Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/3D6E16BE1CEA11EF943CFF41C4F9AE02.roa
File: 3D6E16BE1CEA11EF943CFF41C4F9AE02.roa (raw, json)
Hash identifier: nVNI/fu50PPIrCbqZaHsX9C96h5fDSItnTIuYmjKKoA=
Subject key identifier: B8:5D:A0:B2:36:1B:CD:47:CD:10:56:ED:AC:58:C1:F5:2B:E5:44:03
Certificate issuer: /CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Certificate serial: 8B
Authority key identifier: 3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/3D6E16BE1CEA11EF943CFF41C4F9AE02.roa
Signing time: Tue 28 May 2024 12:12:05 +0000
ROA not before: Tue 28 May 2024 12:12:05 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 137453
IP address blocks: 203.99.144.0/24 maxlen: 24
203.99.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 14:16:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139 (0x8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Validity
Not Before: May 28 12:12:05 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6655ca15-18d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:32:91:5a:2a:31:99:58:b3:fa:c5:c0:ab:59:
b7:ee:52:5d:11:78:c9:da:12:ec:92:a9:4f:36:60:
a4:51:9a:94:33:c2:2e:a3:9f:79:87:ad:9a:8c:88:
1d:a7:ac:a9:db:0b:4c:48:b4:ed:e7:4b:d8:f2:27:
55:69:9c:5c:24:2c:5d:42:d3:b4:34:89:1a:c1:ec:
b8:ef:0b:fc:3d:f8:70:6f:bd:e8:d2:71:39:06:7c:
4c:14:91:4d:ed:a9:70:91:ec:1e:29:9c:9a:68:3f:
2f:f0:7e:c5:07:49:bd:dc:83:42:1a:99:ff:68:d1:
62:55:fc:e0:1a:c1:b3:53:7c:e4:78:7a:42:ab:08:
37:60:b7:6b:19:9a:7e:b3:18:60:6b:9d:8e:0d:eb:
cc:9c:9d:c4:af:6f:fc:09:8f:da:22:12:20:34:2d:
32:6e:ba:e2:81:b2:6a:21:93:1e:20:ea:3d:44:9e:
dc:76:54:22:a4:db:dd:4f:7f:33:af:bc:c2:a0:72:
b9:6f:a8:dd:a9:18:f6:89:4a:65:63:64:2f:6a:55:
ea:d3:49:b4:e4:c7:ad:cd:2c:a8:f0:6a:8d:7f:72:
e9:c4:1b:52:8c:94:98:7e:72:7e:ca:96:64:5f:97:
f7:56:b7:86:74:8a:be:fb:a3:7c:df:5a:f3:ca:59:
4f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5D:A0:B2:36:1B:CD:47:CD:10:56:ED:AC:58:C1:F5:2B:E5:44:03
X509v3 Authority Key Identifier:
keyid:3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/PGm5tgHSyfKjkVpv-8o9rWLpkkU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/3D6E16BE1CEA11EF943CFF41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.99.144.0/23
Signature Algorithm: sha256WithRSAEncryption
39:41:74:50:01:60:9a:64:0a:00:57:fd:95:9b:22:a4:9d:45:
a8:9d:d6:84:19:39:14:a8:1b:3f:4d:45:1e:e7:b7:fb:1f:8f:
0c:8f:6e:6a:df:f8:e6:35:51:b5:3b:88:ed:20:ce:e8:0c:ce:
86:b2:b0:c9:d9:7c:12:ae:84:a9:1c:64:64:a1:65:b1:7c:78:
37:50:80:f6:d1:70:1b:d9:01:d1:dc:0f:4f:8e:3c:87:69:ff:
8e:33:3e:78:fe:ab:e8:18:7a:40:60:61:d4:dd:dd:00:5d:ba:
b7:d2:3d:79:33:a9:d4:a1:6a:51:2c:7f:f8:00:3a:5d:23:20:
e7:f5:87:ad:9c:c1:64:80:f4:41:dd:8a:c7:a9:98:64:ae:e5:
b5:46:57:cc:59:c0:ba:ca:76:20:1e:ba:96:76:99:49:7b:85:
35:9f:33:78:58:c9:b4:bc:d4:77:f7:46:a3:76:90:2f:8c:97:
b5:40:c6:e3:a3:b9:14:6c:0f:ea:66:77:42:e5:dc:7c:68:98:
87:cb:92:bd:ae:cb:cb:95:d7:b1:6d:6f:1d:05:d8:5a:d2:18:
4c:99:81:96:2d:ce:a5:21:b9:e5:d8:0b:98:5e:53:8c:7d:76:
cf:e1:d7:68:b9:22:f9:86:f3:41:57:51:a8:b1:1c:ad:46:98:
f5:00:67:f2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUUwOUMxMTAvBgNVBAUTKDNDNjlCOUI2MDFEMkM5RjJBMzkxNUE2RkZCQ0EzREFE
NjJFOTkyNDUwHhcNMjQwNTI4MTIxMjA1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU1Y2ExNS0xOGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuTKRWioxmViz+sXAq1m37lJdEXjJ2hLskqlPNmCkUZqUM8Iuo595h62ajIgd
p6yp2wtMSLTt50vY8idVaZxcJCxdQtO0NIkawey47wv8Pfhwb73o0nE5BnxMFJFN
7alwkeweKZyaaD8v8H7FB0m93INCGpn/aNFiVfzgGsGzU3zkeHpCqwg3YLdrGZp+
sxhga52ODevMnJ3Er2/8CY/aIhIgNC0ybrrigbJqIZMeIOo9RJ7cdlQipNvdT38z
r7zCoHK5b6jdqRj2iUplY2QvalXq00m05MetzSyo8GqNf3LpxBtSjJSYfnJ+ypZk
X5f3VreGdIq++6N831rzyllPbQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLhdoLI2
G81HzRBW7axYwfUr5UQDMB8GA1UdIwQYMBaAFDxpubYB0snyo5Fab/vKPa1i6ZJF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTA5Qy9FRUY3NjJDMDkw
NzUxMUVFODdEMjY2ODBDNEY5QUUwMi9QR201dGdIU3lmS2prVnB2LThvOXJXTHBr
a1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BHbTV0Z0hTeWZLamtWcHYtOG85cldMcGtrVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUUwOUMvRUVGNzYyQzA5MDc1MTFFRTg3RDI2NjgwQzRGOUFFMDIvM0Q2RTE2QkUx
Q0VBMTFFRjk0M0NGRjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLY5AwDQYJKoZIhvcNAQELBQADggEBADlBdFABYJpkCgBX
/ZWbIqSdRaid1oQZORSoGz9NRR7nt/sfjwyPbmrf+OY1UbU7iO0gzugMzoaysMnZ
fBKuhKkcZGShZbF8eDdQgPbRcBvZAdHcD0+OPIdp/44zPnj+q+gYekBgYdTd3QBd
urfSPXkzqdShalEsf/gAOl0jIOf1h62cwWSA9EHdisepmGSu5bVGV8xZwLrKdiAe
upZ2mUl7hTWfM3hYybS81Hf3RqN2kC+Ml7VAxuOjuRRsD+pmd0Ll3HxomIfLkr2u
y8uV17Ftbx0F2FrSGEyZgZYtzqUhueXYC5heU4x9ds/h12i5IvmG80FXUaixHK1G
mPUAZ/I=
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:03:47 2024 by rpki-client on console-fra.rpki-client.org