Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/D9A1472E201711EFAA4AD277C4F9AE02.roa
File: D9A1472E201711EFAA4AD277C4F9AE02.roa (raw, json)
Hash identifier: kn4ECKtXLP3Npj1t8pdK9+RiyOB6U6FV6jqu2O4s3A8=
Subject key identifier: 4C:D6:D1:86:35:21:9E:E0:2E:F5:3C:61:2F:D0:F0:0D:89:3A:53:02
Certificate issuer: /CN=A91B80C2/serialNumber=CEE07C8714F19278139D239605043ECC6BDBD322
Certificate serial: 25
Authority key identifier: CE:E0:7C:87:14:F1:92:78:13:9D:23:96:05:04:3E:CC:6B:DB:D3:22
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuB8hxTxkngTnSOWBQQ-zGvb0yI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/D9A1472E201711EFAA4AD277C4F9AE02.roa
Signing time: Sat 01 Jun 2024 13:07:09 +0000
ROA not before: Sat 01 Jun 2024 13:07:09 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 202.50.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Jun 2024 18:35:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37 (0x25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B80C2/serialNumber=CEE07C8714F19278139D239605043ECC6BDBD322
Validity
Not Before: Jun 1 13:07:09 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=665b1cfc-35d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c7:c0:03:36:77:32:8b:45:d6:27:78:80:5b:
66:fc:df:77:80:23:24:3e:f0:86:5e:b4:c5:56:9a:
07:a4:82:0d:f8:52:6a:56:bc:3c:64:fb:71:76:81:
c0:f4:9f:ab:15:62:f9:2c:7d:74:31:70:fc:22:1d:
4e:c2:56:77:53:4e:17:24:b0:5a:26:25:72:ad:bb:
a7:0b:0c:11:f9:78:36:9c:8c:43:5e:40:ff:36:46:
da:37:b2:b5:38:e1:11:9c:47:d3:08:fb:6b:d8:85:
72:d6:01:8a:58:ef:24:fe:da:95:c1:30:3f:f3:53:
9d:6f:9a:63:44:26:db:fa:1d:66:bb:ca:84:8d:7e:
6f:ff:a0:cd:e5:db:cf:f5:a0:46:fd:69:f2:87:f5:
12:ea:a3:4f:8d:16:4d:1c:0c:aa:3f:3a:3f:9e:69:
8d:12:f5:bf:3a:53:ca:e5:45:6d:11:9b:03:f9:69:
8b:b6:aa:66:30:24:e0:ce:81:27:3d:de:f4:a6:fc:
8a:e3:7c:e1:4f:32:ce:a7:98:f4:99:f8:0a:88:7e:
02:c2:1f:69:1d:a0:97:d4:a7:ef:66:92:37:ac:66:
15:54:f1:bb:00:03:46:17:8e:51:f6:81:36:96:62:
82:a0:d7:53:87:30:61:ac:95:c0:d6:e5:79:f4:84:
b3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D6:D1:86:35:21:9E:E0:2E:F5:3C:61:2F:D0:F0:0D:89:3A:53:02
X509v3 Authority Key Identifier:
keyid:CE:E0:7C:87:14:F1:92:78:13:9D:23:96:05:04:3E:CC:6B:DB:D3:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/zuB8hxTxkngTnSOWBQQ-zGvb0yI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuB8hxTxkngTnSOWBQQ-zGvb0yI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/D9A1472E201711EFAA4AD277C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.50.113.0/24
Signature Algorithm: sha256WithRSAEncryption
97:a1:21:63:ba:01:ec:32:37:ad:bc:26:7e:70:f0:a2:c1:91:
6c:4e:b2:52:cc:ae:e3:13:96:8c:0e:dd:e3:e7:ba:c5:d4:d5:
ed:a8:f8:cd:b7:d9:1d:0c:88:bd:ae:5f:6e:21:91:db:d6:9b:
fb:f5:9b:c4:f6:25:a3:f3:ca:fa:44:f4:4f:4a:c4:5e:82:96:
8d:22:1d:8c:95:6f:44:c3:2d:a7:43:77:13:79:3a:22:fe:6b:
f5:1e:cf:5a:be:2b:00:ac:31:45:50:a5:87:69:ab:a6:ee:f4:
e3:fb:d9:fb:73:ec:e9:1b:e3:32:1b:aa:c1:e7:9f:62:7b:b8:
0b:79:4b:a1:9e:74:95:95:b3:06:a9:0f:87:83:5d:a6:63:d5:
55:39:74:72:be:7a:9b:fe:63:e9:dd:45:f2:f7:b2:d9:1c:fe:
4b:e2:13:9d:74:0d:d2:e3:8d:72:e8:89:39:6f:7e:00:24:e1:
71:bd:1f:d8:2f:a4:41:b2:26:5e:3e:e3:b7:8c:54:87:c0:36:
20:16:d2:1b:f3:cd:08:c9:f4:14:d6:61:df:80:bb:47:66:a6:
e8:b0:80:8d:aa:0c:48:35:d2:d6:85:f9:bd:67:e5:ff:96:e4:
f1:9a:f1:e2:17:39:6e:fd:11:bc:0d:b9:36:f1:d2:8e:71:cc:
5a:dd:1d:f0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODBDMjExMC8GA1UEBRMoQ0VFMDdDODcxNEYxOTI3ODEzOUQyMzk2MDUwNDNFQ0M2
QkRCRDMyMjAeFw0yNDA2MDExMzA3MDlaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NWIxY2ZjLTM1ZDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1x8ADNncyi0XWJ3iAW2b833eAIyQ+8IZetMVWmgekgg34UmpWvDxk+3F2gcD0
n6sVYvksfXQxcPwiHU7CVndTThcksFomJXKtu6cLDBH5eDacjENeQP82Rto3srU4
4RGcR9MI+2vYhXLWAYpY7yT+2pXBMD/zU51vmmNEJtv6HWa7yoSNfm//oM3l28/1
oEb9afKH9RLqo0+NFk0cDKo/Oj+eaY0S9b86U8rlRW0RmwP5aYu2qmYwJODOgSc9
3vSm/IrjfOFPMs6nmPSZ+AqIfgLCH2kdoJfUp+9mkjesZhVU8bsAA0YXjlH2gTaW
YoKg11OHMGGslcDW5Xn0hLMzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUTNbRhjUh
nuAu9TxhL9DwDYk6UwIwHwYDVR0jBBgwFoAUzuB8hxTxkngTnSOWBQQ+zGvb0yIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4MEMyL0ZFNDhBQkY0MDZC
MjExRUZCQ0UwMzQ1Q0M0RjlBRTAyL3p1QjhoeFR4a25nVG5TT1dCUVEtekd2YjB5
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvenVCOGh4VHhrbmdUblNPV0JRUS16R3ZiMHlJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODBDMi9GRTQ4QUJGNDA2QjIxMUVGQkNFMDM0NUNDNEY5QUUwMi9EOUExNDcyRTIw
MTcxMUVGQUE0QUQyNzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMoycTANBgkqhkiG9w0BAQsFAAOCAQEAl6EhY7oB7DI3rbwm
fnDwosGRbE6yUsyu4xOWjA7d4+e6xdTV7aj4zbfZHQyIva5fbiGR29ab+/WbxPYl
o/PK+kT0T0rEXoKWjSIdjJVvRMMtp0N3E3k6Iv5r9R7PWr4rAKwxRVClh2mrpu70
4/vZ+3Ps6RvjMhuqweefYnu4C3lLoZ50lZWzBqkPh4NdpmPVVTl0cr56m/5j6d1F
8vey2Rz+S+ITnXQN0uONcuiJOW9+ACThcb0f2C+kQbImXj7jt4xUh8A2IBbSG/PN
CMn0FNZh34C7R2am6LCAjaoMSDXS1oX5vWfl/5bk8Zrx4hc5bv0RvA25NvHSjnHM
Wt0d8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org