Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/895A4528CEB311EEA0450524C4F9AE02.roa
File: 895A4528CEB311EEA0450524C4F9AE02.roa (raw, json)
Hash identifier: E5zYcd6iwiZj+I8yvZpngBTt1X2wkfNegm6rnRaa8Hc=
Subject key identifier: 2D:22:86:91:A0:F0:1D:7E:8A:90:D6:FC:3E:08:08:79:BC:F8:6B:9B
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 0722
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/895A4528CEB311EEA0450524C4F9AE02.roa
Signing time: Sun 18 Feb 2024 23:15:00 +0000
ROA not before: Sun 18 Feb 2024 23:15:00 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 5065
IP address blocks: 202.139.232.0/22 maxlen: 24
202.139.244.0/22 maxlen: 24
203.147.224.0/23 maxlen: 24
203.147.232.0/23 maxlen: 24
203.147.234.0/23 maxlen: 24
203.147.238.0/23 maxlen: 24
203.147.252.0/22 maxlen: 24
210.247.128.0/21 maxlen: 24
210.247.160.0/21 maxlen: 24
210.247.192.0/22 maxlen: 24
210.247.208.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 07:29:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1826 (0x722)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: Feb 18 23:15:00 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65d28f73-e6d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:cd:a7:3f:fd:b7:b6:99:0a:e8:3d:a3:aa:73:
b8:a0:1b:b2:7f:2b:81:33:20:a7:47:4f:ee:ec:8a:
21:65:fe:70:cb:5d:97:83:33:1a:71:fb:8e:f5:37:
c9:b8:38:b8:dd:45:39:08:6e:50:c9:ed:af:47:d9:
28:2b:8b:ea:5a:2a:7c:15:3d:1b:7c:3c:c4:01:59:
ea:86:e5:92:d0:d1:8f:e8:80:51:42:f8:04:f2:26:
40:07:32:8b:a3:5b:73:cd:13:e5:8e:c5:58:72:0d:
b7:16:4d:df:16:f3:fb:91:89:18:08:93:11:cf:6a:
12:9c:da:c1:70:88:35:a6:9a:8e:6b:83:d6:52:44:
fe:ca:ff:a9:73:20:74:51:25:24:bd:cc:da:21:db:
8f:6e:a2:1c:4d:62:00:2c:80:de:3b:fe:74:3c:19:
98:56:4b:02:fa:b2:97:01:b5:ac:4c:4d:a6:5d:b1:
1d:70:e8:67:a9:23:79:9c:29:34:89:0f:18:e9:88:
cd:9b:46:c5:fc:81:81:49:1f:92:10:5e:bf:69:84:
55:99:b9:fc:0e:ec:cd:f8:76:46:21:29:50:38:54:
05:80:80:6f:9e:28:1b:a9:73:9c:1d:85:94:a8:06:
92:58:66:29:f5:28:bd:23:fe:6c:ef:9d:9a:6d:17:
c4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:22:86:91:A0:F0:1D:7E:8A:90:D6:FC:3E:08:08:79:BC:F8:6B:9B
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/895A4528CEB311EEA0450524C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.139.232.0/22
202.139.244.0/22
203.147.224.0/23
203.147.232.0/22
203.147.238.0/23
203.147.252.0/22
210.247.128.0/21
210.247.160.0/21
210.247.192.0/22
210.247.208.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:8a:b8:93:cd:48:a2:82:7c:17:93:16:05:9b:8d:08:62:dc:
68:02:87:54:52:3b:a5:df:b2:bf:e1:22:85:a3:23:32:85:55:
b7:79:ac:ac:df:8b:57:95:11:ec:a9:b4:3b:f6:12:c0:9c:be:
42:e5:f2:ce:d1:96:83:48:c1:15:32:50:b2:1c:40:15:03:b0:
43:b1:ec:80:49:ca:b9:3e:63:52:7c:0c:ea:7c:70:5a:50:fe:
dc:e3:c7:26:d5:a3:e8:42:40:be:6c:f7:ba:7a:27:af:ef:0a:
4a:34:fb:d5:cb:03:70:d0:98:d1:be:9c:94:4e:2e:75:24:89:
8b:50:79:ce:6b:20:40:38:d1:0b:22:68:f9:81:83:ad:25:41:
d3:05:06:e1:36:df:b5:97:f4:3c:1a:4b:21:70:9b:94:72:c8:
1f:3a:1d:09:e4:bf:87:e4:5e:61:6d:97:75:13:9c:86:5f:e4:
be:a7:a6:46:84:cb:43:6b:9a:63:c4:ed:81:cb:94:c2:80:fe:
36:9d:f6:53:c9:e7:d0:5d:e2:db:b8:c5:58:d1:35:14:3a:4d:
45:92:23:27:47:7f:34:ee:c5:32:0c:0d:f3:b8:0f:46:ff:24:
fd:7c:9c:69:f7:61:6e:09:72:1f:ff:06:ea:3c:24:21:6b:8f:
fd:ed:f1:f0
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICByIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjQwMjE4MjMxNTAwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQyOGY3My1lNmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6s2nP/23tpkK6D2jqnO4oBuyfyuBMyCnR0/u7IohZf5wy12XgzMacfuO9TfJ
uDi43UU5CG5Qye2vR9koK4vqWip8FT0bfDzEAVnqhuWS0NGP6IBRQvgE8iZABzKL
o1tzzRPljsVYcg23Fk3fFvP7kYkYCJMRz2oSnNrBcIg1ppqOa4PWUkT+yv+pcyB0
USUkvczaIduPbqIcTWIALIDeO/50PBmYVksC+rKXAbWsTE2mXbEdcOhnqSN5nCk0
iQ8Y6YjNm0bF/IGBSR+SEF6/aYRVmbn8DuzN+HZGISlQOFQFgIBvnigbqXOcHYWU
qAaSWGYp9Si9I/5s752abRfEpwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFC0ihpGg
8B1+ipDW/D4ICHm8+GubMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvODk1QTQ1MjhD
RUIzMTFFRUEwNDUwNTI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBALKi+gDBALKi/QDBAHLk+ADBALLk+gDBAHLk+4DBALLk/wD
BAPS94ADBAPS96ADBALS98ADBALS99AwDQYJKoZIhvcNAQELBQADggEBAJuKuJPN
SKKCfBeTFgWbjQhi3GgCh1RSO6Xfsr/hIoWjIzKFVbd5rKzfi1eVEeyptDv2EsCc
vkLl8s7RloNIwRUyULIcQBUDsEOx7IBJyrk+Y1J8DOp8cFpQ/tzjxybVo+hCQL5s
97p6J6/vCko0+9XLA3DQmNG+nJROLnUkiYtQec5rIEA40QsiaPmBg60lQdMFBuE2
37WX9DwaSyFwm5RyyB86HQnkv4fkXmFtl3UTnIZf5L6npkaEy0NrmmPE7YHLlMKA
/jad9lPJ59Bd4tu4xVjRNRQ6TUWSIydHfzTuxTIMDfO4D0b/JP18nGn3YW4Jch//
Buo8JCFrj/3t8fA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org