Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157378/0A88C7F293E311EE93C8E582C4F9AE02/FEF1014C93E311EEA966AA6CC4F9AE02.roa
File: FEF1014C93E311EEA966AA6CC4F9AE02.roa (raw, json)
Hash identifier: wxYrnIaqy9pTQJpKsmeaSZ01lZnhN9SCZVV0W8BrAXM=
Subject key identifier: 58:EF:3E:50:C4:13:8F:17:A9:A5:75:C0:FF:4D:77:85:E5:75:49:99
Certificate issuer: /CN=A9157378/serialNumber=90B9BABD742B275743FB715E135975638E9C2F25
Certificate serial: 02
Authority key identifier: 90:B9:BA:BD:74:2B:27:57:43:FB:71:5E:13:59:75:63:8E:9C:2F:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kLm6vXQrJ1dD-3FeE1l1Y46cLyU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157378/0A88C7F293E311EE93C8E582C4F9AE02/FEF1014C93E311EEA966AA6CC4F9AE02.roa
Signing time: Wed 06 Dec 2023 03:03:14 +0000
ROA not before: Wed 06 Dec 2023 03:03:14 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 45207
IP address blocks: 203.189.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Dec 2023 23:28:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157378/serialNumber=90B9BABD742B275743FB715E135975638E9C2F25
Validity
Not Before: Dec 6 03:03:14 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=656fe472-432a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ef:c7:61:5c:06:47:fb:85:3d:0e:ea:eb:8f:
6a:58:61:38:ac:5e:36:97:94:1b:87:30:97:77:0c:
6f:6b:48:64:af:6c:b8:e5:76:f4:bb:2a:38:89:cb:
c5:1a:12:33:b9:c0:ba:f6:5c:55:cb:18:10:7b:68:
32:6f:41:78:9a:00:39:9e:38:ea:75:1a:ca:3c:c0:
1e:a8:c7:dc:f7:88:a6:8d:4c:a7:b7:a5:d1:c3:81:
fd:35:ba:c2:3d:8d:c2:98:b2:86:c1:ec:08:5b:32:
c3:87:24:ed:2f:23:01:8a:99:03:60:0a:ef:c1:1c:
cc:4b:2f:65:b3:5e:39:a9:86:ec:34:1e:4c:6d:3f:
ed:11:08:b6:17:93:b0:eb:dd:e3:45:ec:76:51:d5:
f1:10:1b:46:ca:73:3b:0b:53:43:58:8e:c3:d4:27:
be:02:3f:9a:a2:e7:32:45:84:5d:1a:0f:99:df:87:
b0:98:97:1e:35:7a:7c:7a:b6:c1:98:c3:60:f6:f7:
50:11:76:19:79:d4:53:0c:8e:c1:91:8e:72:64:9e:
4d:1c:68:5c:fa:f4:18:ce:d7:f8:a2:48:9f:86:47:
d0:5e:31:64:3c:c1:aa:cf:c6:4e:50:8f:b3:1c:34:
10:94:f7:dc:15:57:ed:88:04:7c:e7:b2:28:64:50:
cc:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:EF:3E:50:C4:13:8F:17:A9:A5:75:C0:FF:4D:77:85:E5:75:49:99
X509v3 Authority Key Identifier:
keyid:90:B9:BA:BD:74:2B:27:57:43:FB:71:5E:13:59:75:63:8E:9C:2F:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157378/0A88C7F293E311EE93C8E582C4F9AE02/kLm6vXQrJ1dD-3FeE1l1Y46cLyU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kLm6vXQrJ1dD-3FeE1l1Y46cLyU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157378/0A88C7F293E311EE93C8E582C4F9AE02/FEF1014C93E311EEA966AA6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.189.93.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:6b:45:49:fb:a2:d5:93:77:ff:85:3f:81:e6:9a:ab:d1:53:
0b:e0:de:64:6a:3b:77:99:c1:23:b8:16:70:11:7a:d5:18:f6:
1b:c6:76:13:83:cf:f6:58:ae:ef:62:1f:ad:35:50:80:e0:6d:
ae:c6:d0:e0:66:4c:68:3d:a8:02:80:e5:1b:06:97:b0:58:8e:
48:f3:23:50:6e:ef:0a:94:45:4b:71:55:05:87:c2:23:0e:09:
89:cf:ab:73:2b:77:ec:88:63:2c:18:c8:a1:08:ea:4c:a9:bc:
75:a9:24:01:11:73:7a:48:a9:c2:49:2d:35:a6:dc:e7:38:85:
c1:5a:bb:f6:37:89:ad:cb:31:f6:76:e3:69:df:bd:c7:cc:18:
d2:ef:12:53:9a:12:f8:93:3e:66:c4:d7:b7:44:5a:e1:f6:a3:
6b:48:03:a9:37:ae:99:00:0b:15:54:4f:a2:b4:c2:b0:73:64:
87:fd:a9:53:5b:33:19:0f:bc:0f:14:13:58:d3:44:c0:22:83:
cd:0e:d1:7a:9a:ea:8b:83:5d:c7:02:a6:17:e7:a1:99:a8:ef:
9b:8f:ef:50:f3:32:c2:4d:ad:86:71:5c:c7:1a:7b:3b:13:dd:
36:a5:b8:ca:47:dd:01:50:40:6b:3f:95:68:86:b3:53:f7:42:
1b:e1:9a:c9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NzM3ODExMC8GA1UEBRMoOTBCOUJBQkQ3NDJCMjc1NzQzRkI3MTVFMTM1OTc1NjM4
RTlDMkYyNTAeFw0yMzEyMDYwMzAzMTRaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NmZlNDcyLTQzMmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCr78dhXAZH+4U9Durrj2pYYTisXjaXlBuHMJd3DG9rSGSvbLjldvS7KjiJy8Ua
EjO5wLr2XFXLGBB7aDJvQXiaADmeOOp1Gso8wB6ox9z3iKaNTKe3pdHDgf01usI9
jcKYsobB7AhbMsOHJO0vIwGKmQNgCu/BHMxLL2WzXjmphuw0HkxtP+0RCLYXk7Dr
3eNF7HZR1fEQG0bKczsLU0NYjsPUJ74CP5qi5zJFhF0aD5nfh7CYlx41enx6tsGY
w2D291ARdhl51FMMjsGRjnJknk0caFz69BjO1/iiSJ+GR9BeMWQ8warPxk5Qj7Mc
NBCU99wVV+2IBHznsihkUMxZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUWO8+UMQT
jxeppXXA/013heV1SZkwHwYDVR0jBBgwFoAUkLm6vXQrJ1dD+3FeE1l1Y46cLyUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3Mzc4LzBBODhDN0YyOTNF
MzExRUU5M0M4RTU4MkM0RjlBRTAyL2tMbTZ2WFFySjFkRC0zRmVFMWwxWTQ2Y0x5
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIva0xtNnZYUXJKMWRELTNGZUUxbDFZNDZjTHlVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NzM3OC8wQTg4QzdGMjkzRTMxMUVFOTNDOEU1ODJDNEY5QUUwMi9GRUYxMDE0Qzkz
RTMxMUVFQTk2NkFBNkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMu9XTANBgkqhkiG9w0BAQsFAAOCAQEAnmtFSfui1ZN3/4U/
geaaq9FTC+DeZGo7d5nBI7gWcBF61Rj2G8Z2E4PP9liu72IfrTVQgOBtrsbQ4GZM
aD2oAoDlGwaXsFiOSPMjUG7vCpRFS3FVBYfCIw4Jic+rcyt37IhjLBjIoQjqTKm8
dakkARFzekipwkktNabc5ziFwVq79jeJrcsx9nbjad+9x8wY0u8SU5oS+JM+ZsTX
t0Ra4faja0gDqTeumQALFVRPorTCsHNkh/2pU1szGQ+8DxQTWNNEwCKDzQ7Reprq
i4NdxwKmF+ehmajvm4/vUPMywk2thnFcxxp7OxPdNqW4ykfdAVBAaz+VaIazU/dC
G+GayQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org