Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/48CF90D607D311EF92897C22C4F9AE02.roa
File: 48CF90D607D311EF92897C22C4F9AE02.roa (raw, json)
Hash identifier: myEk8cZqxcgj9OabWylpdEiY8LnjMJxFtebfC9JKgdY=
Subject key identifier: B0:B1:7D:54:C3:1A:F9:42:81:DB:FC:17:A8:CF:61:8B:B4:80:6B:55
Certificate issuer: /CN=A917CE22/serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A
Certificate serial: 06D9
Authority key identifier: 62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/48CF90D607D311EF92897C22C4F9AE02.roa
Signing time: Wed 01 May 2024 15:55:52 +0000
ROA not before: Wed 01 May 2024 15:55:52 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 64050
IP address blocks: 202.181.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 13 May 2024 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1753 (0x6d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917CE22/serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A
Validity
Not Before: May 1 15:55:52 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66326607-3e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b1:73:83:a7:62:8c:f6:c7:b6:e8:6d:5d:a0:
8f:e8:f5:15:ce:0a:b7:53:18:86:55:cb:d3:52:92:
b9:d3:0b:7a:37:70:27:ab:fd:e2:f7:4d:02:16:07:
f3:89:1e:57:a9:af:cc:7b:c3:83:8b:11:5d:cf:8c:
ec:10:3a:2d:da:ed:ef:9b:28:8e:0a:81:45:f3:60:
0d:2d:47:1e:3a:65:58:ff:6c:90:97:0d:8a:4c:e4:
de:9a:36:b2:ba:3c:92:16:c6:22:8e:df:9c:0a:57:
b6:8f:1d:b0:1b:b9:5a:e8:de:09:95:c9:d1:58:8e:
ab:26:2f:22:2b:43:d4:2c:54:5c:32:f6:dd:8d:48:
58:b3:ac:cd:32:6a:ea:6b:39:31:1d:2c:98:13:9f:
a3:76:65:01:61:b3:ad:b3:3f:6c:1a:bb:e2:05:21:
a8:a3:67:89:5d:5c:9c:50:21:dd:c6:ef:70:6f:a8:
c8:d7:d6:33:ae:b7:9a:ef:d8:69:e7:74:04:6d:d3:
69:73:09:c2:04:6f:79:30:a9:1d:2f:b2:28:fa:fb:
96:7a:9c:3c:29:26:85:1b:1f:64:3c:b1:dd:d1:cd:
5e:12:6e:9d:24:74:90:fa:21:ed:66:d5:68:89:88:
9d:3b:f6:28:3d:e1:6e:59:04:33:0d:d9:9c:8e:05:
a6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B1:7D:54:C3:1A:F9:42:81:DB:FC:17:A8:CF:61:8B:B4:80:6B:55
X509v3 Authority Key Identifier:
keyid:62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/48CF90D607D311EF92897C22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.181.0.0/22
Signature Algorithm: sha256WithRSAEncryption
80:5c:3b:1f:86:43:e4:91:25:be:cf:53:59:ff:45:5a:7a:04:
61:d9:cc:82:12:c5:d7:af:64:ce:8c:46:f3:cc:71:41:06:f2:
ce:72:6f:f6:bc:1d:a1:f4:ac:50:cd:d4:15:f1:0e:f7:88:33:
da:70:4a:84:ea:62:41:0b:f1:8b:60:a1:7e:0b:54:75:b0:e4:
75:ec:ac:80:61:f3:e3:ff:8c:18:c5:16:99:8e:d9:62:e3:93:
2f:38:bb:a0:15:70:4b:b0:da:9b:00:1a:fd:34:74:5f:09:27:
d2:cd:45:73:d7:76:44:e2:af:41:09:3a:a9:7d:82:3c:6d:df:
9a:ac:f7:42:b0:54:15:a4:47:8c:0a:c4:d5:04:22:47:b6:bc:
62:63:99:62:c3:61:fc:76:4d:a6:8b:22:7e:8b:71:a4:18:e8:
a0:20:55:4a:95:38:74:67:95:e4:e9:39:ee:51:fa:ba:59:26:
02:55:6e:a0:b9:26:50:a7:1d:ab:49:c8:60:4d:8a:53:e1:c3:
f5:69:a6:ab:94:56:fb:42:43:35:d0:68:73:59:3a:d7:71:f8:
6c:ba:4d:c6:1a:f7:75:a8:8c:17:2b:89:5c:8e:29:29:bc:cc:
09:2c:a6:63:39:a6:00:1c:eb:91:0d:e3:ab:37:e5:93:2b:24:
94:95:dc:78
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBtkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0NFMjIxMTAvBgNVBAUTKDYyQzQxODJDMDAzRUZDRkEzOEREQUY0RUY5MDRGQjA0
RkU1QjU2NEEwHhcNMjQwNTAxMTU1NTUyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMyNjYwNy0zZTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAubFzg6dijPbHtuhtXaCP6PUVzgq3UxiGVcvTUpK50wt6N3Anq/3i900CFgfz
iR5Xqa/Me8ODixFdz4zsEDot2u3vmyiOCoFF82ANLUceOmVY/2yQlw2KTOTemjay
ujySFsYijt+cCle2jx2wG7la6N4JlcnRWI6rJi8iK0PULFRcMvbdjUhYs6zNMmrq
azkxHSyYE5+jdmUBYbOtsz9sGrviBSGoo2eJXVycUCHdxu9wb6jI19Yzrrea79hp
53QEbdNpcwnCBG95MKkdL7Io+vuWepw8KSaFGx9kPLHd0c1eEm6dJHSQ+iHtZtVo
iYidO/YoPeFuWQQzDdmcjgWmsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLCxfVTD
GvlCgdv8F6jPYYu0gGtVMB8GA1UdIwQYMBaAFGLEGCwAPvz6ON2vTvkE+wT+W1ZK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0UyMi8xMkZBODExQTE3
N0IxMUVCODQ2MzRDMzZDNEY5QUUwMi9Zc1FZTEFBLV9QbzQzYTlPLVFUN0JQNWJW
a28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lzUVlMQUEtX1BvNDNhOU8tUVQ3QlA1YlZrby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0NFMjIvMTJGQTgxMUExNzdCMTFFQjg0NjM0QzM2QzRGOUFFMDIvNDhDRjkwRDYw
N0QzMTFFRjkyODk3QzIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKtQAwDQYJKoZIhvcNAQELBQADggEBAIBcOx+GQ+SRJb7P
U1n/RVp6BGHZzIISxdevZM6MRvPMcUEG8s5yb/a8HaH0rFDN1BXxDveIM9pwSoTq
YkEL8YtgoX4LVHWw5HXsrIBh8+P/jBjFFpmO2WLjky84u6AVcEuw2psAGv00dF8J
J9LNRXPXdkTir0EJOql9gjxt35qs90KwVBWkR4wKxNUEIke2vGJjmWLDYfx2TaaL
In6LcaQY6KAgVUqVOHRnleTpOe5R+rpZJgJVbqC5JlCnHatJyGBNilPhw/VppquU
VvtCQzXQaHNZOtdx+Gy6TcYa93WojBcriVyOKSm8zAkspmM5pgAc65EN46s35ZMr
JJSV3Hg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org