Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/172E81561EF211EEB7C49429C4F9AE02.roa
File: 172E81561EF211EEB7C49429C4F9AE02.roa (raw, json)
Hash identifier: gvHx+RCWPN8xNvcfx4hoYxEOrvccKvW58DNl/ZksS1I=
Subject key identifier: 40:2F:9F:BF:A7:53:14:3D:64:95:D7:2B:25:B9:A1:47:F1:B1:F8:81
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 064B
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/172E81561EF211EEB7C49429C4F9AE02.roa
Signing time: Mon 10 Jul 2023 07:19:22 +0000
ROA not before: Mon 10 Jul 2023 07:19:22 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 49999
IP address blocks: 202.139.244.0/22 maxlen: 24
202.139.248.0/22 maxlen: 24
202.148.136.0/22 maxlen: 24
210.247.208.0/22 maxlen: 24
210.247.212.0/22 maxlen: 24
210.247.228.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1611 (0x64b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: Jul 10 07:19:22 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64abb0f9-f499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:02:72:f5:b4:73:d6:23:70:bb:14:aa:73:b7:
7b:42:79:cc:14:8a:68:e0:cf:c5:74:d0:42:f3:9d:
97:b5:a4:1b:d9:46:31:66:48:17:d3:64:33:50:64:
ff:3e:45:dc:43:96:94:3f:b9:78:39:35:37:72:5d:
2f:b4:c1:8b:de:18:d2:b0:f1:af:d1:5d:ab:9b:a7:
ad:d4:2c:69:93:10:f5:ea:5c:15:39:72:51:d9:f1:
49:4d:ea:c2:fb:df:5f:49:90:00:b5:b3:0d:3e:2c:
04:43:88:70:67:49:cf:2d:98:ea:ab:4c:e3:1f:cb:
f0:7d:0d:2e:c5:a8:21:04:8d:b9:99:09:e1:6d:0e:
83:64:4d:78:e8:74:35:bf:79:d2:e9:44:e0:34:b5:
aa:a5:e9:5d:2c:c0:ba:49:6d:6b:3b:ad:e9:a1:f8:
f2:22:d4:30:08:5e:ce:a8:1d:25:67:f4:0e:01:37:
31:ad:ea:94:c8:f0:e2:4c:79:7d:6c:8c:29:4c:d7:
95:98:bd:79:7f:50:29:a7:7a:27:16:33:45:ae:a1:
7e:40:07:b2:ea:b1:7e:08:27:88:41:ca:ee:0a:d7:
17:58:8c:37:f6:e2:0e:b1:84:91:a5:f6:18:79:dc:
3c:38:48:79:ee:84:e2:d4:99:51:f0:29:41:5e:e2:
34:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:2F:9F:BF:A7:53:14:3D:64:95:D7:2B:25:B9:A1:47:F1:B1:F8:81
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/172E81561EF211EEB7C49429C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.139.244.0-202.139.251.255
202.148.136.0/22
210.247.208.0/21
210.247.228.0/22
Signature Algorithm: sha256WithRSAEncryption
33:4a:46:ce:88:6f:fe:9c:5d:66:08:e5:46:27:2d:c8:0a:df:
5b:db:ef:ff:f6:da:52:ff:91:69:03:47:a6:d1:ff:e2:45:a1:
5c:09:23:93:d7:07:51:cf:f6:22:67:5f:ed:90:46:b5:0f:05:
b7:72:39:c0:97:0d:23:64:d7:e6:12:1f:41:67:54:2e:7c:6d:
14:aa:7d:ca:0a:51:e3:cc:4c:69:7a:38:f1:c6:28:5c:1d:49:
4e:ae:6a:16:d3:84:aa:ee:b3:28:1e:6f:d3:a2:35:90:66:ee:
d8:c2:ee:c7:f7:db:11:c8:17:54:68:82:4a:e2:58:b9:07:61:
0f:49:29:3b:18:b8:38:25:ad:3a:bb:1c:cd:5c:b6:8f:38:61:
47:d6:e2:fa:cd:1a:bd:a4:6d:10:b3:38:c5:02:e5:57:23:46:
d3:df:85:72:73:5f:63:ac:34:1c:1a:99:37:cc:d7:98:6d:de:
b1:54:c1:fc:86:22:1a:cb:59:08:db:ff:e3:11:27:1f:31:6e:
dc:c6:35:e8:b5:15:e4:53:f9:0e:41:4e:8b:4c:71:60:30:b3:
31:4e:d7:45:32:5b:02:ac:e3:dd:5a:f0:7e:0e:de:91:e9:dd:
88:90:5e:55:63:5f:07:71:20:cc:64:29:f9:a1:ce:ec:02:a4:
f1:1b:3b:21
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICBkswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwNzEwMDcxOTIyWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFiYjBmOS1mNDk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtQJy9bRz1iNwuxSqc7d7QnnMFIpo4M/FdNBC852XtaQb2UYxZkgX02QzUGT/
PkXcQ5aUP7l4OTU3cl0vtMGL3hjSsPGv0V2rm6et1CxpkxD16lwVOXJR2fFJTerC
+99fSZAAtbMNPiwEQ4hwZ0nPLZjqq0zjH8vwfQ0uxaghBI25mQnhbQ6DZE146HQ1
v3nS6UTgNLWqpeldLMC6SW1rO63pofjyItQwCF7OqB0lZ/QOATcxreqUyPDiTHl9
bIwpTNeVmL15f1App3onFjNFrqF+QAey6rF+CCeIQcruCtcXWIw39uIOsYSRpfYY
edw8OEh57oTi1JlR8ClBXuI08wIDAQABo4ICrzCCAqswHQYDVR0OBBYEFEAvn7+n
UxQ9ZJXXKyW5oUfxsfiBMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvMTcyRTgxNTYx
RUYyMTFFRUI3QzQ5NDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCAwDAMEAsqL9AMEAsqL+AMEAsqUiAMEA9L30AMEAtL35DANBgkq
hkiG9w0BAQsFAAOCAQEAM0pGzohv/pxdZgjlRictyArfW9vv//baUv+RaQNHptH/
4kWhXAkjk9cHUc/2Imdf7ZBGtQ8Ft3I5wJcNI2TX5hIfQWdULnxtFKp9ygpR48xM
aXo48cYoXB1JTq5qFtOEqu6zKB5v06I1kGbu2MLux/fbEcgXVGiCSuJYuQdhD0kp
Oxi4OCWtOrsczVy2jzhhR9bi+s0avaRtELM4xQLlVyNG09+FcnNfY6w0HBqZN8zX
mG3esVTB/IYiGstZCNv/4xEnHzFu3MY16LUV5FP5DkFOi0xxYDCzMU7XRTJbAqzj
3Vrwfg7ekendiJBeVWNfB3EgzGQp+aHO7AKk8Rs7IQ==
-----END CERTIFICATE-----
Generated at Mon Jul 24 22:11:05 2023 by rpki-client on console-fra.rpki-client.org