Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/CC4D3D6055AD11EEA162A268C4F9AE02.roa
File: CC4D3D6055AD11EEA162A268C4F9AE02.roa (raw, json)
Hash identifier: vz24YI6fZQGvJeFjTOwYlliPZJ+jqAdJAjJhdk7hFlY=
Subject key identifier: 37:0F:04:ED:43:85:0C:98:BF:ED:52:29:BB:1D:F8:96:16:97:F1:8A
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 0706
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/CC4D3D6055AD11EEA162A268C4F9AE02.roa
Signing time: Wed 31 Jan 2024 00:12:30 +0000
ROA not before: Wed 31 Jan 2024 00:12:30 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 22781
IP address blocks: 203.147.226.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 00:09:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1798 (0x706)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: Jan 31 00:12:30 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65b9906e-a64f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:24:8c:30:12:d1:bd:45:a2:be:f7:57:cb:8e:
0f:16:c4:94:ea:9b:5a:2d:d4:8c:61:8e:3f:54:4e:
f8:60:23:2f:d1:08:4c:35:54:3f:82:d2:bc:4a:c9:
76:40:6c:47:3f:92:cf:88:05:5f:76:3a:7d:15:41:
26:c4:c4:1f:f8:ab:d4:13:1a:e0:38:c2:75:40:61:
19:24:61:c4:6a:bc:01:8c:f2:45:4d:4f:c4:63:31:
dd:de:1f:a8:a1:12:8f:c3:79:e6:6b:36:68:74:1c:
71:cb:70:ff:ec:e1:28:b9:c8:53:cb:80:66:cd:0d:
da:41:fc:fa:4c:ee:31:b2:7d:d3:7f:ad:7b:9b:0d:
d7:f9:85:ca:22:84:3c:77:e5:92:28:77:29:17:8b:
09:7d:28:0d:95:fd:ac:2f:8c:4f:2c:75:96:40:46:
be:c8:ee:91:de:48:45:63:85:d5:ec:37:83:41:0e:
ae:17:55:ec:3f:78:9a:16:1f:c9:62:d4:4e:d3:02:
cb:e4:f6:3d:9f:d3:61:38:54:99:db:c2:6b:5c:96:
cd:d3:48:1d:79:25:37:e4:ad:fb:88:e3:41:8e:20:
0f:bb:5d:81:05:c0:1e:fe:39:a1:e3:2e:a3:40:a0:
02:ce:3a:cb:8f:ea:fd:ba:9a:4f:15:e9:91:f9:43:
f7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:0F:04:ED:43:85:0C:98:BF:ED:52:29:BB:1D:F8:96:16:97:F1:8A
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/CC4D3D6055AD11EEA162A268C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.147.226.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:c6:7d:f8:26:1d:2a:69:a9:86:f0:17:d0:d0:4a:9a:89:3c:
cd:b8:76:64:6e:5c:8d:00:7a:f4:ab:48:b8:10:89:0e:46:8c:
0e:9d:1f:ab:0f:9e:90:62:22:10:63:5f:bd:bd:77:14:37:61:
db:14:ca:08:3f:67:cc:70:fc:15:ff:b5:45:c2:66:e7:eb:45:
ce:c2:cd:c4:5b:18:b2:7b:6c:66:fd:12:63:d1:52:20:e7:48:
d5:70:b5:3d:62:ab:b9:c3:b0:68:b0:4d:f5:70:c8:54:7a:9f:
94:d0:7a:11:d9:d1:26:f5:71:8f:84:58:e3:54:17:eb:d4:6c:
10:12:b4:11:c3:36:4d:ce:4f:b6:ac:b2:5d:54:67:86:4e:ba:
d5:04:e1:b3:f5:cb:b7:03:ab:9d:c1:d9:1c:c1:21:f3:f5:d5:
36:99:8e:24:84:59:3a:43:60:97:ab:fd:93:5b:4e:01:64:dd:
5e:9a:46:7d:b2:27:b8:e3:4a:e4:04:f7:c7:eb:ce:09:b8:6a:
1d:c0:6a:ad:04:93:43:ae:83:67:8d:73:78:6e:59:6d:2f:20:
15:7e:b2:dc:96:76:61:62:fc:9b:49:f4:08:33:b9:19:b0:c8:
b8:e7:29:a0:d8:65:81:de:ca:ed:a4:0f:ad:54:bb:b5:09:bd:
56:de:07:21
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBwYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjQwMTMxMDAxMjMwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5OTA2ZS1hNjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAniSMMBLRvUWivvdXy44PFsSU6ptaLdSMYY4/VE74YCMv0QhMNVQ/gtK8Ssl2
QGxHP5LPiAVfdjp9FUEmxMQf+KvUExrgOMJ1QGEZJGHEarwBjPJFTU/EYzHd3h+o
oRKPw3nmazZodBxxy3D/7OEouchTy4BmzQ3aQfz6TO4xsn3Tf617mw3X+YXKIoQ8
d+WSKHcpF4sJfSgNlf2sL4xPLHWWQEa+yO6R3khFY4XV7DeDQQ6uF1XsP3iaFh/J
YtRO0wLL5PY9n9NhOFSZ28JrXJbN00gdeSU35K37iONBjiAPu12BBcAe/jmh4y6j
QKACzjrLj+r9uppPFemR+UP3swIDAQABo4IClTCCApEwHQYDVR0OBBYEFDcPBO1D
hQyYv+1SKbsd+JYWl/GKMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvQ0M0RDNENjA1
NUFEMTFFRUExNjJBMjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLk+IwDQYJKoZIhvcNAQELBQADggEBAKHGffgmHSppqYbw
F9DQSpqJPM24dmRuXI0AevSrSLgQiQ5GjA6dH6sPnpBiIhBjX729dxQ3YdsUygg/
Z8xw/BX/tUXCZufrRc7CzcRbGLJ7bGb9EmPRUiDnSNVwtT1iq7nDsGiwTfVwyFR6
n5TQehHZ0Sb1cY+EWONUF+vUbBAStBHDNk3OT7assl1UZ4ZOutUE4bP1y7cDq53B
2RzBIfP11TaZjiSEWTpDYJer/ZNbTgFk3V6aRn2yJ7jjSuQE98frzgm4ah3Aaq0E
k0Oug2eNc3huWW0vIBV+styWdmFi/JtJ9AgzuRmwyLjnKaDYZYHeyu2kD61Uu7UJ
vVbeByE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org