Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D63EA/50A4289E95FF11EEA6A4F70AC4F9AE02/3CAD4FC2974011EEA30BA917C4F9AE02.roa
File: 3CAD4FC2974011EEA30BA917C4F9AE02.roa (raw, json)
Hash identifier: FjOKsA1Qf26A0h6WBjEbMMlnvbpk437CmT+uSv1X2tU=
Subject key identifier: B8:2B:1B:BD:19:28:34:22:4A:84:B7:07:6F:3B:41:ED:8C:F5:85:34
Certificate issuer: /CN=A91D63EA/serialNumber=5E7DD05A9C1BE04444ACE03FE4A92026804D4B2A
Certificate serial: 06
Authority key identifier: 5E:7D:D0:5A:9C:1B:E0:44:44:AC:E0:3F:E4:A9:20:26:80:4D:4B:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xn3QWpwb4ERErOA_5KkgJoBNSyo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D63EA/50A4289E95FF11EEA6A4F70AC4F9AE02/3CAD4FC2974011EEA30BA917C4F9AE02.roa
Signing time: Sun 10 Dec 2023 09:41:05 +0000
ROA not before: Sun 10 Dec 2023 09:41:05 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 149283
IP address blocks: 113.192.46.0/23 maxlen: 23
113.192.46.0/24 maxlen: 24
113.192.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 23:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D63EA/serialNumber=5E7DD05A9C1BE04444ACE03FE4A92026804D4B2A
Validity
Not Before: Dec 10 09:41:05 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=657587b0-8b77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fc:95:3b:2f:dd:4b:37:7e:cd:97:b3:33:58:
cc:cb:30:d2:66:33:a7:32:85:03:24:39:03:36:49:
1e:53:88:b3:02:8a:9b:64:de:87:58:8c:0a:68:f1:
a5:e6:4d:1d:81:fb:98:b5:57:7e:c0:f5:a9:25:3b:
d9:e6:86:4f:25:7e:e6:68:77:54:80:d2:c7:bb:47:
49:c7:80:8e:4b:df:62:fb:77:94:99:56:da:d3:36:
04:17:90:6d:0a:83:08:10:79:2d:db:54:02:14:9f:
c0:7f:56:55:0c:7b:c3:d1:5a:53:72:7e:fb:ff:45:
73:24:a6:79:23:16:f2:cf:e8:00:21:9b:19:20:30:
cc:d0:e1:02:5c:34:e7:03:4a:02:c4:13:8c:59:d8:
92:49:8c:fd:37:5a:e5:6e:1f:19:2f:74:5b:d2:af:
c9:19:47:73:0d:a3:d2:26:e7:ac:88:fb:ef:ee:21:
8b:d3:fd:26:11:3d:a3:6c:53:d7:46:39:ac:18:f7:
a7:db:88:5b:25:da:34:b5:23:d9:60:82:ce:02:3b:
01:dd:a5:f1:a6:b8:a6:7a:cf:c7:5c:ea:44:95:b7:
c7:17:00:8e:64:f6:48:f8:b9:74:97:72:ac:14:0b:
f7:7e:84:8d:40:93:fd:53:f1:41:f6:54:8b:81:e1:
a3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2B:1B:BD:19:28:34:22:4A:84:B7:07:6F:3B:41:ED:8C:F5:85:34
X509v3 Authority Key Identifier:
keyid:5E:7D:D0:5A:9C:1B:E0:44:44:AC:E0:3F:E4:A9:20:26:80:4D:4B:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D63EA/50A4289E95FF11EEA6A4F70AC4F9AE02/Xn3QWpwb4ERErOA_5KkgJoBNSyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xn3QWpwb4ERErOA_5KkgJoBNSyo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D63EA/50A4289E95FF11EEA6A4F70AC4F9AE02/3CAD4FC2974011EEA30BA917C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.192.46.0/23
Signature Algorithm: sha256WithRSAEncryption
22:7a:b4:79:34:be:9c:66:78:1d:c9:7e:f3:45:e6:a6:36:8e:
21:78:ea:6a:68:fe:55:27:9c:4d:f9:1b:71:62:12:c5:16:b8:
98:42:5a:15:e4:2f:02:7e:5c:52:b7:8b:aa:f8:7a:95:1f:9c:
03:31:33:56:1b:59:da:12:e3:b9:94:93:8b:3c:6f:da:63:46:
1b:97:78:78:5a:53:5f:76:6a:a3:6b:3b:f8:ad:ae:4d:56:ff:
26:93:e7:a5:ea:91:9b:0a:2e:7c:03:78:9a:f5:78:36:d0:b5:
5f:e6:7a:fd:78:7e:15:8e:e8:70:66:8e:e1:a7:ec:9d:42:c5:
d0:83:b4:a6:3f:da:5b:e2:57:8f:47:5c:a0:97:87:39:ff:09:
2d:c9:9e:fa:97:f3:d4:32:98:df:47:8d:87:2f:6d:3b:fb:84:
f3:7e:b9:99:b9:f0:1c:02:36:fb:94:23:df:46:1b:48:10:d0:
75:54:e6:d2:dc:e0:e6:12:8f:4c:b2:2c:08:3d:f0:8e:be:59:
8f:bd:96:1a:ea:5b:03:bb:b8:28:bd:f6:eb:4c:8b:f9:6d:e1:
71:77:48:2e:c0:ca:4c:7e:fd:6e:9a:c7:10:a5:5f:9c:c6:a0:
33:51:20:b8:07:55:9b:93:83:09:86:1f:25:6b:46:84:b9:79:
5f:35:3a:7c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NjNFQTExMC8GA1UEBRMoNUU3REQwNUE5QzFCRTA0NDQ0QUNFMDNGRTRBOTIwMjY4
MDRENEIyQTAeFw0yMzEyMTAwOTQxMDVaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NzU4N2IwLThiNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDR/JU7L91LN37Nl7MzWMzLMNJmM6cyhQMkOQM2SR5TiLMCiptk3odYjApo8aXm
TR2B+5i1V37A9aklO9nmhk8lfuZod1SA0se7R0nHgI5L32L7d5SZVtrTNgQXkG0K
gwgQeS3bVAIUn8B/VlUMe8PRWlNyfvv/RXMkpnkjFvLP6AAhmxkgMMzQ4QJcNOcD
SgLEE4xZ2JJJjP03WuVuHxkvdFvSr8kZR3MNo9Im56yI++/uIYvT/SYRPaNsU9dG
OawY96fbiFsl2jS1I9lggs4COwHdpfGmuKZ6z8dc6kSVt8cXAI5k9kj4uXSXcqwU
C/d+hI1Ak/1T8UH2VIuB4aOLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUuCsbvRko
NCJKhLcHbztB7Yz1hTQwHwYDVR0jBBgwFoAUXn3QWpwb4ERErOA/5KkgJoBNSyow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ2M0VBLzUwQTQyODlFOTVG
RjExRUVBNkE0RjcwQUM0RjlBRTAyL1huM1FXcHdiNEVSRXJPQV81S2tnSm9CTlN5
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWG4zUVdwd2I0RVJFck9BXzVLa2dKb0JOU3lvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NjNFQS81MEE0Mjg5RTk1RkYxMUVFQTZBNEY3MEFDNEY5QUUwMi8zQ0FENEZDMjk3
NDAxMUVFQTMwQkE5MTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAXHALjANBgkqhkiG9w0BAQsFAAOCAQEAInq0eTS+nGZ4Hcl+
80XmpjaOIXjqamj+VSecTfkbcWISxRa4mEJaFeQvAn5cUreLqvh6lR+cAzEzVhtZ
2hLjuZSTizxv2mNGG5d4eFpTX3Zqo2s7+K2uTVb/JpPnpeqRmwoufAN4mvV4NtC1
X+Z6/Xh+FY7ocGaO4afsnULF0IO0pj/aW+JXj0dcoJeHOf8JLcme+pfz1DKY30eN
hy9tO/uE8365mbnwHAI2+5Qj30YbSBDQdVTm0tzg5hKPTLIsCD3wjr5Zj72WGupb
A7u4KL3260yL+W3hcXdILsDKTH79bprHEKVfnMagM1EguAdVm5ODCYYfJWtGhLl5
XzU6fA==
-----END CERTIFICATE-----
Generated at Wed May 1 00:25:07 2024 by rpki-client on console-fra.rpki-client.org