Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/30B1AEE41D0F11EEA1270E4FC4F9AE02.roa
File: 30B1AEE41D0F11EEA1270E4FC4F9AE02.roa (raw, json)
Hash identifier: +O9jXFGFrIJO61J0qSVrmjmhtlfJUruWLmuCSpidzUM=
Subject key identifier: 94:83:FC:33:29:AE:8D:9B:6D:63:23:60:64:5B:B2:94:BF:7B:A1:2A
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: F0
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/30B1AEE41D0F11EEA1270E4FC4F9AE02.roa
Signing time: Sun 27 Aug 2023 03:23:46 +0000
ROA not before: Sun 27 Aug 2023 03:23:46 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 43260
IP address blocks: 203.33.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Dec 2023 21:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 240 (0xf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Aug 27 03:23:46 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64eac1c2-aedb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c4:6a:77:68:c9:dd:6f:67:e8:57:b5:1d:b2:
68:b1:25:8c:83:96:7e:47:0a:e0:48:84:d2:3f:93:
fc:ff:a3:c3:81:67:06:21:d5:28:65:17:88:d3:96:
e4:d3:56:ef:0f:69:7b:85:9b:5b:a3:00:33:67:fc:
53:be:46:57:b5:38:8f:92:ee:42:98:fa:d6:79:a5:
97:04:af:fe:5f:5c:30:63:40:f7:b3:90:5a:ab:44:
a1:b1:15:e3:29:d1:fc:53:db:7d:d7:0b:1c:3d:42:
d0:f1:c8:a7:23:39:f4:19:7a:bc:8e:cf:39:3d:30:
4a:bf:41:a2:e5:a4:bc:5e:7f:6a:e4:f6:99:20:41:
01:bf:e6:a8:f6:a7:38:04:38:f0:63:ac:4c:ce:9d:
82:bb:02:27:fc:b4:19:89:a8:b2:51:c2:03:4d:16:
fe:35:9f:6d:5b:a0:f0:55:34:d7:94:7e:b2:db:5f:
d3:8f:31:f2:f1:7c:04:06:15:de:5a:b4:ee:70:5e:
87:93:ee:3e:71:f4:f1:12:f3:66:c3:c5:61:08:b2:
61:04:23:8d:b6:9b:16:50:f9:d3:b7:ce:6d:14:2f:
ee:d8:69:5c:e7:68:dc:88:7a:08:bd:a0:c0:49:a6:
b7:08:be:55:45:51:c2:e1:c4:21:7f:22:98:f9:dc:
81:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:83:FC:33:29:AE:8D:9B:6D:63:23:60:64:5B:B2:94:BF:7B:A1:2A
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/30B1AEE41D0F11EEA1270E4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.239.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:ad:8c:2f:bb:40:0f:61:54:b6:50:b1:a0:5f:e0:07:a8:9b:
d4:9e:f8:b1:cc:67:20:96:c2:e1:e8:9e:9d:d4:43:bb:58:07:
67:6c:70:97:bb:e8:ed:e0:7e:ce:92:0d:22:a0:25:f8:f9:ae:
ab:11:ca:76:44:26:ed:d4:57:db:55:e7:2c:d1:02:53:2f:89:
03:aa:49:d1:d9:3b:a6:55:83:e7:f7:6c:d0:a4:ca:d0:10:ac:
2b:46:01:36:37:c7:27:1d:19:28:e4:5b:43:7a:2d:3b:a7:b0:
7c:25:ee:a1:19:47:0d:68:94:d8:97:20:1b:4d:61:fa:19:30:
5b:01:04:8b:8e:4d:e0:87:b6:89:be:77:ee:c0:0a:b6:74:6b:
dd:4b:92:ed:a9:05:33:2b:04:2e:76:ad:ed:d4:86:47:b9:0e:
ac:5f:5f:69:f0:73:ad:3f:ac:81:bb:e3:37:10:13:72:c0:62:
d1:07:8c:99:e8:f3:98:1f:9d:38:d0:fe:2d:79:6f:d8:f9:7d:
47:9f:a4:5f:3c:18:75:be:3f:93:f3:7d:00:d4:18:09:41:9e:
2f:8a:d4:db:c1:89:fb:ea:39:3f:94:52:18:ea:8f:1c:37:46:
8c:6d:42:41:4a:99:dd:a4:f6:6e:51:35:f3:fc:ce:c3:eb:8f:
f1:84:3b:01
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMwODI3MDMyMzQ2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVhYzFjMi1hZWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq8Rqd2jJ3W9n6Fe1HbJosSWMg5Z+RwrgSITSP5P8/6PDgWcGIdUoZReI05bk
01bvD2l7hZtbowAzZ/xTvkZXtTiPku5CmPrWeaWXBK/+X1wwY0D3s5Baq0ShsRXj
KdH8U9t91wscPULQ8cinIzn0GXq8js85PTBKv0Gi5aS8Xn9q5PaZIEEBv+ao9qc4
BDjwY6xMzp2CuwIn/LQZiaiyUcIDTRb+NZ9tW6DwVTTXlH6y21/TjzHy8XwEBhXe
WrTucF6Hk+4+cfTxEvNmw8VhCLJhBCONtpsWUPnTt85tFC/u2Glc52jciHoIvaDA
Saa3CL5VRVHC4cQhfyKY+dyBuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJSD/DMp
ro2bbWMjYGRbspS/e6EqMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvMzBCMUFFRTQx
RDBGMTFFRUExMjcwRTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIe8wDQYJKoZIhvcNAQELBQADggEBAE6tjC+7QA9hVLZQ
saBf4Aeom9Se+LHMZyCWwuHonp3UQ7tYB2dscJe76O3gfs6SDSKgJfj5rqsRynZE
Ju3UV9tV5yzRAlMviQOqSdHZO6ZVg+f3bNCkytAQrCtGATY3xycdGSjkW0N6LTun
sHwl7qEZRw1olNiXIBtNYfoZMFsBBIuOTeCHtom+d+7ACrZ0a91Lku2pBTMrBC52
re3Uhke5DqxfX2nwc60/rIG74zcQE3LAYtEHjJno85gfnTjQ/i15b9j5fUefpF88
GHW+P5PzfQDUGAlBni+K1NvBifvqOT+UUhjqjxw3RoxtQkFKmd2k9m5RNfP8zsPr
j/GEOwE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org