Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD4DF/310D3542399311EFA08D2E1BC4F9AE02/9F45E01839A211EFAE7A5E49C4F9AE02.roa
File: 9F45E01839A211EFAE7A5E49C4F9AE02.roa (raw, json)
Hash identifier: O+cjmLcYX4zXFJxS/Cxb7d/oIzZh0SOuJdQyRBEJiGQ=
Subject key identifier: 1A:AB:3F:28:9E:6E:09:2C:AD:FB:27:F5:10:B7:63:AB:AA:E8:91:36
Certificate issuer: /CN=A91BD4DF/serialNumber=A36DB6B5F97123755E5441FAC56AA6BBA05B080A
Certificate serial: 03
Authority key identifier: A3:6D:B6:B5:F9:71:23:75:5E:54:41:FA:C5:6A:A6:BB:A0:5B:08:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o222tflxI3VeVEH6xWqmu6BbCAo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BD4DF/310D3542399311EFA08D2E1BC4F9AE02/9F45E01839A211EFAE7A5E49C4F9AE02.roa
Signing time: Thu 04 Jul 2024 01:13:30 +0000
ROA not before: Thu 04 Jul 2024 01:13:30 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 396356
IP address blocks: 203.18.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 01:43:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BD4DF/serialNumber=A36DB6B5F97123755E5441FAC56AA6BBA05B080A
Validity
Not Before: Jul 4 01:13:30 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6685f739-8ac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:10:d7:3f:47:9f:be:4f:1e:c3:f2:3f:ae:4b:
d2:b4:b6:fa:04:59:3a:a1:df:cc:09:d8:88:14:2d:
d7:5d:61:4d:00:8b:22:e2:f9:49:2b:d2:c3:0e:f3:
46:e1:a3:98:7a:cd:82:f6:42:c9:2f:8f:0f:04:5b:
44:07:74:25:09:ed:fa:c1:2c:1d:5a:e8:f7:d5:2e:
0c:10:a3:91:29:c2:32:6c:c8:b2:e0:57:eb:9d:d5:
67:99:49:dd:7b:d0:ef:c7:5a:f9:7c:de:d9:be:1e:
c7:c3:35:58:3b:13:38:42:4a:5e:d6:a7:dd:82:8f:
7e:ef:dc:f1:07:ab:87:80:f8:9b:4e:42:f4:52:f3:
53:5b:eb:ff:84:55:2a:e7:cf:52:bb:73:9d:07:71:
fd:44:9b:cf:c3:c5:4d:05:79:4e:d4:9d:2a:9d:5c:
ad:ff:17:29:19:cd:24:ce:44:2c:67:ba:44:bc:e8:
b4:fc:22:41:ac:52:91:6a:94:3a:b9:4b:f0:a1:18:
3e:70:49:74:b6:75:73:64:f0:af:fa:bb:92:8d:3f:
45:2e:2c:ac:49:e4:9b:5e:36:0e:63:6d:e8:2f:b9:
e1:02:32:2e:b0:a3:8f:e4:c0:38:7b:c6:47:3c:41:
e5:74:fa:b1:ab:31:55:ba:57:8f:75:57:1b:88:f4:
02:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:AB:3F:28:9E:6E:09:2C:AD:FB:27:F5:10:B7:63:AB:AA:E8:91:36
X509v3 Authority Key Identifier:
keyid:A3:6D:B6:B5:F9:71:23:75:5E:54:41:FA:C5:6A:A6:BB:A0:5B:08:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BD4DF/310D3542399311EFA08D2E1BC4F9AE02/o222tflxI3VeVEH6xWqmu6BbCAo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o222tflxI3VeVEH6xWqmu6BbCAo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD4DF/310D3542399311EFA08D2E1BC4F9AE02/9F45E01839A211EFAE7A5E49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.18.155.0/24
Signature Algorithm: sha256WithRSAEncryption
37:01:04:8c:fc:f2:be:af:58:0e:9e:98:66:a4:b1:25:f4:f2:
d6:62:3c:b3:e7:de:61:69:63:28:a0:7b:07:b6:0a:6b:42:32:
6b:58:cd:fd:c1:7c:37:4b:9b:20:7a:86:18:20:c3:20:56:90:
d3:35:c0:82:4e:a3:2b:d1:3d:a8:f2:52:70:b3:60:2d:94:81:
bc:1e:56:08:c0:1d:75:1b:9f:28:85:a4:3f:49:8f:6a:b2:75:
66:5d:32:c0:53:61:f4:5f:a4:ea:a1:d1:a2:19:19:84:bc:e2:
1d:f3:d8:9f:43:94:78:00:2d:ab:1e:e1:2c:95:ac:50:54:f7:
54:0e:78:0e:fb:3a:5a:97:11:a6:67:7c:99:26:3f:1f:b8:b5:
45:46:ee:21:40:08:f1:f3:f1:28:ce:53:03:82:76:44:c6:8e:
54:91:8d:05:8d:66:69:45:f0:98:ed:3e:5b:18:2a:08:cb:ef:
bc:3f:61:28:d0:d4:1f:7c:f2:a8:e1:70:01:dd:fc:33:03:58:
29:ec:0c:9a:e1:8b:bb:2f:97:50:d2:05:4c:2a:1f:52:83:9c:
2a:45:5b:b9:e0:ea:aa:a7:19:f5:59:40:c8:45:3d:24:f8:f9:
87:4f:37:c1:58:0e:c0:a2:1e:09:c5:59:0f:4c:0b:26:4e:ef:
94:15:89:9d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
RDRERjExMC8GA1UEBRMoQTM2REI2QjVGOTcxMjM3NTVFNTQ0MUZBQzU2QUE2QkJB
MDVCMDgwQTAeFw0yNDA3MDQwMTEzMzBaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ODVmNzM5LThhYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyENc/R5++Tx7D8j+uS9K0tvoEWTqh38wJ2IgULdddYU0AiyLi+Ukr0sMO80bh
o5h6zYL2Qskvjw8EW0QHdCUJ7frBLB1a6PfVLgwQo5EpwjJsyLLgV+ud1WeZSd17
0O/HWvl83tm+HsfDNVg7EzhCSl7Wp92Cj37v3PEHq4eA+JtOQvRS81Nb6/+EVSrn
z1K7c50Hcf1Em8/DxU0FeU7UnSqdXK3/FykZzSTORCxnukS86LT8IkGsUpFqlDq5
S/ChGD5wSXS2dXNk8K/6u5KNP0UuLKxJ5JteNg5jbegvueECMi6wo4/kwDh7xkc8
QeV0+rGrMVW6V491VxuI9AKjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUGqs/KJ5u
CSyt+yf1ELdjq6rokTYwHwYDVR0jBBgwFoAUo222tflxI3VeVEH6xWqmu6BbCAow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJENERGLzMxMEQzNTQyMzk5
MzExRUZBMDhEMkUxQkM0RjlBRTAyL28yMjJ0Zmx4STNWZVZFSDZ4V3FtdTZCYkNB
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbzIyMnRmbHhJM1ZlVkVINnhXcW11NkJiQ0FvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RDRERi8zMTBEMzU0MjM5OTMxMUVGQTA4RDJFMUJDNEY5QUUwMi85RjQ1RTAxODM5
QTIxMUVGQUU3QTVFNDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsSmzANBgkqhkiG9w0BAQsFAAOCAQEANwEEjPzyvq9YDp6Y
ZqSxJfTy1mI8s+feYWljKKB7B7YKa0Iya1jN/cF8N0ubIHqGGCDDIFaQ0zXAgk6j
K9E9qPJScLNgLZSBvB5WCMAddRufKIWkP0mParJ1Zl0ywFNh9F+k6qHRohkZhLzi
HfPYn0OUeAAtqx7hLJWsUFT3VA54Dvs6WpcRpmd8mSY/H7i1RUbuIUAI8fPxKM5T
A4J2RMaOVJGNBY1maUXwmO0+WxgqCMvvvD9hKNDUH3zyqOFwAd38MwNYKewMmuGL
uy+XUNIFTCofUoOcKkVbueDqqqcZ9VlAyEU9JPj5h083wVgOwKIeCcVZD0wLJk7v
lBWJnQ==
-----END CERTIFICATE-----
Generated at Thu Jul 4 03:20:37 2024 by rpki-client on console-fra.rpki-client.org