Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEF41/C75DA132F2FB11EE9FCF764CC4F9AE02/B4046E2CF3AA11EEA842D01DC4F9AE02.roa
File: B4046E2CF3AA11EEA842D01DC4F9AE02.roa (raw, json)
Hash identifier: HvJiMFnWZIVnQLzL1LeyK+hn7v8MJpiU9xH8udJNp6o=
Subject key identifier: E3:6B:A0:7C:84:8A:7B:9A:2D:7D:62:12:A9:F9:1E:1E:71:08:BF:16
Certificate issuer: /CN=A91DEF41/serialNumber=336DDE7EC3280499964371CAEE2620FBFCACDC98
Certificate serial: 05
Authority key identifier: 33:6D:DE:7E:C3:28:04:99:96:43:71:CA:EE:26:20:FB:FC:AC:DC:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M23efsMoBJmWQ3HK7iYg-_ys3Jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEF41/C75DA132F2FB11EE9FCF764CC4F9AE02/B4046E2CF3AA11EEA842D01DC4F9AE02.roa
Signing time: Sat 06 Apr 2024 00:14:58 +0000
ROA not before: Sat 06 Apr 2024 00:14:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 203.170.90.0/24 maxlen: 24
203.170.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 03:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEF41/serialNumber=336DDE7EC3280499964371CAEE2620FBFCACDC98
Validity
Not Before: Apr 6 00:14:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66109402-f932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c7:f0:a4:8a:35:90:06:d3:66:7f:e8:e0:0f:
4d:19:6b:27:42:4f:55:b1:e9:74:a0:5c:f7:85:4b:
2c:95:d4:07:52:34:3e:6d:c4:87:12:7f:da:28:e6:
32:f8:83:48:25:b0:ac:fa:ad:d9:c9:37:e7:8f:7f:
9d:89:ee:ce:5a:a8:29:b3:2a:b0:23:a2:88:b8:d7:
e1:2a:5c:00:f5:04:7b:00:f8:30:b9:2b:19:93:28:
2c:45:d7:ad:e0:e2:4b:05:33:91:49:b5:d3:f9:7c:
a3:01:f7:72:00:c4:15:c6:8c:47:9c:16:41:a4:30:
08:b8:2a:e3:1a:0d:9e:70:34:4d:ea:2b:43:2d:ef:
fb:76:9e:41:9c:a9:84:18:c0:f4:e9:4f:62:e4:01:
f9:02:ac:b3:e9:3a:d0:3a:c6:38:23:a4:bd:61:b4:
ce:c5:02:0a:6c:f9:44:df:78:1c:4f:1d:44:3b:0c:
28:02:e6:f6:11:6f:48:6c:bd:14:db:a0:57:9b:44:
6d:2a:0a:b7:b2:cb:1d:c4:8e:ef:48:b3:37:14:b1:
73:99:cb:e2:04:a9:d5:d6:79:b6:77:6d:30:3e:68:
91:2d:a6:54:db:45:f1:56:26:60:96:15:80:eb:af:
ec:00:a7:eb:27:b5:86:c1:3c:d2:43:b4:e5:64:44:
be:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6B:A0:7C:84:8A:7B:9A:2D:7D:62:12:A9:F9:1E:1E:71:08:BF:16
X509v3 Authority Key Identifier:
keyid:33:6D:DE:7E:C3:28:04:99:96:43:71:CA:EE:26:20:FB:FC:AC:DC:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEF41/C75DA132F2FB11EE9FCF764CC4F9AE02/M23efsMoBJmWQ3HK7iYg-_ys3Jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M23efsMoBJmWQ3HK7iYg-_ys3Jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEF41/C75DA132F2FB11EE9FCF764CC4F9AE02/B4046E2CF3AA11EEA842D01DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.170.90.0/23
Signature Algorithm: sha256WithRSAEncryption
93:f6:b9:54:1d:d5:b6:2c:54:ad:a7:e4:74:01:2d:65:79:1b:
22:f3:67:b9:3a:71:69:f2:ef:32:09:52:68:95:ce:00:cc:7a:
53:ed:70:35:8e:1d:02:2f:0c:6a:26:c3:1c:68:7b:d7:0a:d0:
05:1e:38:f3:51:22:13:af:71:1c:be:54:29:04:16:e6:89:f9:
5c:6a:80:98:35:e4:df:cb:27:07:0c:e7:48:5b:53:a7:c7:ec:
61:3a:6d:e5:29:d1:82:df:77:71:cd:ec:a8:3f:62:09:9f:e6:
8d:c6:65:8c:51:49:e1:6a:7f:fd:9e:50:c9:0d:32:97:4d:81:
d1:06:86:19:40:fb:82:9d:2e:18:2d:ae:61:c3:71:67:f0:37:
85:0a:b0:4b:4a:d1:1a:27:81:7f:ae:78:ce:75:0a:72:2c:24:
5e:13:ba:ab:21:43:76:9e:99:a5:be:35:7c:fb:43:ec:09:4a:
ac:c8:f5:90:a3:55:af:70:6b:d7:1a:49:8e:09:48:a7:7f:16:
5e:cd:2e:4f:b2:d3:08:50:53:bf:ca:05:9d:52:aa:3d:80:1b:
94:c2:8d:23:43:54:e9:08:5e:82:f8:96:27:40:5c:2f:56:d6:
5d:c6:a6:0b:e6:26:99:e4:dc:df:e9:74:3f:12:31:cd:c0:e6:
b5:ca:56:2c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
RUY0MTExMC8GA1UEBRMoMzM2RERFN0VDMzI4MDQ5OTk2NDM3MUNBRUUyNjIwRkJG
Q0FDREM5ODAeFw0yNDA0MDYwMDE0NThaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTA5NDAyLWY5MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGx/CkijWQBtNmf+jgD00ZaydCT1Wx6XSgXPeFSyyV1AdSND5txIcSf9oo5jL4
g0glsKz6rdnJN+ePf52J7s5aqCmzKrAjooi41+EqXAD1BHsA+DC5KxmTKCxF163g
4ksFM5FJtdP5fKMB93IAxBXGjEecFkGkMAi4KuMaDZ5wNE3qK0Mt7/t2nkGcqYQY
wPTpT2LkAfkCrLPpOtA6xjgjpL1htM7FAgps+UTfeBxPHUQ7DCgC5vYRb0hsvRTb
oFebRG0qCreyyx3Eju9IszcUsXOZy+IEqdXWebZ3bTA+aJEtplTbRfFWJmCWFYDr
r+wAp+sntYbBPNJDtOVkRL6VAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU42ugfISK
e5otfWISqfkeHnEIvxYwHwYDVR0jBBgwFoAUM23efsMoBJmWQ3HK7iYg+/ys3Jgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURFRjQxL0M3NURBMTMyRjJG
QjExRUU5RkNGNzY0Q0M0RjlBRTAyL00yM2Vmc01vQkptV1EzSEs3aVlnLV95czNK
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTTIzZWZzTW9CSm1XUTNISzdpWWctX3lzM0pnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RUY0MS9DNzVEQTEzMkYyRkIxMUVFOUZDRjc2NENDNEY5QUUwMi9CNDA0NkUyQ0Yz
QUExMUVFQTg0MkQwMURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcuqWjANBgkqhkiG9w0BAQsFAAOCAQEAk/a5VB3VtixUrafk
dAEtZXkbIvNnuTpxafLvMglSaJXOAMx6U+1wNY4dAi8MaibDHGh71wrQBR4481Ei
E69xHL5UKQQW5on5XGqAmDXk38snBwznSFtTp8fsYTpt5SnRgt93cc3sqD9iCZ/m
jcZljFFJ4Wp//Z5QyQ0yl02B0QaGGUD7gp0uGC2uYcNxZ/A3hQqwS0rRGieBf654
znUKciwkXhO6qyFDdp6Zpb41fPtD7AlKrMj1kKNVr3Br1xpJjglIp38WXs0uT7LT
CFBTv8oFnVKqPYAblMKNI0NU6QhegviWJ0BcL1bWXcamC+YmmeTc3+l0PxIxzcDm
tcpWLA==
-----END CERTIFICATE-----
Generated at Sat Apr 6 06:22:42 2024 by rpki-client on console-fra.rpki-client.org