Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/8434CCAC7A8111EEBDBD0A6CC4F9AE02.roa
File: 8434CCAC7A8111EEBDBD0A6CC4F9AE02.roa (raw, json)
Hash identifier: jLF+MlwpdkLJQXf1zqAZCF5+vNigZE1wUWB8UHbjaB0=
Subject key identifier: D4:05:D6:40:0A:6E:09:EE:1C:04:34:D7:37:75:66:97:61:F2:36:15
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: 0129
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/8434CCAC7A8111EEBDBD0A6CC4F9AE02.roa
Signing time: Fri 03 Nov 2023 19:45:18 +0000
ROA not before: Fri 03 Nov 2023 19:45:18 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 40676
IP address blocks: 203.21.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Dec 2023 21:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297 (0x129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Nov 3 19:45:18 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65454dce-2d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7b:de:80:f0:38:7d:c3:08:72:2c:71:b6:fb:
a0:10:2e:45:cd:d6:24:e5:a1:d2:f5:75:e7:73:9b:
09:87:59:4a:e8:ea:6e:bf:1d:7c:48:e1:9d:05:12:
df:a3:a5:ad:84:18:a8:1a:b1:2d:f3:84:3c:c3:47:
a6:90:92:55:23:4b:51:1e:6a:78:e4:7d:b0:15:5f:
74:e5:40:d0:03:7f:ae:6e:93:e0:63:b7:15:4a:bb:
7c:64:a8:a2:e4:d4:04:43:56:a6:1a:da:8c:71:30:
86:d4:32:aa:34:89:bb:bd:66:bb:30:72:fb:f1:6b:
b9:9e:9e:32:a8:55:3a:66:9f:fa:22:ac:a5:00:c1:
25:e7:af:8d:63:c5:f1:6c:40:e9:e8:f4:24:41:dd:
e6:6d:cf:3a:84:66:c3:e0:ea:29:a9:2e:dc:e8:e1:
f3:3f:dc:85:00:24:60:0c:af:e1:9c:ea:d8:19:d7:
8b:cd:db:e9:9a:39:ca:d8:51:4c:07:a3:2f:92:82:
d3:1d:09:b1:db:ef:fa:ab:f5:09:79:dd:8b:ba:ef:
ab:d2:75:8b:6a:bd:04:19:3f:2e:69:3b:8d:11:06:
00:f9:d4:0a:d6:15:7c:d7:0d:54:da:9b:6d:01:e5:
98:84:66:a6:9d:80:37:9b:77:a1:32:0d:fb:08:32:
51:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:05:D6:40:0A:6E:09:EE:1C:04:34:D7:37:75:66:97:61:F2:36:15
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/8434CCAC7A8111EEBDBD0A6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.21.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:4f:6b:a7:29:36:90:1a:d5:16:54:8b:6e:ba:c8:e7:54:f2:
d8:a2:a1:20:75:d7:d9:1e:a9:88:85:14:d5:aa:df:0a:44:46:
fd:03:40:e6:7c:2d:b7:67:07:ea:12:47:40:df:f7:2b:80:b1:
7b:9c:ab:1e:48:00:2d:eb:8f:78:90:aa:b7:36:f8:09:8a:2f:
11:1d:80:65:9e:6c:a4:08:4f:de:2c:2d:64:83:d4:6c:ba:46:
39:47:fe:57:74:44:d3:fd:5a:69:06:a3:f7:3a:05:9f:48:37:
8b:2c:fa:0a:ce:de:a1:60:6c:93:71:20:75:3a:1e:02:e0:81:
91:30:ad:3f:10:a9:b2:44:8e:cb:6e:6b:f5:c4:8d:50:34:83:
2a:8a:2f:7a:a2:8d:aa:b4:90:d6:8f:ba:81:bc:ca:da:29:15:
f3:8a:53:94:4d:a7:5c:78:85:91:2a:13:56:10:65:21:a6:1e:
e0:1b:d9:ee:70:87:df:9b:30:72:ab:56:78:9b:71:2a:65:60:
7d:a6:b2:eb:46:3e:e3:99:05:48:d4:f0:7c:45:08:f7:c2:7d:
93:f5:52:40:a8:bf:49:43:c8:1c:c7:1a:e6:0e:17:3e:f3:d1:
60:11:8a:66:34:eb:ef:73:bf:ab:bd:48:c9:94:e4:21:0d:52:
89:a2:9e:66
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICASkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMxMTAzMTk0NTE4WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ1NGRjZS0yZDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw3vegPA4fcMIcixxtvugEC5FzdYk5aHS9XXnc5sJh1lK6Opuvx18SOGdBRLf
o6WthBioGrEt84Q8w0emkJJVI0tRHmp45H2wFV905UDQA3+ubpPgY7cVSrt8ZKii
5NQEQ1amGtqMcTCG1DKqNIm7vWa7MHL78Wu5np4yqFU6Zp/6IqylAMEl56+NY8Xx
bEDp6PQkQd3mbc86hGbD4OopqS7c6OHzP9yFACRgDK/hnOrYGdeLzdvpmjnK2FFM
B6MvkoLTHQmx2+/6q/UJed2Luu+r0nWLar0EGT8uaTuNEQYA+dQK1hV81w1U2ptt
AeWYhGamnYA3m3ehMg37CDJRdwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNQF1kAK
bgnuHAQ01zd1Zpdh8jYVMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvODQzNENDQUM3
QTgxMTFFRUJEQkQwQTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLFUgwDQYJKoZIhvcNAQELBQADggEBAKNPa6cpNpAa1RZU
i266yOdU8tiioSB119keqYiFFNWq3wpERv0DQOZ8LbdnB+oSR0Df9yuAsXucqx5I
AC3rj3iQqrc2+AmKLxEdgGWebKQIT94sLWSD1Gy6RjlH/ld0RNP9WmkGo/c6BZ9I
N4ss+grO3qFgbJNxIHU6HgLggZEwrT8QqbJEjstua/XEjVA0gyqKL3qijaq0kNaP
uoG8ytopFfOKU5RNp1x4hZEqE1YQZSGmHuAb2e5wh9+bMHKrVnibcSplYH2msutG
PuOZBUjU8HxFCPfCfZP1UkCov0lDyBzHGuYOFz7z0WARimY06+9zv6u9SMmU5CEN
UominmY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org