Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/0D81980A716911EDA03D4A50C4F9AE02.roa
File: 0D81980A716911EDA03D4A50C4F9AE02.roa (raw, json)
Hash identifier: lZkZCbgI6U7k61KEMKz6k5ZrCGvEwoV2YPH9TFWPMJo=
Subject key identifier: 3B:53:8F:F1:A9:75:B6:3F:AC:A8:F1:48:57:97:4D:FA:0D:D7:DA:74
Certificate issuer: /CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Certificate serial: 0304
Authority key identifier: 56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/0D81980A716911EDA03D4A50C4F9AE02.roa
Signing time: Thu 01 Dec 2022 11:12:33 +0000
ROA not before: Thu 01 Dec 2022 11:12:33 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 38266
IP address blocks: 118.185.60.0/24 maxlen: 24
122.15.88.0/21 maxlen: 21
122.15.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 772 (0x304)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Validity
Not Before: Dec 1 11:12:33 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63888c21-59f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:36:43:0f:41:b4:0a:4d:94:fc:44:b5:25:5d:
e4:25:b2:d6:00:f6:1c:d3:d9:e5:22:d0:e8:1e:0a:
f6:df:31:9e:61:df:50:36:e8:21:e8:d2:00:da:d5:
b7:9a:f8:8d:fa:39:d9:db:20:ad:55:53:7f:86:52:
78:ce:14:d8:2e:d6:fb:38:b8:99:56:e1:ae:fb:29:
9b:68:55:66:17:d2:0d:de:1b:d2:b3:0b:18:57:18:
36:e6:8e:1a:d1:e4:f0:50:c8:19:df:ae:19:ac:ce:
c4:7a:c0:06:0d:fa:11:4c:60:31:7d:2b:a2:2b:e1:
5d:df:2c:fd:d3:7d:b2:48:88:5f:00:24:5b:dc:67:
1d:68:72:b6:47:d0:66:ec:10:1b:a4:5e:0d:61:89:
1a:87:6c:c5:18:84:0d:9d:d8:1e:62:bf:1c:56:f0:
44:8c:94:80:2c:38:e4:f8:3c:59:ea:ca:32:ee:64:
1e:b2:97:26:6d:9e:8c:e2:b0:c1:a6:06:6f:54:57:
92:cb:a2:7a:a4:f3:e0:db:05:4f:52:b2:8b:ce:11:
f9:24:c4:ca:ab:cd:a3:da:75:9f:56:22:6a:f4:13:
17:8d:a1:9b:12:80:d3:bc:96:34:1d:df:c8:7f:d2:
72:99:b8:69:90:9e:9a:32:bf:63:d8:4e:47:a0:26:
ea:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:53:8F:F1:A9:75:B6:3F:AC:A8:F1:48:57:97:4D:FA:0D:D7:DA:74
X509v3 Authority Key Identifier:
keyid:56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/0D81980A716911EDA03D4A50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.185.60.0/24
122.15.88.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:e1:60:da:25:3f:cd:80:73:f4:53:3c:aa:c7:32:21:09:c4:
f7:06:5d:e9:32:83:f8:98:5b:70:d6:77:d9:73:d4:da:8f:0b:
03:10:07:c2:15:99:7e:64:b7:0a:ea:c9:56:14:23:f2:56:2a:
12:e2:4b:18:e4:06:b2:20:ed:d3:92:fc:07:4d:33:0a:eb:5b:
e2:fc:cb:14:4f:1f:9b:f9:2c:dd:4a:c1:97:ef:0f:ad:22:e7:
23:01:03:65:ae:e2:fa:58:58:0e:03:c2:d2:6e:e3:fe:60:c5:
04:0e:87:8d:85:67:49:1f:96:ee:35:34:9c:eb:d4:83:93:62:
82:eb:f9:73:f7:18:71:30:c0:73:15:81:d2:0d:95:d4:44:0c:
3d:d8:26:b1:d0:4d:b4:bc:54:cb:a0:e7:de:e3:1f:92:7b:59:
4c:fd:a4:6d:c8:0d:bc:4b:1a:c2:9d:a8:24:da:f2:e2:77:ea:
b9:41:1d:16:e4:7f:9f:5c:06:e2:6c:e0:f1:13:c4:76:c1:53:
d3:30:63:0b:3a:82:db:51:85:c3:8c:66:f1:3b:87:29:8f:ca:
e0:4d:2c:f2:94:7b:b4:93:c6:2b:30:2b:ea:1c:46:55:f1:0e:
50:a6:35:6c:98:f7:66:a6:f2:48:70:b1:c4:7d:7b:73:6a:dc:
02:6f:00:69
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAwQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0QzOUQxMTAvBgNVBAUTKDU2Qjk4M0U0NkJDQkExMTVGRjIyNjVGRTQ5MTkwOUM3
RDc0MTQ3RjMwHhcNMjIxMjAxMTExMjMzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzg4OGMyMS01OWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoDZDD0G0Ck2U/ES1JV3kJbLWAPYc09nlItDoHgr23zGeYd9QNugh6NIA2tW3
mviN+jnZ2yCtVVN/hlJ4zhTYLtb7OLiZVuGu+ymbaFVmF9IN3hvSswsYVxg25o4a
0eTwUMgZ364ZrM7EesAGDfoRTGAxfSuiK+Fd3yz9032ySIhfACRb3GcdaHK2R9Bm
7BAbpF4NYYkah2zFGIQNndgeYr8cVvBEjJSALDjk+DxZ6soy7mQespcmbZ6M4rDB
pgZvVFeSy6J6pPPg2wVPUrKLzhH5JMTKq82j2nWfViJq9BMXjaGbEoDTvJY0Hd/I
f9JymbhpkJ6aMr9j2E5HoCbqgQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDtTj/Gp
dbY/rKjxSFeXTfoN19p0MB8GA1UdIwQYMBaAFFa5g+Rry6EV/yJl/kkZCcfXQUfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDM5RC9ERTdEMkY5NDRF
NzYxMUVDQTU3MjBCNzlDNEY5QUUwMi9Wcm1ENUd2TG9SWF9JbVgtU1JrSng5ZEJS
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZybUQ1R3ZMb1JYX0ltWC1TUmtKeDlkQlJfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0QzOUQvREU3RDJGOTQ0RTc2MTFFQ0E1NzIwQjc5QzRGOUFFMDIvMEQ4MTk4MEE3
MTY5MTFFREEwM0Q0QTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB2uTwDBAN6D1gwDQYJKoZIhvcNAQELBQADggEBAG/hYNol
P82Ac/RTPKrHMiEJxPcGXekyg/iYW3DWd9lz1NqPCwMQB8IVmX5ktwrqyVYUI/JW
KhLiSxjkBrIg7dOS/AdNMwrrW+L8yxRPH5v5LN1KwZfvD60i5yMBA2Wu4vpYWA4D
wtJu4/5gxQQOh42FZ0kflu41NJzr1IOTYoLr+XP3GHEwwHMVgdINldREDD3YJrHQ
TbS8VMug597jH5J7WUz9pG3IDbxLGsKdqCTa8uJ36rlBHRbkf59cBuJs4PETxHbB
U9MwYws6gttRhcOMZvE7hymPyuBNLPKUe7STxiswK+ocRlXxDlCmNWyY92am8khw
scR9e3Nq3AJvAGk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-ams.rpki-client.org