Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91620ED/E7E231E6370011E4B32BD06BC4F9AE02/010E8732D43411EB8586EA31C4F9AE02.roa
File: 010E8732D43411EB8586EA31C4F9AE02.roa (raw, json)
Hash identifier: L5sw0XSY3g1MeKdnYMlWn04tUuhrlTqon9lvb048xgk=
Subject key identifier: 36:14:BB:3D:1A:2B:06:EB:98:11:BD:60:5A:8D:F1:05:A6:1D:D7:F8
Certificate issuer: /CN=A91620ED/serialNumber=AF6AE325B4F880E362051E7C3DFDF1B8B2A5A815
Certificate serial: 2977
Authority key identifier: AF:6A:E3:25:B4:F8:80:E3:62:05:1E:7C:3D:FD:F1:B8:B2:A5:A8:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r2rjJbT4gONiBR58Pf3xuLKlqBU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91620ED/E7E231E6370011E4B32BD06BC4F9AE02/010E8732D43411EB8586EA31C4F9AE02.roa
Signing time: Mon 10 Jun 2024 02:00:20 +0000
ROA not before: Mon 10 Jun 2024 02:00:20 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 4913
IP address blocks: 202.80.160.0/24 maxlen: 24
202.80.161.0/24 maxlen: 24
202.80.162.0/24 maxlen: 24
202.80.163.0/24 maxlen: 24
202.80.164.0/24 maxlen: 24
202.80.165.0/24 maxlen: 24
202.80.166.0/24 maxlen: 24
202.80.167.0/24 maxlen: 24
202.80.168.0/24 maxlen: 24
202.80.169.0/24 maxlen: 24
202.80.170.0/24 maxlen: 24
202.80.171.0/24 maxlen: 24
202.80.172.0/24 maxlen: 24
202.80.173.0/24 maxlen: 24
202.80.174.0/24 maxlen: 24
202.80.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 07:14:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10615 (0x2977)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91620ED/serialNumber=AF6AE325B4F880E362051E7C3DFDF1B8B2A5A815
Validity
Not Before: Jun 10 02:00:20 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66665e33-b135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e4:21:de:51:4e:4b:ca:65:9d:fc:46:f3:d0:
9b:75:ee:e3:26:d4:da:77:fb:04:e6:7a:dc:2b:13:
18:37:15:06:73:05:aa:39:01:1e:3f:c2:a8:9b:44:
bc:f2:9b:78:23:18:dd:f5:37:9f:81:9e:c8:f8:01:
cf:bb:0f:4e:fe:46:8b:26:52:fa:b7:d9:98:8c:f6:
e7:53:5a:72:b3:0f:5a:6b:12:d8:6a:91:33:d1:15:
70:1e:1c:49:0f:36:5d:77:c0:3d:b6:8f:15:9f:1a:
2f:be:07:5f:36:d0:bb:49:cb:f5:cf:4b:b3:fd:40:
f1:99:f5:96:88:82:d5:a9:9d:5b:22:dc:f0:48:d0:
43:8b:af:bf:c1:b9:00:20:e3:6f:5b:fd:f9:8f:a7:
17:80:2c:ed:43:81:1c:25:4b:97:fc:2a:42:d3:4b:
a7:4b:1f:1e:ad:e4:ad:8e:67:8c:58:36:80:a8:92:
38:8f:d1:d2:a3:5d:3b:3a:9e:da:90:9e:da:ea:d3:
cc:3c:aa:16:f4:f6:f2:f1:cd:6f:55:bd:65:92:51:
4d:ff:a3:74:90:43:6e:e2:00:1e:90:e7:97:8b:c4:
08:17:34:64:2a:71:62:50:74:85:37:ad:3d:f4:6a:
60:98:8b:ec:ab:b9:61:5a:0a:4a:f4:61:70:dd:a1:
f7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:14:BB:3D:1A:2B:06:EB:98:11:BD:60:5A:8D:F1:05:A6:1D:D7:F8
X509v3 Authority Key Identifier:
keyid:AF:6A:E3:25:B4:F8:80:E3:62:05:1E:7C:3D:FD:F1:B8:B2:A5:A8:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91620ED/E7E231E6370011E4B32BD06BC4F9AE02/r2rjJbT4gONiBR58Pf3xuLKlqBU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r2rjJbT4gONiBR58Pf3xuLKlqBU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91620ED/E7E231E6370011E4B32BD06BC4F9AE02/010E8732D43411EB8586EA31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.80.160.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:4f:dc:57:8d:73:f5:7f:c3:1a:58:0c:ca:d8:66:55:5f:d0:
52:0e:c9:bb:d6:57:f6:ab:61:90:62:8c:bd:5d:e3:71:bc:e0:
7b:c7:c9:40:8e:8e:f7:f6:94:bc:07:88:f2:a3:1d:07:b9:bf:
91:26:11:df:ad:00:73:55:c5:08:0e:57:cc:2e:85:73:3e:24:
eb:c8:5b:14:ef:ae:91:09:6c:b9:ec:da:82:76:fd:bb:d7:c6:
d8:91:77:26:c7:58:d2:5f:52:6b:2e:68:06:5d:8e:9a:5a:20:
6f:55:90:b9:c4:cb:22:4b:5f:a6:e9:0e:51:dc:1b:24:ad:4c:
6b:8a:2d:7d:71:f0:4a:4c:19:2a:eb:10:9f:b6:1a:a2:e9:4d:
ba:36:4d:6f:fa:b6:a8:b3:5d:22:dc:23:cc:21:c9:31:7e:25:
2d:56:4c:ff:88:93:a4:d5:fb:db:cd:11:41:11:2a:75:57:c6:
17:f8:29:a7:2f:4c:dd:57:15:68:cb:76:10:ec:db:bc:47:a7:
8d:75:59:ff:53:48:00:3b:a1:65:f2:88:fd:3b:9d:e8:6c:ee:
f4:65:02:60:c3:af:a6:a9:4b:62:6a:13:95:dc:70:32:3b:da:
bb:65:34:76:1b:41:0d:d0:ab:4b:93:02:86:c3:79:89:ed:7e:
63:e6:f0:4c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIwRUQxMTAvBgNVBAUTKEFGNkFFMzI1QjRGODgwRTM2MjA1MUU3QzNERkRGMUI4
QjJBNUE4MTUwHhcNMjQwNjEwMDIwMDIwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjY2NWUzMy1iMTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAreQh3lFOS8plnfxG89Cbde7jJtTad/sE5nrcKxMYNxUGcwWqOQEeP8Kom0S8
8pt4Ixjd9TefgZ7I+AHPuw9O/kaLJlL6t9mYjPbnU1pysw9aaxLYapEz0RVwHhxJ
DzZdd8A9to8VnxovvgdfNtC7Scv1z0uz/UDxmfWWiILVqZ1bItzwSNBDi6+/wbkA
IONvW/35j6cXgCztQ4EcJUuX/CpC00unSx8ereStjmeMWDaAqJI4j9HSo107Op7a
kJ7a6tPMPKoW9Pby8c1vVb1lklFN/6N0kENu4gAekOeXi8QIFzRkKnFiUHSFN609
9GpgmIvsq7lhWgpK9GFw3aH3jwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDYUuz0a
KwbrmBG9YFqN8QWmHdf4MB8GA1UdIwQYMBaAFK9q4yW0+IDjYgUefD398biypagV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjBFRC9FN0UyMzFFNjM3
MDAxMUU0QjMyQkQwNkJDNEY5QUUwMi9yMnJqSmJUNGdPTmlCUjU4UGYzeHVMS2xx
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3IycmpKYlQ0Z09OaUJSNThQZjN4dUxLbHFCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIwRUQvRTdFMjMxRTYzNzAwMTFFNEIzMkJEMDZCQzRGOUFFMDIvMDEwRTg3MzJE
NDM0MTFFQjg1ODZFQTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBATKUKAwDQYJKoZIhvcNAQELBQADggEBAE1P3FeNc/V/wxpY
DMrYZlVf0FIOybvWV/arYZBijL1d43G84HvHyUCOjvf2lLwHiPKjHQe5v5EmEd+t
AHNVxQgOV8wuhXM+JOvIWxTvrpEJbLns2oJ2/bvXxtiRdybHWNJfUmsuaAZdjppa
IG9VkLnEyyJLX6bpDlHcGyStTGuKLX1x8EpMGSrrEJ+2GqLpTbo2TW/6tqizXSLc
I8whyTF+JS1WTP+Ik6TV+9vNEUERKnVXxhf4KacvTN1XFWjLdhDs27xHp411Wf9T
SAA7oWXyiP07nehs7vRlAmDDr6apS2JqE5XccDI72rtlNHYbQQ3Qq0uTAobDeYnt
fmPm8Ew=
-----END CERTIFICATE-----
Generated at Fri Oct 18 09:59:25 2024 by rpki-client on console-fra.rpki-client.org