Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8DD1/25DD59F8E1C911EEBE1F5068C4F9AE02/40AEFA52F63C11EEB599593AC4F9AE02.roa
File: 40AEFA52F63C11EEB599593AC4F9AE02.roa (raw, json)
Hash identifier: E8HrgNs6ifBb+hfGlfc3L3Mwe1fz28BLSa4CFhUu9gw=
Subject key identifier: A5:7C:25:F6:49:80:03:07:1D:F9:DC:02:A3:64:75:A1:D3:2A:70:19
Certificate issuer: /CN=A91C8DD1/serialNumber=06D62C7A84076E1C64940406258919D67D15ABE1
Certificate serial: 12
Authority key identifier: 06:D6:2C:7A:84:07:6E:1C:64:94:04:06:25:89:19:D6:7D:15:AB:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BtYseoQHbhxklAQGJYkZ1n0Vq-E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8DD1/25DD59F8E1C911EEBE1F5068C4F9AE02/40AEFA52F63C11EEB599593AC4F9AE02.roa
Signing time: Tue 09 Apr 2024 06:44:09 +0000
ROA not before: Tue 09 Apr 2024 06:44:09 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 152644
IP address blocks: 202.47.134.0/23 maxlen: 24
2401:89a0::/32 maxlen: 36
Validation: Failed, certificate revoked on Fri 10 May 2024 02:52:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8DD1/serialNumber=06D62C7A84076E1C64940406258919D67D15ABE1
Validity
Not Before: Apr 9 06:44:09 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6614e3b9-c15b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:77:ac:dc:32:4f:11:89:17:2c:ef:c8:52:8f:
0c:42:91:ba:c0:9f:c3:2b:51:ec:de:ef:22:51:20:
4e:bb:5d:f6:de:45:fc:cc:b0:93:fc:9f:df:11:3d:
e0:f7:24:93:0d:ef:06:69:01:f2:ae:1a:ed:05:eb:
6d:1c:72:17:31:22:80:47:15:7e:0b:e6:e6:09:04:
9a:56:8c:1e:59:93:42:d8:3d:8a:1e:bd:8d:dd:77:
33:5d:a4:42:71:85:b3:1b:ba:55:ef:f2:aa:5a:6a:
d4:4d:d5:f7:be:f7:e7:c7:bd:5d:c9:71:7d:66:b2:
63:66:88:cf:76:63:10:15:9a:71:21:7c:ea:ed:ea:
6d:3d:7f:86:b0:4b:2b:dd:16:12:70:4a:ea:d0:d1:
dd:ad:dc:f6:35:d1:db:4c:76:86:79:d2:a4:ba:cf:
2a:fb:77:53:fb:e0:d0:9d:4d:48:68:45:68:a1:f2:
27:0a:34:2e:75:a2:4f:b3:56:ad:c6:35:1d:2c:71:
56:53:1b:8d:9c:a3:aa:8f:88:c0:d5:92:46:49:20:
f8:c9:be:01:db:c7:b0:a1:05:85:f9:dd:8b:1d:6d:
53:de:c4:73:86:18:65:1e:9e:09:82:d0:9c:94:3e:
4a:0e:d9:ef:4f:40:2a:00:8d:74:cb:b0:0e:d0:db:
7e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:7C:25:F6:49:80:03:07:1D:F9:DC:02:A3:64:75:A1:D3:2A:70:19
X509v3 Authority Key Identifier:
keyid:06:D6:2C:7A:84:07:6E:1C:64:94:04:06:25:89:19:D6:7D:15:AB:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8DD1/25DD59F8E1C911EEBE1F5068C4F9AE02/BtYseoQHbhxklAQGJYkZ1n0Vq-E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BtYseoQHbhxklAQGJYkZ1n0Vq-E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8DD1/25DD59F8E1C911EEBE1F5068C4F9AE02/40AEFA52F63C11EEB599593AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.47.134.0/23
IPv6:
2401:89a0::/32
Signature Algorithm: sha256WithRSAEncryption
20:4d:00:db:74:0b:a0:27:7d:41:23:e0:08:1d:98:55:29:3c:
79:b4:94:c6:c7:42:72:3e:81:d3:6f:8b:39:33:eb:50:a1:14:
02:b8:09:e5:60:31:f7:13:be:14:12:4d:fd:11:ea:63:46:de:
d4:cf:26:b5:be:6d:51:cb:37:53:e1:f1:79:15:6e:2c:e4:29:
6a:7b:a0:c6:19:25:d8:d1:7f:62:9e:66:54:5a:01:3e:d0:fc:
b9:c1:5a:76:29:91:bc:df:ae:6d:20:2c:06:ef:77:ce:42:42:
1e:9c:63:ab:1c:66:43:e7:73:2c:a5:44:16:1e:1b:a4:2f:55:
58:46:6b:20:65:a5:92:0d:2b:47:be:5b:c2:c7:a5:09:ad:40:
44:87:15:1f:de:80:9e:5c:eb:be:2b:fd:b3:45:40:68:de:f3:
06:f8:8f:fc:0c:37:05:47:b4:d4:06:c5:f5:ba:76:e6:a4:b4:
dd:5b:d4:c8:06:03:b5:8c:d6:ed:bc:bc:0a:3c:92:1b:60:e3:
05:df:bc:d0:a2:f9:d0:cf:01:75:a7:15:a8:96:16:a0:f1:42:
ff:e0:32:10:0e:fd:39:71:1b:d7:aa:df:57:21:84:17:c3:9f:
97:85:72:ef:ab:42:6e:5c:d1:c8:44:56:ed:6d:55:2c:fd:49:
5d:e7:cd:7c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
OEREMTExMC8GA1UEBRMoMDZENjJDN0E4NDA3NkUxQzY0OTQwNDA2MjU4OTE5RDY3
RDE1QUJFMTAeFw0yNDA0MDkwNjQ0MDlaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTRlM2I5LWMxNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCd6zcMk8RiRcs78hSjwxCkbrAn8MrUeze7yJRIE67XfbeRfzMsJP8n98RPeD3
JJMN7wZpAfKuGu0F620cchcxIoBHFX4L5uYJBJpWjB5Zk0LYPYoevY3ddzNdpEJx
hbMbulXv8qpaatRN1fe+9+fHvV3JcX1msmNmiM92YxAVmnEhfOrt6m09f4awSyvd
FhJwSurQ0d2t3PY10dtMdoZ50qS6zyr7d1P74NCdTUhoRWih8icKNC51ok+zVq3G
NR0scVZTG42co6qPiMDVkkZJIPjJvgHbx7ChBYX53YsdbVPexHOGGGUengmC0JyU
PkoO2e9PQCoAjXTLsA7Q236dAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUpXwl9kmA
Awcd+dwCo2R1odMqcBkwHwYDVR0jBBgwFoAUBtYseoQHbhxklAQGJYkZ1n0Vq+Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4REQxLzI1REQ1OUY4RTFD
OTExRUVCRTFGNTA2OEM0RjlBRTAyL0J0WXNlb1FIYmh4a2xBUUdKWWtaMW4wVnEt
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQnRZc2VvUUhiaHhrbEFRR0pZa1oxbjBWcS1FLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
OEREMS8yNURENTlGOEUxQzkxMUVFQkUxRjUwNjhDNEY5QUUwMi80MEFFRkE1MkY2
M0MxMUVFQjU5OTU5M0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAcovhjANBAIAAjAHAwUAJAGJoDANBgkqhkiG9w0BAQsFAAOC
AQEAIE0A23QLoCd9QSPgCB2YVSk8ebSUxsdCcj6B02+LOTPrUKEUArgJ5WAx9xO+
FBJN/RHqY0be1M8mtb5tUcs3U+HxeRVuLOQpanugxhkl2NF/Yp5mVFoBPtD8ucFa
dimRvN+ubSAsBu93zkJCHpxjqxxmQ+dzLKVEFh4bpC9VWEZrIGWlkg0rR75bwsel
Ca1ARIcVH96Anlzrviv9s0VAaN7zBviP/Aw3BUe01AbF9bp25qS03VvUyAYDtYzW
7by8CjySG2DjBd+80KL50M8BdacVqJYWoPFC/+AyEA79OXEb16rfVyGEF8Ofl4Vy
76tCblzRyERW7W1VLP1JXefNfA==
-----END CERTIFICATE-----
Generated at Fri May 10 03:48:02 2024 by rpki-client on console-fra.rpki-client.org