Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/578583A20B6A11EFB17F6682C4F9AE02.roa
File: 578583A20B6A11EFB17F6682C4F9AE02.roa (raw, json)
Hash identifier: lmacmzObXwJKFZnOVOiWRsbQ2n1kEJh1sQg7D95iVFk=
Subject key identifier: 8A:A9:EB:FA:9A:90:D4:19:3D:EE:4E:D0:40:36:0B:6B:48:85:64:20
Certificate issuer: /CN=A91A03CB/serialNumber=85ABF8480C909638BDCCA653AF1E690F572B23E1
Certificate serial: 33C0
Authority key identifier: 85:AB:F8:48:0C:90:96:38:BD:CC:A6:53:AF:1E:69:0F:57:2B:23:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/578583A20B6A11EFB17F6682C4F9AE02.roa
Signing time: Mon 06 May 2024 05:34:44 +0000
ROA not before: Mon 06 May 2024 05:34:44 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 24107
IP address blocks: 202.49.120.0/24 maxlen: 24
202.49.121.0/24 maxlen: 24
202.164.28.0/23 maxlen: 23
202.164.30.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 07 May 2024 08:27:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13248 (0x33c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A03CB/serialNumber=85ABF8480C909638BDCCA653AF1E690F572B23E1
Validity
Not Before: May 6 05:34:44 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66386bf3-8f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a1:8d:c4:11:1e:9d:f0:15:8c:f8:c4:e0:58:
cd:b0:13:dc:c3:33:2c:25:f9:50:3b:92:86:52:c3:
35:24:53:00:61:30:0f:01:61:90:69:5e:7f:61:3e:
22:73:e8:8f:70:4a:87:b1:fd:1f:8d:e0:71:85:05:
ff:04:c5:7f:c1:da:6f:0f:ff:cf:0d:2b:11:9b:3d:
a1:99:cc:e0:9e:bd:f7:5e:81:9a:dd:c7:af:6d:83:
4f:b2:f7:fe:35:df:7e:0a:96:c5:51:54:53:ae:33:
22:3e:4f:f9:8a:5f:1a:09:9e:a8:dd:e6:4e:4c:bc:
9d:33:63:8e:01:f2:e5:5d:b2:42:81:13:16:57:60:
fd:49:e5:a8:29:e1:b9:32:f8:52:e0:ed:9a:ce:0a:
7d:d0:fc:e5:09:0b:d5:44:31:1a:f8:be:80:ee:ab:
26:7d:cf:c7:96:8c:2b:82:20:88:a5:79:cc:cb:47:
b3:ed:10:c2:57:7c:db:07:75:81:2d:82:3d:0d:38:
89:12:91:94:c8:02:4f:23:d0:5b:a8:93:02:6e:0e:
7e:cf:a7:b0:85:39:95:c5:4a:74:d3:1d:72:41:88:
ed:64:cf:1c:89:4e:27:c7:ce:38:5c:6e:9c:37:cd:
91:93:b7:b1:dc:b4:db:7c:51:a1:bc:ad:57:bd:4a:
9e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A9:EB:FA:9A:90:D4:19:3D:EE:4E:D0:40:36:0B:6B:48:85:64:20
X509v3 Authority Key Identifier:
keyid:85:AB:F8:48:0C:90:96:38:BD:CC:A6:53:AF:1E:69:0F:57:2B:23:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/578583A20B6A11EFB17F6682C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.49.120.0/23
202.164.28.0/22
Signature Algorithm: sha256WithRSAEncryption
50:10:ab:56:23:f5:70:53:d7:f0:7a:b9:b4:3f:fe:de:c3:0d:
32:c1:ba:11:6b:69:46:7f:d9:63:32:b1:c7:18:bd:48:94:ab:
68:81:e3:77:f2:9b:4e:99:4e:d9:91:98:8d:f5:47:ae:6f:98:
c0:8f:f5:4c:38:dc:59:06:c3:1b:a1:0d:e8:2a:c1:20:97:19:
85:eb:90:4d:39:3d:fb:fc:54:eb:c0:61:40:f9:cf:01:9b:bd:
d6:a1:87:f2:d2:42:69:b7:73:7f:d3:cc:62:e2:e2:8a:c4:d8:
f2:d0:34:4b:ab:aa:03:3b:bf:66:0b:ba:7c:55:11:c8:a4:64:
60:ab:7f:0f:02:c2:1c:0e:9e:1d:77:3d:e9:b8:70:f3:74:ac:
55:84:ce:eb:98:da:d2:28:21:1a:ff:cb:fb:f9:30:f1:13:f5:
fd:7c:3c:4d:8f:50:f1:30:63:25:d4:20:bc:21:f5:45:80:c9:
25:65:ef:cc:b2:e1:ba:e5:73:6d:33:30:44:df:19:3a:ae:41:
a5:4a:f4:77:c1:0d:3a:a4:9c:3a:1c:e9:82:9c:39:21:96:8a:
16:af:66:20:85:48:aa:31:f1:f3:b5:ff:fe:8c:c4:df:41:a5:
09:f5:25:e6:f0:95:49:05:2d:43:1b:1b:0d:64:db:c1:d6:26:
33:99:17:ba
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICM8AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAzQ0IxMTAvBgNVBAUTKDg1QUJGODQ4MEM5MDk2MzhCRENDQTY1M0FGMUU2OTBG
NTcyQjIzRTEwHhcNMjQwNTA2MDUzNDQ0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4NmJmMy04ZjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvKGNxBEenfAVjPjE4FjNsBPcwzMsJflQO5KGUsM1JFMAYTAPAWGQaV5/YT4i
c+iPcEqHsf0fjeBxhQX/BMV/wdpvD//PDSsRmz2hmczgnr33XoGa3cevbYNPsvf+
Nd9+CpbFUVRTrjMiPk/5il8aCZ6o3eZOTLydM2OOAfLlXbJCgRMWV2D9SeWoKeG5
MvhS4O2azgp90PzlCQvVRDEa+L6A7qsmfc/HlowrgiCIpXnMy0ez7RDCV3zbB3WB
LYI9DTiJEpGUyAJPI9BbqJMCbg5+z6ewhTmVxUp00x1yQYjtZM8ciU4nx844XG6c
N82Rk7ex3LTbfFGhvK1XvUqeeQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIqp6/qa
kNQZPe5O0EA2C2tIhWQgMB8GA1UdIwQYMBaAFIWr+EgMkJY4vcymU68eaQ9XKyPh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDNDQi84MUQ5RTRBMDFE
OTYxMUUyQUFDMjE0N0YwOEIwMkNEMi9oYXY0U0F5UWxqaTl6S1pUcng1cEQxY3JJ
LUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hhdjRTQXlRbGppOXpLWlRyeDVwRDFjckktRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAzQ0IvODFEOUU0QTAxRDk2MTFFMkFBQzIxNDdGMDhCMDJDRDIvNTc4NTgzQTIw
QjZBMTFFRkIxN0Y2NjgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAHKMXgDBALKpBwwDQYJKoZIhvcNAQELBQADggEBAFAQq1Yj
9XBT1/B6ubQ//t7DDTLBuhFraUZ/2WMysccYvUiUq2iB43fym06ZTtmRmI31R65v
mMCP9Uw43FkGwxuhDegqwSCXGYXrkE05Pfv8VOvAYUD5zwGbvdahh/LSQmm3c3/T
zGLi4orE2PLQNEurqgM7v2YLunxVEcikZGCrfw8CwhwOnh13Pem4cPN0rFWEzuuY
2tIoIRr/y/v5MPET9f18PE2PUPEwYyXUILwh9UWAySVl78yy4brlc20zMETfGTqu
QaVK9HfBDTqknDoc6YKcOSGWihavZiCFSKox8fO1//6MxN9BpQn1JebwlUkFLUMb
Gw1k28HWJjOZF7o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org