Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/C7E40D8E06E411EEBF935B26C4F9AE02.roa
File: C7E40D8E06E411EEBF935B26C4F9AE02.roa (raw, json)
Hash identifier: JACv4zKy6zwnB8Yn8c8AZdzEd/RbDQo4uqQxgAbif/Q=
Subject key identifier: B8:63:D0:78:13:15:7A:8F:08:BC:76:BD:70:91:FD:62:2F:39:40:5B
Certificate issuer: /CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
Certificate serial: 0194
Authority key identifier: 1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/C7E40D8E06E411EEBF935B26C4F9AE02.roa
Signing time: Thu 05 Oct 2023 03:03:20 +0000
ROA not before: Thu 05 Oct 2023 03:03:20 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 206150
IP address blocks: 202.73.5.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 404 (0x194)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
Validity
Not Before: Oct 5 03:03:20 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651e2778-c36c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:92:cd:50:87:1c:67:3c:59:f3:a7:83:40:15:
17:e0:cc:72:6f:f8:bc:c6:f4:52:42:94:d8:27:80:
c6:9b:a8:cb:67:ee:6c:b3:20:0b:26:bf:da:9b:6e:
84:ea:63:df:77:92:b4:1a:fc:e7:6f:0e:46:a6:01:
27:58:e8:bc:c0:70:8f:6f:11:6b:19:00:9f:3c:4e:
8e:72:00:04:6c:11:24:30:b6:81:8d:dc:e1:38:b5:
5e:88:86:1b:62:3e:2b:e1:21:a5:03:c6:cd:2e:36:
49:5d:38:f6:77:cc:ef:5d:86:5f:ce:2b:15:33:93:
43:b6:a3:64:ae:4c:25:22:e8:c9:1c:da:77:2e:cd:
9c:cc:c7:ed:23:e9:b9:2b:fd:79:e6:aa:00:f5:fc:
0b:d2:9d:fe:51:ce:54:76:ca:89:0c:5f:95:67:a0:
5c:af:94:31:38:cd:c7:6a:74:50:b4:0a:55:0b:8f:
a9:43:f0:3d:2c:85:22:73:5b:5c:89:9e:f4:19:27:
96:df:66:d2:d6:ed:fa:22:73:d9:0a:e0:ba:ce:ec:
da:27:68:95:57:67:ce:b8:8b:9e:64:06:e8:20:9c:
9b:9b:66:2b:c5:ca:65:d2:43:28:04:98:46:4a:6e:
48:7d:56:3d:fe:13:31:c9:44:6d:20:db:c8:97:3d:
a0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:63:D0:78:13:15:7A:8F:08:BC:76:BD:70:91:FD:62:2F:39:40:5B
X509v3 Authority Key Identifier:
keyid:1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/Hwkr8ONn_aUUbSh9gQKybsj7grU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/C7E40D8E06E411EEBF935B26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.73.5.0/24
Signature Algorithm: sha256WithRSAEncryption
56:16:d0:7c:6c:d4:a2:82:4a:4a:d0:aa:de:73:50:20:21:eb:
e4:f4:e2:14:9e:84:eb:96:6d:3f:7d:00:6d:f3:ca:1b:35:28:
e8:76:f7:a6:4f:5d:19:ea:4d:b2:77:99:c8:c6:66:5c:24:1d:
f5:ba:cb:5e:06:7f:5b:dd:d2:75:7f:b5:7c:c6:97:db:1c:81:
94:6e:43:9e:49:19:c1:d7:ca:fe:63:ed:6b:be:8a:df:77:a1:
d1:a0:35:5f:17:bd:84:f1:b0:fe:cc:fa:38:2b:22:81:8b:05:
ac:00:c7:fe:2e:f1:7b:ea:76:df:31:1f:75:39:53:dd:b5:34:
24:f1:9b:56:5b:85:9c:c2:d5:81:2e:0c:03:96:2c:be:21:35:
1a:aa:58:7c:58:c9:81:81:9c:fe:32:16:74:c6:27:56:15:b8:
35:1b:99:4a:bb:35:1a:b2:c0:c7:a6:6f:3a:be:35:66:7c:04:
c6:46:de:f6:3f:42:85:0f:db:78:61:1c:f4:23:dc:f8:f3:9c:
5a:8e:15:69:e2:9d:06:f8:41:d5:e4:f5:63:3c:6a:6c:ac:30:
5d:2b:70:b3:7b:1d:cf:27:95:1a:f4:aa:80:11:44:ac:d1:e4:
e4:19:e5:28:e7:a6:72:53:75:fb:71:3c:10:04:6b:32:02:18:
8c:80:6c:e4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFBQzQxMTAvBgNVBAUTKDFGMDkyQkYwRTM2N0ZEQTUxNDZEMjg3RDgxMDJCMjZF
QzhGQjgyQjUwHhcNMjMxMDA1MDMwMzIwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFlMjc3OC1jMzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqZLNUIccZzxZ86eDQBUX4Mxyb/i8xvRSQpTYJ4DGm6jLZ+5ssyALJr/am26E
6mPfd5K0Gvznbw5GpgEnWOi8wHCPbxFrGQCfPE6OcgAEbBEkMLaBjdzhOLVeiIYb
Yj4r4SGlA8bNLjZJXTj2d8zvXYZfzisVM5NDtqNkrkwlIujJHNp3Ls2czMftI+m5
K/155qoA9fwL0p3+Uc5UdsqJDF+VZ6Bcr5QxOM3HanRQtApVC4+pQ/A9LIUic1tc
iZ70GSeW32bS1u36InPZCuC6zuzaJ2iVV2fOuIueZAboIJybm2Yrxcpl0kMoBJhG
Sm5IfVY9/hMxyURtINvIlz2g3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFLhj0HgT
FXqPCLx2vXCR/WIvOUBbMB8GA1UdIwQYMBaAFB8JK/DjZ/2lFG0ofYECsm7I+4K1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUFDNC8xQ0I1M0YzMEY2
QjExMUVDOUNBQUIzNERDNEY5QUUwMi9Id2tyOE9Obl9hVVViU2g5Z1FLeWJzajdn
clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h3a3I4T05uX2FVVWJTaDlnUUt5YnNqN2dyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFBQzQvMUNCNTNGMzBGNkIxMTFFQzlDQUFCMzREQzRGOUFFMDIvQzdFNDBEOEUw
NkU0MTFFRUJGOTM1QjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKSQUwDQYJKoZIhvcNAQELBQADggEBAFYW0Hxs1KKCSkrQ
qt5zUCAh6+T04hSehOuWbT99AG3zyhs1KOh296ZPXRnqTbJ3mcjGZlwkHfW6y14G
f1vd0nV/tXzGl9scgZRuQ55JGcHXyv5j7Wu+it93odGgNV8XvYTxsP7M+jgrIoGL
BawAx/4u8Xvqdt8xH3U5U921NCTxm1ZbhZzC1YEuDAOWLL4hNRqqWHxYyYGBnP4y
FnTGJ1YVuDUbmUq7NRqywMembzq+NWZ8BMZG3vY/QoUP23hhHPQj3PjznFqOFWni
nQb4QdXk9WM8amysMF0rcLN7Hc8nlRr0qoARRKzR5OQZ5SjnpnJTdftxPBAEazIC
GIyAbOQ=
-----END CERTIFICATE-----
Generated at Thu Oct 26 16:25:41 2023 by rpki-client on console-fra.rpki-client.org