Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA5DD/7BD3003EBA0711EBBBE11E2AC4F9AE02/81BFD8B067E911ECA8D7755AC4F9AE02.roa
File: 81BFD8B067E911ECA8D7755AC4F9AE02.roa (raw, json)
Hash identifier: ZfrzLOFaRWk7aU/jk20Dxvhm6lsIXLA+xZl1hTjH1EA=
Subject key identifier: 2E:D5:92:26:3A:EF:05:6F:C1:A4:13:1F:B6:74:8C:27:49:C1:E0:8F
Certificate issuer: /CN=A91CA5DD/serialNumber=F13E906F158C757583A8DA0A6D56DE91ABA014DA
Certificate serial: 0434
Authority key identifier: F1:3E:90:6F:15:8C:75:75:83:A8:DA:0A:6D:56:DE:91:AB:A0:14:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8T6QbxWMdXWDqNoKbVbekaugFNo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CA5DD/7BD3003EBA0711EBBBE11E2AC4F9AE02/81BFD8B067E911ECA8D7755AC4F9AE02.roa
Signing time: Thu 09 Feb 2023 02:12:00 +0000
ROA not before: Thu 09 Feb 2023 02:12:00 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 18395
IP address blocks: 203.78.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 04:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1076 (0x434)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CA5DD/serialNumber=F13E906F158C757583A8DA0A6D56DE91ABA014DA
Validity
Not Before: Feb 9 02:12:00 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63e45670-0d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:40:f7:1e:ee:dc:3c:45:0e:25:22:42:23:9b:
46:cf:6c:82:a4:9f:d6:0a:0e:85:5f:6e:39:ec:9d:
7b:37:6d:4b:58:2e:81:1a:1c:a9:d1:d6:40:68:2b:
d2:b8:29:9f:9a:a0:7f:08:25:83:a7:2e:da:20:a8:
6d:83:1b:6d:10:48:d6:ee:c2:d8:15:f3:c2:c9:81:
48:ec:ed:0e:ea:f1:77:3d:14:48:56:2b:df:f4:5b:
89:f9:57:3f:e0:f1:05:89:02:ba:a9:32:d2:39:18:
c9:9a:2a:5f:06:ef:80:3d:fa:3e:27:b2:9e:26:9c:
e7:23:73:e9:12:5f:9b:cf:f3:04:53:37:e8:dc:1b:
0e:c9:41:3b:e4:2d:b8:bf:6b:bf:66:b8:12:5b:3c:
63:28:3c:7c:ff:84:c9:b7:b6:14:76:a8:e8:e4:7d:
bb:ce:82:32:78:b5:c5:ce:1b:39:8e:45:b4:12:63:
b0:9a:33:4b:43:80:b9:1e:76:dc:41:7b:b7:3d:97:
86:a8:44:ca:f1:39:23:8a:d8:96:80:72:86:fe:02:
04:c9:12:34:4f:01:e3:ef:d9:05:32:e4:2c:c8:db:
dd:2f:ac:74:65:bb:72:0b:a3:10:6c:96:ea:3f:a8:
a0:c1:b5:75:d3:d0:5f:d2:e9:e4:d8:58:c0:ad:db:
c5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D5:92:26:3A:EF:05:6F:C1:A4:13:1F:B6:74:8C:27:49:C1:E0:8F
X509v3 Authority Key Identifier:
keyid:F1:3E:90:6F:15:8C:75:75:83:A8:DA:0A:6D:56:DE:91:AB:A0:14:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CA5DD/7BD3003EBA0711EBBBE11E2AC4F9AE02/8T6QbxWMdXWDqNoKbVbekaugFNo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8T6QbxWMdXWDqNoKbVbekaugFNo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA5DD/7BD3003EBA0711EBBBE11E2AC4F9AE02/81BFD8B067E911ECA8D7755AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.78.165.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:fa:a4:3e:fc:92:89:1b:ce:81:d5:35:62:12:94:7f:a4:8f:
11:e3:66:f1:18:47:ab:87:47:50:61:ce:b2:79:ce:63:c9:21:
7e:ed:a0:91:aa:f8:fe:76:3d:a6:e3:a6:f2:f1:0a:d6:b7:df:
00:5f:21:69:c4:52:9f:1e:50:20:38:a4:d7:ef:70:9f:79:01:
ef:ef:61:cd:d3:ed:f7:8c:e6:e4:6d:eb:a1:67:2b:2f:90:7b:
be:84:09:9f:bd:8b:3d:21:7f:b6:d0:04:71:7c:67:da:24:59:
3f:00:9e:c3:7b:e8:79:e2:b4:f6:ea:76:4d:5f:cc:3d:4b:83:
50:ab:09:7b:29:79:cc:90:b0:7b:f4:8b:43:9c:98:28:d3:01:
74:77:c7:98:98:79:6b:02:f2:a5:ec:17:37:ae:c0:5d:f2:31:
ff:70:87:d0:9b:22:98:12:91:21:48:a4:59:99:46:b3:e5:0d:
62:9a:bd:61:ea:06:9d:fe:ff:da:1b:dc:fc:7b:51:76:ad:64:
54:60:c3:ee:b9:c6:df:b0:80:6e:e9:25:0d:bd:44:6f:df:02:
5b:d6:50:ca:74:7f:8e:be:6e:09:aa:13:aa:ee:84:b7:c1:e1:
d2:25:eb:c8:73:d6:32:aa:52:21:26:43:a5:62:f0:d7:f6:eb:
ea:3e:18:f4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0E1REQxMTAvBgNVBAUTKEYxM0U5MDZGMTU4Qzc1NzU4M0E4REEwQTZENTZERTkx
QUJBMDE0REEwHhcNMjMwMjA5MDIxMjAwWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2U0NTY3MC0wZDBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7UD3Hu7cPEUOJSJCI5tGz2yCpJ/WCg6FX2457J17N21LWC6BGhyp0dZAaCvS
uCmfmqB/CCWDpy7aIKhtgxttEEjW7sLYFfPCyYFI7O0O6vF3PRRIVivf9FuJ+Vc/
4PEFiQK6qTLSORjJmipfBu+APfo+J7KeJpznI3PpEl+bz/MEUzfo3BsOyUE75C24
v2u/ZrgSWzxjKDx8/4TJt7YUdqjo5H27zoIyeLXFzhs5jkW0EmOwmjNLQ4C5Hnbc
QXu3PZeGqETK8TkjitiWgHKG/gIEyRI0TwHj79kFMuQsyNvdL6x0ZbtyC6MQbJbq
P6igwbV109Bf0unk2FjArdvFdwIDAQABo4IClTCCApEwHQYDVR0OBBYEFC7VkiY6
7wVvwaQTH7Z0jCdJweCPMB8GA1UdIwQYMBaAFPE+kG8VjHV1g6jaCm1W3pGroBTa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTVERC83QkQzMDAzRUJB
MDcxMUVCQkJFMTFFMkFDNEY5QUUwMi84VDZRYnhXTWRYV0RxTm9LYlZiZWthdWdG
Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhUNlFieFdNZFhXRHFOb0tiVmJla2F1Z0ZOby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0E1REQvN0JEMzAwM0VCQTA3MTFFQkJCRTExRTJBQzRGOUFFMDIvODFCRkQ4QjA2
N0U5MTFFQ0E4RDc3NTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLTqUwDQYJKoZIhvcNAQELBQADggEBAIv6pD78kokbzoHV
NWISlH+kjxHjZvEYR6uHR1BhzrJ5zmPJIX7toJGq+P52PabjpvLxCta33wBfIWnE
Up8eUCA4pNfvcJ95Ae/vYc3T7feM5uRt66FnKy+Qe76ECZ+9iz0hf7bQBHF8Z9ok
WT8AnsN76HnitPbqdk1fzD1Lg1CrCXspecyQsHv0i0OcmCjTAXR3x5iYeWsC8qXs
FzeuwF3yMf9wh9CbIpgSkSFIpFmZRrPlDWKavWHqBp3+/9ob3Px7UXatZFRgw+65
xt+wgG7pJQ29RG/fAlvWUMp0f46+bgmqE6ruhLfB4dIl68hz1jKqUiEmQ6Vi8Nf2
6+o+GPQ=
-----END CERTIFICATE-----
Generated at Mon Jan 29 05:58:29 2024 by rpki-client on console-ams.rpki-client.org