e:97:d4:6e:8a:32:f6:cb:2e:41:bf:28:a7:f7:
12:47:0f:6c:22:4c:12:48:21:a3:64:f2:7e:cb:ea:4f:41:89:
80:46:a6:6b:aa:bc:18:2e:fd:a7:09:e9:04:bb:0f:0c:5e:90:
74:16:a6:4e:fb:1c:d5:ce:d9:64:4f:d8:97:89:33:9e:3d:bd:
c5:d9:46:29:a2:b7:c3:c6:51:26:a1:9b:2d:f9:6f:5c:37:29:
9a:32:c1:fe
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzYwNEIxMTAvBgNVBAUTKEExNEJEQUEzMTU3NkE2MzY3QTBCNUMzQUNBQjkxQzRF
OUYzMTE4RUYwHhcNMjQxMTI1MDQwODE4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQzZjgzMS0wM2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4YSQMoeAa4OGEBEcxxHtHiha91y2W340qyc+dr/xoG7015XAOMCQXiYcYi6d
e97P/GV4UYAUgE32E3EcDW7X81OmyOR2Qmh2sJQiryN2gh+0jTpuAuFLhSD7LPpy
kQNXB0/m6j3f4+GpST/RlQcwdRsacFWyDRzAZNm+NPWWa3YKwXDkiwisN0Ic4PeJ
asu/PgBb71gRC9/Vh/0Afv1ck1V7pHxyYU7HcnB7Ws3GnLL2ch6JvipRxD/Rwds/
D+rJghywqbeAZ8gGVNopBbckCxO4oUB9TGzCoKkW1xkrlnk1zXbA2bV5cTwZ+6Ri
3MQoefzUKQGeCsRbPTLekkli2wIDAQABo4IClTCCApEwHQYDVR0OBBYEFBJz8Htv
JZiHp5H1EVWrMSi3+A4YMB8GA1UdIwQYMBaAFKFL2qMVdqY2egtcOsq5HE6fMRjv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjA0Qi80MUMwMTM1QzZE
QUUxMUVFQTgwRDA1NzRDNEY5QUUwMi9vVXZhb3hWMnBqWjZDMXc2eXJrY1RwOHhH
TzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29VdmFveFYycGpaNkMxdzZ5cmtjVHA4eEdPOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzYwNEIvNDFDMDEzNUM2REFFMTFFRUE4MEQwNTc0QzRGOUFFMDIvOENCMDExNjQ2
REFFMTFFRTgwOUIxNzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEkMiAwDQYJKoZIhvcNAQELBQADggEBAElQTOz+OdRRMjqN
EVnIYlh7JLdW6rk4ySZ9Ot2QA3j2RiiE5VNnzoNExIEiDXSCaOUID8UzS4l3OVgb
MoT/UosGxy62IlKes9c9II3kNVD5BlHyhRpyCr55qXl2u6x5i7InjiZwwU/p5SNb
pb6WKQmAKhnHxekEpwxwIlolWV5Pcgd3IIN8f9Hm87brvliN2xVmNjSoiy8l1OsL
c0GJBVvGMRrqX0Sel9RuijL2yy5Bvyin9xJHD2wiTBJIIaNk8n7L6k9BiYBGpmuq
vBgu/acJ6QS7DwxekHQWpk77HNXO2WRP2JeJM549vcXZRimit8PGUSahmy35b1w3
KZoywf4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:10:31 2025 by rpki-client