Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFC1C/3C142B1657FE11EEAA553060C4F9AE02/A64587D257FE11EE95E05461C4F9AE02.roa
File: A64587D257FE11EE95E05461C4F9AE02.roa (raw, json)
Hash identifier: JaZnpb9IcWD2avf1jRuML8ANRTUn3diwl/iAzH/M69A=
Subject key identifier: E0:1A:A7:EA:F6:F9:9C:90:7C:2E:B7:24:CB:5F:51:08:1A:B8:F3:CC
Certificate issuer: /CN=A91CFC1C/serialNumber=3645CD90E3F43C012DAB3BF3972E86BC94DDD454
Certificate serial: 02
Authority key identifier: 36:45:CD:90:E3:F4:3C:01:2D:AB:3B:F3:97:2E:86:BC:94:DD:D4:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkXNkOP0PAEtqzvzly6GvJTd1FQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFC1C/3C142B1657FE11EEAA553060C4F9AE02/A64587D257FE11EE95E05461C4F9AE02.roa
Signing time: Wed 20 Sep 2023 21:42:52 +0000
ROA not before: Wed 20 Sep 2023 21:42:52 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 58421
IP address blocks: 202.49.208.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Sep 2023 21:49:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFC1C/serialNumber=3645CD90E3F43C012DAB3BF3972E86BC94DDD454
Validity
Not Before: Sep 20 21:42:52 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=650b675c-68f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:86:c4:9f:f8:08:6a:28:58:2f:99:a7:8a:ca:
85:4a:9c:43:24:f5:cd:99:1b:e6:21:d4:c1:b2:29:
19:fe:e4:c3:a7:08:b0:88:9f:a4:e5:8e:11:d8:ff:
27:71:95:26:33:04:bf:0f:60:e3:57:cc:42:92:b9:
a8:a4:53:36:c0:af:c3:6a:42:44:2b:15:cd:ad:2a:
82:40:68:70:82:18:c6:c3:a1:fb:c3:cf:04:6c:95:
87:c2:1b:4f:fe:94:cf:84:0d:01:01:0e:73:c2:5e:
f4:9b:80:c5:3c:13:a0:d9:50:0c:c5:0d:d5:77:99:
07:1e:eb:03:2f:97:a9:00:79:4a:9f:4f:46:0c:5b:
19:b5:06:7e:3f:a0:3e:36:8f:f7:b9:b1:1a:29:71:
e8:7e:b3:24:48:e8:c6:5f:ab:6d:d6:54:ef:74:f7:
5d:8d:b1:fa:79:2f:65:e3:6c:43:71:30:70:43:2b:
59:69:5f:ac:64:fc:90:56:c4:e8:9d:2d:64:a7:ae:
4b:24:6c:94:64:08:d7:d3:27:42:c3:9a:a7:d1:ff:
0a:87:6d:26:18:2f:61:97:d3:cc:fd:5c:bf:5c:23:
ef:d6:06:a8:e4:66:c4:56:04:1c:af:38:84:7d:2c:
a9:c2:4f:b3:7d:91:bc:59:7c:52:ef:18:12:51:0a:
90:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:1A:A7:EA:F6:F9:9C:90:7C:2E:B7:24:CB:5F:51:08:1A:B8:F3:CC
X509v3 Authority Key Identifier:
keyid:36:45:CD:90:E3:F4:3C:01:2D:AB:3B:F3:97:2E:86:BC:94:DD:D4:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFC1C/3C142B1657FE11EEAA553060C4F9AE02/NkXNkOP0PAEtqzvzly6GvJTd1FQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkXNkOP0PAEtqzvzly6GvJTd1FQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFC1C/3C142B1657FE11EEAA553060C4F9AE02/A64587D257FE11EE95E05461C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.49.208.0/21
Signature Algorithm: sha256WithRSAEncryption
70:ea:ce:90:33:09:3a:45:de:47:40:85:b7:58:99:2b:b8:96:
8d:56:80:ac:c3:1a:ac:18:db:05:a6:3a:85:b5:9a:da:d9:45:
93:46:a9:a4:6c:64:ad:7a:b5:62:fa:06:c6:05:44:c6:b1:5f:
da:09:7e:17:e7:53:28:ff:0d:8e:8b:fe:44:dd:7c:c0:13:ae:
09:ba:8a:e9:b0:8a:80:f9:7a:a0:cf:c2:b1:2c:67:a7:57:cb:
ab:80:b2:77:ad:f4:9f:ea:98:69:82:9e:2d:8c:9a:f7:de:3f:
aa:64:d9:af:12:bc:40:c4:0d:56:e8:2e:b2:fa:e8:81:be:71:
69:96:02:34:37:c1:1f:87:0c:9a:4e:d4:77:01:e7:f5:ba:97:
20:4d:16:64:85:33:76:fe:a7:b7:7f:94:2a:33:f5:6f:32:d5:
0e:85:68:40:bf:34:0a:05:a8:5e:e1:65:2d:63:41:af:33:b5:
d8:26:c2:84:cb:11:f2:f0:ab:3f:2a:43:57:dc:ae:b1:84:64:
0c:78:74:ff:13:4f:2f:d5:1e:71:ce:4b:b9:cc:72:ab:3f:ed:
e5:d7:b5:2c:e6:f8:31:62:4a:91:6d:a5:df:13:d3:2a:8e:b8:
82:5a:0e:22:44:80:cf:13:04:7a:5b:ac:2b:fb:35:32:ff:85:
1a:6f:1f:61
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RkMxQzExMC8GA1UEBRMoMzY0NUNEOTBFM0Y0M0MwMTJEQUIzQkYzOTcyRTg2QkM5
NERERDQ1NDAeFw0yMzA5MjAyMTQyNTJaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MGI2NzVjLTY4ZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDjhsSf+AhqKFgvmaeKyoVKnEMk9c2ZG+Yh1MGyKRn+5MOnCLCIn6TljhHY/ydx
lSYzBL8PYONXzEKSuaikUzbAr8NqQkQrFc2tKoJAaHCCGMbDofvDzwRslYfCG0/+
lM+EDQEBDnPCXvSbgMU8E6DZUAzFDdV3mQce6wMvl6kAeUqfT0YMWxm1Bn4/oD42
j/e5sRopceh+syRI6MZfq23WVO90912Nsfp5L2XjbENxMHBDK1lpX6xk/JBWxOid
LWSnrkskbJRkCNfTJ0LDmqfR/wqHbSYYL2GX08z9XL9cI+/WBqjkZsRWBByvOIR9
LKnCT7N9kbxZfFLvGBJRCpCvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU4Bqn6vb5
nJB8Lrcky19RCBq488wwHwYDVR0jBBgwFoAUNkXNkOP0PAEtqzvzly6GvJTd1FQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGQzFDLzNDMTQyQjE2NTdG
RTExRUVBQTU1MzA2MEM0RjlBRTAyL05rWE5rT1AwUEFFdHF6dnpseTZHdkpUZDFG
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTmtYTmtPUDBQQUV0cXp2emx5Nkd2SlRkMUZRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RkMxQy8zQzE0MkIxNjU3RkUxMUVFQUE1NTMwNjBDNEY5QUUwMi9BNjQ1ODdEMjU3
RkUxMUVFOTVFMDU0NjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA8ox0DANBgkqhkiG9w0BAQsFAAOCAQEAcOrOkDMJOkXeR0CF
t1iZK7iWjVaArMMarBjbBaY6hbWa2tlFk0appGxkrXq1YvoGxgVExrFf2gl+F+dT
KP8Njov+RN18wBOuCbqK6bCKgPl6oM/CsSxnp1fLq4Cyd630n+qYaYKeLYya994/
qmTZrxK8QMQNVugusvrogb5xaZYCNDfBH4cMmk7UdwHn9bqXIE0WZIUzdv6nt3+U
KjP1bzLVDoVoQL80CgWoXuFlLWNBrzO12CbChMsR8vCrPypDV9yusYRkDHh0/xNP
L9Uecc5Lucxyqz/t5de1LOb4MWJKkW2l3xPTKo64gloOIkSAzxMEelusK/s1Mv+F
Gm8fYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org