Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/66C89508085D11EFBBD76E28C4F9AE02.roa
File: 66C89508085D11EFBBD76E28C4F9AE02.roa (raw, json)
Hash identifier: Op3Pz5cnpurrgN9Hw8VABR+LlNy9ycpVW2AIoB7rMmc=
Subject key identifier: F1:4D:A9:66:B1:2D:9A:2D:7F:42:83:A8:94:B3:5A:D6:C1:1F:3E:59
Certificate issuer: /CN=A91B80C2/serialNumber=CEE07C8714F19278139D239605043ECC6BDBD322
Certificate serial: 0D
Authority key identifier: CE:E0:7C:87:14:F1:92:78:13:9D:23:96:05:04:3E:CC:6B:DB:D3:22
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuB8hxTxkngTnSOWBQQ-zGvb0yI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/66C89508085D11EFBBD76E28C4F9AE02.roa
Signing time: Thu 02 May 2024 08:24:32 +0000
ROA not before: Thu 02 May 2024 08:24:32 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 215177
IP address blocks: 202.50.113.0/24 maxlen: 24
2001:df3:bec0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 04 May 2024 14:19:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B80C2/serialNumber=CEE07C8714F19278139D239605043ECC6BDBD322
Validity
Not Before: May 2 08:24:32 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66334dc0-694b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:75:42:c7:64:3f:49:b6:99:29:ec:4d:fc:8d:
95:4f:fd:8f:5f:72:7c:81:c4:cf:fc:7f:a4:ea:2b:
5c:14:65:dc:c3:15:0c:11:d9:63:51:2a:e3:c7:a8:
07:32:02:01:7b:d8:d6:db:28:03:27:73:1e:8d:e7:
ce:09:d9:f2:68:4b:60:dd:62:d6:8e:d0:2b:05:29:
aa:ef:2a:5f:14:3c:1e:b6:f8:91:de:03:02:36:33:
9c:6d:9d:18:53:cd:d6:0d:5a:b0:c3:a4:fb:b4:0a:
d4:a2:84:60:b0:a1:66:77:d9:13:8d:17:c4:d3:ac:
7c:ab:00:d7:27:8b:33:2d:2a:a0:9b:9a:54:19:f1:
cd:82:01:40:89:78:37:90:d6:44:f3:e0:24:1c:52:
52:41:7d:36:19:f0:c4:23:75:5e:f7:92:8f:01:36:
a3:5e:6b:82:64:03:b9:65:70:8f:1a:e2:6b:12:65:
a5:93:2a:cd:74:7b:73:c5:e9:d2:30:a9:cd:f0:a9:
62:ee:1c:29:86:a6:f5:94:91:1a:d6:3e:e6:66:bb:
68:f1:f2:af:37:b1:17:4e:1c:f2:46:af:45:23:0d:
cb:92:64:9f:a9:54:f3:ce:ea:28:1e:af:90:b5:0c:
b9:97:db:cd:03:0f:fa:6f:83:69:59:49:7c:f5:68:
33:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4D:A9:66:B1:2D:9A:2D:7F:42:83:A8:94:B3:5A:D6:C1:1F:3E:59
X509v3 Authority Key Identifier:
keyid:CE:E0:7C:87:14:F1:92:78:13:9D:23:96:05:04:3E:CC:6B:DB:D3:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/zuB8hxTxkngTnSOWBQQ-zGvb0yI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuB8hxTxkngTnSOWBQQ-zGvb0yI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/66C89508085D11EFBBD76E28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.50.113.0/24
IPv6:
2001:df3:bec0::/48
Signature Algorithm: sha256WithRSAEncryption
34:7b:9a:5c:81:54:aa:1a:8d:3f:e3:57:9d:e7:e0:59:a4:c0:
81:e3:63:18:5d:df:26:c8:ac:fe:aa:b0:1e:81:24:6f:b6:2d:
b8:1a:90:92:93:52:45:f4:54:f8:0d:ae:c2:1f:56:f4:24:98:
81:05:f2:4e:24:f5:60:89:04:26:b4:69:9f:0c:9f:41:cc:a4:
e9:f9:2b:fd:71:06:5b:e2:93:b9:44:04:2f:69:8b:12:3b:72:
da:33:dd:76:4a:c5:bc:a9:7d:ed:fc:f4:2e:cc:90:4b:db:23:
58:5b:2b:bc:0d:85:4b:cd:52:3d:94:a7:ac:8f:e9:30:17:25:
2c:33:af:71:e6:73:db:88:d5:de:f7:cf:93:f9:5f:8f:65:b8:
78:83:42:23:b4:90:41:85:0d:1c:0f:a5:90:01:ed:c4:82:c2:
99:61:5b:e5:24:21:61:f5:5c:e6:80:3a:f6:cd:97:c0:ee:48:
91:1d:8b:24:5c:5b:31:bc:73:e2:f4:01:32:35:04:6a:e6:c4:
d8:3c:cd:7e:09:dd:e5:aa:7a:d4:66:c8:ce:c4:72:cf:1b:4f:
10:5a:f6:aa:83:8d:4f:a7:89:00:bd:91:79:00:d5:9c:35:53:
2b:95:28:e9:2c:d3:74:cf:f9:19:64:40:f7:49:c9:52:b8:c5:
53:e1:06:a5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODBDMjExMC8GA1UEBRMoQ0VFMDdDODcxNEYxOTI3ODEzOUQyMzk2MDUwNDNFQ0M2
QkRCRDMyMjAeFw0yNDA1MDIwODI0MzJaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzM0ZGMwLTY5NGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCdULHZD9Jtpkp7E38jZVP/Y9fcnyBxM/8f6TqK1wUZdzDFQwR2WNRKuPHqAcy
AgF72NbbKAMncx6N584J2fJoS2DdYtaO0CsFKarvKl8UPB62+JHeAwI2M5xtnRhT
zdYNWrDDpPu0CtSihGCwoWZ32RONF8TTrHyrANcnizMtKqCbmlQZ8c2CAUCJeDeQ
1kTz4CQcUlJBfTYZ8MQjdV73ko8BNqNea4JkA7llcI8a4msSZaWTKs10e3PF6dIw
qc3wqWLuHCmGpvWUkRrWPuZmu2jx8q83sRdOHPJGr0UjDcuSZJ+pVPPO6iger5C1
DLmX280DD/pvg2lZSXz1aDMtAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU8U2pZrEt
mi1/QoOolLNa1sEfPlkwHwYDVR0jBBgwFoAUzuB8hxTxkngTnSOWBQQ+zGvb0yIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4MEMyL0ZFNDhBQkY0MDZC
MjExRUZCQ0UwMzQ1Q0M0RjlBRTAyL3p1QjhoeFR4a25nVG5TT1dCUVEtekd2YjB5
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvenVCOGh4VHhrbmdUblNPV0JRUS16R3ZiMHlJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODBDMi9GRTQ4QUJGNDA2QjIxMUVGQkNFMDM0NUNDNEY5QUUwMi82NkM4OTUwODA4
NUQxMUVGQkJENzZFMjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAMoycTAPBAIAAjAJAwcAIAEN877AMA0GCSqGSIb3DQEBCwUA
A4IBAQA0e5pcgVSqGo0/41ed5+BZpMCB42MYXd8myKz+qrAegSRvti24GpCSk1JF
9FT4Da7CH1b0JJiBBfJOJPVgiQQmtGmfDJ9BzKTp+Sv9cQZb4pO5RAQvaYsSO3La
M912SsW8qX3t/PQuzJBL2yNYWyu8DYVLzVI9lKesj+kwFyUsM69x5nPbiNXe98+T
+V+PZbh4g0IjtJBBhQ0cD6WQAe3EgsKZYVvlJCFh9VzmgDr2zZfA7kiRHYskXFsx
vHPi9AEyNQRq5sTYPM1+Cd3lqnrUZsjOxHLPG08QWvaqg41Pp4kAvZF5ANWcNVMr
lSjpLNN0z/kZZED3SclSuMVT4Qal
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org