Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/69A97060686311EFA2F9C627C4F9AE02.roa
File: 69A97060686311EFA2F9C627C4F9AE02.roa (raw, json)
Hash identifier: G3Pb4rVR0rs53hFNL7WW3cyVBpoHaUbTKaSC6NX0kDA=
Subject key identifier: 5D:1B:41:00:6F:38:3F:FA:C8:59:33:24:5C:5F:9C:3C:7A:18:F4:00
Certificate issuer: /CN=A91DA0AA/serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD
Certificate serial: FE
Authority key identifier: ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/69A97060686311EFA2F9C627C4F9AE02.roa
Signing time: Sun 01 Sep 2024 13:09:26 +0000
ROA not before: Sun 01 Sep 2024 13:09:26 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 17828
IP address blocks: 202.58.128.0/22 maxlen: 22
202.58.131.0/24 maxlen: 24
202.165.192.0/20 maxlen: 24
2001:c60::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Sep 2024 00:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254 (0xfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA0AA/serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD
Validity
Not Before: Sep 1 13:09:26 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66d46785-cfb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:31:5e:35:5d:8a:d2:6f:70:84:43:18:12:da:
48:b1:24:4b:cd:8c:a8:59:99:ff:58:e6:4c:28:50:
b6:56:e5:31:48:fa:c6:b1:41:67:2c:d1:d1:d5:1b:
9e:c9:dc:b1:49:bf:38:b5:c9:3a:33:34:46:c3:b2:
e3:a1:15:59:7c:6d:78:81:0c:33:37:28:c0:da:a0:
e4:ba:9e:35:2f:e4:45:f2:7a:08:fc:df:6c:10:26:
ff:77:f2:31:06:da:97:04:d4:38:f0:d1:0b:ac:24:
a9:f0:90:7d:68:4a:e1:b8:f7:e8:aa:ff:4d:0b:ee:
66:30:ea:b9:70:88:8f:2f:4f:43:28:8d:e4:ce:79:
d1:b1:0d:3a:af:55:60:d7:a9:f3:b7:5e:be:b9:38:
77:b3:6f:be:c5:e9:27:71:4f:87:9e:f1:79:65:44:
14:d6:4e:ae:cf:d9:34:d6:90:b9:a0:b4:a6:f5:28:
01:48:c2:c6:37:35:1e:dd:43:b8:5c:e2:42:c8:5f:
bb:7a:8f:a7:bb:cb:c3:15:53:07:f2:ad:57:48:cb:
41:5a:86:04:a9:5f:18:b1:ef:be:7b:01:7e:b1:25:
56:3b:55:3a:bb:c5:5e:c7:f7:c0:63:da:8e:ff:01:
94:1f:03:ce:52:27:78:20:ca:89:2a:25:bd:42:75:
42:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1B:41:00:6F:38:3F:FA:C8:59:33:24:5C:5F:9C:3C:7A:18:F4:00
X509v3 Authority Key Identifier:
keyid:ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7Y9dbJv8FI96u3CMUpHThHgcYf0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/69A97060686311EFA2F9C627C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.58.128.0/22
202.165.192.0/20
IPv6:
2001:c60::/32
Signature Algorithm: sha256WithRSAEncryption
96:73:f0:b6:5f:d1:d0:51:75:af:dd:9e:63:02:2e:f5:2c:24:
e3:f4:86:4b:91:b4:8f:74:38:b2:ee:5e:0a:6f:b4:cc:9f:be:
53:e2:81:4d:aa:0e:50:f5:13:7b:80:e2:d1:bd:c5:3a:4d:10:
fc:a9:cb:4a:0f:58:2e:fd:97:dd:2d:1e:a3:ce:81:12:49:1d:
87:18:b5:c6:03:51:bc:fe:65:f5:06:2b:d6:a6:25:00:bb:94:
21:0a:e6:82:34:46:4c:48:f0:83:48:29:c3:b9:ff:ed:ef:6c:
2c:e1:d4:8d:bb:20:40:d0:af:17:c8:02:71:fc:03:1c:3e:8b:
e3:3c:76:c6:f9:6d:f3:e7:d7:52:3a:2a:1b:37:7d:c7:35:f3:
52:b4:41:d3:12:a9:76:b6:f3:39:3a:d7:7a:71:95:b5:77:53:
93:a5:a6:9b:96:6f:3a:bc:db:29:fb:4d:a0:e9:70:ff:70:94:
a3:f5:07:93:fa:d6:0e:a0:45:15:75:70:b1:7a:4a:c5:af:60:
3e:37:e4:2b:74:45:43:f4:b8:30:57:62:d3:08:14:1f:97:c3:
9b:e0:d3:96:b7:7d:71:0f:49:b9:40:8a:84:6c:6e:e4:c8:84:
c6:22:a4:dd:ae:a7:e4:79:a3:0a:75:c8:c5:57:c9:0f:d3:4b:
56:1f:47:2f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAP4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEwQUExMTAvBgNVBAUTKEVEOEY1RDZDOUJGQzE0OEY3QUJCNzA4QzUyOTFEMzg0
NzgxQzYxRkQwHhcNMjQwOTAxMTMwOTI2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ0Njc4NS1jZmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvDFeNV2K0m9whEMYEtpIsSRLzYyoWZn/WOZMKFC2VuUxSPrGsUFnLNHR1Rue
ydyxSb84tck6MzRGw7LjoRVZfG14gQwzNyjA2qDkup41L+RF8noI/N9sECb/d/Ix
BtqXBNQ48NELrCSp8JB9aErhuPfoqv9NC+5mMOq5cIiPL09DKI3kznnRsQ06r1Vg
16nzt16+uTh3s2++xekncU+HnvF5ZUQU1k6uz9k01pC5oLSm9SgBSMLGNzUe3UO4
XOJCyF+7eo+nu8vDFVMH8q1XSMtBWoYEqV8Yse++ewF+sSVWO1U6u8Vex/fAY9qO
/wGUHwPOUid4IMqJKiW9QnVCqwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFF0bQQBv
OD/6yFkzJFxfnDx6GPQAMB8GA1UdIwQYMBaAFO2PXWyb/BSPertwjFKR04R4HGH9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTBBQS84MkJCQjU1MjAw
M0QxMUVFOTYwOEYxNDdDNEY5QUUwMi83WTlkYkp2OEZJOTZ1M0NNVXBIVGhIZ2NZ
ZjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdZOWRiSnY4Rkk5NnUzQ01VcEhUaEhnY1lmMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REEwQUEvODJCQkI1NTIwMDNEMTFFRTk2MDhGMTQ3QzRGOUFFMDIvNjlBOTcwNjA2
ODYzMTFFRkEyRjlDNjI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBALKOoADBATKpcAwDQQCAAIwBwMFACABDGAwDQYJKoZIhvcN
AQELBQADggEBAJZz8LZf0dBRda/dnmMCLvUsJOP0hkuRtI90OLLuXgpvtMyfvlPi
gU2qDlD1E3uA4tG9xTpNEPypy0oPWC79l90tHqPOgRJJHYcYtcYDUbz+ZfUGK9am
JQC7lCEK5oI0RkxI8INIKcO5/+3vbCzh1I27IEDQrxfIAnH8Axw+i+M8dsb5bfPn
11I6Khs3fcc181K0QdMSqXa28zk613pxlbV3U5OlppuWbzq82yn7TaDpcP9wlKP1
B5P61g6gRRV1cLF6SsWvYD435Ct0RUP0uDBXYtMIFB+Xw5vg05a3fXEPSblAioRs
buTIhMYipN2up+R5owp1yMVXyQ/TS1YfRy8=
-----END CERTIFICATE-----
Generated at Mon Sep 2 02:58:31 2024 by rpki-client on console-ams.rpki-client.org