Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/2970967C7A2511EE8B7B7283C4F9AE02.roa
File: 2970967C7A2511EE8B7B7283C4F9AE02.roa (raw, json)
Hash identifier: TsFSgtrfqvbUF2fyZeQsJz6iiQYpksz31O6FNxjPpdU=
Subject key identifier: 0D:52:C3:76:87:60:C5:05:B8:E6:29:5C:F0:EE:9F:DE:EE:74:D8:41
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: 0126
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/2970967C7A2511EE8B7B7283C4F9AE02.roa
Signing time: Fri 03 Nov 2023 08:44:13 +0000
ROA not before: Fri 03 Nov 2023 08:44:13 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 60117
IP address blocks: 203.33.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Dec 2023 21:03:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 294 (0x126)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Nov 3 08:44:13 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6544b2dc-3bf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6e:fa:04:b7:dc:1f:5f:c0:93:da:6b:40:6e:
a2:1f:90:32:fc:4a:44:90:31:41:85:24:63:1b:f6:
4c:9a:e8:c8:3e:93:a2:3c:1e:49:6f:7a:18:be:6b:
c2:86:23:3f:13:f9:f4:f7:76:dc:49:21:2b:9d:88:
48:93:97:f2:68:45:dc:48:6d:56:e3:6c:bc:a2:94:
d9:e2:7b:cf:3e:6c:70:fc:4b:ce:af:41:c8:2c:04:
64:be:fe:02:45:54:e6:e3:38:32:d2:8f:ac:7e:1b:
cf:ff:5d:08:5c:81:2c:57:b3:57:39:ae:2b:a3:ae:
3e:09:fa:48:cf:59:43:76:ea:12:be:ce:b6:c1:49:
6a:54:f9:aa:3f:fe:a2:ce:b2:e6:52:15:bd:88:1b:
7c:e7:73:74:7e:b7:9c:cd:23:83:1b:d6:f9:be:42:
6d:35:2c:03:f0:20:98:f3:00:1d:c3:92:31:d1:a4:
d0:38:54:89:87:d5:0d:04:2d:e1:7d:92:14:05:05:
47:e0:e5:dc:2f:e9:4d:d2:f9:1e:a8:8b:08:36:0d:
dc:28:55:25:f3:c5:b3:55:8b:5e:12:6a:6a:3c:2b:
89:3c:86:d8:57:32:74:ea:c9:12:22:6c:b1:13:04:
d3:a0:f5:ed:a3:69:6e:06:41:9e:da:0f:32:24:40:
27:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:52:C3:76:87:60:C5:05:B8:E6:29:5C:F0:EE:9F:DE:EE:74:D8:41
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/2970967C7A2511EE8B7B7283C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.238.0/24
Signature Algorithm: sha256WithRSAEncryption
02:de:00:68:36:01:fa:4e:2c:61:af:66:78:81:56:57:c6:9a:
15:5c:93:a4:e2:9e:8b:10:99:54:8b:46:34:0f:46:fd:60:8d:
db:b7:55:f8:c9:16:c0:a2:5c:e7:1f:68:96:8f:6e:25:2f:ec:
a2:be:ef:e7:20:c5:fd:e5:4e:9c:0f:43:c3:eb:44:2a:44:e5:
5a:a8:5b:ed:3d:c0:69:7d:7a:9d:14:6d:82:1f:2d:55:55:57:
d3:b9:9a:fa:d2:68:7f:2d:80:64:ab:7e:b8:db:56:97:a2:43:
cd:9a:84:21:72:e9:e6:66:9c:bc:35:7f:ef:ea:fe:b5:1d:d5:
e7:ef:ab:22:f6:f7:38:1c:ac:3e:13:48:3d:57:7f:40:72:96:
b1:93:b4:12:b8:37:2d:e5:76:d7:31:eb:b9:7d:b9:2a:5e:22:
34:2d:6c:92:c8:3b:25:e0:29:fb:45:84:cb:a0:12:09:dc:2a:
13:d0:e6:08:11:ea:24:82:ee:6c:cb:73:1c:76:f5:5b:a7:10:
2b:fa:22:07:70:55:1b:fc:39:83:07:f9:d4:a7:1d:63:cd:f1:
0c:48:bc:45:e8:5e:22:63:d1:b7:7e:e5:61:60:9d:e5:80:f0:
c0:55:d7:00:8c:2c:26:de:2c:6b:9f:36:96:e6:35:30:24:11:
3e:c5:90:8b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICASYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMxMTAzMDg0NDEzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0YjJkYy0zYmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArm76BLfcH1/Ak9prQG6iH5Ay/EpEkDFBhSRjG/ZMmujIPpOiPB5Jb3oYvmvC
hiM/E/n093bcSSErnYhIk5fyaEXcSG1W42y8opTZ4nvPPmxw/EvOr0HILARkvv4C
RVTm4zgy0o+sfhvP/10IXIEsV7NXOa4ro64+CfpIz1lDduoSvs62wUlqVPmqP/6i
zrLmUhW9iBt853N0freczSODG9b5vkJtNSwD8CCY8wAdw5Ix0aTQOFSJh9UNBC3h
fZIUBQVH4OXcL+lN0vkeqIsINg3cKFUl88WzVYteEmpqPCuJPIbYVzJ06skSImyx
EwTToPXto2luBkGe2g8yJEAnfQIDAQABo4IClTCCApEwHQYDVR0OBBYEFA1Sw3aH
YMUFuOYpXPDun97udNhBMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvMjk3MDk2N0M3
QTI1MTFFRThCN0I3MjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIe4wDQYJKoZIhvcNAQELBQADggEBAALeAGg2AfpOLGGv
ZniBVlfGmhVck6TinosQmVSLRjQPRv1gjdu3VfjJFsCiXOcfaJaPbiUv7KK+7+cg
xf3lTpwPQ8PrRCpE5VqoW+09wGl9ep0UbYIfLVVVV9O5mvrSaH8tgGSrfrjbVpei
Q82ahCFy6eZmnLw1f+/q/rUd1efvqyL29zgcrD4TSD1Xf0BylrGTtBK4Ny3ldtcx
67l9uSpeIjQtbJLIOyXgKftFhMugEgncKhPQ5ggR6iSC7mzLcxx29VunECv6Igdw
VRv8OYMH+dSnHWPN8QxIvEXoXiJj0bd+5WFgneWA8MBV1wCMLCbeLGufNpbmNTAk
ET7FkIs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org