Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C33F8798981311EE91092F73C4F9AE02.roa
File: C33F8798981311EE91092F73C4F9AE02.roa (raw, json)
Hash identifier: q3PmCM7wpJACWkzij5P2FfW++uPM0CHtuoenrVAASRQ=
Subject key identifier: 63:E2:0E:6C:1A:58:92:86:59:F6:2C:10:B3:F2:1F:DD:1A:EF:7F:3B
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 34B1
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C33F8798981311EE91092F73C4F9AE02.roa
Signing time: Fri 15 Mar 2024 06:37:54 +0000
ROA not before: Fri 15 Mar 2024 06:37:54 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 151636
IP address blocks: 116.90.116.0/24 maxlen: 24
116.90.117.0/24 maxlen: 24
121.46.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 10:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13489 (0x34b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Mar 15 06:37:54 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65f3ecc2-581d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:94:a6:8d:2a:d1:15:7d:4c:03:16:88:30:33:
b8:40:be:96:e9:9e:2c:b6:75:70:b4:df:8d:43:89:
19:db:57:d4:f7:22:bc:59:1d:06:fe:f7:a0:25:e1:
31:5f:05:8d:08:71:01:da:81:b6:91:e6:e0:0d:ee:
b9:df:37:fa:53:80:c8:2d:7a:c3:c6:bf:e4:35:8e:
90:aa:af:6e:d4:ea:83:9c:f9:89:ef:b2:48:8c:99:
66:2e:dc:d6:5b:a1:20:11:3d:c4:7a:b7:af:80:e0:
fa:e6:39:cb:f4:4c:0a:5f:ae:a8:8a:95:d4:7c:00:
e4:bd:2c:ef:37:b3:b5:dc:f0:20:9a:c6:d2:ff:88:
61:02:18:f7:bd:6b:65:ff:b7:09:cf:11:77:a0:5b:
a9:cc:10:ff:84:cc:ae:f1:09:77:b2:3c:f8:1f:a7:
3c:69:56:1a:b7:dc:05:bd:08:64:e7:4c:3f:47:9f:
7d:bf:82:76:21:e6:12:f4:be:24:a6:aa:a9:42:19:
6d:ec:16:3e:d8:e5:d3:53:58:13:40:cb:12:d1:36:
fb:55:cf:c3:9a:b3:8e:ca:1f:17:94:6d:7c:af:5e:
ef:e0:10:c4:66:c7:7d:07:ed:c6:ff:5e:5d:66:67:
65:e4:ea:25:4e:ec:46:93:f6:c3:eb:37:d1:2c:40:
dd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E2:0E:6C:1A:58:92:86:59:F6:2C:10:B3:F2:1F:DD:1A:EF:7F:3B
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C33F8798981311EE91092F73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.116.0/23
121.46.66.0/24
Signature Algorithm: sha256WithRSAEncryption
63:a2:9d:cc:e6:14:93:e7:ee:64:e8:eb:fc:a1:e6:5d:e6:80:
ef:f7:66:3c:58:93:f3:7c:e7:06:2a:1c:01:5f:e7:60:64:da:
e2:c6:04:a8:ee:e4:27:b5:8d:6d:55:de:94:ea:d6:e0:44:36:
1d:5d:73:84:07:39:7d:f6:ad:6d:06:f8:d6:ad:7f:c0:17:55:
66:b7:50:41:ef:c3:56:bd:07:17:24:5e:3b:69:40:a1:c8:ef:
dd:e2:00:aa:22:4f:8d:72:63:ac:9f:f3:41:18:23:39:40:72:
9c:f3:3d:c6:21:66:e0:3d:a1:eb:64:31:f7:43:b5:0e:da:3d:
ee:d3:8b:88:82:64:de:d1:dc:36:d7:c2:18:22:e1:c3:38:74:
d4:b9:b3:fe:35:af:d8:62:13:e0:05:fe:36:3f:71:59:73:5d:
a7:b4:c5:c9:f5:5e:1e:ef:8d:e5:a4:f8:ef:7a:02:0b:81:ac:
76:cb:c4:17:87:6c:2c:20:e9:d2:47:29:0e:0d:6d:de:9e:0d:
4f:3e:2d:68:d4:83:87:da:16:95:90:5e:73:20:a7:7f:b7:de:
f4:1f:c7:4e:1d:f2:e2:43:62:59:8c:d5:5a:33:ec:b1:c6:46:
ea:2a:13:e1:c3:2a:ce:a9:23:4c:06:ab:3b:0c:a6:00:33:05:
64:6c:89:0b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQwMzE1MDYzNzU0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYzZWNjMi01ODFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxpSmjSrRFX1MAxaIMDO4QL6W6Z4stnVwtN+NQ4kZ21fU9yK8WR0G/vegJeEx
XwWNCHEB2oG2kebgDe653zf6U4DILXrDxr/kNY6Qqq9u1OqDnPmJ77JIjJlmLtzW
W6EgET3EerevgOD65jnL9EwKX66oipXUfADkvSzvN7O13PAgmsbS/4hhAhj3vWtl
/7cJzxF3oFupzBD/hMyu8Ql3sjz4H6c8aVYat9wFvQhk50w/R599v4J2IeYS9L4k
pqqpQhlt7BY+2OXTU1gTQMsS0Tb7Vc/DmrOOyh8XlG18r17v4BDEZsd9B+3G/15d
Zmdl5OolTuxGk/bD6zfRLEDdtwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGPiDmwa
WJKGWfYsELPyH90a7387MB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvQzMzRjg3OTg5
ODEzMTFFRTkxMDkyRjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAF0WnQDBAB5LkIwDQYJKoZIhvcNAQELBQADggEBAGOinczm
FJPn7mTo6/yh5l3mgO/3ZjxYk/N85wYqHAFf52Bk2uLGBKju5Ce1jW1V3pTq1uBE
Nh1dc4QHOX32rW0G+Natf8AXVWa3UEHvw1a9BxckXjtpQKHI793iAKoiT41yY6yf
80EYIzlAcpzzPcYhZuA9oetkMfdDtQ7aPe7Ti4iCZN7R3DbXwhgi4cM4dNS5s/41
r9hiE+AF/jY/cVlzXae0xcn1Xh7vjeWk+O96AguBrHbLxBeHbCwg6dJHKQ4Nbd6e
DU8+LWjUg4faFpWQXnMgp3+33vQfx04d8uJDYlmM1Voz7LHGRuoqE+HDKs6pI0wG
qzsMpgAzBWRsiQs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org