Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4849/087D3EE8E66D11EE8A31A960C4F9AE02/737F6192E66F11EEA8C79D6EC4F9AE02.roa
File: 737F6192E66F11EEA8C79D6EC4F9AE02.roa (raw, json)
Hash identifier: lGlsZ+vIHa/f5eEb5mE6oGVsqMSWVPGc8EMf51pIYSs=
Subject key identifier: 65:E8:10:4E:80:56:77:5F:84:32:DF:F2:8B:16:73:DC:A7:44:95:10
Certificate issuer: /CN=A91A4849/serialNumber=B6CC02A7DB8A4DB530F112B6224F19080868FBD9
Certificate serial: 02
Authority key identifier: B6:CC:02:A7:DB:8A:4D:B5:30:F1:12:B6:22:4F:19:08:08:68:FB:D9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tswCp9uKTbUw8RK2Ik8ZCAho-9k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4849/087D3EE8E66D11EE8A31A960C4F9AE02/737F6192E66F11EEA8C79D6EC4F9AE02.roa
Signing time: Wed 20 Mar 2024 04:08:05 +0000
ROA not before: Wed 20 Mar 2024 04:08:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135697
IP address blocks: 202.71.184.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 20 Mar 2024 11:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4849/serialNumber=B6CC02A7DB8A4DB530F112B6224F19080868FBD9
Validity
Not Before: Mar 20 04:08:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65fa6125-6a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7d:63:6b:58:db:38:8c:61:f9:55:69:ba:81:
76:ac:c9:6a:50:7b:4a:ce:26:11:51:d2:60:e9:14:
01:6e:fd:d2:f8:97:26:76:1c:90:4b:9c:a3:a7:9a:
99:d4:6b:c5:bd:b6:fe:dd:92:2a:cf:2b:63:bc:29:
53:4a:82:81:38:ed:60:0d:81:72:a8:95:ee:53:7a:
80:a7:bd:82:91:c3:28:36:01:ac:97:49:42:b2:f1:
e8:e1:4a:b3:61:0f:f0:6d:3e:73:c8:d1:7e:66:32:
76:65:86:bd:61:dd:5d:33:1c:ad:c1:10:fe:e0:93:
9c:4f:4b:47:ba:81:b3:7c:fb:7a:65:c7:39:35:ee:
e1:e2:39:cc:d9:5f:11:d8:b9:26:6c:a5:90:8c:7d:
44:b5:3c:8d:93:3f:60:d6:ca:32:a0:9a:ca:8e:f7:
f4:49:26:ba:a0:8f:06:75:32:c3:42:f5:69:d2:a1:
4c:b6:1b:28:a1:6b:a1:86:69:46:70:cf:ac:21:94:
fb:f6:db:39:c5:c0:24:16:bf:ff:32:6e:58:6d:ff:
49:d0:b4:7d:79:9b:ba:89:ec:2a:84:b9:0e:39:72:
6b:80:03:ab:fa:1f:d8:66:de:1c:29:bf:76:8f:41:
c3:3f:67:2f:97:4b:a5:0f:e8:d2:2c:29:52:52:f1:
b5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E8:10:4E:80:56:77:5F:84:32:DF:F2:8B:16:73:DC:A7:44:95:10
X509v3 Authority Key Identifier:
keyid:B6:CC:02:A7:DB:8A:4D:B5:30:F1:12:B6:22:4F:19:08:08:68:FB:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4849/087D3EE8E66D11EE8A31A960C4F9AE02/tswCp9uKTbUw8RK2Ik8ZCAho-9k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tswCp9uKTbUw8RK2Ik8ZCAho-9k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4849/087D3EE8E66D11EE8A31A960C4F9AE02/737F6192E66F11EEA8C79D6EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.71.184.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:dc:cc:4e:7b:2a:53:ae:c1:83:92:aa:b1:61:39:bd:fc:c9:
08:90:95:1c:7f:fc:be:ee:d4:2a:ee:7c:bf:0a:76:6e:dc:16:
65:34:90:6d:33:2e:57:d4:f0:b3:30:50:fb:ca:79:dc:4d:5d:
f3:12:04:5a:e9:2d:38:49:fd:2f:3d:02:e7:57:a4:f4:01:39:
c2:e9:fd:03:dd:ef:5c:82:6d:80:0c:fe:a7:0d:57:21:f3:15:
c0:63:a3:27:ab:20:1b:94:2e:f6:12:fc:bd:63:60:6e:b8:8a:
92:48:bf:81:67:b2:cb:fe:d4:86:04:91:07:c0:08:50:d8:67:
2c:15:dd:af:18:e9:21:60:a0:53:52:66:5c:c1:00:30:f0:bd:
b6:17:80:48:65:b8:a9:71:96:25:c5:9f:db:f3:11:c8:ca:0b:
7f:9f:55:36:d2:6e:85:f7:bb:ef:d9:f2:da:c6:9c:26:17:71:
2d:6a:6d:90:f0:18:f5:fa:90:e1:50:52:6d:47:c0:a1:1b:f6:
f8:8f:85:70:d9:62:23:c4:39:ad:67:7e:27:0a:82:f5:c6:24:
ca:a4:6e:1b:13:fa:52:22:c4:61:51:4d:a0:3f:b3:39:55:53:
05:aa:5f:69:55:99:7b:ab:41:2f:f3:4d:ad:69:f8:4c:7c:bf:
40:e5:0d:7f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NDg0OTExMC8GA1UEBRMoQjZDQzAyQTdEQjhBNERCNTMwRjExMkI2MjI0RjE5MDgw
ODY4RkJEOTAeFw0yNDAzMjAwNDA4MDVaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZmE2MTI1LTZhMmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCfWNrWNs4jGH5VWm6gXasyWpQe0rOJhFR0mDpFAFu/dL4lyZ2HJBLnKOnmpnU
a8W9tv7dkirPK2O8KVNKgoE47WANgXKole5TeoCnvYKRwyg2AayXSUKy8ejhSrNh
D/BtPnPI0X5mMnZlhr1h3V0zHK3BEP7gk5xPS0e6gbN8+3plxzk17uHiOczZXxHY
uSZspZCMfUS1PI2TP2DWyjKgmsqO9/RJJrqgjwZ1MsNC9WnSoUy2Gyiha6GGaUZw
z6whlPv22znFwCQWv/8yblht/0nQtH15m7qJ7CqEuQ45cmuAA6v6H9hm3hwpv3aP
QcM/Zy+XS6UP6NIsKVJS8bVXAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZegQToBW
d1+EMt/yixZz3KdElRAwHwYDVR0jBBgwFoAUtswCp9uKTbUw8RK2Ik8ZCAho+9kw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0ODQ5LzA4N0QzRUU4RTY2
RDExRUU4QTMxQTk2MEM0RjlBRTAyL3Rzd0NwOXVLVGJVdzhSSzJJazhaQ0Foby05
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdHN3Q3A5dUtUYlV3OFJLMklrOFpDQWhvLTlrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NDg0OS8wODdEM0VFOEU2NkQxMUVFOEEzMUE5NjBDNEY5QUUwMi83MzdGNjE5MkU2
NkYxMUVFQThDNzlENkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcpHuDANBgkqhkiG9w0BAQsFAAOCAQEADdzMTnsqU67Bg5Kq
sWE5vfzJCJCVHH/8vu7UKu58vwp2btwWZTSQbTMuV9TwszBQ+8p53E1d8xIEWukt
OEn9Lz0C51ek9AE5wun9A93vXIJtgAz+pw1XIfMVwGOjJ6sgG5Qu9hL8vWNgbriK
kki/gWeyy/7UhgSRB8AIUNhnLBXdrxjpIWCgU1JmXMEAMPC9theASGW4qXGWJcWf
2/MRyMoLf59VNtJuhfe779ny2sacJhdxLWptkPAY9fqQ4VBSbUfAoRv2+I+FcNli
I8Q5rWd+JwqC9cYkyqRuGxP6UiLEYVFNoD+zOVVTBapfaVWZe6tBL/NNrWn4THy/
QOUNfw==
-----END CERTIFICATE-----
Generated at Wed Mar 20 14:21:18 2024 by rpki-client on console-fra.rpki-client.org