Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/876745221D9B11EFB5B7C035C4F9AE02.roa
File: 876745221D9B11EFB5B7C035C4F9AE02.roa (raw, json)
Hash identifier: b3t1Tn1nB/RporVyHKpejNYdNlI9CN6U+yoM0+/wkQc=
Subject key identifier: 63:3F:0D:8F:BA:5C:8A:4E:48:B0:64:C4:9E:78:AA:D5:3D:B4:D0:3C
Certificate issuer: /CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
Certificate serial: 211A
Authority key identifier: 01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/876745221D9B11EFB5B7C035C4F9AE02.roa
Signing time: Wed 29 May 2024 09:12:10 +0000
ROA not before: Wed 29 May 2024 09:12:10 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 134712
IP address blocks: 220.158.204.0/22 maxlen: 22
220.158.204.0/24 maxlen: 24
220.158.205.0/24 maxlen: 24
220.158.206.0/24 maxlen: 24
220.158.207.0/24 maxlen: 24
2405:d340::/32 maxlen: 32
2405:d340::/48 maxlen: 48
2405:d340:1::/48 maxlen: 48
2405:d340:2::/48 maxlen: 48
2405:d340:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Aug 2024 19:22:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8474 (0x211a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
Validity
Not Before: May 29 09:12:10 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6656f16a-3f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:54:16:51:30:fb:94:37:a8:48:30:3e:d1:73:
ef:92:7b:6e:43:ad:7b:bc:e4:cd:55:bd:f9:58:31:
7f:4c:d1:33:e2:28:58:e6:23:7a:47:ae:0a:56:a0:
13:af:b4:0c:76:68:0a:a4:87:9d:a5:4b:92:9b:4f:
59:68:59:66:2b:d9:5f:43:14:f4:8e:e7:5a:63:ea:
e9:76:23:d2:11:c9:f1:0f:6c:83:57:83:69:ab:9e:
0c:4f:e2:e8:05:57:5a:20:23:b3:38:27:b7:75:c4:
71:20:dc:36:cd:ec:32:1e:1b:2e:b3:eb:af:86:06:
0c:ff:51:5d:0f:7f:97:fa:33:0a:05:62:f5:ca:bc:
fd:8b:f8:24:a1:6d:2a:88:59:76:f8:6a:7c:14:9e:
44:61:1d:5d:81:01:84:f4:6f:bd:06:32:14:c5:9d:
f4:8e:33:f4:fb:19:8b:ab:64:1b:6b:c8:2c:16:a5:
bc:92:9e:2e:fe:2b:06:ea:8e:70:a3:0a:27:b5:7e:
66:6c:4d:04:cd:db:87:25:1d:9d:f3:14:3c:98:d5:
04:6c:4c:19:50:8d:a4:46:e1:e4:6c:43:e2:ba:3e:
6a:bf:78:0f:c8:57:16:50:02:3b:13:f7:9d:6b:6f:
70:c0:92:97:a3:a4:ac:f9:70:32:2e:5e:51:56:07:
14:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3F:0D:8F:BA:5C:8A:4E:48:B0:64:C4:9E:78:AA:D5:3D:B4:D0:3C
X509v3 Authority Key Identifier:
keyid:01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/876745221D9B11EFB5B7C035C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.158.204.0/22
IPv6:
2405:d340::/32
Signature Algorithm: sha256WithRSAEncryption
3e:1d:6c:d4:a3:08:a3:dd:07:09:13:f7:e5:67:58:2c:82:84:
03:1a:fc:97:ce:57:74:dd:e7:03:4e:0f:41:9c:7d:a6:29:de:
83:8c:b1:36:d0:a2:3b:52:dc:0f:cc:63:00:90:7f:ad:0e:59:
dd:4d:ed:9c:f5:c3:f0:8a:39:cd:b2:ac:f9:24:54:ad:5c:be:
1d:f0:d0:11:04:11:ca:b4:f3:76:7f:67:99:9e:a9:83:73:fe:
04:9b:fa:bd:3d:f6:0d:ba:70:23:a5:e8:ec:f9:a5:f2:a4:01:
cc:80:28:cd:a2:d2:9b:19:8e:77:89:f1:6e:46:af:be:0a:cf:
98:79:9e:20:92:6c:bd:8e:d5:fb:8a:ad:da:df:5f:eb:a1:ea:
27:c0:89:f1:e5:92:2f:8b:67:8e:61:13:3c:72:5d:26:a5:a2:
71:4e:77:11:89:fa:72:41:9c:cc:c7:37:28:79:d8:02:c0:df:
65:85:fb:b5:8c:59:76:86:50:ef:3e:c9:93:bf:86:94:2c:a1:
0b:5a:c4:51:2a:4f:1a:54:e8:e0:38:cd:09:8c:e1:90:43:66:
ac:5b:7f:d9:70:d4:9a:86:01:a3:4d:5f:18:79:b9:01:0b:48:
50:7e:8c:f5:a7:2a:d3:cc:0b:e1:43:5b:77:1f:97:b9:9a:77:
0c:0e:c4:76
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICIRowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ4NDUxMTAvBgNVBAUTKDAxQTQxMkVGNDE2Qzg4NEY2RjYzN0YxQkRBODAwRUI2
RUY2N0I2RDYwHhcNMjQwNTI5MDkxMjEwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU2ZjE2YS0zZjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAylQWUTD7lDeoSDA+0XPvkntuQ617vOTNVb35WDF/TNEz4ihY5iN6R64KVqAT
r7QMdmgKpIedpUuSm09ZaFlmK9lfQxT0judaY+rpdiPSEcnxD2yDV4Npq54MT+Lo
BVdaICOzOCe3dcRxINw2zewyHhsus+uvhgYM/1FdD3+X+jMKBWL1yrz9i/gkoW0q
iFl2+Gp8FJ5EYR1dgQGE9G+9BjIUxZ30jjP0+xmLq2Qba8gsFqW8kp4u/isG6o5w
owontX5mbE0EzduHJR2d8xQ8mNUEbEwZUI2kRuHkbEPiuj5qv3gPyFcWUAI7E/ed
a29wwJKXo6Ss+XAyLl5RVgcUEQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGM/DY+6
XIpOSLBkxJ54qtU9tNA8MB8GA1UdIwQYMBaAFAGkEu9BbIhPb2N/G9qADrbvZ7bW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDg0NS80MDAxNTNCNkQy
RUIxMUU1QjREMTVBNEVDNEY5QUUwMi9BYVFTNzBGc2lFOXZZMzhiMm9BT3R1OW50
dFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FhUVM3MEZzaUU5dlkzOGIyb0FPdHU5bnR0WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ4NDUvNDAwMTUzQjZEMkVCMTFFNUI0RDE1QTRFQzRGOUFFMDIvODc2NzQ1MjIx
RDlCMTFFRkI1QjdDMDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBALcnswwDQQCAAIwBwMFACQF00AwDQYJKoZIhvcNAQELBQAD
ggEBAD4dbNSjCKPdBwkT9+VnWCyChAMa/JfOV3Td5wNOD0GcfaYp3oOMsTbQojtS
3A/MYwCQf60OWd1N7Zz1w/CKOc2yrPkkVK1cvh3w0BEEEcq083Z/Z5meqYNz/gSb
+r099g26cCOl6Oz5pfKkAcyAKM2i0psZjneJ8W5Gr74Kz5h5niCSbL2O1fuKrdrf
X+uh6ifAifHlki+LZ45hEzxyXSalonFOdxGJ+nJBnMzHNyh52ALA32WF+7WMWXaG
UO8+yZO/hpQsoQtaxFEqTxpU6OA4zQmM4ZBDZqxbf9lw1JqGAaNNXxh5uQELSFB+
jPWnKtPMC+FDW3cfl7madwwOxHY=
-----END CERTIFICATE-----
Generated at Thu Aug 22 22:29:00 2024 by rpki-client on console-fra.rpki-client.org