Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A381A/28E86E4479FF11EEB32C2379C4F9AE02/7AA0DC8A79FF11EE87FB087AC4F9AE02.roa
File: 7AA0DC8A79FF11EE87FB087AC4F9AE02.roa (raw, json)
Hash identifier: 5DGmN7CaPbn/2TJlxnxxCAKMw8k3qkQjzFIOMYdsApU=
Subject key identifier: 35:5F:CA:63:C1:C1:FD:85:21:C2:67:7D:3B:FB:39:B5:80:AA:16:1C
Certificate issuer: /CN=A91A381A/serialNumber=B3EC1FF6AD552AA16EE1019564BAD9F761FDB5D8
Certificate serial: 02
Authority key identifier: B3:EC:1F:F6:AD:55:2A:A1:6E:E1:01:95:64:BA:D9:F7:61:FD:B5:D8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s-wf9q1VKqFu4QGVZLrZ92H9tdg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A381A/28E86E4479FF11EEB32C2379C4F9AE02/7AA0DC8A79FF11EE87FB087AC4F9AE02.roa
Signing time: Fri 03 Nov 2023 04:14:28 +0000
ROA not before: Fri 03 Nov 2023 04:14:28 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 131326
IP address blocks: 202.37.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 06:27:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A381A/serialNumber=B3EC1FF6AD552AA16EE1019564BAD9F761FDB5D8
Validity
Not Before: Nov 3 04:14:28 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=654473a3-05a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5c:4f:54:f4:ca:b1:ad:74:66:94:94:97:29:
46:de:40:b0:22:ad:9b:93:40:18:f5:16:13:64:3e:
42:ac:0b:a3:02:40:08:38:cc:eb:ff:1c:86:0e:6f:
5f:61:1d:39:ab:4c:7c:1f:42:3d:32:7c:a5:85:c5:
83:ed:8d:0c:42:dd:ee:f8:5e:60:a2:11:ae:43:fa:
3c:07:32:47:1d:61:10:58:5b:6b:fd:dc:8d:0f:78:
e7:1b:18:10:f2:a4:54:12:20:92:33:1e:6d:1d:78:
26:cc:58:40:6d:5f:14:3d:f1:9f:88:77:0c:42:4e:
5f:33:78:5f:11:64:a8:df:14:67:3a:61:5c:9e:87:
8b:b9:26:76:5d:c9:11:60:22:e4:28:a1:e5:b8:a6:
3d:97:a8:81:07:aa:76:1e:f5:b1:29:4c:c3:98:09:
d9:84:2a:5a:b0:86:84:dc:b9:84:61:a3:27:32:ab:
86:60:69:cb:00:39:a7:04:82:b2:f9:2e:e5:ec:25:
c9:57:9a:ed:09:70:21:95:43:63:5b:8b:1a:e2:ac:
16:8d:6b:3e:be:7f:20:cc:a4:11:7f:4c:ce:26:78:
9b:e8:8e:99:f2:4f:5a:15:c0:1c:24:5a:87:9c:9b:
68:76:43:0b:90:fa:53:6f:96:fd:7d:66:bd:65:49:
7d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:5F:CA:63:C1:C1:FD:85:21:C2:67:7D:3B:FB:39:B5:80:AA:16:1C
X509v3 Authority Key Identifier:
keyid:B3:EC:1F:F6:AD:55:2A:A1:6E:E1:01:95:64:BA:D9:F7:61:FD:B5:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A381A/28E86E4479FF11EEB32C2379C4F9AE02/s-wf9q1VKqFu4QGVZLrZ92H9tdg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s-wf9q1VKqFu4QGVZLrZ92H9tdg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A381A/28E86E4479FF11EEB32C2379C4F9AE02/7AA0DC8A79FF11EE87FB087AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.37.93.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:04:32:df:1c:e8:00:ed:67:cd:fb:51:31:06:fb:a0:62:1f:
bf:43:e9:53:78:81:e1:4a:8f:38:0f:c0:c5:43:95:41:d7:3d:
c8:e1:c3:f3:8b:53:3a:1d:24:46:12:94:94:90:84:d9:91:94:
9d:55:99:57:17:c1:48:14:4d:c4:79:07:c9:63:85:d9:fd:2d:
52:2b:34:9c:6b:e7:3f:dc:86:f6:91:d7:1d:54:e9:c9:4f:e8:
2a:59:a4:9e:b9:3a:46:2e:10:72:8a:52:45:97:c3:38:36:b5:
a2:9a:e8:68:5c:19:21:c3:05:c9:b0:71:ab:72:0a:f6:72:8f:
68:9b:07:f9:b2:30:dc:c2:70:62:02:db:b8:4e:2f:63:c0:81:
be:8a:15:b1:e6:79:58:b9:cf:1f:99:c3:11:e3:94:bc:9d:06:
d8:93:3c:be:65:8e:b2:85:36:a6:7d:b4:4c:63:f1:3f:b9:89:
06:dc:a9:75:96:cf:6b:8f:52:ed:c5:4b:dd:7d:42:c5:9a:c8:
0e:43:fd:73:46:cc:2a:fe:ba:4e:58:20:63:49:62:7f:82:84:
e3:0b:d0:ce:c4:8d:55:cb:31:ca:fd:40:8a:65:35:8c:66:13:
53:be:07:3a:b1:bc:fc:ca:bc:c0:69:83:38:04:48:c2:87:8b:
79:c2:5c:01
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MzgxQTExMC8GA1UEBRMoQjNFQzFGRjZBRDU1MkFBMTZFRTEwMTk1NjRCQUQ5Rjc2
MUZEQjVEODAeFw0yMzExMDMwNDE0MjhaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NDQ3M2EzLTA1YTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+XE9U9MqxrXRmlJSXKUbeQLAirZuTQBj1FhNkPkKsC6MCQAg4zOv/HIYOb19h
HTmrTHwfQj0yfKWFxYPtjQxC3e74XmCiEa5D+jwHMkcdYRBYW2v93I0PeOcbGBDy
pFQSIJIzHm0deCbMWEBtXxQ98Z+IdwxCTl8zeF8RZKjfFGc6YVyeh4u5JnZdyRFg
IuQooeW4pj2XqIEHqnYe9bEpTMOYCdmEKlqwhoTcuYRhoycyq4ZgacsAOacEgrL5
LuXsJclXmu0JcCGVQ2NbixrirBaNaz6+fyDMpBF/TM4meJvojpnyT1oVwBwkWoec
m2h2QwuQ+lNvlv19Zr1lSX0XAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNV/KY8HB
/YUhwmd9O/s5tYCqFhwwHwYDVR0jBBgwFoAUs+wf9q1VKqFu4QGVZLrZ92H9tdgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEzODFBLzI4RTg2RTQ0NzlG
RjExRUVCMzJDMjM3OUM0RjlBRTAyL3Mtd2Y5cTFWS3FGdTRRR1ZaTHJaOTJIOXRk
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcy13ZjlxMVZLcUZ1NFFHVlpMclo5Mkg5dGRnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MzgxQS8yOEU4NkU0NDc5RkYxMUVFQjMyQzIzNzlDNEY5QUUwMi83QUEwREM4QTc5
RkYxMUVFODdGQjA4N0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMolXTANBgkqhkiG9w0BAQsFAAOCAQEAtAQy3xzoAO1nzftR
MQb7oGIfv0PpU3iB4UqPOA/AxUOVQdc9yOHD84tTOh0kRhKUlJCE2ZGUnVWZVxfB
SBRNxHkHyWOF2f0tUis0nGvnP9yG9pHXHVTpyU/oKlmknrk6Ri4QcopSRZfDODa1
oproaFwZIcMFybBxq3IK9nKPaJsH+bIw3MJwYgLbuE4vY8CBvooVseZ5WLnPH5nD
EeOUvJ0G2JM8vmWOsoU2pn20TGPxP7mJBtypdZbPa49S7cVL3X1CxZrIDkP9c0bM
Kv66TlggY0lif4KE4wvQzsSNVcsxyv1AimU1jGYTU74HOrG8/Mq8wGmDOARIwoeL
ecJcAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org