Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/0F19BBCA1CE911EFA05F6F65C4F9AE02.roa
File: 0F19BBCA1CE911EFA05F6F65C4F9AE02.roa (raw, json)
Hash identifier: HrOO/UGSYzDGpD6Uyp4qg3a3LhC6zotIuP5+TcL/GIc=
Subject key identifier: 31:F8:49:BC:66:11:12:23:E1:25:35:59:20:71:55:64:5C:69:41:04
Certificate issuer: /CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Certificate serial: D6
Authority key identifier: 3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/0F19BBCA1CE911EFA05F6F65C4F9AE02.roa
Signing time: Thu 03 Oct 2024 19:02:16 +0000
ROA not before: Thu 03 Oct 2024 19:02:16 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 151987
IP address blocks: 203.99.144.0/24 maxlen: 24
2001:df3:18c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 04 Oct 2024 13:50:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214 (0xd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Validity
Not Before: Oct 3 19:02:16 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66feea38-12f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:63:c4:34:62:7c:38:26:9d:fa:b5:87:fc:ee:
60:8d:b2:a9:f4:70:77:d5:bf:75:1e:dc:d7:b9:d3:
37:2b:18:c2:48:b5:5d:e9:91:0b:9f:63:0b:a2:7a:
0e:b6:83:85:46:cd:43:b6:b4:86:99:8a:06:5c:26:
67:93:68:8f:0f:9b:45:0b:a4:71:75:b4:a5:48:39:
02:6c:63:50:ef:c7:3a:95:82:72:36:d0:e6:0d:96:
99:30:b4:9a:3f:a1:f2:a5:dc:36:a5:8f:90:b8:78:
c5:d6:f9:d5:1a:46:9b:7d:bc:e5:a9:54:af:81:23:
2b:78:f1:5e:a7:d3:0b:13:f2:ce:c0:e3:d9:3c:32:
2e:bd:e7:92:40:3b:6c:ee:99:74:48:77:d5:d3:2a:
fd:2e:29:4f:69:d0:cc:03:a1:21:dc:07:f2:33:8e:
4a:91:f1:73:17:03:86:cb:1a:27:1a:b1:13:25:0d:
ec:c4:f6:d7:e1:00:58:7a:e3:b4:ce:e0:ca:3c:85:
2d:e0:a4:bc:33:b2:26:8d:b0:f3:80:b4:20:03:18:
7c:15:92:7c:c6:ff:f1:83:5d:6c:82:36:b0:59:6c:
b8:06:d3:5d:78:86:03:b0:1b:2d:74:f5:c2:35:77:
44:73:e0:06:4d:fc:b7:f9:17:3a:7f:ee:27:7c:84:
0a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F8:49:BC:66:11:12:23:E1:25:35:59:20:71:55:64:5C:69:41:04
X509v3 Authority Key Identifier:
keyid:3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/PGm5tgHSyfKjkVpv-8o9rWLpkkU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/0F19BBCA1CE911EFA05F6F65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.99.144.0/24
IPv6:
2001:df3:18c0::/48
Signature Algorithm: sha256WithRSAEncryption
5f:16:4f:da:11:1c:35:7a:3f:f2:15:8d:96:1c:c5:43:f9:aa:
e8:95:ac:64:14:92:4c:8d:54:48:f6:7f:b0:6f:07:86:67:57:
84:83:75:c4:76:28:8f:cb:f6:5c:1f:7f:d8:2d:19:71:36:f5:
08:2d:e1:83:72:21:2a:a1:4c:e1:f2:6c:d6:a5:55:97:69:0c:
f4:46:9a:1f:1a:1d:8e:b4:3b:fc:79:e7:10:7a:ab:42:ae:b6:
13:cf:c7:a6:d5:e9:e0:08:0d:6f:5b:17:7f:d0:79:8f:3f:da:
cd:bb:24:36:24:2e:f9:d4:76:52:d4:51:db:6a:68:ef:23:4d:
be:8e:8f:0c:b0:d6:c1:5b:47:85:6f:f0:df:a9:1d:13:3e:4c:
04:f6:a2:19:98:d1:69:ba:e4:09:8b:69:63:75:51:53:57:59:
bd:2e:d4:e7:93:a2:ad:23:e4:67:b0:c4:71:dc:34:db:b1:7f:
5b:86:f4:03:9b:8e:cb:53:c5:51:15:3e:f6:70:d7:35:6d:0c:
9b:75:ba:5d:f1:83:7a:37:a5:80:64:4c:c7:3a:4d:ab:8e:c5:
ad:05:61:a1:2d:da:01:76:53:94:10:fa:53:02:6a:c3:82:78:
33:63:1f:77:79:33:c5:68:21:73:8b:58:51:0f:a6:e5:96:74:
a3:7b:7a:89
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICANYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUUwOUMxMTAvBgNVBAUTKDNDNjlCOUI2MDFEMkM5RjJBMzkxNUE2RkZCQ0EzREFE
NjJFOTkyNDUwHhcNMjQxMDAzMTkwMjE2WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZlZWEzOC0xMmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtGPENGJ8OCad+rWH/O5gjbKp9HB31b91HtzXudM3KxjCSLVd6ZELn2MLonoO
toOFRs1DtrSGmYoGXCZnk2iPD5tFC6RxdbSlSDkCbGNQ78c6lYJyNtDmDZaZMLSa
P6Hypdw2pY+QuHjF1vnVGkabfbzlqVSvgSMrePFep9MLE/LOwOPZPDIuveeSQDts
7pl0SHfV0yr9LilPadDMA6Eh3AfyM45KkfFzFwOGyxonGrETJQ3sxPbX4QBYeuO0
zuDKPIUt4KS8M7ImjbDzgLQgAxh8FZJ8xv/xg11sgjawWWy4BtNdeIYDsBstdPXC
NXdEc+AGTfy3+Rc6f+4nfIQK1QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDH4Sbxm
ERIj4SU1WSBxVWRcaUEEMB8GA1UdIwQYMBaAFDxpubYB0snyo5Fab/vKPa1i6ZJF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTA5Qy9FRUY3NjJDMDkw
NzUxMUVFODdEMjY2ODBDNEY5QUUwMi9QR201dGdIU3lmS2prVnB2LThvOXJXTHBr
a1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BHbTV0Z0hTeWZLamtWcHYtOG85cldMcGtrVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUUwOUMvRUVGNzYyQzA5MDc1MTFFRTg3RDI2NjgwQzRGOUFFMDIvMEYxOUJCQ0Ex
Q0U5MTFFRkEwNUY2RjY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBADLY5AwDwQCAAIwCQMHACABDfMYwDANBgkqhkiG9w0BAQsF
AAOCAQEAXxZP2hEcNXo/8hWNlhzFQ/mq6JWsZBSSTI1USPZ/sG8HhmdXhIN1xHYo
j8v2XB9/2C0ZcTb1CC3hg3IhKqFM4fJs1qVVl2kM9EaaHxodjrQ7/HnnEHqrQq62
E8/HptXp4AgNb1sXf9B5jz/azbskNiQu+dR2UtRR22po7yNNvo6PDLDWwVtHhW/w
36kdEz5MBPaiGZjRabrkCYtpY3VRU1dZvS7U55OirSPkZ7DEcdw027F/W4b0A5uO
y1PFURU+9nDXNW0Mm3W6XfGDejelgGRMxzpNq47FrQVhoS3aAXZTlBD6UwJqw4J4
M2Mfd3kzxWghc4tYUQ+m5ZZ0o3t6iQ==
-----END CERTIFICATE-----
Generated at Fri Oct 4 17:15:46 2024 by rpki-client on console-fra.rpki-client.org