Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/5B24C65468EE11EE805E9C63C4F9AE02.roa
File: 5B24C65468EE11EE805E9C63C4F9AE02.roa (raw, json)
Hash identifier: JMBs/+ZcSdeKhT5O93WEL+ISmasuHX+KfqbPZnyh3gU=
Subject key identifier: AB:13:12:D8:C7:00:E4:14:70:A1:9A:C4:60:D7:C9:4E:77:D2:45:63
Certificate issuer: /CN=A9148B17/serialNumber=8D923098CD67F6D1BF24CFBE2C3DCA0B665ABB8C
Certificate serial: 06
Authority key identifier: 8D:92:30:98:CD:67:F6:D1:BF:24:CF:BE:2C:3D:CA:0B:66:5A:BB:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jZIwmM1n9tG_JM--LD3KC2Zau4w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/5B24C65468EE11EE805E9C63C4F9AE02.roa
Signing time: Thu 12 Oct 2023 11:00:37 +0000
ROA not before: Thu 12 Oct 2023 11:00:37 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 151957
IP address blocks: 202.61.82.0/24 maxlen: 24
202.61.83.0/24 maxlen: 24
2401:4460::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 30 Oct 2023 14:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148B17/serialNumber=8D923098CD67F6D1BF24CFBE2C3DCA0B665ABB8C
Validity
Not Before: Oct 12 11:00:37 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6527d1d4-0fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:49:d5:cf:39:56:26:e2:e9:36:e1:d7:82:cd:
c6:18:ca:62:ed:5d:46:8d:c6:0b:f9:74:55:ab:ca:
51:14:51:a9:16:60:13:a9:39:03:1c:6f:d6:92:8c:
4a:5e:b7:dd:06:54:09:1d:09:f1:73:75:d8:1b:bc:
6c:a3:29:eb:ac:c3:2c:73:41:bc:dd:a1:91:20:b7:
ff:6d:09:44:e2:da:b5:fa:ba:e1:4c:c6:3b:01:4e:
aa:24:b3:eb:3e:d6:82:6e:7b:a6:43:35:2a:74:7d:
5f:c1:b8:49:c7:25:87:cb:67:f3:23:c6:01:d5:19:
24:74:93:f6:52:e1:53:69:9b:75:bd:56:92:df:23:
28:21:44:96:3f:5e:fc:c9:6e:27:e4:14:1f:cd:e2:
36:e5:d4:76:bd:64:08:87:18:02:a4:1c:fa:68:0a:
5c:eb:89:8f:55:3f:83:71:fc:ed:e9:b9:19:a2:df:
38:d9:9a:ca:b2:00:bf:94:50:85:aa:bf:38:ed:70:
a6:a4:0a:e9:49:12:49:92:41:df:59:74:08:2c:de:
1d:e9:c6:49:4a:b9:b0:94:de:80:ad:93:cf:a4:83:
82:04:81:22:34:88:8b:c6:3e:8e:27:70:16:8f:05:
3b:90:7e:6b:d6:21:ca:20:c9:fe:b8:e4:06:b7:47:
c0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:13:12:D8:C7:00:E4:14:70:A1:9A:C4:60:D7:C9:4E:77:D2:45:63
X509v3 Authority Key Identifier:
keyid:8D:92:30:98:CD:67:F6:D1:BF:24:CF:BE:2C:3D:CA:0B:66:5A:BB:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/jZIwmM1n9tG_JM--LD3KC2Zau4w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jZIwmM1n9tG_JM--LD3KC2Zau4w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/5B24C65468EE11EE805E9C63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.61.82.0/23
IPv6:
2401:4460::/32
Signature Algorithm: sha256WithRSAEncryption
29:0b:0b:24:27:75:b4:9f:21:af:5e:32:9b:ad:de:c0:0d:62:
d1:47:ff:ba:e2:41:66:24:18:54:5d:e9:ed:96:96:81:9e:af:
37:86:7b:40:5a:d7:41:52:25:83:1d:46:30:0c:8f:d5:db:5c:
88:51:14:f2:ee:71:47:84:94:c9:bc:84:37:c0:28:58:1d:5c:
36:30:02:47:84:4e:6d:1d:b6:fd:0a:36:d8:71:c4:4d:11:43:
3e:fa:75:29:bb:17:ba:9b:cf:f8:6e:75:89:98:3d:c6:a4:40:
52:78:a4:22:0d:9d:0a:20:0d:14:ff:6d:23:68:13:2b:2c:a0:
23:89:94:10:4a:f7:f9:1a:11:f6:d9:37:74:05:ef:3a:3e:20:
d0:60:2e:b0:22:1b:35:ab:9f:5c:a6:25:96:8e:1a:28:ff:cf:
74:3f:b3:37:dd:a0:42:21:b8:9c:af:ac:e4:b0:ef:2e:9d:e4:
68:90:8a:12:e2:b5:44:a6:64:5e:00:83:c3:6d:bb:12:b5:cf:
a5:53:d8:50:27:ca:37:bb:f0:70:49:eb:9d:09:cb:7b:aa:2b:
6f:cf:7e:4f:f4:35:dd:7c:ad:45:9c:f4:81:0c:01:47:f3:70:
a6:40:39:88:2b:9d:ad:c7:2c:96:91:53:22:84:c2:e6:8e:70:
00:b4:61:86
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
OEIxNzExMC8GA1UEBRMoOEQ5MjMwOThDRDY3RjZEMUJGMjRDRkJFMkMzRENBMEI2
NjVBQkI4QzAeFw0yMzEwMTIxMTAwMzdaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MjdkMWQ0LTBmZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvSdXPOVYm4uk24deCzcYYymLtXUaNxgv5dFWrylEUUakWYBOpOQMcb9aSjEpe
t90GVAkdCfFzddgbvGyjKeuswyxzQbzdoZEgt/9tCUTi2rX6uuFMxjsBTqoks+s+
1oJue6ZDNSp0fV/BuEnHJYfLZ/MjxgHVGSR0k/ZS4VNpm3W9VpLfIyghRJY/XvzJ
bifkFB/N4jbl1Ha9ZAiHGAKkHPpoClzriY9VP4Nx/O3puRmi3zjZmsqyAL+UUIWq
vzjtcKakCulJEkmSQd9ZdAgs3h3pxklKubCU3oCtk8+kg4IEgSI0iIvGPo4ncBaP
BTuQfmvWIcogyf645Aa3R8C5AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUqxMS2McA
5BRwoZrEYNfJTnfSRWMwHwYDVR0jBBgwFoAUjZIwmM1n9tG/JM++LD3KC2Zau4ww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ4QjE3L0VBNEIxNjVFNjhF
RDExRUVCNEI1RDM2MkM0RjlBRTAyL2paSXdtTTFuOXRHX0pNLS1MRDNLQzJaYXU0
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvalpJd21NMW45dEdfSk0tLUxEM0tDMlphdTR3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OEIxNy9FQTRCMTY1RTY4RUQxMUVFQjRCNUQzNjJDNEY5QUUwMi81QjI0QzY1NDY4
RUUxMUVFODA1RTlDNjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAco9UjANBAIAAjAHAwUAJAFEYDANBgkqhkiG9w0BAQsFAAOC
AQEAKQsLJCd1tJ8hr14ym63ewA1i0Uf/uuJBZiQYVF3p7ZaWgZ6vN4Z7QFrXQVIl
gx1GMAyP1dtciFEU8u5xR4SUybyEN8AoWB1cNjACR4RObR22/Qo22HHETRFDPvp1
KbsXupvP+G51iZg9xqRAUnikIg2dCiANFP9tI2gTKyygI4mUEEr3+RoR9tk3dAXv
Oj4g0GAusCIbNaufXKYllo4aKP/PdD+zN92gQiG4nK+s5LDvLp3kaJCKEuK1RKZk
XgCDw227ErXPpVPYUCfKN7vwcEnrnQnLe6orb89+T/Q13XytRZz0gQwBR/NwpkA5
iCudrccslpFTIoTC5o5wALRhhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org