Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/319A4F781D0F11EEA1270E4FC4F9AE02.roa
File: 319A4F781D0F11EEA1270E4FC4F9AE02.roa (raw, json)
Hash identifier: nL9gB+u5kGgzUPo/IqVePOWfqOHV/VjEwYCirabkyp0=
Subject key identifier: 6A:86:83:2C:93:39:84:C0:F6:FE:52:76:D6:34:95:8E:46:5D:F2:A4
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: EF
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/319A4F781D0F11EEA1270E4FC4F9AE02.roa
Signing time: Sun 27 Aug 2023 03:23:45 +0000
ROA not before: Sun 27 Aug 2023 03:23:45 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 398343
IP address blocks: 203.18.98.0/24 maxlen: 24
203.21.72.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 239 (0xef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Aug 27 03:23:45 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64eac1c1-533f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a2:b0:e1:1f:da:5f:54:9e:36:8c:86:70:16:
4a:e5:d5:5e:e0:f8:ba:d3:85:ea:19:bf:4a:c9:d8:
0b:d9:62:aa:e8:8b:3a:7a:31:6f:21:15:94:05:a1:
c5:9d:8c:5f:01:42:33:18:b1:11:46:8d:97:b1:e0:
e8:e7:ab:dc:5d:80:14:3b:fa:48:12:28:bb:a8:cb:
aa:9f:02:84:4b:56:65:c5:82:c2:a3:fc:de:0f:d9:
f4:8a:97:36:80:f3:9d:06:2c:d1:eb:29:f9:30:86:
52:09:b7:b0:89:24:16:c7:86:c8:56:85:81:1e:6c:
29:dc:bc:4a:c1:99:d5:61:f7:24:07:36:a9:14:b1:
a9:4f:df:32:52:2c:a9:a4:00:2f:33:c8:c6:2d:9e:
67:a3:f2:16:95:f2:f2:bf:23:4c:84:1a:b4:33:b3:
a8:73:84:46:79:d9:78:22:fb:40:1a:2e:26:db:44:
a1:0d:b6:2c:e8:0d:e6:77:7c:4c:d5:98:93:05:c6:
2d:6a:f3:69:21:dc:6a:8d:e5:e0:91:64:38:ac:e6:
eb:7d:56:9f:5a:43:b6:f4:b2:9a:b0:8e:76:ee:b1:
c9:79:49:e6:72:6e:61:29:91:a8:97:63:0a:84:7f:
7e:36:02:08:e1:90:8f:eb:83:2a:13:fe:da:e9:a9:
6a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:86:83:2C:93:39:84:C0:F6:FE:52:76:D6:34:95:8E:46:5D:F2:A4
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/319A4F781D0F11EEA1270E4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.18.98.0/24
203.21.72.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d0:7d:33:27:14:24:4d:25:84:fc:42:9a:ae:2d:f5:06:70:
10:7d:29:fb:a5:12:79:13:e2:e3:86:1e:78:ee:96:3b:73:ce:
c0:b0:42:07:18:70:44:26:6e:29:6d:fc:49:ad:e9:a2:c0:99:
50:ba:59:c6:84:d6:69:e0:71:68:e2:50:28:f9:ed:b2:3f:84:
8b:c4:08:b6:a4:95:86:fc:b2:48:5e:d7:ab:e8:2b:2c:cf:f3:
8b:58:af:f0:ba:e1:a3:50:7e:f9:8e:be:0e:3d:72:74:a7:86:
4e:40:61:b1:d9:2e:f3:a9:24:b5:4b:97:3d:b7:96:ae:1a:73:
07:cd:2e:9e:26:c9:d3:34:05:23:e7:4a:49:12:71:ac:b1:8d:
2e:d3:44:5a:d6:98:45:3b:8c:0b:dd:88:35:fc:65:23:a2:01:
04:90:cd:9d:c9:ce:3f:60:c9:8f:f3:bc:5c:dd:1e:5c:4a:53:
6f:ba:d9:6d:81:b4:30:cb:98:0b:3c:8d:1d:02:e7:13:82:04:
30:f9:d0:84:3e:af:34:0c:2f:b6:26:23:e1:58:f5:0f:24:f4:
81:36:f5:eb:bb:42:36:f2:05:f5:d1:d6:e2:da:fe:88:2c:c4:
2a:9d:e1:da:ac:03:1c:8b:b8:78:d6:39:af:87:9f:bf:d4:be:
e8:f6:de:38
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMwODI3MDMyMzQ1WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVhYzFjMS01MzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx6Kw4R/aX1SeNoyGcBZK5dVe4Pi604XqGb9KydgL2WKq6Is6ejFvIRWUBaHF
nYxfAUIzGLERRo2XseDo56vcXYAUO/pIEii7qMuqnwKES1ZlxYLCo/zeD9n0ipc2
gPOdBizR6yn5MIZSCbewiSQWx4bIVoWBHmwp3LxKwZnVYfckBzapFLGpT98yUiyp
pAAvM8jGLZ5no/IWlfLyvyNMhBq0M7Ooc4RGedl4IvtAGi4m20ShDbYs6A3md3xM
1ZiTBcYtavNpIdxqjeXgkWQ4rObrfVafWkO29LKasI527rHJeUnmcm5hKZGol2MK
hH9+NgII4ZCP64MqE/7a6alqJQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGqGgyyT
OYTA9v5SdtY0lY5GXfKkMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvMzE5QTRGNzgx
RDBGMTFFRUExMjcwRTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLEmIDBADLFUgwDQYJKoZIhvcNAQELBQADggEBAEfQfTMn
FCRNJYT8QpquLfUGcBB9KfulEnkT4uOGHnjuljtzzsCwQgcYcEQmbilt/Emt6aLA
mVC6WcaE1mngcWjiUCj57bI/hIvECLaklYb8skhe16voKyzP84tYr/C64aNQfvmO
vg49cnSnhk5AYbHZLvOpJLVLlz23lq4acwfNLp4mydM0BSPnSkkScayxjS7TRFrW
mEU7jAvdiDX8ZSOiAQSQzZ3Jzj9gyY/zvFzdHlxKU2+62W2BtDDLmAs8jR0C5xOC
BDD50IQ+rzQML7YmI+FY9Q8k9IE29eu7QjbyBfXR1uLa/ogsxCqd4dqsAxyLuHjW
Oa+Hn7/Uvuj23jg=
-----END CERTIFICATE-----
Generated at Tue Sep 26 19:26:24 2023 by rpki-client on console-fra.rpki-client.org