Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91394E7/F4CFD1DAAC7311EF87FC554CC4F9AE02/7766B19AAD1411EFAEB2564DC4F9AE02.roa
File: 7766B19AAD1411EFAEB2564DC4F9AE02.roa (raw, json)
Hash identifier: dh4KslllFKYZxyV92KnP67xRa9E9qD3c4fdD2wcR1f4=
Subject key identifier: E1:B3:C0:E6:4C:A8:06:B0:C9:5E:B8:8A:E0:2B:B4:70:77:5C:A1:A4
Certificate issuer: /CN=A91394E7/serialNumber=891ED8BAAC2C73BD13ADCAA1A16AAF00D224A877
Certificate serial: 03
Authority key identifier: 89:1E:D8:BA:AC:2C:73:BD:13:AD:CA:A1:A1:6A:AF:00:D2:24:A8:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iR7Yuqwsc70TrcqhoWqvANIkqHc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91394E7/F4CFD1DAAC7311EF87FC554CC4F9AE02/7766B19AAD1411EFAEB2564DC4F9AE02.roa
Signing time: Wed 27 Nov 2024 23:08:09 +0000
ROA not before: Wed 27 Nov 2024 23:08:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32787
IP address blocks: 202.38.157.0/24 maxlen: 24
203.31.183.0/24 maxlen: 24
203.92.27.0/24 maxlen: 24
203.190.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Dec 2024 20:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91394E7/serialNumber=891ED8BAAC2C73BD13ADCAA1A16AAF00D224A877
Validity
Not Before: Nov 27 23:08:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6747a658-b500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2a:67:d5:f1:b8:00:99:9d:0e:38:c9:57:fa:
44:8f:20:07:86:36:03:b3:3c:30:1f:8e:6b:23:12:
b1:20:1e:e0:39:d7:5c:e0:7b:d1:fb:f4:db:77:f3:
28:ea:bb:a1:7a:33:a6:20:a5:73:c5:38:f7:60:b1:
c8:6b:21:40:45:7a:d7:cc:fc:47:da:7a:b6:a1:99:
7e:6d:c5:f9:3d:ba:be:aa:21:ce:6d:15:78:cf:8d:
b5:db:c7:f1:da:db:c4:d9:0c:af:37:f7:f4:66:94:
a3:ad:d8:fe:95:bf:4a:22:83:fa:44:87:0a:f2:2d:
f2:02:15:76:81:ee:46:e3:f6:2c:51:5a:f2:a9:fa:
42:1a:8d:b3:60:ac:af:b6:26:aa:7f:57:72:14:b8:
f7:88:d1:b3:3a:1b:a8:bc:ec:b7:21:d7:9e:d8:fe:
a1:0c:39:28:6c:cc:ab:c0:23:57:3a:6b:1a:6e:5c:
1e:da:00:20:37:1e:3a:41:23:ad:79:e3:18:e3:95:
28:41:7c:f3:8b:c5:33:8f:b0:7b:00:8e:27:e1:e4:
3b:37:35:27:86:d5:50:81:9a:82:0d:2d:6f:e7:d8:
fb:35:fe:08:16:23:df:7b:57:28:d5:8f:b3:26:b5:
21:fe:d5:4b:84:01:53:2d:3a:d1:2e:0d:09:f9:0a:
44:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:B3:C0:E6:4C:A8:06:B0:C9:5E:B8:8A:E0:2B:B4:70:77:5C:A1:A4
X509v3 Authority Key Identifier:
keyid:89:1E:D8:BA:AC:2C:73:BD:13:AD:CA:A1:A1:6A:AF:00:D2:24:A8:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91394E7/F4CFD1DAAC7311EF87FC554CC4F9AE02/iR7Yuqwsc70TrcqhoWqvANIkqHc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iR7Yuqwsc70TrcqhoWqvANIkqHc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91394E7/F4CFD1DAAC7311EF87FC554CC4F9AE02/7766B19AAD1411EFAEB2564DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.38.157.0/24
203.31.183.0/24
203.92.27.0/24
203.190.25.0/24
Signature Algorithm: sha256WithRSAEncryption
dc:36:52:71:fd:cc:e4:71:5a:c4:ac:06:be:e8:6a:74:e8:09:
23:5b:a6:2d:2a:ad:48:b0:41:12:9d:b3:04:f7:15:ec:11:20:
56:68:47:23:5e:14:b7:a3:16:18:ec:3c:ff:ba:de:e4:32:70:
c9:98:bc:d8:40:ac:7a:48:61:28:3c:2a:77:39:ae:5f:9a:33:
e6:b6:0c:3c:5e:74:69:61:35:f8:62:1f:6b:6c:eb:da:8a:24:
ca:a2:52:15:6f:f5:8e:b4:34:f2:bb:29:d9:91:a8:e0:16:2d:
16:1e:60:63:75:27:57:2b:0e:c7:73:28:2c:86:a4:01:a9:95:
ff:80:d7:5b:c7:24:82:ca:b6:c7:31:5f:07:a7:b6:5b:20:d9:
09:03:d5:ad:78:b8:40:e5:f6:bd:bb:f7:8c:25:12:58:1d:a3:
c5:9a:c8:5d:f5:89:d7:55:60:f5:3f:a0:84:ef:4e:c1:a9:14:
1a:52:94:69:0c:ea:ab:f7:ed:b5:d7:29:e9:7a:32:fb:85:d2:
3d:c3:b3:4e:ac:72:84:f8:19:28:90:32:49:b8:10:3f:2d:88:
40:d4:01:bf:a5:e7:fa:b5:c6:a7:25:8e:a6:a7:bb:08:22:70:
ca:8d:59:72:d7:9c:62:51:13:91:f2:12:b4:c0:74:94:2a:49:
c1:dc:2b:ac
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
OTRFNzExMC8GA1UEBRMoODkxRUQ4QkFBQzJDNzNCRDEzQURDQUExQTE2QUFGMDBE
MjI0QTg3NzAeFw0yNDExMjcyMzA4MDlaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NDdhNjU4LWI1MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJKmfV8bgAmZ0OOMlX+kSPIAeGNgOzPDAfjmsjErEgHuA511zge9H79Nt38yjq
u6F6M6YgpXPFOPdgschrIUBFetfM/EfaerahmX5txfk9ur6qIc5tFXjPjbXbx/Ha
28TZDK839/RmlKOt2P6Vv0oig/pEhwryLfICFXaB7kbj9ixRWvKp+kIajbNgrK+2
Jqp/V3IUuPeI0bM6G6i87Lch157Y/qEMOShszKvAI1c6axpuXB7aACA3HjpBI615
4xjjlShBfPOLxTOPsHsAjifh5Ds3NSeG1VCBmoINLW/n2Ps1/ggWI997VyjVj7Mm
tSH+1UuEAVMtOtEuDQn5CkSJAgMBAAGjggKnMIICozAdBgNVHQ4EFgQU4bPA5kyo
BrDJXriK4Cu0cHdcoaQwHwYDVR0jBBgwFoAUiR7Yuqwsc70TrcqhoWqvANIkqHcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM5NEU3L0Y0Q0ZEMURBQUM3
MzExRUY4N0ZDNTU0Q0M0RjlBRTAyL2lSN1l1cXdzYzcwVHJjcWhvV3F2QU5Ja3FI
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaVI3WXVxd3NjNzBUcmNxaG9XcXZBTklrcUhjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
OTRFNy9GNENGRDFEQUFDNzMxMUVGODdGQzU1NENDNEY5QUUwMi83NzY2QjE5QUFE
MTQxMUVGQUVCMjU2NERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAEwGAMEAMomnQMEAMsftwMEAMtcGwMEAMu+GTANBgkqhkiG9w0BAQsF
AAOCAQEA3DZScf3M5HFaxKwGvuhqdOgJI1umLSqtSLBBEp2zBPcV7BEgVmhHI14U
t6MWGOw8/7re5DJwyZi82ECsekhhKDwqdzmuX5oz5rYMPF50aWE1+GIfa2zr2ook
yqJSFW/1jrQ08rsp2ZGo4BYtFh5gY3UnVysOx3MoLIakAamV/4DXW8ckgsq2xzFf
B6e2WyDZCQPVrXi4QOX2vbv3jCUSWB2jxZrIXfWJ11Vg9T+ghO9OwakUGlKUaQzq
q/fttdcp6Xoy+4XSPcOzTqxyhPgZKJAySbgQPy2IQNQBv6Xn+rXGpyWOpqe7CCJw
yo1ZctecYlETkfIStMB0lCpJwdwrrA==
-----END CERTIFICATE-----
Generated at Tue Dec 10 23:34:41 2024 by rpki-client on console-fra.rpki-client.org