Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/C107E7FC766D11EF8DE77D09C4F9AE02.roa
File: C107E7FC766D11EF8DE77D09C4F9AE02.roa (raw, json)
Hash identifier: PeChlFtpEVWgiM+9DIeyR9gzndCTR4+jgejJBIhFOUo=
Subject key identifier: 47:FC:FD:F7:F3:9C:4E:4F:58:50:32:B1:5A:4B:D0:E6:78:66:A0:3B
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: 018C
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/C107E7FC766D11EF8DE77D09C4F9AE02.roa
Signing time: Thu 19 Sep 2024 09:58:43 +0000
ROA not before: Thu 19 Sep 2024 09:58:43 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 39600
IP address blocks: 202.134.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Sep 2024 09:15:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 396 (0x18c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Sep 19 09:58:43 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66ebf5d3-d3af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:70:51:3f:c4:d8:a3:84:65:38:f7:87:86:8a:
08:9e:ca:d0:21:56:08:e0:5c:be:5e:e8:36:8d:04:
22:d0:77:76:05:74:8a:e2:51:f4:95:35:c0:3e:83:
ef:c9:78:ec:8e:0d:54:b2:06:16:8c:ca:a5:86:5b:
67:4d:2e:a0:e4:e0:42:26:fd:65:70:1b:80:e8:bf:
5f:7a:c1:1a:e7:69:53:6f:1c:c6:a9:a1:f5:8d:d5:
09:6d:6c:6c:cf:6e:4a:78:0a:52:6b:9a:f6:6e:21:
9a:b2:46:95:2e:f3:6c:ce:46:1a:86:f4:e8:b3:76:
f5:c8:41:34:35:92:37:4e:97:ad:89:49:32:1a:d6:
dc:bf:c6:36:a5:de:b1:d5:22:f5:22:f6:78:1d:20:
e8:67:73:47:17:5e:9e:a4:43:43:a4:12:cf:dc:6c:
fe:2a:51:3e:95:58:7f:3a:69:84:55:eb:8c:51:95:
42:8a:11:5a:5e:61:26:6e:b0:4e:c3:da:b0:e4:c1:
e0:da:55:08:4d:67:2a:e9:0a:54:35:7a:0b:42:e3:
36:c7:3e:4d:99:f9:d7:86:62:69:15:6f:19:64:0e:
f6:fc:a8:81:60:ae:e1:3d:dc:1c:7f:38:5b:52:e6:
99:89:1b:61:df:12:e2:e3:cc:45:6a:6f:c4:03:6f:
99:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FC:FD:F7:F3:9C:4E:4F:58:50:32:B1:5A:4B:D0:E6:78:66:A0:3B
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/C107E7FC766D11EF8DE77D09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.134.249.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:57:08:24:8e:30:5c:57:ee:bc:01:48:f2:74:61:18:01:f5:
06:83:e6:33:da:53:09:b5:92:ed:55:89:8f:7b:00:4d:5b:fd:
1e:b0:da:4d:e8:ff:4a:df:3c:31:ca:3e:08:06:64:30:6a:87:
e5:20:21:f0:21:aa:74:d7:b1:24:6c:c6:92:14:1c:1c:38:6a:
9c:b5:b6:35:e8:7b:8f:74:f7:39:e6:1e:97:77:fb:c9:e9:9d:
e2:9c:0f:94:60:24:fe:a0:15:96:10:84:da:35:d8:6c:b1:b8:
1b:f7:79:b2:7e:91:a5:49:d3:32:50:da:ad:94:68:b9:b7:c0:
c3:22:fa:a1:0d:8f:95:18:6e:5e:ca:2e:11:b6:02:22:c6:fb:
13:04:6a:c8:b6:db:35:aa:a6:c5:3a:14:58:af:96:da:fc:00:
67:04:a0:da:78:c1:bc:f3:ec:d7:ee:a6:07:84:5f:c3:14:a1:
2f:ac:e5:21:22:fb:d9:5f:98:58:e3:d6:21:7b:b9:75:03:dd:
f6:b6:e5:e4:fb:2e:47:bd:50:0f:c5:1a:d9:e6:31:6a:78:e8:
90:a4:0e:71:3f:fe:08:71:3d:17:c9:5d:13:1c:b3:a9:29:2a:
6d:be:c5:83:ae:60:70:a5:26:a3:66:eb:b0:fd:3e:bc:bf:9a:
29:0a:fb:6b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NTAxMTAvBgNVBAUTKDQ1NkVFQTA2OTJDNkE0RjI2RjUzRDJEMjM3RDFDQjRE
Q0Q3ODMzMDUwHhcNMjQwOTE5MDk1ODQzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmViZjVkMy1kM2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA33BRP8TYo4RlOPeHhooInsrQIVYI4Fy+Xug2jQQi0Hd2BXSK4lH0lTXAPoPv
yXjsjg1UsgYWjMqlhltnTS6g5OBCJv1lcBuA6L9fesEa52lTbxzGqaH1jdUJbWxs
z25KeApSa5r2biGaskaVLvNszkYahvTos3b1yEE0NZI3TpetiUkyGtbcv8Y2pd6x
1SL1IvZ4HSDoZ3NHF16epENDpBLP3Gz+KlE+lVh/OmmEVeuMUZVCihFaXmEmbrBO
w9qw5MHg2lUITWcq6QpUNXoLQuM2xz5NmfnXhmJpFW8ZZA72/KiBYK7hPdwcfzhb
UuaZiRth3xLi48xFam/EA2+ZPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEf8/ffz
nE5PWFAysVpL0OZ4ZqA7MB8GA1UdIwQYMBaAFEVu6gaSxqTyb1PS0jfRy03NeDMF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU1MC84NDAwOTU0QUNF
QzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9SVzdxQnBMR3BQSnZVOUxTTjlITFRjMTRN
d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NTAvODQwMDk1NEFDRUM0MTFFRDhBODNGQjExQzRGOUFFMDIvQzEwN0U3RkM3
NjZEMTFFRjhERTc3RDA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKhvkwDQYJKoZIhvcNAQELBQADggEBALNXCCSOMFxX7rwB
SPJ0YRgB9QaD5jPaUwm1ku1ViY97AE1b/R6w2k3o/0rfPDHKPggGZDBqh+UgIfAh
qnTXsSRsxpIUHBw4apy1tjXoe4909znmHpd3+8npneKcD5RgJP6gFZYQhNo12Gyx
uBv3ebJ+kaVJ0zJQ2q2UaLm3wMMi+qENj5UYbl7KLhG2AiLG+xMEasi22zWqpsU6
FFivltr8AGcEoNp4wbzz7NfupgeEX8MUoS+s5SEi+9lfmFjj1iF7uXUD3fa25eT7
Lke9UA/FGtnmMWp46JCkDnE//ghxPRfJXRMcs6kpKm2+xYOuYHClJqNm67D9Pry/
mikK+2s=
-----END CERTIFICATE-----
Generated at Sun Sep 29 11:04:59 2024 by rpki-client on console-fra.rpki-client.org