Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/0F1D2D62645D11EFB09BDF7CC4F9AE02.roa
File: 0F1D2D62645D11EFB09BDF7CC4F9AE02.roa (raw, json)
Hash identifier: fwX8cMxdE44ZvTrRWwBZOOeNdTc9c2UgL9MkJZfTxpI=
Subject key identifier: 7C:83:E9:2D:64:CD:45:91:6E:93:84:A2:E1:00:E0:56:DF:ED:BB:D4
Certificate issuer: /CN=A91FF74B/serialNumber=059E6F03AE7676A9D0F09D5F6CBDB90861855A57
Certificate serial: 062B
Authority key identifier: 05:9E:6F:03:AE:76:76:A9:D0:F0:9D:5F:6C:BD:B9:08:61:85:5A:57
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/0F1D2D62645D11EFB09BDF7CC4F9AE02.roa
Signing time: Tue 27 Aug 2024 10:13:52 +0000
ROA not before: Tue 27 Aug 2024 10:13:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140461
IP address blocks: 169.148.176.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 27 Aug 2024 14:53:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1579 (0x62b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF74B, serialNumber=059E6F03AE7676A9D0F09D5F6CBDB90861855A57
Validity
Not Before: Aug 27 10:13:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66cda6e0-5467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8d:01:0f:b1:0a:5b:1d:ae:7c:ba:5d:ff:21:
dd:2a:4b:1c:fe:61:1a:51:07:45:96:24:a8:85:0d:
ce:a5:9c:7d:f6:84:35:9b:13:9b:47:6c:db:d1:1a:
cd:84:c3:39:b0:0d:83:f3:e3:c5:a5:77:00:a9:a3:
0b:fe:c0:5f:01:60:d8:74:61:47:f8:08:b3:8b:f6:
fe:b7:99:0a:f0:a2:4f:8e:ab:c2:a9:62:1a:df:04:
21:d9:09:97:dc:82:66:23:fb:6f:f1:80:b8:91:0c:
62:eb:64:6c:09:d2:57:d2:6a:9f:42:81:cc:b9:a2:
e1:b2:fd:48:38:12:15:69:0d:19:93:82:9d:3a:fe:
b3:87:01:08:38:a1:af:e5:74:b6:12:92:12:61:38:
f8:21:ed:b3:32:49:41:e3:13:a6:5c:79:31:47:f5:
49:35:dd:27:3e:d6:7f:21:f3:c6:70:07:59:3a:12:
49:a7:5f:48:67:13:25:0a:51:df:cd:af:87:6f:da:
eb:c3:e8:57:78:63:d7:4b:68:d8:a0:13:db:96:de:
b8:4b:89:b8:43:55:88:b1:15:a2:7c:48:98:0c:85:
e6:f7:c5:b8:ba:3d:d7:65:b2:9d:db:81:80:96:bc:
55:ec:44:7b:30:ed:1f:66:cd:3f:c9:2f:fb:d7:d7:
78:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:83:E9:2D:64:CD:45:91:6E:93:84:A2:E1:00:E0:56:DF:ED:BB:D4
X509v3 Authority Key Identifier:
keyid:05:9E:6F:03:AE:76:76:A9:D0:F0:9D:5F:6C:BD:B9:08:61:85:5A:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/0F1D2D62645D11EFB09BDF7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.148.176.0/23
Signature Algorithm: sha256WithRSAEncryption
07:b1:02:8c:a6:f7:7a:52:9f:80:eb:a0:0f:21:f0:ed:ef:7a:
41:fd:df:bc:6c:6b:41:81:73:45:5b:00:6f:6b:84:a1:65:24:
51:f7:5b:62:f1:20:ee:18:d7:ba:0a:7b:e6:d0:2e:78:26:9f:
33:6c:4b:9f:06:6a:09:ed:19:2c:ff:4b:73:a0:42:b9:61:ae:
ea:60:91:f5:b7:6b:ac:49:39:f6:55:5e:8a:39:17:ba:31:b6:
11:f2:fa:2d:84:6d:c3:e5:ab:7a:cf:4a:b7:c9:58:87:f4:12:
e6:6f:41:b9:ee:64:6c:13:14:85:f9:4d:47:f8:24:13:d2:43:
70:a6:c0:76:12:21:91:cd:1f:fb:c7:6b:a7:aa:0d:3c:24:c8:
0d:28:53:06:fc:0e:e2:10:53:f6:fe:c1:c0:ea:ba:72:28:62:
1f:8f:9e:76:9a:b0:59:26:e6:4b:1f:d4:18:58:1b:f0:7d:64:
55:ba:a4:62:d1:ed:31:a1:b6:56:9d:f8:27:93:b4:90:77:cd:
0c:8b:95:5c:9f:6e:04:0d:41:e6:a7:f2:4a:45:bc:da:8e:de:
ef:c2:f2:f5:b0:6e:2a:bf:d5:de:11:35:03:f9:a3:ec:14:32:
57:3b:37:20:8f:a0:82:a4:7d:62:67:80:b6:e7:c4:96:49:ee:
d6:d0:80:73
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBiswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkY3NEIxMTAvBgNVBAUTKDA1OUU2RjAzQUU3Njc2QTlEMEYwOUQ1RjZDQkRCOTA4
NjE4NTVBNTcwHhcNMjQwODI3MTAxMzUyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNkYTZlMC01NDY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx40BD7EKWx2ufLpd/yHdKksc/mEaUQdFliSohQ3OpZx99oQ1mxObR2zb0RrN
hMM5sA2D8+PFpXcAqaML/sBfAWDYdGFH+Aizi/b+t5kK8KJPjqvCqWIa3wQh2QmX
3IJmI/tv8YC4kQxi62RsCdJX0mqfQoHMuaLhsv1IOBIVaQ0Zk4KdOv6zhwEIOKGv
5XS2EpISYTj4Ie2zMklB4xOmXHkxR/VJNd0nPtZ/IfPGcAdZOhJJp19IZxMlClHf
za+Hb9rrw+hXeGPXS2jYoBPblt64S4m4Q1WIsRWifEiYDIXm98W4uj3XZbKd24GA
lrxV7ER7MO0fZs0/yS/719d4KQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHyD6S1k
zUWRbpOEouEA4Fbf7bvUMB8GA1UdIwQYMBaAFAWebwOudnap0PCdX2y9uQhhhVpX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjc0Qi82MUEzMzg0QTc4
MkMxMUVCQUMwNEY2NzJDNEY5QUUwMi9CWjV2QTY1MmRxblE4SjFmYkwyNUNHR0ZX
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0JaNXZBNjUyZHFuUThKMWZiTDI1Q0dHRldsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkY3NEIvNjFBMzM4NEE3ODJDMTFFQkFDMDRGNjcyQzRGOUFFMDIvMEYxRDJENjI2
NDVEMTFFRkIwOUJERjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGplLAwDQYJKoZIhvcNAQELBQADggEBAAexAoym93pSn4Dr
oA8h8O3vekH937xsa0GBc0VbAG9rhKFlJFH3W2LxIO4Y17oKe+bQLngmnzNsS58G
agntGSz/S3OgQrlhrupgkfW3a6xJOfZVXoo5F7oxthHy+i2EbcPlq3rPSrfJWIf0
EuZvQbnuZGwTFIX5TUf4JBPSQ3CmwHYSIZHNH/vHa6eqDTwkyA0oUwb8DuIQU/b+
wcDqunIoYh+PnnaasFkm5ksf1BhYG/B9ZFW6pGLR7TGhtlad+CeTtJB3zQyLlVyf
bgQNQean8kpFvNqO3u/C8vWwbiq/1d4RNQP5o+wUMlc7NyCPoIKkfWJngLbnxJZJ
7tbQgHM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:36:27 2025 by rpki-client