Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1862/350845AA1BC111EF8CE32F7FC4F9AE02/D32976C81BC111EF9CF1E180C4F9AE02.roa
File: D32976C81BC111EF9CF1E180C4F9AE02.roa (raw, json)
Hash identifier: 07D5eV5km1WmB/iyMa8cyLQp1p7pWAWVdLmm4S/iiTE=
Subject key identifier: C4:82:3F:98:39:99:7F:8C:DD:71:39:B3:21:8D:58:B9:0A:FB:27:12
Certificate issuer: /CN=A91D1862/serialNumber=62214A1C522481C7381795BEEA55F3C88CE013CD
Certificate serial: 07
Authority key identifier: 62:21:4A:1C:52:24:81:C7:38:17:95:BE:EA:55:F3:C8:8C:E0:13:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YiFKHFIkgcc4F5W-6lXzyIzgE80.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1862/350845AA1BC111EF8CE32F7FC4F9AE02/D32976C81BC111EF9CF1E180C4F9AE02.roa
Signing time: Mon 27 May 2024 02:19:40 +0000
ROA not before: Mon 27 May 2024 02:19:40 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 55914
IP address blocks: 202.94.64.0/23 maxlen: 23
202.129.255.0/24 maxlen: 24
203.191.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 23:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1862/serialNumber=62214A1C522481C7381795BEEA55F3C88CE013CD
Validity
Not Before: May 27 02:19:40 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6653edbc-ea3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:94:e7:a2:07:12:cf:a6:b0:60:c7:fd:fa:35:
87:cb:81:5e:c4:fb:f9:a3:4f:9d:9f:ef:10:b2:c1:
60:17:7a:3b:41:5c:bc:22:87:f4:20:6a:c6:41:f2:
66:05:24:d7:1a:52:d2:b4:4f:50:85:c1:bd:ad:09:
e7:88:79:85:ce:9e:07:b6:ac:9a:21:54:56:a1:c2:
2c:18:92:e7:08:f1:26:89:63:a5:37:73:0e:a9:e5:
d1:97:c4:d5:39:df:96:28:08:07:e5:38:63:80:ff:
32:8c:dd:54:4f:b4:c6:be:7c:6e:0e:ab:e0:eb:ac:
e3:41:e7:0f:08:b2:c8:fb:3e:63:4e:97:a4:ca:3d:
f0:08:64:d7:18:bf:8b:bc:d7:07:f9:4b:fd:16:20:
d6:a3:fe:88:22:e6:a9:01:f4:9a:55:9e:c8:4d:b3:
1d:cd:cf:42:5b:81:1b:34:75:77:f9:d7:c9:0c:2b:
e3:57:73:87:4a:83:d7:7b:33:79:65:00:6f:da:00:
56:1a:4f:b8:42:9f:f5:3f:46:43:6f:f9:b4:c8:80:
c2:f0:53:17:11:be:1d:6c:01:30:3d:38:b5:18:10:
59:d6:99:ac:72:1a:e3:f0:ab:f1:ec:c4:f2:43:c0:
ed:d3:94:2d:4e:e2:56:cc:fa:13:b3:2d:7a:95:e4:
05:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:82:3F:98:39:99:7F:8C:DD:71:39:B3:21:8D:58:B9:0A:FB:27:12
X509v3 Authority Key Identifier:
keyid:62:21:4A:1C:52:24:81:C7:38:17:95:BE:EA:55:F3:C8:8C:E0:13:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1862/350845AA1BC111EF8CE32F7FC4F9AE02/YiFKHFIkgcc4F5W-6lXzyIzgE80.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YiFKHFIkgcc4F5W-6lXzyIzgE80.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1862/350845AA1BC111EF8CE32F7FC4F9AE02/D32976C81BC111EF9CF1E180C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.94.64.0/23
202.129.255.0/24
203.191.6.0/24
Signature Algorithm: sha256WithRSAEncryption
36:8a:30:54:dd:14:b7:d6:8e:9f:1a:58:29:3a:d9:f2:df:d5:
2e:fc:82:6e:a1:80:18:f3:e6:34:86:61:38:4f:4c:17:60:1e:
39:78:6f:30:de:46:22:81:3c:a4:8b:62:8c:c8:c0:d9:1e:7c:
3d:f0:d7:cc:a8:d0:3e:00:c8:3e:5c:5c:f5:d4:21:06:7c:56:
33:35:7b:13:92:63:01:63:dc:7a:1b:cb:15:e9:5c:08:e5:51:
de:ee:6f:5e:30:ff:ca:55:a4:8e:c3:13:ce:19:54:af:3f:ca:
df:61:ab:eb:fe:29:c4:26:ff:51:e6:49:01:12:b4:db:d4:ec:
36:36:6d:45:14:1b:15:a4:e6:40:88:6c:f5:f0:61:bc:15:8d:
92:f7:7e:83:31:29:ba:0b:6c:c7:8f:40:7b:be:77:66:f5:47:
76:1f:fc:11:2e:36:4d:61:ec:07:d4:01:71:82:1c:46:1b:28:
d0:ca:c9:e3:e0:63:0c:93:4c:28:d2:72:7e:3a:e3:a5:bb:cd:
5c:65:a0:59:16:74:37:0b:09:8c:d2:10:bc:d7:e6:a5:11:2e:
17:9c:9b:ae:4d:5f:ed:37:3f:34:44:77:16:ed:44:0f:92:30:
9e:15:49:49:85:1d:04:b3:c1:a9:84:ff:36:9d:a9:66:93:61:
96:86:ea:09
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MTg2MjExMC8GA1UEBRMoNjIyMTRBMUM1MjI0ODFDNzM4MTc5NUJFRUE1NUYzQzg4
Q0UwMTNDRDAeFw0yNDA1MjcwMjE5NDBaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTNlZGJjLWVhM2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCblOeiBxLPprBgx/36NYfLgV7E+/mjT52f7xCywWAXejtBXLwih/QgasZB8mYF
JNcaUtK0T1CFwb2tCeeIeYXOnge2rJohVFahwiwYkucI8SaJY6U3cw6p5dGXxNU5
35YoCAflOGOA/zKM3VRPtMa+fG4Oq+DrrONB5w8Issj7PmNOl6TKPfAIZNcYv4u8
1wf5S/0WINaj/ogi5qkB9JpVnshNsx3Nz0JbgRs0dXf518kMK+NXc4dKg9d7M3ll
AG/aAFYaT7hCn/U/RkNv+bTIgMLwUxcRvh1sATA9OLUYEFnWmaxyGuPwq/HsxPJD
wO3TlC1O4lbM+hOzLXqV5AXDAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUxII/mDmZ
f4zdcTmzIY1YuQr7JxIwHwYDVR0jBBgwFoAUYiFKHFIkgcc4F5W+6lXzyIzgE80w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQxODYyLzM1MDg0NUFBMUJD
MTExRUY4Q0UzMkY3RkM0RjlBRTAyL1lpRktIRklrZ2NjNEY1Vy02bFh6eUl6Z0U4
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWWlGS0hGSWtnY2M0RjVXLTZsWHp5SXpnRTgwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MTg2Mi8zNTA4NDVBQTFCQzExMUVGOENFMzJGN0ZDNEY5QUUwMi9EMzI5NzZDODFC
QzExMUVGOUNGMUUxODBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAcpeQAMEAMqB/wMEAMu/BjANBgkqhkiG9w0BAQsFAAOCAQEA
NoowVN0Ut9aOnxpYKTrZ8t/VLvyCbqGAGPPmNIZhOE9MF2AeOXhvMN5GIoE8pIti
jMjA2R58PfDXzKjQPgDIPlxc9dQhBnxWMzV7E5JjAWPcehvLFelcCOVR3u5vXjD/
ylWkjsMTzhlUrz/K32Gr6/4pxCb/UeZJARK029TsNjZtRRQbFaTmQIhs9fBhvBWN
kvd+gzEpugtsx49Ae753ZvVHdh/8ES42TWHsB9QBcYIcRhso0MrJ4+BjDJNMKNJy
fjrjpbvNXGWgWRZ0NwsJjNIQvNfmpREuF5ybrk1f7Tc/NER3Fu1ED5IwnhVJSYUd
BLPBqYT/Np2pZpNhlobqCQ==
-----END CERTIFICATE-----
Generated at Tue Jul 23 00:28:50 2024 by rpki-client on console-fra.rpki-client.org