Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7D85/62CED48E33E211EAA4932884C4F9AE02/DE36A97E33E911EA818BA21BC4F9AE02.roa
File: DE36A97E33E911EA818BA21BC4F9AE02.roa (raw, json)
Hash identifier: 5ftB2IktPfQ73EWZAjMy5zv3lIfTJCdyZpnSqVkjB5g=
Subject key identifier: 52:61:C4:04:17:14:EB:71:08:D6:FA:80:F9:B2:9C:78:4E:A3:BE:E5
Certificate issuer: /CN=A91A7D85/serialNumber=5827E4BD870277EDF0EB10563A9B41C1E4BE7C81
Certificate serial: 0AC3
Authority key identifier: 58:27:E4:BD:87:02:77:ED:F0:EB:10:56:3A:9B:41:C1:E4:BE:7C:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WCfkvYcCd-3w6xBWOptBweS-fIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7D85/62CED48E33E211EAA4932884C4F9AE02/DE36A97E33E911EA818BA21BC4F9AE02.roa
Signing time: Wed 10 Jul 2024 19:57:34 +0000
ROA not before: Wed 10 Jul 2024 19:57:34 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 58980
IP address blocks: 203.24.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 15:09:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2755 (0xac3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7D85/serialNumber=5827E4BD870277EDF0EB10563A9B41C1E4BE7C81
Validity
Not Before: Jul 10 19:57:34 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=668ee7ad-e1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c2:4a:76:57:33:09:e0:d3:2f:49:32:e4:2f:
94:f5:e3:c3:99:b5:dd:51:c7:a3:e5:34:6d:62:06:
9d:a3:01:a4:1a:d9:18:2f:a5:cb:77:fa:47:7e:99:
9f:26:c8:60:7b:c8:5b:e0:14:41:7e:3c:8d:a1:81:
05:1d:3e:7a:ec:17:c6:fa:8c:e2:89:57:89:b6:fb:
7e:61:d6:0c:d2:14:07:76:6d:04:c7:1a:2b:5d:e9:
ec:12:5b:d1:50:ed:88:c8:21:4f:75:6b:45:f9:75:
89:33:3f:c0:6a:6e:e1:bd:a6:09:41:5b:58:2c:aa:
ca:88:5a:53:ce:23:b8:24:e6:0e:46:68:e6:33:5b:
00:3a:f9:4b:3d:da:2b:cf:5a:a7:8c:32:32:85:c3:
d4:9f:26:75:e1:b4:e5:b4:cc:ba:fd:70:86:d7:14:
51:94:0b:13:7b:c6:35:3e:96:ef:86:e7:f5:59:c0:
9e:4d:dd:7e:72:96:c5:31:ff:f9:3f:42:ad:4a:05:
48:8d:24:f0:96:75:85:be:a7:91:33:ce:11:77:b4:
76:fb:8a:cf:68:dc:67:c2:a8:c0:0b:7c:14:18:81:
86:c4:be:c3:e3:c1:e4:a4:bc:58:ea:25:0e:13:ec:
30:0b:54:36:c6:ca:69:17:78:79:7b:95:16:23:16:
2d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:61:C4:04:17:14:EB:71:08:D6:FA:80:F9:B2:9C:78:4E:A3:BE:E5
X509v3 Authority Key Identifier:
keyid:58:27:E4:BD:87:02:77:ED:F0:EB:10:56:3A:9B:41:C1:E4:BE:7C:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7D85/62CED48E33E211EAA4932884C4F9AE02/WCfkvYcCd-3w6xBWOptBweS-fIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WCfkvYcCd-3w6xBWOptBweS-fIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7D85/62CED48E33E211EAA4932884C4F9AE02/DE36A97E33E911EA818BA21BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.24.149.0/24
Signature Algorithm: sha256WithRSAEncryption
18:c2:de:8e:9b:94:6d:6f:73:89:3f:60:a6:5d:b4:90:c3:b6:
e1:4c:40:b1:13:90:90:78:d7:80:7e:7e:43:d3:bb:5c:cd:71:
03:5d:78:f5:2e:fd:85:d3:bc:3a:4a:4b:4f:ed:0b:3a:da:79:
19:76:5c:59:45:93:ce:93:c1:92:c6:6e:1c:48:1c:9e:89:dc:
99:4c:ef:37:75:ce:0b:82:f0:71:e9:5a:6c:5c:fb:03:1f:0c:
c0:84:74:f8:16:85:fe:e3:c9:be:10:6b:a0:75:d2:33:3a:91:
51:99:d1:17:31:2b:84:75:a4:33:24:6c:8f:3b:72:ad:13:45:
67:79:e7:00:bb:9c:4e:ed:85:4d:75:ec:84:93:78:1a:b7:26:
71:a8:f1:2b:7d:26:6b:3e:44:3e:c6:55:8a:01:44:40:94:dc:
1b:b3:31:b0:fe:9f:17:c5:00:75:e0:d5:b8:9b:fb:95:27:70:
94:29:12:ed:b8:76:90:a8:83:da:83:5e:25:31:0f:fc:5c:b1:
2c:16:c0:51:5d:44:5c:4a:92:23:d0:d9:70:de:c8:07:97:75:
2d:bd:a6:29:e3:05:f0:26:55:af:85:7f:f4:9c:92:f3:db:31:
48:21:86:c6:a1:a3:00:50:7f:a0:56:07:13:d3:d6:2a:15:7e:
09:de:a4:3b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTdEODUxMTAvBgNVBAUTKDU4MjdFNEJEODcwMjc3RURGMEVCMTA1NjNBOUI0MUMx
RTRCRTdDODEwHhcNMjQwNzEwMTk1NzM0WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhlZTdhZC1lMWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvsJKdlczCeDTL0ky5C+U9ePDmbXdUcej5TRtYgadowGkGtkYL6XLd/pHfpmf
Jshge8hb4BRBfjyNoYEFHT567BfG+oziiVeJtvt+YdYM0hQHdm0ExxorXensElvR
UO2IyCFPdWtF+XWJMz/Aam7hvaYJQVtYLKrKiFpTziO4JOYORmjmM1sAOvlLPdor
z1qnjDIyhcPUnyZ14bTltMy6/XCG1xRRlAsTe8Y1Ppbvhuf1WcCeTd1+cpbFMf/5
P0KtSgVIjSTwlnWFvqeRM84Rd7R2+4rPaNxnwqjAC3wUGIGGxL7D48HkpLxY6iUO
E+wwC1Q2xsppF3h5e5UWIxYtKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFJhxAQX
FOtxCNb6gPmynHhOo77lMB8GA1UdIwQYMBaAFFgn5L2HAnft8OsQVjqbQcHkvnyB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0Q4NS82MkNFRDQ4RTMz
RTIxMUVBQTQ5MzI4ODRDNEY5QUUwMi9XQ2ZrdlljQ2QtM3c2eEJXT3B0QndlUy1m
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dDZmt2WWNDZC0zdzZ4QldPcHRCd2VTLWZJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTdEODUvNjJDRUQ0OEUzM0UyMTFFQUE0OTMyODg0QzRGOUFFMDIvREUzNkE5N0Uz
M0U5MTFFQTgxOEJBMjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLGJUwDQYJKoZIhvcNAQELBQADggEBABjC3o6blG1vc4k/
YKZdtJDDtuFMQLETkJB414B+fkPTu1zNcQNdePUu/YXTvDpKS0/tCzraeRl2XFlF
k86TwZLGbhxIHJ6J3JlM7zd1zguC8HHpWmxc+wMfDMCEdPgWhf7jyb4Qa6B10jM6
kVGZ0RcxK4R1pDMkbI87cq0TRWd55wC7nE7thU117ISTeBq3JnGo8St9Jms+RD7G
VYoBRECU3BuzMbD+nxfFAHXg1bib+5UncJQpEu24dpCog9qDXiUxD/xcsSwWwFFd
RFxKkiPQ2XDeyAeXdS29pinjBfAmVa+Ff/SckvPbMUghhsahowBQf6BWBxPT1ioV
fgnepDs=
-----END CERTIFICATE-----
Generated at Tue Sep 17 18:26:52 2024 by rpki-client on console-ams.rpki-client.org