Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC75F/421F0F1CC3F511E5A293907CC4F9AE02/D969E616582D11E8B2F91484C4F9AE02.roa
File: D969E616582D11E8B2F91484C4F9AE02.roa (raw, json)
Hash identifier: 3KyNG07VCliA77jFoZ/3CAwyM+r4VcS4PETCoAZrQSs=
Subject key identifier: DD:8B:4B:57:F5:2B:53:48:D5:BD:19:8C:78:45:1C:37:1B:DE:CD:A6
Certificate issuer: /CN=A91AC75F/serialNumber=087D5DC627B63E36BF9C2F7D067EAE31B48C7878
Certificate serial: 20BE
Authority key identifier: 08:7D:5D:C6:27:B6:3E:36:BF:9C:2F:7D:06:7E:AE:31:B4:8C:78:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CH1dxie2Pja_nC99Bn6uMbSMeHg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC75F/421F0F1CC3F511E5A293907CC4F9AE02/D969E616582D11E8B2F91484C4F9AE02.roa
Signing time: Tue 12 Sep 2023 16:12:57 +0000
ROA not before: Tue 12 Sep 2023 16:12:57 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 55915
IP address blocks: 45.123.220.0/22 maxlen: 24
103.192.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 04:54:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8382 (0x20be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC75F/serialNumber=087D5DC627B63E36BF9C2F7D067EAE31B48C7878
Validity
Not Before: Sep 12 16:12:57 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65008e09-4e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8f:b1:04:4a:43:4c:b0:a2:e9:c7:d8:83:65:
79:b9:80:22:9c:90:67:09:d7:0e:a2:5d:17:69:ef:
28:1c:84:13:f9:ee:49:fd:28:06:a2:4a:a5:0a:de:
6d:bb:88:fa:20:ab:39:b4:d0:08:31:73:65:91:85:
fe:4b:d2:46:9b:24:f0:c0:92:20:c4:85:c9:0a:76:
7f:48:1b:cd:ff:83:2d:df:c8:15:3e:ef:89:dd:55:
29:6a:3a:68:8c:4f:c0:9f:0d:32:8d:26:35:5e:09:
e1:f3:26:82:e9:c6:e8:47:e6:95:ec:50:24:7b:c5:
49:f9:89:d4:2f:0e:28:b6:08:8e:ae:27:d7:a7:e0:
72:bc:46:7b:eb:08:cc:6f:61:6f:41:e0:2c:7c:bd:
a1:2e:32:49:34:48:d1:9c:02:23:c1:8d:c1:a0:59:
64:8f:80:2d:b4:55:7e:e0:79:28:2c:ae:ee:1c:19:
84:8d:3e:29:36:71:ef:b4:43:59:8c:83:33:aa:1b:
42:c0:74:88:34:78:63:67:1a:ce:8d:ea:0d:b0:6f:
ea:8a:44:49:9d:39:d5:a9:64:95:c5:2c:ac:ac:6e:
f3:23:0b:dd:fd:18:28:b0:b8:5c:d8:45:9e:be:5c:
29:6c:20:0c:f4:9f:1d:fa:1d:3f:a2:50:71:bb:87:
45:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8B:4B:57:F5:2B:53:48:D5:BD:19:8C:78:45:1C:37:1B:DE:CD:A6
X509v3 Authority Key Identifier:
keyid:08:7D:5D:C6:27:B6:3E:36:BF:9C:2F:7D:06:7E:AE:31:B4:8C:78:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC75F/421F0F1CC3F511E5A293907CC4F9AE02/CH1dxie2Pja_nC99Bn6uMbSMeHg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CH1dxie2Pja_nC99Bn6uMbSMeHg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC75F/421F0F1CC3F511E5A293907CC4F9AE02/D969E616582D11E8B2F91484C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.123.220.0/22
103.192.76.0/22
Signature Algorithm: sha256WithRSAEncryption
53:d6:35:e4:47:89:c0:d2:81:dd:6f:9b:d1:f3:fd:b8:ed:55:
55:18:ae:cc:9b:e6:09:3b:b5:cb:95:73:e0:d5:5b:42:2c:02:
2e:cb:5c:5c:7c:bd:93:74:64:19:49:5b:09:e1:d1:06:3c:5a:
4a:e1:b9:c7:1a:ed:02:3e:1a:f9:2b:89:59:eb:5b:63:eb:ac:
72:e2:83:e0:80:3b:cf:74:c2:72:8a:af:31:ee:5d:1d:13:f1:
a7:c9:f3:eb:c3:b4:bd:a8:5a:0f:e9:f7:cc:6c:04:f0:d1:0b:
3f:35:1c:55:e9:4f:b0:6d:d4:e7:5b:d8:5e:b0:a2:0b:ef:5e:
16:be:2d:c6:87:41:8a:04:1a:0b:e3:2d:83:19:02:ea:94:fa:
df:a8:c0:f0:df:f7:a1:ee:a6:a4:84:f6:07:28:f0:07:cb:dc:
c7:87:70:a9:25:c5:fd:2f:8a:9e:a2:9e:51:1d:c4:45:ef:f2:
3e:9b:e8:72:24:c4:64:57:ba:20:65:ce:97:a7:d2:7b:32:40:
a3:43:16:97:88:6b:1a:3c:87:5e:30:e8:9f:a0:3c:dd:54:00:
e2:48:3c:ca:d8:4e:6b:d6:c0:8f:8b:d9:bf:84:6c:81:b1:68:
e9:ca:56:28:6a:ad:fd:e1:ea:3f:bd:3f:9f:b0:b0:3d:85:03:
40:d4:a6:ac
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICIL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUM3NUYxMTAvBgNVBAUTKDA4N0Q1REM2MjdCNjNFMzZCRjlDMkY3RDA2N0VBRTMx
QjQ4Qzc4NzgwHhcNMjMwOTEyMTYxMjU3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTAwOGUwOS00ZTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqI+xBEpDTLCi6cfYg2V5uYAinJBnCdcOol0Xae8oHIQT+e5J/SgGokqlCt5t
u4j6IKs5tNAIMXNlkYX+S9JGmyTwwJIgxIXJCnZ/SBvN/4Mt38gVPu+J3VUpajpo
jE/Anw0yjSY1Xgnh8yaC6cboR+aV7FAke8VJ+YnULw4otgiOrifXp+ByvEZ76wjM
b2FvQeAsfL2hLjJJNEjRnAIjwY3BoFlkj4AttFV+4HkoLK7uHBmEjT4pNnHvtENZ
jIMzqhtCwHSINHhjZxrOjeoNsG/qikRJnTnVqWSVxSysrG7zIwvd/RgosLhc2EWe
vlwpbCAM9J8d+h0/olBxu4dF+wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN2LS1f1
K1NI1b0ZjHhFHDcb3s2mMB8GA1UdIwQYMBaAFAh9XcYntj42v5wvfQZ+rjG0jHh4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQzc1Ri80MjFGMEYxQ0Mz
RjUxMUU1QTI5MzkwN0NDNEY5QUUwMi9DSDFkeGllMlBqYV9uQzk5Qm42dU1iU01l
SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NIMWR4aWUyUGphX25DOTlCbjZ1TWJTTWVIZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUM3NUYvNDIxRjBGMUNDM0Y1MTFFNUEyOTM5MDdDQzRGOUFFMDIvRDk2OUU2MTY1
ODJEMTFFOEIyRjkxNDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIte9wDBAJnwEwwDQYJKoZIhvcNAQELBQADggEBAFPWNeRH
icDSgd1vm9Hz/bjtVVUYrsyb5gk7tcuVc+DVW0IsAi7LXFx8vZN0ZBlJWwnh0QY8
Wkrhucca7QI+GvkriVnrW2PrrHLig+CAO890wnKKrzHuXR0T8afJ8+vDtL2oWg/p
98xsBPDRCz81HFXpT7Bt1Odb2F6wogvvXha+LcaHQYoEGgvjLYMZAuqU+t+owPDf
96HupqSE9gco8AfL3MeHcKklxf0vip6inlEdxEXv8j6b6HIkxGRXuiBlzpen0nsy
QKNDFpeIaxo8h14w6J+gPN1UAOJIPMrYTmvWwI+L2b+EbIGxaOnKVihqrf3h6j+9
P5+wsD2FA0DUpqw=
-----END CERTIFICATE-----
Generated at Mon Mar 25 05:37:44 2024 by rpki-client on console-fra.rpki-client.org