Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/8BFB1D9417A711ED8D17FC7CC4F9AE02.roa
File: 8BFB1D9417A711ED8D17FC7CC4F9AE02.roa (raw, json)
Hash identifier: EV61cmfx3KsEVx0Z4SaolsWJdW+Vgq7fymlIdRLz4Ow=
Subject key identifier: 23:F1:09:00:C0:17:1E:D0:1E:E8:DE:6C:F1:20:E2:87:9D:6D:D5:EC
Certificate issuer: /CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F
Certificate serial: 022F
Authority key identifier: 02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/8BFB1D9417A711ED8D17FC7CC4F9AE02.roa
Signing time: Wed 04 Oct 2023 08:31:38 +0000
ROA not before: Wed 04 Oct 2023 08:31:38 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 131330
IP address blocks: 202.88.43.0/24 maxlen: 24
2400:1560::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 Jan 2024 01:46:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 559 (0x22f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F
Validity
Not Before: Oct 4 08:31:38 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=651d22ea-6377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:91:f1:22:54:ff:2f:59:43:7f:c3:64:95:66:
e0:dc:65:2a:7d:4b:db:d6:80:ad:66:06:64:8d:46:
96:76:c3:e8:7a:8e:7d:74:fe:5a:d3:3b:6d:c2:66:
c6:af:b3:ea:92:ee:8f:7d:73:d3:b1:29:97:5a:13:
74:a1:a3:13:08:c1:87:23:cd:96:29:be:7d:bf:ec:
d3:b7:a4:aa:e6:e9:90:39:d5:d5:68:26:44:16:5f:
88:d9:90:16:e5:11:a4:ae:e5:ac:03:7e:3e:1f:c8:
47:69:5d:03:aa:0e:5e:49:ec:74:16:1f:d6:91:c0:
39:54:82:7d:44:09:be:4b:81:c7:f3:94:10:84:e5:
34:0b:cc:48:42:f7:b7:e8:83:4d:dc:a6:8c:a4:c6:
b1:bb:1e:41:c3:a7:a6:1d:e2:54:bf:e9:fe:12:da:
4b:3b:23:8f:b1:8d:85:c2:76:ef:a1:64:3f:17:07:
2b:6e:02:31:94:cd:b5:dc:be:33:39:ab:86:22:e5:
04:a5:ad:f2:23:dc:f3:58:82:a8:b0:16:3c:f5:21:
c2:19:ca:c0:31:bc:b7:84:90:95:ff:f5:2d:db:e1:
6d:6e:c6:99:52:b4:d9:91:a9:2c:b7:db:86:2a:b5:
ea:6c:05:bb:0d:43:11:ce:ad:39:a7:36:89:b6:99:
48:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F1:09:00:C0:17:1E:D0:1E:E8:DE:6C:F1:20:E2:87:9D:6D:D5:EC
X509v3 Authority Key Identifier:
keyid:02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/8BFB1D9417A711ED8D17FC7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.88.43.0/24
IPv6:
2400:1560::/32
Signature Algorithm: sha256WithRSAEncryption
be:4b:7f:26:19:fa:df:68:4b:dd:65:36:1d:e1:43:fa:b2:00:
24:fd:e5:9b:34:86:d8:5b:78:bc:98:96:e3:a1:87:f8:bc:64:
65:ba:31:ec:7d:be:c8:c0:81:09:46:3e:4c:b4:2c:cb:ca:f6:
bc:ad:ce:97:b6:d3:f1:a2:38:b7:e4:e6:be:0d:b3:ba:93:21:
2e:7a:fe:a5:70:f9:0c:af:8c:0a:6b:9e:64:5e:99:f4:e7:af:
04:14:91:55:3e:a7:b3:30:b3:27:58:b8:26:b8:dd:bb:9d:3d:
29:c3:df:fd:16:2d:ff:40:0d:21:6c:05:5f:53:30:af:57:8d:
3a:bc:f5:04:89:65:84:ee:ff:36:54:c5:85:05:9f:90:dd:39:
d8:f7:7d:3b:59:65:26:a6:b5:4f:41:69:37:33:97:6f:a8:f0:
75:2b:81:20:ec:a6:9d:39:c0:da:97:bb:2e:93:5d:dd:9c:81:
ad:fa:d0:15:d9:bb:85:b1:ea:a7:53:76:8f:8f:53:6c:46:35:
fe:db:71:5f:f7:cf:78:0d:9b:55:d7:88:4d:d7:69:15:a1:c1:
a4:88:73:f1:fc:2a:d4:0c:e2:38:1f:bc:78:00:74:4b:f6:08:
31:34:a7:bf:e9:a1:e4:78:17:58:0c:d2:03:03:71:d4:79:ee:
e3:9d:df:e9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkE1QkExMTAvBgNVBAUTKDAyQUEzQTc2QzQ1OTQ5N0IxQjQ1RjI2RTkwNDRBQ0M2
RjJFODA0NEYwHhcNMjMxMDA0MDgzMTM4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkMjJlYS02Mzc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJHxIlT/L1lDf8NklWbg3GUqfUvb1oCtZgZkjUaWdsPoeo59dP5a0zttwmbG
r7Pqku6PfXPTsSmXWhN0oaMTCMGHI82WKb59v+zTt6Sq5umQOdXVaCZEFl+I2ZAW
5RGkruWsA34+H8hHaV0Dqg5eSex0Fh/WkcA5VIJ9RAm+S4HH85QQhOU0C8xIQve3
6INN3KaMpMaxux5Bw6emHeJUv+n+EtpLOyOPsY2FwnbvoWQ/FwcrbgIxlM213L4z
OauGIuUEpa3yI9zzWIKosBY89SHCGcrAMby3hJCV//Ut2+FtbsaZUrTZkakst9uG
KrXqbAW7DUMRzq05pzaJtplIZwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCPxCQDA
Fx7QHujebPEg4oedbdXsMB8GA1UdIwQYMBaAFAKqOnbEWUl7G0XybpBErMby6ARP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTVCQS80MzI2Q0JDMEI3
Q0QxMUVDQUY2ODEzMzVDNEY5QUUwMi9BcW82ZHNSWlNYc2JSZkp1a0VTc3h2TG9C
RTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FxbzZkc1JaU1hzYlJmSnVrRVNzeHZMb0JFOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkE1QkEvNDMyNkNCQzBCN0NEMTFFQ0FGNjgxMzM1QzRGOUFFMDIvOEJGQjFEOTQx
N0E3MTFFRDhEMTdGQzdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBADKWCswDQQCAAIwBwMFACQAFWAwDQYJKoZIhvcNAQELBQAD
ggEBAL5LfyYZ+t9oS91lNh3hQ/qyACT95Zs0hthbeLyYluOhh/i8ZGW6Mex9vsjA
gQlGPky0LMvK9rytzpe20/GiOLfk5r4Ns7qTIS56/qVw+QyvjAprnmRemfTnrwQU
kVU+p7MwsydYuCa43budPSnD3/0WLf9ADSFsBV9TMK9XjTq89QSJZYTu/zZUxYUF
n5DdOdj3fTtZZSamtU9BaTczl2+o8HUrgSDspp05wNqXuy6TXd2cga360BXZu4Wx
6qdTdo+PU2xGNf7bcV/3z3gNm1XXiE3XaRWhwaSIc/H8KtQM4jgfvHgAdEv2CDE0
p7/poeR4F1gM0gMDcdR57uOd3+k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org