Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/61448F8EE30411EEBCD41A65C4F9AE02.roa
File: 61448F8EE30411EEBCD41A65C4F9AE02.roa (raw, json)
Hash identifier: Fv1v9dLLLr74WL+gZdUec4OlhOgNQBBu5cOsdGrC2R8=
Subject key identifier: 7B:EB:4B:5E:0A:0D:B1:27:77:F8:C5:8D:E1:13:07:C3:19:4B:15:3C
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: 0186
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/61448F8EE30411EEBCD41A65C4F9AE02.roa
Signing time: Fri 15 Mar 2024 19:44:05 +0000
ROA not before: Fri 15 Mar 2024 19:44:05 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 57043
IP address blocks: 203.18.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 07:28:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 390 (0x186)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Mar 15 19:44:05 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65f4a504-a920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:85:a3:cf:0f:78:d1:ff:70:7c:93:61:f0:0a:
52:5e:d8:e1:c3:59:ad:e8:dd:f2:f1:32:c0:e4:39:
54:f2:f7:e3:da:9b:a6:6c:95:37:4e:c1:b9:0e:27:
4b:6b:10:2f:46:0c:32:71:ef:35:ff:b3:78:1a:ab:
94:53:2a:7e:88:bd:bb:6f:19:8d:3d:77:b3:c7:7f:
c6:65:d0:3b:f2:3c:d2:44:53:de:1e:1f:1e:0b:37:
a6:d0:d6:a0:07:bc:90:5e:4a:94:26:1e:b4:67:80:
1a:f3:ff:e9:12:4a:f8:7e:19:c6:6a:7a:f6:4d:ab:
d2:d6:13:43:1a:01:ec:33:52:41:1c:47:e8:f0:22:
d6:05:67:1f:ab:31:26:0b:84:80:ec:2b:7a:00:e5:
92:4e:ed:8d:26:8c:83:c4:b7:6c:16:76:c5:53:4b:
ae:6e:8c:1a:47:56:50:85:93:04:28:e5:1f:3b:13:
31:79:ba:bc:fa:6d:24:11:48:cd:b4:1e:9c:48:0b:
41:54:76:98:21:61:fd:1c:0e:e8:7a:9f:7e:f7:ec:
45:e8:14:e3:eb:ca:2f:35:0b:44:68:5a:f3:c3:4c:
7a:8c:c9:9a:6f:97:0c:0c:cd:21:70:f1:0b:51:86:
24:1b:7a:5a:d7:19:cb:b8:71:95:48:78:be:fa:c6:
82:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:EB:4B:5E:0A:0D:B1:27:77:F8:C5:8D:E1:13:07:C3:19:4B:15:3C
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/61448F8EE30411EEBCD41A65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.18.98.0/24
Signature Algorithm: sha256WithRSAEncryption
25:21:1a:d4:11:01:02:8f:e4:60:57:f0:e2:e6:42:2b:1c:6b:
b5:b2:70:b9:74:8c:0a:b6:6d:ae:ef:ad:0f:54:19:0a:b8:22:
41:d7:fc:88:68:9c:96:37:4b:3c:5d:91:16:bb:1c:ff:1b:28:
0f:60:0e:04:24:ad:3d:4e:1b:e4:32:0a:42:46:ff:1e:87:23:
90:3f:9c:29:4f:0d:db:8e:6c:b6:bd:b1:5c:4f:3b:d9:90:7d:
4f:33:c0:68:30:2e:c9:d2:45:61:c9:ff:2a:c1:26:be:d4:fc:
f4:91:e4:cb:32:68:a3:75:5b:04:0e:50:d4:e0:ec:f2:bf:4d:
f0:95:64:f4:92:98:1f:ee:7f:0f:b7:ad:28:98:86:31:78:9d:
73:7a:7d:cf:25:a2:87:7a:55:0e:33:b3:7d:c7:39:91:a9:4b:
06:7f:f9:42:39:0a:10:5c:c4:e4:ff:7c:4d:d0:b5:90:d9:95:
72:a4:d9:0d:38:73:ec:bd:da:a1:3c:a7:e5:ce:09:ac:c1:51:
df:e3:e8:6a:6c:ef:b1:85:f9:9c:63:dc:8a:82:4c:28:ba:da:
2b:19:43:d5:05:fc:48:c9:70:89:1f:2c:3b:2a:3d:52:42:c6:
d4:f6:76:11:ac:c2:34:c4:ef:fe:b7:c3:28:d1:51:f7:36:be:
da:7e:9f:44
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjQwMzE1MTk0NDA1WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWY0YTUwNC1hOTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq4Wjzw940f9wfJNh8ApSXtjhw1mt6N3y8TLA5DlU8vfj2pumbJU3TsG5DidL
axAvRgwyce81/7N4GquUUyp+iL27bxmNPXezx3/GZdA78jzSRFPeHh8eCzem0Nag
B7yQXkqUJh60Z4Aa8//pEkr4fhnGanr2TavS1hNDGgHsM1JBHEfo8CLWBWcfqzEm
C4SA7Ct6AOWSTu2NJoyDxLdsFnbFU0uubowaR1ZQhZMEKOUfOxMxebq8+m0kEUjN
tB6cSAtBVHaYIWH9HA7oep9+9+xF6BTj68ovNQtEaFrzw0x6jMmab5cMDM0hcPEL
UYYkG3pa1xnLuHGVSHi++saCZwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHvrS14K
DbEnd/jFjeETB8MZSxU8MB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvNjE0NDhGOEVF
MzA0MTFFRUJDRDQxQTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLEmIwDQYJKoZIhvcNAQELBQADggEBACUhGtQRAQKP5GBX
8OLmQisca7WycLl0jAq2ba7vrQ9UGQq4IkHX/IhonJY3SzxdkRa7HP8bKA9gDgQk
rT1OG+QyCkJG/x6HI5A/nClPDduObLa9sVxPO9mQfU8zwGgwLsnSRWHJ/yrBJr7U
/PSR5MsyaKN1WwQOUNTg7PK/TfCVZPSSmB/ufw+3rSiYhjF4nXN6fc8lood6VQ4z
s33HOZGpSwZ/+UI5ChBcxOT/fE3QtZDZlXKk2Q04c+y92qE8p+XOCazBUd/j6Gps
77GF+Zxj3IqCTCi62isZQ9UF/EjJcIkfLDsqPVJCxtT2dhGswjTE7/63wyjRUfc2
vtp+n0Q=
-----END CERTIFICATE-----
Generated at Tue Mar 26 12:08:39 2024 by rpki-client on console-fra.rpki-client.org