Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/E1702E04400D11EBAD0E821FC4F9AE02.roa
File: E1702E04400D11EBAD0E821FC4F9AE02.roa (raw, json)
Hash identifier: TabDwe+MpbbT/1pEswn/HMTI7Pe5qVKBrlIysbEYFe0=
Subject key identifier: 42:86:C2:10:6A:D7:25:B2:4F:81:B7:4E:97:36:68:B9:10:B9:C5:0C
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 06DD
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/E1702E04400D11EBAD0E821FC4F9AE02.roa
Signing time: Tue 12 Dec 2023 04:11:13 +0000
ROA not before: Tue 12 Dec 2023 04:11:13 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 16509
IP address blocks: 202.139.236.0/22 maxlen: 24
202.139.252.0/24 maxlen: 24
202.139.254.0/23 maxlen: 23
202.148.147.0/24 maxlen: 24
203.27.226.0/23 maxlen: 24
203.147.248.0/23 maxlen: 23
210.247.144.0/20 maxlen: 24
210.247.238.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1757 (0x6dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: Dec 12 04:11:13 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=6577dd61-d3f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:be:ae:3b:c0:8d:7b:21:5f:41:9b:0a:78:9d:
39:99:11:a4:31:77:64:94:e0:a2:73:7c:0f:42:5f:
51:3e:77:7c:e4:ae:be:46:b3:bd:94:4e:98:96:2f:
27:4f:d0:3b:e0:67:0e:b4:2a:66:01:ed:86:f0:a4:
36:8a:a1:e1:81:3b:81:86:5a:7f:51:0c:24:ea:39:
b7:a0:f2:06:a4:23:47:1e:59:b6:8e:c6:6c:5e:42:
61:83:1e:ba:c5:4c:9f:73:56:23:58:1f:17:e4:ee:
8a:93:0a:ec:50:d0:3e:4b:8c:6a:b2:38:c4:16:cc:
b5:95:dd:e5:3b:25:e3:4a:3c:a1:fa:62:81:95:b3:
ec:2a:58:c8:a7:96:4b:d9:b9:4e:77:3a:30:e0:39:
a6:60:44:63:e0:4c:37:a4:07:11:70:f1:14:bb:b4:
fd:7f:4b:c8:b8:9e:42:8f:89:06:61:61:3d:36:3d:
33:d3:1d:fa:00:3d:c9:75:a1:ce:c5:79:ae:45:bf:
ac:76:dd:6b:d6:83:44:0a:69:7a:e4:fd:dd:2b:9b:
17:e6:8f:8a:10:c0:ed:27:3e:97:cd:5d:a3:50:cf:
84:95:a3:44:fc:47:88:ab:0f:85:f2:d4:2c:dc:8c:
1f:e7:e7:b7:93:f7:05:18:26:da:37:e4:55:58:a7:
76:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:86:C2:10:6A:D7:25:B2:4F:81:B7:4E:97:36:68:B9:10:B9:C5:0C
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/E1702E04400D11EBAD0E821FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.139.236.0/22
202.139.252.0/24
202.139.254.0/23
202.148.147.0/24
203.27.226.0/23
203.147.248.0/23
210.247.144.0/20
210.247.238.0/23
Signature Algorithm: sha256WithRSAEncryption
59:e5:e2:4b:ca:c1:ea:19:71:2a:1b:69:34:f1:8f:d4:e2:4f:
a4:23:39:a0:b8:e9:6e:f4:9a:e2:70:db:ea:7b:c9:17:3b:06:
48:bd:13:30:fb:88:d1:e3:ca:9e:85:84:66:72:e5:62:15:a5:
c6:16:2a:53:e5:fc:42:1b:9f:a7:4d:bd:b1:96:9c:65:3f:df:
1e:d5:3b:62:4a:8d:ae:6c:83:f9:4f:c7:86:32:c6:71:38:1e:
00:26:db:27:90:54:b9:de:18:84:62:d9:5f:8f:6d:29:4d:e3:
a3:63:12:51:73:78:44:89:71:26:c8:00:e7:fa:e4:0e:1a:4d:
ed:08:6e:c1:f4:2f:1e:e4:22:db:f9:22:69:16:7e:13:e2:2a:
20:ef:1e:6d:d5:40:6d:98:48:5b:8e:6e:bf:f0:20:b6:47:bc:
4b:67:08:cd:98:60:57:69:50:09:cb:0e:6a:84:75:f3:63:a2:
29:97:02:37:63:0f:17:36:c2:ab:75:b4:83:64:3c:60:e7:bb:
3c:d6:cb:08:59:d4:f7:e0:71:12:23:64:3e:a9:c6:4f:85:bb:
07:05:2a:41:12:2f:b0:3d:f6:c9:cc:9d:d5:11:71:3e:f9:c1:
1a:3f:a8:b1:30:1f:cf:4a:19:a6:f9:db:97:81:e7:e0:a4:01:
3d:02:9a:02
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICBt0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMxMjEyMDQxMTEzWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTc3ZGQ2MS1kM2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp76uO8CNeyFfQZsKeJ05mRGkMXdklOCic3wPQl9RPnd85K6+RrO9lE6Yli8n
T9A74GcOtCpmAe2G8KQ2iqHhgTuBhlp/UQwk6jm3oPIGpCNHHlm2jsZsXkJhgx66
xUyfc1YjWB8X5O6KkwrsUNA+S4xqsjjEFsy1ld3lOyXjSjyh+mKBlbPsKljIp5ZL
2blOdzow4DmmYERj4Ew3pAcRcPEUu7T9f0vIuJ5Cj4kGYWE9Nj0z0x36AD3JdaHO
xXmuRb+sdt1r1oNECml65P3dK5sX5o+KEMDtJz6XzV2jUM+ElaNE/EeIqw+F8tQs
3Iwf5+e3k/cFGCbaN+RVWKd22wIDAQABo4ICvzCCArswHQYDVR0OBBYEFEKGwhBq
1yWyT4G3Tpc2aLkQucUMMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvRTE3MDJFMDQ0
MDBEMTFFQkFEMEU4MjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBALKi+wDBADKi/wDBAHKi/4DBADKlJMDBAHLG+IDBAHLk/gD
BATS95ADBAHS9+4wDQYJKoZIhvcNAQELBQADggEBAFnl4kvKweoZcSobaTTxj9Ti
T6QjOaC46W70muJw2+p7yRc7Bki9EzD7iNHjyp6FhGZy5WIVpcYWKlPl/EIbn6dN
vbGWnGU/3x7VO2JKja5sg/lPx4YyxnE4HgAm2yeQVLneGIRi2V+PbSlN46NjElFz
eESJcSbIAOf65A4aTe0IbsH0Lx7kItv5ImkWfhPiKiDvHm3VQG2YSFuObr/wILZH
vEtnCM2YYFdpUAnLDmqEdfNjoimXAjdjDxc2wqt1tINkPGDnuzzWywhZ1PfgcRIj
ZD6pxk+FuwcFKkESL7A99snMndURcT75wRo/qLEwH89KGab525eB5+CkAT0CmgI=
-----END CERTIFICATE-----
Generated at Thu Dec 14 07:42:19 2023 by rpki-client on console-ams.rpki-client.org