Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/C20A5BF8820C11EFA6290E1BC4F9AE02.roa
File: C20A5BF8820C11EFA6290E1BC4F9AE02.roa (raw, json)
Hash identifier: VeWmSbjz3Lhe9iSPQjeFvdrkuU2LpCqH9TM6PeCBNR0=
Subject key identifier: 38:06:5A:50:0C:EE:6C:57:94:67:9D:52:26:7E:66:39:E6:5C:B3:05
Certificate issuer: /CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB
Certificate serial: 3466
Authority key identifier: 1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/C20A5BF8820C11EFA6290E1BC4F9AE02.roa
Signing time: Fri 04 Oct 2024 04:54:38 +0000
ROA not before: Fri 04 Oct 2024 04:54:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38174
IP address blocks: 120.29.234.0/24 maxlen: 24
123.242.244.0/22 maxlen: 24
123.242.252.0/23 maxlen: 24
123.242.254.0/23 maxlen: 23
202.60.60.0/23 maxlen: 23
202.60.60.0/24 maxlen: 24
202.60.61.0/24 maxlen: 24
202.60.62.0/24 maxlen: 24
202.60.63.0/24 maxlen: 24
202.61.10.0/23 maxlen: 23
202.61.10.0/24 maxlen: 24
202.61.11.0/24 maxlen: 24
202.91.136.0/22 maxlen: 22
203.189.180.0/22 maxlen: 22
203.189.180.0/24 maxlen: 24
203.189.181.0/24 maxlen: 24
203.189.182.0/24 maxlen: 24
203.189.183.0/24 maxlen: 24
203.191.34.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Oct 2024 08:38:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13414 (0x3466)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB
Validity
Not Before: Oct 4 04:54:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ff750e-ee1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:20:27:d3:4a:7b:24:b3:93:69:e6:54:e7:1f:
cf:e8:d1:ef:75:da:e8:f4:2a:b0:77:5b:d0:ff:1e:
4f:29:99:6b:ba:1b:cb:cc:67:a7:8e:ce:c6:fd:0d:
a8:ab:ce:e8:3f:79:e5:5a:40:79:83:c4:ba:33:20:
2d:4b:7a:e8:a6:07:12:8f:e3:ea:f0:48:0e:c6:0a:
17:e4:ed:39:06:8e:ed:01:0b:1e:55:7d:36:c0:9b:
6c:f2:a5:ba:7c:27:31:d1:48:50:08:79:96:4b:6b:
34:ce:9c:2b:41:bb:3f:bf:0f:1b:48:5f:cb:36:35:
9a:9b:5b:a2:40:23:3f:5c:52:e5:ad:18:61:7e:b2:
9e:f2:d8:e1:2b:bf:97:d6:ea:d2:5e:a5:c2:44:01:
33:ce:a2:8a:7d:72:9c:85:01:c2:87:07:0b:80:d0:
35:11:83:ae:2b:e6:ff:04:58:f9:3d:41:5c:e0:ce:
9c:ae:5a:ed:3f:e4:89:47:60:38:0e:c8:f3:c5:f8:
6f:da:66:13:3e:b2:a7:89:a4:b7:76:fa:73:10:ae:
6d:c3:8e:ef:d7:a9:85:7a:b0:cc:41:fb:22:3b:55:
9e:6f:87:ba:9e:81:73:75:e9:39:8f:c8:c6:db:af:
f9:ee:8b:54:0d:26:4f:17:5b:53:aa:16:a4:13:eb:
ca:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:06:5A:50:0C:EE:6C:57:94:67:9D:52:26:7E:66:39:E6:5C:B3:05
X509v3 Authority Key Identifier:
keyid:1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/C20A5BF8820C11EFA6290E1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.29.234.0/24
123.242.244.0/22
123.242.252.0/22
202.60.60.0/22
202.61.10.0/23
202.91.136.0/22
203.189.180.0/22
203.191.34.0/23
Signature Algorithm: sha256WithRSAEncryption
96:78:99:c6:0a:e3:ef:f4:82:54:7c:bc:de:84:8d:80:fe:4d:
32:6d:2d:4a:50:61:79:19:49:3c:78:1b:e5:b6:cb:7b:af:a2:
f3:7a:35:62:c2:71:08:03:c3:5a:cc:67:59:88:ad:f1:65:5e:
1a:67:1d:15:50:b1:28:e1:b1:49:a5:7f:78:35:7b:07:a2:d0:
c7:61:85:e8:20:0e:fe:35:e8:f7:de:12:4c:92:c2:18:c4:cd:
af:8c:16:a8:e0:32:7c:c0:b4:ed:c4:1e:1a:9d:20:d8:e5:d1:
eb:1b:f8:46:84:74:10:3f:fa:34:c9:7b:56:18:2c:a7:4b:49:
f3:61:80:31:fb:fb:de:e2:81:d8:c4:13:55:6a:02:67:da:50:
0e:f2:ae:36:8d:cf:ff:cd:d5:39:0c:9a:ae:98:e6:74:76:6b:
8a:c9:99:9e:69:e0:10:ee:bc:60:c6:87:41:6d:74:d3:bc:ff:
d2:ea:98:e9:45:10:fd:71:ec:24:fc:05:c5:2b:06:64:9e:56:
d5:50:e9:e5:75:39:9c:d1:4a:b8:29:b8:d4:58:ec:86:3e:b1:
3f:b3:e2:f3:19:15:8e:b2:a3:34:51:99:e8:e4:1e:81:a8:13:
0c:7c:53:de:64:ab:d2:38:d7:85:f7:ef:26:9f:75:aa:2d:cd:
69:77:2f:5f
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICNGYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3NzAxMTAvBgNVBAUTKDFENjIyNUFEOTQzRUNBMzg5RkE0QjY2QzE5NzQzNTFF
MzRDNDI4RkIwHhcNMjQxMDA0MDQ1NDM4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZmNzUwZS1lZTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwyAn00p7JLOTaeZU5x/P6NHvddro9Cqwd1vQ/x5PKZlruhvLzGenjs7G/Q2o
q87oP3nlWkB5g8S6MyAtS3ropgcSj+Pq8EgOxgoX5O05Bo7tAQseVX02wJts8qW6
fCcx0UhQCHmWS2s0zpwrQbs/vw8bSF/LNjWam1uiQCM/XFLlrRhhfrKe8tjhK7+X
1urSXqXCRAEzzqKKfXKchQHChwcLgNA1EYOuK+b/BFj5PUFc4M6crlrtP+SJR2A4
Dsjzxfhv2mYTPrKniaS3dvpzEK5tw47v16mFerDMQfsiO1Web4e6noFzdek5j8jG
26/57otUDSZPF1tTqhakE+vKTQIDAQABo4ICvzCCArswHQYDVR0OBBYEFDgGWlAM
7mxXlGedUiZ+ZjnmXLMFMB8GA1UdIwQYMBaAFB1iJa2UPso4n6S2bBl0NR40xCj7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDc3MC9DMzM2ODNCNjFE
OEUxMUUyOEE5QjU3RUQwOEIwMkNEMi9IV0lsclpRLXlqaWZwTFpzR1hRMUhqVEVL
UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hXSWxyWlEteWppZnBMWnNHWFExSGpURUtQcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3NzAvQzMzNjgzQjYxRDhFMTFFMjhBOUI1N0VEMDhCMDJDRDIvQzIwQTVCRjg4
MjBDMTFFRkE2MjkwRTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBAB4HeoDBAJ78vQDBAJ78vwDBALKPDwDBAHKPQoDBALKW4gD
BALLvbQDBAHLvyIwDQYJKoZIhvcNAQELBQADggEBAJZ4mcYK4+/0glR8vN6EjYD+
TTJtLUpQYXkZSTx4G+W2y3uvovN6NWLCcQgDw1rMZ1mIrfFlXhpnHRVQsSjhsUml
f3g1ewei0MdhheggDv416PfeEkySwhjEza+MFqjgMnzAtO3EHhqdINjl0esb+EaE
dBA/+jTJe1YYLKdLSfNhgDH7+97igdjEE1VqAmfaUA7yrjaNz//N1TkMmq6Y5nR2
a4rJmZ5p4BDuvGDGh0FtdNO8/9LqmOlFEP1x7CT8BcUrBmSeVtVQ6eV1OZzRSrgp
uNRY7IY+sT+z4vMZFY6yozRRmejkHoGoEwx8U95kq9I414X37yafdaotzWl3L18=
-----END CERTIFICATE-----
Generated at Sat Oct 5 09:21:52 2024 by rpki-client on console-fra.rpki-client.org