Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/9A8D35C80C4B11EFA4D96F6FC4F9AE02.roa
File: 9A8D35C80C4B11EFA4D96F6FC4F9AE02.roa (raw, json)
Hash identifier: g7J+dDeh4Z8S4UMj2kvOObaexZoRadbmOFOAY2yw2Uc=
Subject key identifier: 62:83:27:52:00:8E:D9:50:BF:3C:25:7E:DE:38:3E:79:59:A5:BD:1A
Certificate issuer: /CN=A91993A0/serialNumber=BCB7CF4430BB98EA04851C340726E588150E139D
Certificate serial: 18
Authority key identifier: BC:B7:CF:44:30:BB:98:EA:04:85:1C:34:07:26:E5:88:15:0E:13:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vLfPRDC7mOoEhRw0BybliBUOE50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/9A8D35C80C4B11EFA4D96F6FC4F9AE02.roa
Signing time: Tue 07 May 2024 08:34:26 +0000
ROA not before: Tue 07 May 2024 08:34:26 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 3491
IP address blocks: 118.103.240.0/21 maxlen: 24
202.70.160.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 08:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91993A0/serialNumber=BCB7CF4430BB98EA04851C340726E588150E139D
Validity
Not Before: May 7 08:34:26 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6639e791-fa76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ae:d4:2b:29:e8:89:39:5b:65:b7:f5:f6:98:
a3:28:4b:36:89:b6:10:81:01:f6:88:7b:3d:f5:7f:
95:49:79:bb:de:75:45:4d:fa:40:c4:70:67:cc:ab:
41:5c:e7:ca:26:f5:a0:2c:dc:c6:5f:c8:60:89:72:
5b:fb:c5:fd:b7:1a:56:e3:3b:24:f8:35:74:4b:2a:
2f:44:9e:5d:b0:3f:05:d9:01:bc:ce:99:fa:10:a6:
4d:e9:45:90:45:4e:f0:2f:e0:ea:f4:1e:80:5c:b1:
bb:3c:ad:56:f5:d1:80:f3:d0:d4:d8:b8:f7:8c:87:
c7:ba:6a:43:3d:90:1c:e9:d0:85:46:1b:5e:4e:ad:
b3:71:b0:7a:c6:2c:a0:71:f3:bc:2f:d5:f5:3b:d7:
e0:e4:80:08:7a:68:1e:be:ec:6c:1c:5d:ac:9e:73:
1c:46:33:b5:ae:40:f1:30:a1:47:97:98:42:a5:51:
88:f4:1f:79:fd:14:fe:6e:14:db:6f:bd:72:fe:c9:
74:b4:b9:99:dc:a8:a8:eb:12:73:a3:ef:4f:3e:a1:
21:4b:27:73:dd:48:72:b5:a1:c9:ba:cf:72:28:9c:
34:eb:67:63:7b:ef:a6:86:10:b6:94:95:83:fa:13:
75:01:34:b1:60:b2:5d:82:f3:b3:fa:3e:ee:85:09:
37:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:83:27:52:00:8E:D9:50:BF:3C:25:7E:DE:38:3E:79:59:A5:BD:1A
X509v3 Authority Key Identifier:
keyid:BC:B7:CF:44:30:BB:98:EA:04:85:1C:34:07:26:E5:88:15:0E:13:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/vLfPRDC7mOoEhRw0BybliBUOE50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vLfPRDC7mOoEhRw0BybliBUOE50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/9A8D35C80C4B11EFA4D96F6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.103.240.0/21
202.70.160.0/20
Signature Algorithm: sha256WithRSAEncryption
20:41:27:b4:c9:94:1d:0a:79:29:22:35:69:31:fd:b1:e6:cd:
d6:0c:19:33:82:d3:55:21:ca:58:a4:1b:7c:15:db:c8:ff:7e:
1e:9e:a6:21:dd:f3:7d:aa:82:d9:54:14:4f:ee:22:b0:b1:4c:
64:99:77:9d:72:94:45:6e:59:f3:9c:e9:f9:e7:e3:7d:8e:41:
73:65:fc:6b:be:aa:61:e0:b0:41:e1:fc:42:0c:51:12:e3:ca:
9e:11:a0:14:47:7b:1d:54:8f:f4:d9:1b:fa:b2:43:3d:e7:e2:
19:ab:98:0e:a8:c4:97:fb:79:4e:24:66:d7:3d:72:61:d5:48:
13:58:b2:82:70:04:5f:eb:28:0b:90:16:b3:b3:88:a3:fb:ea:
93:46:d5:23:f2:fc:f3:b4:c6:29:f8:60:2b:fd:19:18:23:5e:
2b:69:9e:b0:d7:20:dd:22:af:96:ea:72:33:7b:90:6a:45:60:
8c:94:dd:7b:28:66:ac:0b:c6:3b:14:9a:f8:ec:bc:8c:16:e7:
33:bf:b0:46:bf:21:b0:4a:29:07:9c:f2:24:72:4d:cd:49:41:
0d:b5:bc:6f:99:4a:af:bd:73:8b:bb:02:ed:e3:d0:8b:73:9e:
58:af:07:3f:60:f3:d7:ef:fc:16:b9:68:24:f2:51:ee:64:26:
52:4d:d9:8f
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
OTNBMDExMC8GA1UEBRMoQkNCN0NGNDQzMEJCOThFQTA0ODUxQzM0MDcyNkU1ODgx
NTBFMTM5RDAeFw0yNDA1MDcwODM0MjZaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzllNzkxLWZhNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGrtQrKeiJOVtlt/X2mKMoSzaJthCBAfaIez31f5VJebvedUVN+kDEcGfMq0Fc
58om9aAs3MZfyGCJclv7xf23GlbjOyT4NXRLKi9Enl2wPwXZAbzOmfoQpk3pRZBF
TvAv4Or0HoBcsbs8rVb10YDz0NTYuPeMh8e6akM9kBzp0IVGG15OrbNxsHrGLKBx
87wv1fU71+DkgAh6aB6+7GwcXayecxxGM7WuQPEwoUeXmEKlUYj0H3n9FP5uFNtv
vXL+yXS0uZncqKjrEnOj708+oSFLJ3PdSHK1ocm6z3IonDTrZ2N776aGELaUlYP6
E3UBNLFgsl2C87P6Pu6FCTddAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUYoMnUgCO
2VC/PCV+3jg+eVmlvRowHwYDVR0jBBgwFoAUvLfPRDC7mOoEhRw0BybliBUOE50w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5M0EwL0E1OTU1RTU2MEM0
NTExRUY5RTdFMDUxREM0RjlBRTAyL3ZMZlBSREM3bU9vRWhSdzBCeWJsaUJVT0U1
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdkxmUFJEQzdtT29FaFJ3MEJ5YmxpQlVPRTUwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OTNBMC9BNTk1NUU1NjBDNDUxMUVGOUU3RTA1MURDNEY5QUUwMi85QThEMzVDODBD
NEIxMUVGQTREOTZGNkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEA3Zn8AMEBMpGoDANBgkqhkiG9w0BAQsFAAOCAQEAIEEntMmU
HQp5KSI1aTH9sebN1gwZM4LTVSHKWKQbfBXbyP9+Hp6mId3zfaqC2VQUT+4isLFM
ZJl3nXKURW5Z85zp+efjfY5Bc2X8a76qYeCwQeH8QgxREuPKnhGgFEd7HVSP9Nkb
+rJDPefiGauYDqjEl/t5TiRm1z1yYdVIE1iygnAEX+soC5AWs7OIo/vqk0bVI/L8
87TGKfhgK/0ZGCNeK2mesNcg3SKvlupyM3uQakVgjJTdeyhmrAvGOxSa+Oy8jBbn
M7+wRr8hsEopB5zyJHJNzUlBDbW8b5lKr71zi7sC7ePQi3OeWK8HP2Dz1+/8Frlo
JPJR7mQmUk3Zjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org