Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAA05/1A75834EF0CC11EE9B727414C4F9AE02/629F0680F0CD11EEB176CA16C4F9AE02.roa
File: 629F0680F0CD11EEB176CA16C4F9AE02.roa (raw, json)
Hash identifier: fRBdBCbs24+20tc3YoNJziEP4/+oNPOzlrP2oU2MxnA=
Subject key identifier: 66:33:20:9F:27:82:E6:36:ED:2E:2A:4A:20:40:49:71:67:CF:C6:BE
Certificate issuer: /CN=A91CAA05/serialNumber=CF1801EE45C9AABF106E1DBDEEA7D18C643EC06E
Certificate serial: 02
Authority key identifier: CF:18:01:EE:45:C9:AA:BF:10:6E:1D:BD:EE:A7:D1:8C:64:3E:C0:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zxgB7kXJqr8Qbh297qfRjGQ-wG4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CAA05/1A75834EF0CC11EE9B727414C4F9AE02/629F0680F0CD11EEB176CA16C4F9AE02.roa
Signing time: Tue 02 Apr 2024 08:45:41 +0000
ROA not before: Tue 02 Apr 2024 08:45:41 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 396982
IP address blocks: 203.25.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 May 2024 09:21:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CAA05/serialNumber=CF1801EE45C9AABF106E1DBDEEA7D18C643EC06E
Validity
Not Before: Apr 2 08:45:41 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660bc5b5-48f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e5:e7:28:05:c5:68:45:86:11:c8:40:68:bb:
69:5a:85:fb:02:13:58:95:6d:ec:88:7d:8a:fc:45:
d1:aa:3d:de:95:b7:11:36:2b:30:91:45:46:d6:ad:
d3:ff:98:02:f0:60:b6:2f:dd:09:a3:c0:5d:4e:09:
a0:93:c4:a8:69:09:3c:25:d3:dd:89:f7:85:fa:20:
d0:bd:d5:97:5a:7c:5b:47:1a:e6:43:16:08:ca:3a:
9c:dd:ce:52:69:1f:d1:68:44:85:b3:bf:de:ef:2a:
ea:1f:40:88:9b:3d:31:3f:94:b5:e9:29:6d:5d:b8:
bc:8a:fc:44:67:80:fe:c1:a9:0b:7e:04:c4:8c:99:
0e:0e:f8:28:00:0b:40:7c:69:de:ad:9a:0a:a0:ca:
2b:ea:dc:c4:77:ca:06:a5:e7:2c:96:57:22:89:5d:
79:b8:82:0c:c0:46:ee:7c:54:03:45:3d:6c:bb:62:
1c:d6:fd:58:20:b7:31:e5:55:a9:39:94:cf:b5:9e:
c5:b4:56:66:bc:e3:64:ba:53:b2:95:e2:c9:0a:89:
6f:65:4c:a3:eb:49:cd:f4:ce:d7:1f:cd:cc:55:3e:
47:6d:ac:52:83:15:a1:5d:12:0d:e3:9e:a8:ae:0e:
7c:38:9c:7e:9a:29:a2:75:07:c2:ce:1e:7a:14:2b:
27:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:33:20:9F:27:82:E6:36:ED:2E:2A:4A:20:40:49:71:67:CF:C6:BE
X509v3 Authority Key Identifier:
keyid:CF:18:01:EE:45:C9:AA:BF:10:6E:1D:BD:EE:A7:D1:8C:64:3E:C0:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CAA05/1A75834EF0CC11EE9B727414C4F9AE02/zxgB7kXJqr8Qbh297qfRjGQ-wG4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zxgB7kXJqr8Qbh297qfRjGQ-wG4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAA05/1A75834EF0CC11EE9B727414C4F9AE02/629F0680F0CD11EEB176CA16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.25.240.0/24
Signature Algorithm: sha256WithRSAEncryption
92:70:80:01:e4:38:f7:25:cd:54:05:1e:28:6b:14:76:93:e9:
3a:ac:a3:46:48:62:01:9c:bb:1c:5a:60:65:9a:ed:a6:e4:48:
31:d3:d4:85:90:36:5a:b9:18:d8:79:89:2d:35:ff:88:61:1b:
1d:35:7d:cc:89:49:07:93:ad:19:7a:44:09:53:03:a5:e4:90:
0a:df:7a:eb:48:74:3c:97:13:d5:82:77:41:1b:03:64:1f:07:
31:9f:2d:3a:7e:80:ee:67:a6:2b:6a:f8:d6:c5:71:2b:15:98:
31:ae:23:c2:b4:4d:02:eb:43:45:c7:1f:ff:c5:d3:7d:0a:a5:
7d:15:b5:b6:09:80:d4:8c:68:d3:f3:e6:d8:f1:8c:dc:b5:7a:
d4:95:fe:b0:b4:30:fe:16:eb:d8:74:01:79:cf:f4:e0:dd:55:
3a:da:ae:4e:0a:59:10:2b:7b:8e:95:0e:a9:ab:87:b6:00:01:
aa:14:f8:09:3d:89:c3:f5:35:34:b2:43:f1:28:23:29:56:e5:
d0:0a:4c:1e:bf:0d:a3:94:e3:37:4b:22:82:a2:c7:c3:b4:ef:
6e:76:a2:b5:8a:de:1b:3d:c4:d6:dd:fb:a7:fe:32:45:e1:1f:
4c:d4:39:00:98:07:f1:e0:54:a1:16:ad:ea:e4:bf:c9:9c:70:
46:b9:5c:68
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
QUEwNTExMC8GA1UEBRMoQ0YxODAxRUU0NUM5QUFCRjEwNkUxREJERUVBN0QxOEM2
NDNFQzA2RTAeFw0yNDA0MDIwODQ1NDFaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MGJjNWI1LTQ4ZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDa5ecoBcVoRYYRyEBou2lahfsCE1iVbeyIfYr8RdGqPd6VtxE2KzCRRUbWrdP/
mALwYLYv3QmjwF1OCaCTxKhpCTwl092J94X6INC91ZdafFtHGuZDFgjKOpzdzlJp
H9FoRIWzv97vKuofQIibPTE/lLXpKW1duLyK/ERngP7BqQt+BMSMmQ4O+CgAC0B8
ad6tmgqgyivq3MR3ygal5yyWVyKJXXm4ggzARu58VANFPWy7YhzW/VggtzHlVak5
lM+1nsW0Vma842S6U7KV4skKiW9lTKPrSc30ztcfzcxVPkdtrFKDFaFdEg3jnqiu
Dnw4nH6aKaJ1B8LOHnoUKyeXAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZjMgnyeC
5jbtLipKIEBJcWfPxr4wHwYDVR0jBBgwFoAUzxgB7kXJqr8Qbh297qfRjGQ+wG4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNBQTA1LzFBNzU4MzRFRjBD
QzExRUU5QjcyNzQxNEM0RjlBRTAyL3p4Z0I3a1hKcXI4UWJoMjk3cWZSakdRLXdH
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvenhnQjdrWEpxcjhRYmgyOTdxZlJqR1Etd0c0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QUEwNS8xQTc1ODM0RUYwQ0MxMUVFOUI3Mjc0MTRDNEY5QUUwMi82MjlGMDY4MEYw
Q0QxMUVFQjE3NkNBMTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsZ8DANBgkqhkiG9w0BAQsFAAOCAQEAknCAAeQ49yXNVAUe
KGsUdpPpOqyjRkhiAZy7HFpgZZrtpuRIMdPUhZA2WrkY2HmJLTX/iGEbHTV9zIlJ
B5OtGXpECVMDpeSQCt9660h0PJcT1YJ3QRsDZB8HMZ8tOn6A7memK2r41sVxKxWY
Ma4jwrRNAutDRccf/8XTfQqlfRW1tgmA1Ixo0/Pm2PGM3LV61JX+sLQw/hbr2HQB
ec/04N1VOtquTgpZECt7jpUOqauHtgABqhT4CT2Jw/U1NLJD8SgjKVbl0ApMHr8N
o5TjN0sigqLHw7TvbnaitYreGz3E1t37p/4yReEfTNQ5AJgH8eBUoRat6uS/yZxw
RrlcaA==
-----END CERTIFICATE-----
Generated at Fri May 3 12:09:42 2024 by rpki-client on console-ams.rpki-client.org