Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB193/93D4E490F63111EE9ACBE221C4F9AE02/E67EC7D6392711EFBF901B5BC4F9AE02.roa
File: E67EC7D6392711EFBF901B5BC4F9AE02.roa (raw, json)
Hash identifier: 7ElWtNyNaEcajJgfdPqenvOIdyglkVC8skMQsb2VXLQ=
Subject key identifier: B0:FA:38:9A:1B:1B:C8:5F:CA:9F:65:E0:BF:2F:05:06:D4:98:62:63
Certificate issuer: /CN=A91AB193/serialNumber=7B1AE27D3CF51499C5056E7DA873665E4E415179
Certificate serial: 37
Authority key identifier: 7B:1A:E2:7D:3C:F5:14:99:C5:05:6E:7D:A8:73:66:5E:4E:41:51:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/exrifTz1FJnFBW59qHNmXk5BUXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB193/93D4E490F63111EE9ACBE221C4F9AE02/E67EC7D6392711EFBF901B5BC4F9AE02.roa
Signing time: Wed 03 Jul 2024 10:35:00 +0000
ROA not before: Wed 03 Jul 2024 10:35:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137453
IP address blocks: 203.223.89.0/24 maxlen: 25
Validation: Failed, certificate revoked on Mon 08 Jul 2024 13:21:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55 (0x37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB193/serialNumber=7B1AE27D3CF51499C5056E7DA873665E4E415179
Validity
Not Before: Jul 3 10:35:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66852954-2215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:bf:6e:77:1c:8d:68:f0:a2:95:cd:82:d2:8f:
0b:49:26:cb:41:92:64:c8:8a:b4:07:94:95:80:27:
6b:fd:e0:b3:86:8a:60:40:ff:1c:0d:52:2f:d4:80:
27:9c:f0:ce:7a:cb:b8:ea:91:9d:bb:f2:d9:86:1f:
70:b8:33:2f:e2:7f:32:0b:5e:15:de:58:08:b2:98:
c8:5f:26:db:c0:dc:76:1f:79:a9:28:8a:a3:e7:6a:
8d:2d:b7:0e:ea:fc:a8:1f:b0:e9:ed:70:37:d4:1a:
a1:3a:77:2a:02:9b:c4:4c:ef:f0:2a:ea:3d:a1:c7:
89:31:e6:8e:ed:f9:fc:1f:f6:cb:13:66:95:4b:0e:
c0:63:ae:1d:c1:5e:4f:6c:eb:36:bd:79:9e:75:a6:
32:59:ab:fd:55:17:41:28:89:0f:ce:0f:50:bb:b2:
4a:b5:fd:b4:c3:55:90:91:39:8b:49:48:6f:1b:c2:
1a:0e:b1:f5:d2:ca:d6:46:d0:30:1e:5f:16:f0:16:
1a:1e:6b:e3:10:cd:71:f9:57:8e:1d:28:b0:8a:f5:
c3:1a:2d:8f:3d:a1:c1:c6:0c:fc:16:ee:e9:a2:5e:
fd:55:27:5a:5d:22:2a:92:f1:00:8e:fc:94:34:95:
65:58:a3:66:4a:5b:f1:1b:a3:b2:94:33:fc:bb:56:
73:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:FA:38:9A:1B:1B:C8:5F:CA:9F:65:E0:BF:2F:05:06:D4:98:62:63
X509v3 Authority Key Identifier:
keyid:7B:1A:E2:7D:3C:F5:14:99:C5:05:6E:7D:A8:73:66:5E:4E:41:51:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB193/93D4E490F63111EE9ACBE221C4F9AE02/exrifTz1FJnFBW59qHNmXk5BUXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/exrifTz1FJnFBW59qHNmXk5BUXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB193/93D4E490F63111EE9ACBE221C4F9AE02/E67EC7D6392711EFBF901B5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.223.89.0/24
Signature Algorithm: sha256WithRSAEncryption
08:ba:10:b5:9d:d9:19:63:d5:de:77:b1:33:f4:56:a0:42:7a:
e3:07:2c:19:0f:df:b3:f8:c6:4f:1d:55:d3:e9:0f:4b:4d:7a:
28:f7:5c:19:51:fc:d3:b0:eb:d3:6d:d6:37:f2:13:0a:56:e4:
61:52:78:a9:d8:1b:0a:1a:68:6f:38:b3:c3:b2:a5:e7:63:f0:
be:30:16:a5:e7:6a:d7:78:04:8c:db:52:6b:6e:8c:f4:06:d3:
31:76:00:c9:5c:01:b2:66:a5:a7:4f:3b:af:3c:f4:aa:6f:38:
3f:81:3e:84:e0:12:34:89:90:6f:40:9a:aa:04:5e:62:88:1a:
22:de:27:0d:03:0a:c7:86:26:11:ef:dc:9f:8b:ea:dc:ad:e2:
de:5f:13:45:5d:65:13:dc:b4:36:ad:e9:c6:75:21:26:90:83:
a8:94:87:21:bb:7b:f3:da:17:c7:57:d5:e5:85:90:b5:01:b5:
39:78:4a:24:17:9e:bf:23:4c:08:d8:ba:55:fb:c4:4b:91:cc:
6e:d6:6a:78:4d:66:7a:4b:2f:e5:71:9f:6a:4a:9d:80:aa:ca:
cd:cb:66:bd:f2:29:b8:d2:71:47:de:e1:35:d5:2d:7e:84:76:
51:86:d7:35:62:fe:01:c3:1b:c6:d8:60:7e:07:65:9b:f6:1a:
5a:8c:dc:c3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QjE5MzExMC8GA1UEBRMoN0IxQUUyN0QzQ0Y1MTQ5OUM1MDU2RTdEQTg3MzY2NUU0
RTQxNTE3OTAeFw0yNDA3MDMxMDM1MDBaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ODUyOTU0LTIyMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSv253HI1o8KKVzYLSjwtJJstBkmTIirQHlJWAJ2v94LOGimBA/xwNUi/UgCec
8M56y7jqkZ278tmGH3C4My/ifzILXhXeWAiymMhfJtvA3HYfeakoiqPnao0ttw7q
/KgfsOntcDfUGqE6dyoCm8RM7/Aq6j2hx4kx5o7t+fwf9ssTZpVLDsBjrh3BXk9s
6za9eZ51pjJZq/1VF0EoiQ/OD1C7skq1/bTDVZCROYtJSG8bwhoOsfXSytZG0DAe
XxbwFhoea+MQzXH5V44dKLCK9cMaLY89ocHGDPwW7umiXv1VJ1pdIiqS8QCO/JQ0
lWVYo2ZKW/Ebo7KUM/y7VnORAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUsPo4mhsb
yF/Kn2Xgvy8FBtSYYmMwHwYDVR0jBBgwFoAUexrifTz1FJnFBW59qHNmXk5BUXkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFCMTkzLzkzRDRFNDkwRjYz
MTExRUU5QUNCRTIyMUM0RjlBRTAyL2V4cmlmVHoxRkpuRkJXNTlxSE5tWGs1QlVY
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZXhyaWZUejFGSm5GQlc1OXFITm1YazVCVVhrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QjE5My85M0Q0RTQ5MEY2MzExMUVFOUFDQkUyMjFDNEY5QUUwMi9FNjdFQzdENjM5
MjcxMUVGQkY5MDFCNUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMvfWTANBgkqhkiG9w0BAQsFAAOCAQEACLoQtZ3ZGWPV3nex
M/RWoEJ64wcsGQ/fs/jGTx1V0+kPS016KPdcGVH807Dr023WN/ITClbkYVJ4qdgb
Chpobzizw7Kl52PwvjAWpedq13gEjNtSa26M9AbTMXYAyVwBsmalp087rzz0qm84
P4E+hOASNImQb0CaqgReYogaIt4nDQMKx4YmEe/cn4vq3K3i3l8TRV1lE9y0Nq3p
xnUhJpCDqJSHIbt789oXx1fV5YWQtQG1OXhKJBeevyNMCNi6VfvES5HMbtZqeE1m
eksv5XGfakqdgKrKzctmvfIpuNJxR97hNdUtfoR2UYbXNWL+AcMbxthgfgdlm/Ya
Wozcww==
-----END CERTIFICATE-----
Generated at Mon Jul 8 16:01:27 2024 by rpki-client on console-ams.rpki-client.org