Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/0D370EA67BB311EF8980C809C4F9AE02.roa
File: 0D370EA67BB311EF8980C809C4F9AE02.roa (raw, json)
Hash identifier: ApXoB6+1u7Boul3bvOfMzc3c+RXOPjvmL6fMtcE0Tis=
Subject key identifier: 9B:1D:64:2B:92:7B:20:B6:00:CF:15:67:C1:01:FD:4D:DF:AB:FB:5E
Certificate issuer: /CN=A91911EB/serialNumber=BE3F813B202FFB0A382F737968EE166598E0E8AB
Certificate serial: 1D
Authority key identifier: BE:3F:81:3B:20:2F:FB:0A:38:2F:73:79:68:EE:16:65:98:E0:E8:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/0D370EA67BB311EF8980C809C4F9AE02.roa
Signing time: Thu 26 Sep 2024 03:05:53 +0000
ROA not before: Thu 26 Sep 2024 03:05:53 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 45575
IP address blocks: 203.158.176.0/20 maxlen: 20
203.158.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 04:16:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91911EB/serialNumber=BE3F813B202FFB0A382F737968EE166598E0E8AB
Validity
Not Before: Sep 26 03:05:53 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66f4cf91-a2ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1c:36:56:fa:1a:18:a7:85:7e:af:4d:e0:d2:
2b:59:b3:eb:80:8f:f1:07:98:07:90:0e:bf:32:b5:
b6:09:d3:af:0a:99:19:0b:ae:10:f6:a0:97:18:4d:
ca:21:4b:ba:f9:ca:23:e5:3d:83:ef:df:cc:2a:e7:
89:48:f4:e6:15:9a:15:24:ed:ba:e7:06:ee:57:d7:
6c:e8:3a:5f:91:0d:98:65:f8:d7:18:f4:d3:24:a1:
5a:b7:0b:6d:8c:c1:79:e6:eb:c4:89:cf:01:07:b0:
2f:bd:c8:9d:18:d3:03:4b:62:fa:79:4c:70:1b:21:
1c:33:83:b0:14:18:0c:93:e9:e5:fe:fc:30:b2:a7:
50:42:1d:dc:d3:b3:06:d9:3b:fd:53:81:47:37:c3:
3e:3d:56:b7:f5:86:19:d9:85:c6:d4:86:0f:df:3a:
5c:20:ba:6c:68:05:42:89:16:46:d1:d3:4c:cd:9b:
69:f1:03:9a:02:e6:08:fe:65:e6:b2:5e:0f:7a:f4:
b4:92:cd:e1:98:d5:97:b2:3e:86:e0:77:74:bf:ca:
25:56:ad:45:f0:0f:4b:20:14:d7:3a:ba:1a:1d:f9:
ab:23:bd:06:59:74:f2:fa:a0:32:68:57:2b:46:a2:
3a:cb:0d:28:26:06:bb:de:ec:27:29:ab:62:c0:53:
70:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:1D:64:2B:92:7B:20:B6:00:CF:15:67:C1:01:FD:4D:DF:AB:FB:5E
X509v3 Authority Key Identifier:
keyid:BE:3F:81:3B:20:2F:FB:0A:38:2F:73:79:68:EE:16:65:98:E0:E8:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/0D370EA67BB311EF8980C809C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.158.176.0/20
Signature Algorithm: sha256WithRSAEncryption
9d:c2:d6:e9:ba:f8:16:72:1f:b0:2b:cd:52:dd:87:ad:da:2c:
27:3f:5c:f3:d3:5b:7b:b0:0b:48:70:e0:99:a0:40:ab:8d:1c:
cd:97:33:e1:96:3d:f2:9b:e6:c4:cb:1d:cd:9a:6d:80:2a:b4:
f4:a4:a9:b8:7e:f5:57:16:e7:39:9a:f8:39:05:e3:89:6f:15:
4a:2c:b1:fe:d6:68:23:a1:a0:82:63:fd:51:21:35:1d:bf:3a:
d2:f4:10:d5:0d:94:e8:65:d7:00:62:86:e8:f2:c6:29:7f:71:
4d:e8:01:8c:5f:d5:bc:6b:50:aa:d8:ad:6b:55:01:c2:90:1a:
9c:59:61:b0:f1:90:21:8a:82:67:2b:d0:7f:9d:d0:df:9a:ac:
8d:31:32:9d:bb:5c:63:f7:24:f5:8d:fc:66:c8:1a:95:8c:41:
65:a7:64:59:82:b1:53:b7:a7:6c:cc:80:c4:1d:5b:3e:b6:b4:
1a:d7:1a:e7:64:a6:65:20:a0:5c:fc:a8:63:a6:db:df:bc:74:
f5:c2:6b:49:90:1b:a2:93:0d:6e:a7:11:56:a3:bd:dd:a2:6a:
88:f9:6f:db:8a:81:c0:0c:c5:9e:6b:60:cf:a9:d5:8f:d7:17:
90:40:44:ca:35:9e:64:39:3f:e1:2c:8a:2f:74:90:ab:4c:47:
c9:9f:16:bf
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MTFFQjExMC8GA1UEBRMoQkUzRjgxM0IyMDJGRkIwQTM4MkY3Mzc5NjhFRTE2NjU5
OEUwRThBQjAeFw0yNDA5MjYwMzA1NTNaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZjRjZjkxLWEyYWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHHDZW+hoYp4V+r03g0itZs+uAj/EHmAeQDr8ytbYJ068KmRkLrhD2oJcYTcoh
S7r5yiPlPYPv38wq54lI9OYVmhUk7brnBu5X12zoOl+RDZhl+NcY9NMkoVq3C22M
wXnm68SJzwEHsC+9yJ0Y0wNLYvp5THAbIRwzg7AUGAyT6eX+/DCyp1BCHdzTswbZ
O/1TgUc3wz49Vrf1hhnZhcbUhg/fOlwgumxoBUKJFkbR00zNm2nxA5oC5gj+Zeay
Xg969LSSzeGY1ZeyPobgd3S/yiVWrUXwD0sgFNc6uhod+asjvQZZdPL6oDJoVytG
ojrLDSgmBrve7Ccpq2LAU3DVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUmx1kK5J7
ILYAzxVnwQH9Td+r+14wHwYDVR0jBBgwFoAUvj+BOyAv+wo4L3N5aO4WZZjg6Ksw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkxMUVCL0VEQTk3MkIyNjlB
MjExRUZBRTNBQjM1QUM0RjlBRTAyL3ZqLUJPeUF2LXdvNEwzTjVhTzRXWlpqZzZL
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdmotQk95QXYtd280TDNONWFPNFdaWmpnNktzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MTFFQi9FREE5NzJCMjY5QTIxMUVGQUUzQUIzNUFDNEY5QUUwMi8wRDM3MEVBNjdC
QjMxMUVGODk4MEM4MDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBMuesDANBgkqhkiG9w0BAQsFAAOCAQEAncLW6br4FnIfsCvN
Ut2HrdosJz9c89Nbe7ALSHDgmaBAq40czZcz4ZY98pvmxMsdzZptgCq09KSpuH71
VxbnOZr4OQXjiW8VSiyx/tZoI6GggmP9USE1Hb860vQQ1Q2U6GXXAGKG6PLGKX9x
TegBjF/VvGtQqtita1UBwpAanFlhsPGQIYqCZyvQf53Q35qsjTEynbtcY/ck9Y38
ZsgalYxBZadkWYKxU7enbMyAxB1bPra0Gtca52SmZSCgXPyoY6bb37x09cJrSZAb
opMNbqcRVqO93aJqiPlv24qBwAzFnmtgz6nVj9cXkEBEyjWeZDk/4SyKL3SQq0xH
yZ8Wvw==
-----END CERTIFICATE-----
Generated at Thu Sep 26 05:00:52 2024 by rpki-client on console-fra.rpki-client.org