Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/D9B8B19CED1F11ED95973F6BC4F9AE02.roa
File: D9B8B19CED1F11ED95973F6BC4F9AE02.roa (raw, json)
Hash identifier: 0DCMYyPY8CpcPLETrZbGWjOWxI6wVRSL4wHDDUPb7jc=
Subject key identifier: AA:33:32:57:5D:7A:AC:CB:DB:A9:3E:1A:E4:F2:33:67:58:E2:3E:13
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 060A
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/D9B8B19CED1F11ED95973F6BC4F9AE02.roa
Signing time: Sun 07 May 2023 21:40:57 +0000
ROA not before: Sun 07 May 2023 21:40:57 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 208485
IP address blocks: 202.148.132.0/22 maxlen: 24
203.147.228.0/22 maxlen: 24
203.147.232.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1546 (0x60a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: May 7 21:40:57 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64581ae9-1e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:45:d3:68:50:0e:77:00:c9:97:00:92:76:64:
63:cd:1a:8c:55:de:80:7c:99:15:f7:f3:a7:b8:03:
11:37:5f:e0:6b:4d:72:ad:a0:27:9f:37:ab:24:d3:
a9:04:d4:b4:a2:cb:ee:b5:c6:dd:24:88:43:6a:5c:
a9:d7:11:86:49:3b:f1:3e:7f:79:e3:95:6e:99:ae:
b6:04:14:8b:da:ca:ed:d8:0a:86:89:1d:67:4d:7d:
7b:af:c4:d1:b2:41:35:40:7f:6c:d2:47:12:d2:3f:
24:67:98:89:90:67:23:da:e4:2e:56:70:ff:db:2c:
af:1d:84:18:16:33:c4:0a:f6:62:0b:8c:59:68:a8:
19:51:e7:65:2f:e6:c7:d7:bb:42:91:b2:a9:96:68:
52:e4:36:db:b8:47:a4:60:ac:e7:cd:88:86:02:f2:
75:2d:1d:a9:f6:c6:73:4c:28:d2:b8:c0:c7:ae:6c:
68:72:c4:7b:9a:d1:06:b9:bf:d4:12:4f:b5:aa:9e:
3f:8f:de:0a:ad:e5:aa:1c:2c:ee:e8:c2:0f:78:31:
13:48:7f:7d:c3:7d:57:97:3f:af:90:c4:2a:3c:ec:
df:2f:f2:76:28:b2:3e:90:df:06:a4:2c:a6:8b:84:
09:ee:ff:7a:82:0e:65:a6:77:48:86:e2:74:6b:bc:
8c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:33:32:57:5D:7A:AC:CB:DB:A9:3E:1A:E4:F2:33:67:58:E2:3E:13
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/D9B8B19CED1F11ED95973F6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.148.132.0/22
203.147.228.0-203.147.235.255
Signature Algorithm: sha256WithRSAEncryption
70:5b:99:d0:89:88:7c:90:47:e0:20:63:79:fe:00:ce:3c:d4:
aa:db:03:c0:7f:48:9e:f9:75:68:6d:c4:27:dd:25:d8:f0:6c:
bc:f9:b8:c2:38:11:8f:57:5e:c7:fd:27:c0:9b:8f:78:ed:f4:
f9:b8:31:63:8b:40:44:d0:0d:3c:39:f4:67:7c:c9:74:4f:8a:
a4:5f:54:10:f8:c3:33:5a:44:e1:88:6f:a5:8f:46:98:c7:18:
fb:e5:88:37:f8:3e:b4:f8:b5:fc:56:11:ad:a6:25:ca:2c:94:
98:f2:e8:c7:18:dd:ec:ff:59:2e:61:44:9e:ef:03:f5:14:d8:
4a:4c:92:b9:78:dc:e8:0f:9e:94:56:de:ad:bf:44:8b:a1:fa:
45:c3:b8:2f:57:20:46:99:6b:dc:0e:a7:9f:37:e6:ce:0c:6b:
07:0d:f0:8d:00:46:e1:f0:86:bd:ab:fb:34:94:41:7a:ce:68:
ab:6d:99:00:d3:ca:a2:0c:9f:1c:e0:c8:66:50:06:3d:cf:c2:
7c:c1:1a:48:34:d4:8f:a0:fe:50:42:b6:07:d2:d1:d2:4c:e1:
1c:0d:5e:29:65:da:aa:56:a9:ca:00:28:49:b6:8d:e0:32:dd:
93:ac:5a:4a:4b:cf:96:f2:e3:d9:5f:54:a5:cd:4d:43:b2:46:
3e:69:dd:1c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICBgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwNTA3MjE0MDU3WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU4MWFlOS0xZTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2kXTaFAOdwDJlwCSdmRjzRqMVd6AfJkV9/OnuAMRN1/ga01yraAnnzerJNOp
BNS0osvutcbdJIhDalyp1xGGSTvxPn9545Vuma62BBSL2srt2AqGiR1nTX17r8TR
skE1QH9s0kcS0j8kZ5iJkGcj2uQuVnD/2yyvHYQYFjPECvZiC4xZaKgZUedlL+bH
17tCkbKplmhS5DbbuEekYKznzYiGAvJ1LR2p9sZzTCjSuMDHrmxocsR7mtEGub/U
Ek+1qp4/j94KreWqHCzu6MIPeDETSH99w31Xlz+vkMQqPOzfL/J2KLI+kN8GpCym
i4QJ7v96gg5lpndIhuJ0a7yMSQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFKozMldd
eqzL26k+GuTyM2dY4j4TMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvRDlCOEIxOUNF
RDFGMTFFRDk1OTczRjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBALKlIQwDAMEAsuT5AMEAsuT6DANBgkqhkiG9w0BAQsFAAOC
AQEAcFuZ0ImIfJBH4CBjef4AzjzUqtsDwH9Invl1aG3EJ90l2PBsvPm4wjgRj1de
x/0nwJuPeO30+bgxY4tARNANPDn0Z3zJdE+KpF9UEPjDM1pE4YhvpY9GmMcY++WI
N/g+tPi1/FYRraYlyiyUmPLoxxjd7P9ZLmFEnu8D9RTYSkySuXjc6A+elFberb9E
i6H6RcO4L1cgRplr3A6nnzfmzgxrBw3wjQBG4fCGvav7NJRBes5oq22ZANPKogyf
HODIZlAGPc/CfMEaSDTUj6D+UEK2B9LR0kzhHA1eKWXaqlapygAoSbaN4DLdk6xa
SkvPlvLj2V9Upc1NQ7JGPmndHA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-ams.rpki-client.org