Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/CB686DAE7C9211EFB5BAA255C4F9AE02.roa
File: CB686DAE7C9211EFB5BAA255C4F9AE02.roa (raw, json)
Hash identifier: wpWGK7ZtlmCB1qXRS3vJvkl1v3T8WL9s9k83zSslpAc=
Subject key identifier: 8D:0F:87:1A:11:32:DA:2C:E1:70:F1:BF:40:D5:04:99:F4:88:CD:E1
Certificate issuer: /CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB
Certificate serial: 3461
Authority key identifier: 1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/CB686DAE7C9211EFB5BAA255C4F9AE02.roa
Signing time: Fri 27 Sep 2024 05:38:59 +0000
ROA not before: Fri 27 Sep 2024 05:38:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24391
IP address blocks: 202.60.62.0/23 maxlen: 23
202.91.136.0/22 maxlen: 24
202.91.140.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Oct 2024 08:38:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13409 (0x3461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB
Validity
Not Before: Sep 27 05:38:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66f644f3-38ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3d:43:2c:33:1f:d5:86:1e:7d:d2:2b:e0:6d:
58:95:4f:20:c9:d3:1a:5a:34:b1:2c:21:cc:6c:eb:
48:e4:7a:2e:0b:a3:31:07:fe:d9:c9:c6:25:b8:1a:
47:5f:e5:4e:74:23:d6:9f:4c:6a:d6:18:7d:86:01:
fe:c7:07:f5:58:46:35:cf:a4:2c:29:1b:77:cb:36:
61:50:d6:6a:02:5b:93:0c:60:e5:72:fe:36:ba:23:
ad:70:26:4b:8e:be:f1:68:1d:05:c7:16:c9:f5:ed:
a9:fb:9f:8f:1b:b5:a5:ff:7d:21:e0:c9:9c:a2:44:
fd:8b:95:d7:10:3d:10:ac:cd:4a:09:15:8b:3e:04:
bd:d5:52:e3:5a:9a:6a:c9:09:ee:3b:84:7d:a3:f0:
41:ea:71:d1:46:cc:60:b5:cc:89:6f:ef:3c:01:2d:
05:09:59:1d:36:65:db:be:4f:d6:d3:18:27:39:28:
56:85:76:ba:a0:10:dd:8d:17:c7:ba:d2:e2:41:4f:
6b:f5:98:8e:c6:a1:cb:dc:3b:44:9a:ac:65:97:f2:
33:72:07:68:d8:c4:d1:d0:14:50:2e:fb:01:32:86:
d5:37:5c:51:3a:73:4d:51:0c:8e:19:98:a9:03:53:
69:0f:eb:3d:11:80:92:59:91:5e:3b:f8:27:d6:76:
0d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0F:87:1A:11:32:DA:2C:E1:70:F1:BF:40:D5:04:99:F4:88:CD:E1
X509v3 Authority Key Identifier:
keyid:1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/CB686DAE7C9211EFB5BAA255C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.60.62.0/23
202.91.136.0-202.91.141.255
Signature Algorithm: sha256WithRSAEncryption
9a:ac:ef:5a:db:82:69:76:df:f7:c4:0f:c3:ab:95:e0:c1:66:
fc:10:69:5d:e7:0d:a2:45:94:be:cb:bc:c3:db:56:3a:4d:83:
ea:1c:eb:32:44:7f:50:39:16:56:59:61:3a:f5:27:f2:d4:ac:
f1:13:d9:27:c3:36:74:98:ab:74:db:a2:f8:a4:83:01:60:12:
3f:44:b2:f2:40:7c:d8:aa:71:a8:65:63:1c:a8:c2:a6:72:00:
a5:4b:ff:9d:0b:9a:f9:d4:1d:32:99:ef:1a:f8:05:e8:52:c9:
d9:aa:de:5c:5a:c5:77:82:24:5b:a1:51:95:e5:23:a1:ab:28:
01:28:f9:dd:9b:cf:4d:d5:ec:82:bc:44:14:2f:f0:39:8a:68:
64:32:8a:f5:63:40:4b:17:02:11:ba:ff:3d:32:7e:25:27:1b:
d4:f5:80:08:1e:30:20:57:1d:e1:70:55:78:7f:32:6e:cb:42:
24:57:7a:d0:aa:2c:f7:73:44:99:f7:fa:8f:28:41:53:22:42:
10:c4:31:51:1a:1b:65:0f:c4:49:02:77:71:bb:5e:e2:8a:91:
26:9d:ee:79:96:4e:73:cf:66:b7:d2:0f:f5:52:dc:dd:ab:63:
80:d3:17:e8:20:47:4d:71:06:90:e3:80:9b:1b:67:f6:3b:60:
da:9c:7b:75
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICNGEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3NzAxMTAvBgNVBAUTKDFENjIyNUFEOTQzRUNBMzg5RkE0QjY2QzE5NzQzNTFF
MzRDNDI4RkIwHhcNMjQwOTI3MDUzODU5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2NDRmMy0zOGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApj1DLDMf1YYefdIr4G1YlU8gydMaWjSxLCHMbOtI5HouC6MxB/7ZycYluBpH
X+VOdCPWn0xq1hh9hgH+xwf1WEY1z6QsKRt3yzZhUNZqAluTDGDlcv42uiOtcCZL
jr7xaB0FxxbJ9e2p+5+PG7Wl/30h4MmcokT9i5XXED0QrM1KCRWLPgS91VLjWppq
yQnuO4R9o/BB6nHRRsxgtcyJb+88AS0FCVkdNmXbvk/W0xgnOShWhXa6oBDdjRfH
utLiQU9r9ZiOxqHL3DtEmqxll/Izcgdo2MTR0BRQLvsBMobVN1xROnNNUQyOGZip
A1NpD+s9EYCSWZFeO/gn1nYNPQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFI0PhxoR
Mtos4XDxv0DVBJn0iM3hMB8GA1UdIwQYMBaAFB1iJa2UPso4n6S2bBl0NR40xCj7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDc3MC9DMzM2ODNCNjFE
OEUxMUUyOEE5QjU3RUQwOEIwMkNEMi9IV0lsclpRLXlqaWZwTFpzR1hRMUhqVEVL
UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hXSWxyWlEteWppZnBMWnNHWFExSGpURUtQcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3NzAvQzMzNjgzQjYxRDhFMTFFMjhBOUI1N0VEMDhCMDJDRDIvQ0I2ODZEQUU3
QzkyMTFFRkI1QkFBMjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAHKPD4wDAMEA8pbiAMEAcpbjDANBgkqhkiG9w0BAQsFAAOC
AQEAmqzvWtuCaXbf98QPw6uV4MFm/BBpXecNokWUvsu8w9tWOk2D6hzrMkR/UDkW
VllhOvUn8tSs8RPZJ8M2dJirdNui+KSDAWASP0Sy8kB82KpxqGVjHKjCpnIApUv/
nQua+dQdMpnvGvgF6FLJ2areXFrFd4IkW6FRleUjoasoASj53ZvPTdXsgrxEFC/w
OYpoZDKK9WNASxcCEbr/PTJ+JScb1PWACB4wIFcd4XBVeH8ybstCJFd60Kos93NE
mff6jyhBUyJCEMQxURobZQ/ESQJ3cbte4oqRJp3ueZZOc89mt9IP9VLc3atjgNMX
6CBHTXEGkOOAmxtn9jtg2px7dQ==
-----END CERTIFICATE-----
Generated at Sat Oct 5 09:21:52 2024 by rpki-client on console-fra.rpki-client.org