Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/FCE438F0DBB511EEB746FC2CC4F9AE02.roa
File: FCE438F0DBB511EEB746FC2CC4F9AE02.roa (raw, json)
Hash identifier: 2BzVaWBA1pmBmFQTr1qCQwYwNNkhHiw4IUQUp6Xn1vo=
Subject key identifier: 27:B0:71:2B:15:FF:25:BE:DB:17:F6:C3:73:4F:C7:DB:0B:87:C4:2D
Certificate issuer: /CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Certificate serial: 73
Authority key identifier: 3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/FCE438F0DBB511EEB746FC2CC4F9AE02.roa
Signing time: Thu 25 Apr 2024 17:27:01 +0000
ROA not before: Thu 25 Apr 2024 17:27:01 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 151987
IP address blocks: 203.99.144.0/23 maxlen: 23
203.99.144.0/24 maxlen: 24
203.99.145.0/24 maxlen: 24
2001:df3:18c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 May 2024 11:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115 (0x73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Validity
Not Before: Apr 25 17:27:01 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=662a9265-0bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:09:1b:05:a9:e5:e9:98:d7:3e:b9:58:d1:83:
44:88:9e:76:71:c9:06:5b:38:2e:18:11:3e:91:04:
c1:70:15:b3:9c:96:45:62:83:99:c8:55:14:73:26:
5a:a6:b9:12:83:ee:3d:71:b1:ee:92:43:2c:ba:44:
c7:ca:ba:c0:5a:f9:06:d1:72:cb:58:54:8f:74:2c:
6f:9a:bc:6e:c4:ee:bb:3e:af:2c:dd:24:e9:cf:1f:
88:da:45:27:4a:26:10:0d:2e:ae:e6:72:b0:18:74:
6e:72:46:d1:e7:a8:16:6a:5a:04:eb:0a:78:40:49:
b9:c1:ce:6b:da:29:f6:b8:05:45:24:65:e6:af:cd:
c0:74:72:5c:a2:46:86:e2:6b:ca:17:fe:7f:a7:13:
49:5a:04:2c:71:35:64:2a:1d:40:1f:fd:e1:e8:92:
9f:9b:56:6c:43:ac:a3:eb:e5:e3:8a:b2:26:35:e9:
ad:1e:af:83:2e:77:ea:55:b3:d8:f5:58:c1:6d:a5:
24:00:07:d9:29:1e:6b:f1:6b:28:e5:54:69:50:1e:
9a:de:11:b7:9d:8e:08:8e:26:c4:53:10:0d:0d:01:
df:6f:b3:7d:e1:66:78:49:9d:4a:c9:51:55:f8:49:
7f:e5:ee:5c:63:46:60:d8:ab:7d:f7:07:46:24:58:
e2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B0:71:2B:15:FF:25:BE:DB:17:F6:C3:73:4F:C7:DB:0B:87:C4:2D
X509v3 Authority Key Identifier:
keyid:3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/PGm5tgHSyfKjkVpv-8o9rWLpkkU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/FCE438F0DBB511EEB746FC2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.99.144.0/23
IPv6:
2001:df3:18c0::/48
Signature Algorithm: sha256WithRSAEncryption
b5:db:ea:de:89:7a:ca:f4:60:b7:bb:c2:a3:b9:59:a8:30:a4:
e6:b3:65:0a:7c:59:bb:3d:fd:62:5f:6d:0b:ea:df:53:30:23:
09:5d:17:3b:13:48:22:a9:80:52:8d:4a:9f:d3:64:3c:7b:36:
25:08:00:cb:c3:19:8a:96:98:6a:83:cf:64:1e:8b:9e:54:13:
5f:d1:57:94:7a:1e:8b:18:72:a0:49:29:54:ca:44:f6:34:ae:
9e:dc:b5:38:60:b4:0f:95:76:86:fe:1f:a7:12:3a:b8:59:a5:
a3:45:e0:85:6c:2b:98:42:ad:3a:b9:6d:fe:12:a7:f0:1f:ec:
2f:e6:f2:66:af:56:d0:d7:80:7e:cd:82:bc:18:fa:34:30:6d:
7b:7c:82:dc:46:ff:0f:7d:d4:5d:c3:90:37:74:73:2c:3a:b3:
00:ec:6c:7d:20:cd:22:2c:6d:b5:0c:6b:5f:6d:a8:c4:5e:f1:
07:f0:0f:09:78:dd:01:86:83:ea:23:8e:9b:37:30:5d:57:24:
42:f9:e8:3e:05:db:2d:a4:cf:7c:0b:59:98:b6:ba:73:1e:c1:
d1:2f:e2:a8:8e:6d:a7:49:a7:e0:a7:ac:06:46:ea:31:90:da:
d5:8f:12:9d:aa:c3:e7:a8:fc:8e:da:4e:4c:db:e5:65:d7:f9:
31:f9:ad:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBczANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RTA5QzExMC8GA1UEBRMoM0M2OUI5QjYwMUQyQzlGMkEzOTE1QTZGRkJDQTNEQUQ2
MkU5OTI0NTAeFw0yNDA0MjUxNzI3MDFaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MmE5MjY1LTBiZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7CRsFqeXpmNc+uVjRg0SInnZxyQZbOC4YET6RBMFwFbOclkVig5nIVRRzJlqm
uRKD7j1xse6SQyy6RMfKusBa+QbRcstYVI90LG+avG7E7rs+ryzdJOnPH4jaRSdK
JhANLq7mcrAYdG5yRtHnqBZqWgTrCnhASbnBzmvaKfa4BUUkZeavzcB0clyiRobi
a8oX/n+nE0laBCxxNWQqHUAf/eHokp+bVmxDrKPr5eOKsiY16a0er4Mud+pVs9j1
WMFtpSQAB9kpHmvxayjlVGlQHpreEbedjgiOJsRTEA0NAd9vs33hZnhJnUrJUVX4
SX/l7lxjRmDYq333B0YkWOLlAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUJ7BxKxX/
Jb7bF/bDc0/H2wuHxC0wHwYDVR0jBBgwFoAUPGm5tgHSyfKjkVpv+8o9rWLpkkUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFMDlDL0VFRjc2MkMwOTA3
NTExRUU4N0QyNjY4MEM0RjlBRTAyL1BHbTV0Z0hTeWZLamtWcHYtOG85cldMcGtr
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUEdtNXRnSFN5Zktqa1Zwdi04bzlyV0xwa2tVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RTA5Qy9FRUY3NjJDMDkwNzUxMUVFODdEMjY2ODBDNEY5QUUwMi9GQ0U0MzhGMERC
QjUxMUVFQjc0NkZDMkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEActjkDAPBAIAAjAJAwcAIAEN8xjAMA0GCSqGSIb3DQEBCwUA
A4IBAQC12+reiXrK9GC3u8KjuVmoMKTms2UKfFm7Pf1iX20L6t9TMCMJXRc7E0gi
qYBSjUqf02Q8ezYlCADLwxmKlphqg89kHoueVBNf0VeUeh6LGHKgSSlUykT2NK6e
3LU4YLQPlXaG/h+nEjq4WaWjReCFbCuYQq06uW3+EqfwH+wv5vJmr1bQ14B+zYK8
GPo0MG17fILcRv8PfdRdw5A3dHMsOrMA7Gx9IM0iLG21DGtfbajEXvEH8A8JeN0B
hoPqI46bNzBdVyRC+eg+BdstpM98C1mYtrpzHsHRL+Kojm2nSafgp6wGRuoxkNrV
jxKdqsPnqPyO2k5M2+Vl1/kx+a3x
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org