Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/50082530555211EFB063506AC4F9AE02.roa
File: 50082530555211EFB063506AC4F9AE02.roa (raw, json)
Hash identifier: WTkarjkcp1R0yGOE+r5W1DFXEAOB8+Y6qt/gjSpG6Wc=
Subject key identifier: 96:E7:FF:04:71:BB:57:B0:CE:32:41:0C:31:77:D4:DC:0A:45:91:CC
Certificate issuer: /CN=A9195F7B/serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
Certificate serial: 66
Authority key identifier: 89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/50082530555211EFB063506AC4F9AE02.roa
Signing time: Thu 08 Aug 2024 06:49:09 +0000
ROA not before: Thu 08 Aug 2024 06:49:09 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 4760
IP address blocks: 202.4.202.0/23 maxlen: 23
202.4.204.0/23 maxlen: 23
202.4.215.0/24 maxlen: 24
202.4.216.0/22 maxlen: 22
202.4.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 17:34:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102 (0x66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9195F7B/serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
Validity
Not Before: Aug 8 06:49:09 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66b46a65-12c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:78:79:99:f0:56:c1:50:47:fc:ee:83:ae:0d:
94:63:f6:27:fc:0c:8c:5d:fb:37:33:c0:ea:c9:1b:
1f:a1:37:1f:2b:64:7d:ce:e3:0e:3a:ac:34:83:04:
1b:bc:93:8f:27:0e:e3:e9:03:f2:ff:60:68:29:ba:
68:66:5c:5f:65:a6:c6:a2:f2:9f:33:87:34:d7:18:
1e:19:b8:99:2d:d1:bb:de:cc:88:07:f0:cd:b1:22:
be:ed:c7:41:b4:55:2e:85:9c:ab:de:80:1b:93:96:
61:84:a5:57:fb:14:41:ef:e7:0d:51:cf:79:52:15:
84:59:b7:a2:09:5e:4a:7e:df:67:3a:04:ba:f7:48:
1b:64:90:0d:6b:4a:e8:21:6f:cb:a8:a0:4b:0c:d9:
96:ab:05:1e:b6:77:7e:da:95:b9:40:e7:e3:81:ae:
4a:e7:c3:b8:15:51:29:df:aa:70:67:a8:f7:ba:a4:
22:b4:0f:c0:6d:d4:14:2f:e6:35:bf:50:1e:59:d4:
84:2d:20:58:48:e7:2e:64:05:55:b2:6c:a7:73:1d:
76:2e:b5:a1:1f:8c:86:e3:d1:f2:ad:2c:37:26:bd:
aa:09:de:f5:38:b6:15:a6:9b:21:80:8d:5c:c0:28:
50:e2:90:77:b7:f7:0e:14:f6:3c:d6:da:2c:5d:97:
99:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E7:FF:04:71:BB:57:B0:CE:32:41:0C:31:77:D4:DC:0A:45:91:CC
X509v3 Authority Key Identifier:
keyid:89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/50082530555211EFB063506AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.4.202.0-202.4.205.255
202.4.215.0-202.4.220.255
Signature Algorithm: sha256WithRSAEncryption
8c:18:4c:75:dd:ad:89:50:ad:df:61:f1:1c:de:18:4e:03:b4:
da:37:fc:d4:5b:8f:4b:b0:87:15:47:f7:ca:23:1c:f2:d2:e3:
df:8c:1d:2f:ea:ae:6b:26:f2:ce:d2:3e:e1:e9:bc:78:57:04:
28:e6:f0:d0:d3:7e:06:eb:29:b3:db:c0:12:e8:a7:80:ca:f2:
53:04:f9:1e:eb:a5:31:67:0c:89:76:39:21:e1:30:33:0e:68:
fb:6f:b8:42:6d:51:df:a8:cb:4c:af:dd:c6:af:f2:95:97:e1:
4e:58:32:d0:22:d3:d5:b1:fe:4b:ab:f1:ec:dd:ff:cb:aa:ad:
7d:83:4b:5a:17:81:fa:8a:da:f4:fb:ab:a1:e0:f8:69:11:43:
0b:0a:79:d5:c9:55:59:9d:5f:1b:73:e7:66:bf:87:41:17:21:
a3:75:fe:ec:7e:02:af:e1:66:a2:36:ba:3b:ab:0b:fd:8f:5b:
43:e9:f6:c1:66:64:b6:95:bb:3b:eb:8a:5f:d5:36:20:b9:65:
76:c4:fb:62:0a:c7:30:7f:5f:78:37:f0:19:65:90:c9:3d:a3:
e1:0f:4f:6b:db:30:b2:5c:ae:c3:70:82:e2:48:1f:0e:33:0c:
7a:8b:3b:4f:88:55:ea:1d:14:5d:bc:88:72:28:14:13:eb:09:
fa:11:35:3a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIBZjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NUY3QjExMC8GA1UEBRMoODkwQjFERUZFODhENTkxOTZCQ0M3QjY1MjY4QzYyRTg2
RTU0RDQ2RDAeFw0yNDA4MDgwNjQ5MDlaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YjQ2YTY1LTEyYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDheHmZ8FbBUEf87oOuDZRj9if8DIxd+zczwOrJGx+hNx8rZH3O4w46rDSDBBu8
k48nDuPpA/L/YGgpumhmXF9lpsai8p8zhzTXGB4ZuJkt0bvezIgH8M2xIr7tx0G0
VS6FnKvegBuTlmGEpVf7FEHv5w1Rz3lSFYRZt6IJXkp+32c6BLr3SBtkkA1rSugh
b8uooEsM2ZarBR62d37alblA5+OBrkrnw7gVUSnfqnBnqPe6pCK0D8Bt1BQv5jW/
UB5Z1IQtIFhI5y5kBVWybKdzHXYutaEfjIbj0fKtLDcmvaoJ3vU4thWmmyGAjVzA
KFDikHe39w4U9jzW2ixdl5n9AgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUluf/BHG7
V7DOMkEMMXfU3ApFkcwwHwYDVR0jBBgwFoAUiQsd7+iNWRlrzHtlJoxi6G5U1G0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1RjdCL0ExMzFCMzk0QkIz
OTExRUVBNjU1NDE3RUM0RjlBRTAyL2lRc2Q3LWlOV1JscnpIdGxKb3hpNkc1VTFH
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaVFzZDctaU5XUmxyekh0bEpveGk2RzVVMUcwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NUY3Qi9BMTMxQjM5NEJCMzkxMUVFQTY1NTQxN0VDNEY5QUUwMi81MDA4MjUzMDU1
NTIxMUVGQjA2MzUwNkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA1BggrBgEFBQcBBwEB/wQm
MCQwIgQCAAEwHDAMAwQBygTKAwQBygTMMAwDBADKBNcDBADKBNwwDQYJKoZIhvcN
AQELBQADggEBAIwYTHXdrYlQrd9h8RzeGE4DtNo3/NRbj0uwhxVH98ojHPLS49+M
HS/qrmsm8s7SPuHpvHhXBCjm8NDTfgbrKbPbwBLop4DK8lME+R7rpTFnDIl2OSHh
MDMOaPtvuEJtUd+oy0yv3cav8pWX4U5YMtAi09Wx/kur8ezd/8uqrX2DS1oXgfqK
2vT7q6Hg+GkRQwsKedXJVVmdXxtz52a/h0EXIaN1/ux+Aq/hZqI2ujurC/2PW0Pp
9sFmZLaVuzvril/VNiC5ZXbE+2IKxzB/X3g38BllkMk9o+EPT2vbMLJcrsNwguJI
Hw4zDHqLO0+IVeodFF28iHIoFBPrCfoRNTo=
-----END CERTIFICATE-----
Generated at Wed Sep 4 20:33:47 2024 by rpki-client on console-ams.rpki-client.org