Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/4B812A7C94B711EEA800BE1AC4F9AE02.roa
File: 4B812A7C94B711EEA800BE1AC4F9AE02.roa (raw, json)
Hash identifier: BpUj2oChF8IjxJtmE7ea7Pr88dMcs/kOe7uCBGRRiEk=
Subject key identifier: 4A:75:7F:F6:E5:33:42:2F:CE:A2:E1:6B:41:D1:48:19:65:6A:3F:93
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: 0141
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/4B812A7C94B711EEA800BE1AC4F9AE02.roa
Signing time: Thu 07 Dec 2023 04:15:46 +0000
ROA not before: Thu 07 Dec 2023 04:15:46 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 211014
IP address blocks: 203.18.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jan 2024 22:50:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321 (0x141)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Dec 7 04:15:46 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=657146f2-8dc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:02:0d:0b:10:4e:60:7f:67:3f:35:64:77:97:
a8:af:2a:36:a5:c8:48:14:43:34:3c:a7:ba:87:59:
ab:14:a7:de:3c:ce:e1:e6:9e:49:1a:45:08:f9:22:
93:89:8b:d8:07:05:e0:0e:22:80:50:96:bd:ff:97:
a8:36:e3:4e:41:e5:d7:70:e1:f5:7d:ad:4f:d9:44:
32:3c:15:ee:ce:d8:53:49:7f:5d:80:95:97:28:59:
84:04:b5:75:3c:ef:d3:8e:72:b7:af:ac:a7:3a:c4:
47:92:46:9f:cf:28:83:51:82:60:28:b2:a3:3f:11:
fc:f8:a0:64:28:d5:8f:5e:3e:03:75:3d:b4:91:89:
98:66:4f:7e:96:98:61:6d:49:ec:9a:0c:a7:05:0e:
1f:93:6b:45:03:80:f6:3b:db:7b:a0:ed:86:9f:f9:
2b:6d:d3:15:34:ca:c1:0f:7b:86:91:5d:92:87:e0:
73:57:9a:2e:7f:be:61:a4:ca:0d:e9:bc:05:11:e4:
84:9d:a1:95:0e:97:07:07:55:8e:5d:12:0b:7c:70:
ea:da:e6:b0:13:ea:eb:44:8e:c8:17:58:27:1d:31:
bf:ea:27:52:3a:0e:07:d6:bc:2b:9d:43:5f:64:ed:
80:00:e9:3b:96:b9:9d:43:09:d7:5f:70:d0:17:e6:
de:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:75:7F:F6:E5:33:42:2F:CE:A2:E1:6B:41:D1:48:19:65:6A:3F:93
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/4B812A7C94B711EEA800BE1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.18.98.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:2a:ed:40:91:72:ae:77:84:0f:b2:d7:4e:4f:94:a5:43:de:
76:91:fd:26:b4:31:40:d7:ef:01:f7:61:00:75:dc:f9:d6:c8:
2d:74:78:56:04:d7:99:a7:f2:1e:3b:d2:23:18:57:cf:e2:ee:
99:e5:ad:03:50:ba:ec:28:ef:74:a3:fe:b9:87:1b:9c:85:e6:
96:1e:d7:41:a5:ab:2e:9c:93:38:9b:0f:7f:44:4b:43:19:b1:
2e:c7:5b:43:91:aa:dc:24:ef:3a:18:59:c4:ac:a1:d8:79:66:
5e:ea:d7:9d:8c:7b:98:2f:0d:37:49:47:c0:39:18:0d:b5:0b:
9d:4e:a2:9a:08:2d:83:6a:dc:46:22:98:b1:63:ac:9e:cd:cb:
a7:7c:12:aa:b1:06:99:3d:3f:e5:e8:6e:c4:6f:4c:76:fc:7c:
0b:27:28:24:52:4f:03:24:f5:be:91:0a:d6:f5:e3:f8:45:d0:
67:42:89:96:4e:eb:10:09:f8:27:a1:ae:f8:d9:a1:7b:0e:bf:
77:5d:38:a2:fe:a6:26:4e:e0:e9:80:36:fd:d3:d6:eb:43:1f:
83:12:c6:0a:eb:63:91:4d:6e:f9:d2:24:f2:3a:27:be:2f:36:
7c:fb:59:8d:45:0b:f0:c9:a2:da:81:02:41:cd:bd:a8:28:3f:
3c:d6:4c:84
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMxMjA3MDQxNTQ2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcxNDZmMi04ZGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtgINCxBOYH9nPzVkd5eoryo2pchIFEM0PKe6h1mrFKfePM7h5p5JGkUI+SKT
iYvYBwXgDiKAUJa9/5eoNuNOQeXXcOH1fa1P2UQyPBXuzthTSX9dgJWXKFmEBLV1
PO/TjnK3r6ynOsRHkkafzyiDUYJgKLKjPxH8+KBkKNWPXj4DdT20kYmYZk9+lphh
bUnsmgynBQ4fk2tFA4D2O9t7oO2Gn/krbdMVNMrBD3uGkV2Sh+BzV5ouf75hpMoN
6bwFEeSEnaGVDpcHB1WOXRILfHDq2uawE+rrRI7IF1gnHTG/6idSOg4H1rwrnUNf
ZO2AAOk7lrmdQwnXX3DQF+beTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEp1f/bl
M0IvzqLha0HRSBllaj+TMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvNEI4MTJBN0M5
NEI3MTFFRUE4MDBCRTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLEmIwDQYJKoZIhvcNAQELBQADggEBAD4q7UCRcq53hA+y
105PlKVD3naR/Sa0MUDX7wH3YQB13PnWyC10eFYE15mn8h470iMYV8/i7pnlrQNQ
uuwo73Sj/rmHG5yF5pYe10Glqy6ckzibD39ES0MZsS7HW0ORqtwk7zoYWcSsodh5
Zl7q152Me5gvDTdJR8A5GA21C51OopoILYNq3EYimLFjrJ7Ny6d8EqqxBpk9P+Xo
bsRvTHb8fAsnKCRSTwMk9b6RCtb14/hF0GdCiZZO6xAJ+CehrvjZoXsOv3ddOKL+
piZO4OmANv3T1utDH4MSxgrrY5FNbvnSJPI6J74vNnz7WY1FC/DJotqBAkHNvago
PzzWTIQ=
-----END CERTIFICATE-----
Generated at Sun Jan 7 00:06:46 2024 by rpki-client on console-ams.rpki-client.org