Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/5C4A6C529F7E11EE9D6BE54BC4F9AE02.roa
File: 5C4A6C529F7E11EE9D6BE54BC4F9AE02.roa (raw, json)
Hash identifier: oFzPVmn33j4kycadvvzLYdrSxpXNXJHJzwp6dCDEAA4=
Subject key identifier: 1F:97:48:F1:A4:EC:CF:CB:88:FA:A8:58:A5:B4:F7:90:11:07:A5:15
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: 015D
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/5C4A6C529F7E11EE9D6BE54BC4F9AE02.roa
Signing time: Mon 15 Jan 2024 15:06:43 +0000
ROA not before: Mon 15 Jan 2024 15:06:43 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 147287
IP address blocks: 203.18.98.0/24 maxlen: 24
203.33.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 20:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 349 (0x15d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Jan 15 15:06:43 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65a54a02-e576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d3:e5:8b:fa:6e:88:fe:24:16:2b:45:a3:03:
d5:11:ba:b5:fb:a1:44:04:2c:5f:50:a8:4a:52:f7:
30:32:27:c1:f8:b4:98:3e:71:66:75:1e:b3:a1:8a:
07:ca:68:5d:f3:6c:41:93:25:44:05:c4:4b:39:c7:
57:91:7f:8c:f8:f8:dd:fb:ae:ee:87:ec:17:a9:e0:
21:4e:a0:14:d8:fc:2c:27:a0:89:41:9b:09:0a:70:
78:ee:ac:d0:d6:88:15:f5:bd:20:04:4e:51:24:2c:
65:b1:9e:78:50:24:3b:a8:25:83:3c:80:a6:96:ec:
c6:23:77:50:da:30:81:b1:5f:23:16:29:2e:cf:7d:
f3:aa:8b:27:c6:6b:5d:45:29:23:97:c6:5b:b1:92:
62:8e:dc:58:92:0f:0c:2f:fc:80:65:de:6e:5b:92:
69:4a:03:a5:69:10:df:df:2c:43:48:c2:35:16:f3:
2e:d8:e1:f4:55:ef:c1:6a:e8:ea:21:17:10:6f:7e:
0e:9f:d3:6d:ef:ca:3b:66:03:f3:55:68:16:6d:f7:
a7:4c:cf:b0:ed:08:4e:31:50:42:19:1d:d0:3e:00:
18:ef:95:69:fd:78:36:f2:6c:27:4e:aa:01:58:e1:
df:f2:b4:65:7c:86:8a:e2:da:dd:ae:fb:47:ac:74:
de:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:97:48:F1:A4:EC:CF:CB:88:FA:A8:58:A5:B4:F7:90:11:07:A5:15
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/5C4A6C529F7E11EE9D6BE54BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.18.98.0/24
203.33.238.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:9e:ab:8f:95:21:91:73:43:b7:f6:65:53:1d:19:78:fd:b5:
6d:67:36:b4:45:49:de:e6:3c:6c:c6:62:8c:5c:32:f7:31:fc:
bc:ba:c5:fd:5b:7d:d8:8d:ff:29:46:4a:a7:19:ad:16:03:55:
1f:c2:37:c1:af:e0:7e:36:d0:89:bf:34:58:b1:7d:f8:37:51:
09:7c:4d:d4:c4:72:8e:06:99:85:af:5d:05:00:a8:fe:ae:18:
8f:50:3a:b7:b9:a8:8c:c7:b3:4d:8b:74:41:ff:a8:d0:d2:50:
e7:3d:b1:44:7b:61:a2:63:ed:05:f4:bc:56:6e:b7:39:3c:29:
b8:61:67:b2:f9:65:bf:90:25:0f:1c:fe:bd:18:1b:0a:1a:68:
c0:98:62:74:dd:50:c0:a6:a7:94:b2:e2:ce:bf:01:4d:08:07:
f0:00:f1:10:79:ad:c9:93:35:0a:6b:f4:df:ad:13:5c:c1:61:
a3:43:f5:ea:6e:37:4f:7a:2f:9c:e2:ca:29:79:cb:01:68:af:
46:9c:a7:45:9f:b4:a3:03:d9:8c:9d:45:44:f1:64:95:fe:9f:
a7:10:b6:55:50:ef:0e:61:17:c1:15:f7:1e:4a:65:4d:e6:dd:
cb:36:0a:f7:01:aa:1d:d1:76:46:e9:fa:89:e9:9f:59:0f:0f:
5b:71:39:11
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjQwMTE1MTUwNjQzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE1NGEwMi1lNTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxdPli/puiP4kFitFowPVEbq1+6FEBCxfUKhKUvcwMifB+LSYPnFmdR6zoYoH
ymhd82xBkyVEBcRLOcdXkX+M+Pjd+67uh+wXqeAhTqAU2PwsJ6CJQZsJCnB47qzQ
1ogV9b0gBE5RJCxlsZ54UCQ7qCWDPICmluzGI3dQ2jCBsV8jFikuz33zqosnxmtd
RSkjl8ZbsZJijtxYkg8ML/yAZd5uW5JpSgOlaRDf3yxDSMI1FvMu2OH0Ve/Baujq
IRcQb34On9Nt78o7ZgPzVWgWbfenTM+w7QhOMVBCGR3QPgAY75Vp/Xg28mwnTqoB
WOHf8rRlfIaK4trdrvtHrHTewwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFB+XSPGk
7M/LiPqoWKW095ARB6UVMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvNUM0QTZDNTI5
RjdFMTFFRTlENkJFNTRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLEmIDBADLIe4wDQYJKoZIhvcNAQELBQADggEBAC2eq4+V
IZFzQ7f2ZVMdGXj9tW1nNrRFSd7mPGzGYoxcMvcx/Ly6xf1bfdiN/ylGSqcZrRYD
VR/CN8Gv4H420Im/NFixffg3UQl8TdTEco4GmYWvXQUAqP6uGI9QOre5qIzHs02L
dEH/qNDSUOc9sUR7YaJj7QX0vFZutzk8KbhhZ7L5Zb+QJQ8c/r0YGwoaaMCYYnTd
UMCmp5Sy4s6/AU0IB/AA8RB5rcmTNQpr9N+tE1zBYaND9epuN096L5ziyil5ywFo
r0acp0WftKMD2YydRUTxZJX+n6cQtlVQ7w5hF8EV9x5KZU3m3cs2CvcBqh3Rdkbp
+onpn1kPD1txORE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org