Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/1C180EAA682311EFBA6ECA13C4F9AE02.roa
File: 1C180EAA682311EFBA6ECA13C4F9AE02.roa (raw, json)
Hash identifier: go/aihrEYrcat4i9I2xi1Ywi7sdkhAqXiVOqPmGa3Xk=
Subject key identifier: 74:E6:05:A3:53:BA:37:C9:85:95:A4:7E:BB:B3:66:82:D5:0C:50:89
Certificate issuer: /CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Certificate serial: 0695
Authority key identifier: 83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/1C180EAA682311EFBA6ECA13C4F9AE02.roa
Signing time: Fri 13 Sep 2024 18:07:58 +0000
ROA not before: Fri 13 Sep 2024 18:07:58 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 142044
IP address blocks: 202.94.165.0/24 maxlen: 24
2407:4ac0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 24 Nov 2024 12:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1685 (0x695)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Validity
Not Before: Sep 13 18:07:58 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66e47f7e-3655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a0:6e:b0:d7:5a:ce:f9:9a:1b:e9:53:0a:75:
2c:43:20:58:68:a4:8e:4c:c9:39:11:93:06:df:e8:
d3:c0:63:bc:f7:2f:cf:e2:07:ad:e6:02:a7:36:e6:
53:63:22:db:81:17:29:9b:d0:67:8c:94:69:9c:2c:
08:73:d4:5a:8f:ad:78:09:fb:cc:cb:86:05:3f:65:
b2:a6:f3:7e:5f:42:c7:98:52:66:7a:e9:6d:00:9a:
9f:67:a8:68:76:f4:5d:04:fe:d0:b2:d7:4b:5a:03:
c3:e5:6f:fe:84:b8:b1:c8:a4:70:05:d4:bf:fb:51:
2c:3a:e5:b7:97:d8:e5:d2:81:e8:8d:3d:5f:aa:84:
22:c2:af:53:47:5d:b1:f4:e3:f6:11:06:4c:0f:db:
7e:38:61:ef:81:4f:d9:f4:a0:26:fa:d4:97:f8:71:
fe:1e:fc:57:6b:da:90:da:2a:c8:fb:f7:1f:50:54:
07:2e:61:4b:bb:a2:43:46:fa:ba:2c:24:bc:c9:be:
c4:9f:05:8f:31:3f:8b:e6:92:9f:71:86:8a:ae:bb:
64:4d:7d:e1:0b:46:f8:71:67:ff:57:e7:c7:fb:4b:
8a:a6:8b:5f:9c:30:9e:4e:cf:6e:52:f7:92:ad:08:
d3:a0:6e:60:0a:12:43:73:63:a6:34:00:02:2a:15:
a7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E6:05:A3:53:BA:37:C9:85:95:A4:7E:BB:B3:66:82:D5:0C:50:89
X509v3 Authority Key Identifier:
keyid:83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/1C180EAA682311EFBA6ECA13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.94.165.0/24
IPv6:
2407:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
59:a4:f0:49:8c:a9:9e:10:58:c7:17:ee:08:7b:21:41:41:2e:
a9:af:45:d6:63:ee:11:ac:b2:5d:3c:63:3d:f2:b8:a6:9d:c1:
14:3e:3b:ff:cc:1a:6e:e2:4b:55:b4:68:af:80:e3:d9:e7:a4:
bf:02:f5:b5:a6:78:cf:7f:4f:df:77:1b:23:62:d7:6e:a2:d3:
6e:e3:11:b6:35:8a:03:b8:ac:16:db:7a:c6:fb:f7:de:ef:68:
e8:25:81:97:2a:d7:5b:8c:6e:f6:d6:4e:9e:f0:40:f8:f3:86:
b7:28:74:13:08:1b:94:22:c0:1a:92:85:ad:b8:37:03:27:c5:
ea:a8:f3:3d:32:1d:f1:13:20:3f:11:c2:1d:91:77:d8:3d:3f:
e3:9b:73:69:d2:d8:34:c6:90:8c:67:9d:d7:4b:8a:ef:17:f2:
cf:27:35:b3:aa:9d:cc:31:73:01:b5:99:13:54:76:71:13:dd:
f8:82:3d:6a:62:5b:03:62:cd:27:04:c9:a5:04:e6:a4:6c:8f:
53:c3:a1:3b:15:64:bc:58:cd:5b:69:52:47:f6:db:f9:6d:f7:
16:a4:30:95:8b:ab:5a:55:7b:48:5d:d4:82:e9:65:6d:cc:05:
ea:46:d8:5f:32:2e:e0:f1:16:5e:4c:f8:f9:92:24:66:e7:5f:
fc:48:22:21
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBpUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU2QjcxMTAvBgNVBAUTKDgzRDk2RjFERUE3MkE5OUQyMzRCNDQ1NkQ2RjY2NzVE
QzdFNjA2MUUwHhcNMjQwOTEzMTgwNzU4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmU0N2Y3ZS0zNjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2KBusNdazvmaG+lTCnUsQyBYaKSOTMk5EZMG3+jTwGO89y/P4get5gKnNuZT
YyLbgRcpm9BnjJRpnCwIc9Raj614CfvMy4YFP2WypvN+X0LHmFJmeultAJqfZ6ho
dvRdBP7QstdLWgPD5W/+hLixyKRwBdS/+1EsOuW3l9jl0oHojT1fqoQiwq9TR12x
9OP2EQZMD9t+OGHvgU/Z9KAm+tSX+HH+HvxXa9qQ2irI+/cfUFQHLmFLu6JDRvq6
LCS8yb7EnwWPMT+L5pKfcYaKrrtkTX3hC0b4cWf/V+fH+0uKpotfnDCeTs9uUveS
rQjToG5gChJDc2OmNAACKhWnJQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHTmBaNT
ujfJhZWkfruzZoLVDFCJMB8GA1UdIwQYMBaAFIPZbx3qcqmdI0tEVtb2Z13H5gYe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZCNy85NUVGN0RCQTk2
N0QxMUVCQURENTBEMkNDNEY5QUUwMi9nOWx2SGVweXFaMGpTMFJXMXZablhjZm1C
aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c5bHZIZXB5cVowalMwUlcxdlpuWGNmbUJoNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU2QjcvOTVFRjdEQkE5NjdEMTFFQkFERDUwRDJDQzRGOUFFMDIvMUMxODBFQUE2
ODIzMTFFRkJBNkVDQTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBADKXqUwDQQCAAIwBwMFACQHSsAwDQYJKoZIhvcNAQELBQAD
ggEBAFmk8EmMqZ4QWMcX7gh7IUFBLqmvRdZj7hGssl08Yz3yuKadwRQ+O//MGm7i
S1W0aK+A49nnpL8C9bWmeM9/T993GyNi126i027jEbY1igO4rBbbesb7997vaOgl
gZcq11uMbvbWTp7wQPjzhrcodBMIG5QiwBqSha24NwMnxeqo8z0yHfETID8Rwh2R
d9g9P+Obc2nS2DTGkIxnnddLiu8X8s8nNbOqncwxcwG1mRNUdnET3fiCPWpiWwNi
zScEyaUE5qRsj1PDoTsVZLxYzVtpUkf22/lt9xakMJWLq1pVe0hd1ILpZW3MBepG
2F8yLuDxFl5M+PmSJGbnX/xIIiE=
-----END CERTIFICATE-----
Generated at Sun Nov 24 13:50:27 2024 by rpki-client on console-fra.rpki-client.org