Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/8AFB99D4D4D211EEBEC4547BC4F9AE02.roa
File: 8AFB99D4D4D211EEBEC4547BC4F9AE02.roa (raw, json)
Hash identifier: ziOI1f/HoWHydEmwGH7bv5Z2opLNtg85HTGEexTtUKk=
Subject key identifier: 3C:75:7E:57:65:D1:8B:87:F3:2C:B8:D5:DC:AA:62:C8:20:9D:EC:AE
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: 017A
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/8AFB99D4D4D211EEBEC4547BC4F9AE02.roa
Signing time: Mon 26 Feb 2024 18:12:04 +0000
ROA not before: Mon 26 Feb 2024 18:12:04 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 5065
IP address blocks: 203.33.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 00:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 378 (0x17a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Feb 26 18:12:04 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65dcd473-f90b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:69:04:39:e6:bd:76:cc:40:60:f7:38:69:da:
f3:c5:a7:b7:f3:c6:9d:bb:54:af:11:fb:a5:1f:1a:
93:45:c6:fe:8e:d7:c8:24:ba:29:80:4f:4d:c4:89:
8f:48:6a:38:2f:96:69:3d:cd:88:f5:93:ef:c1:b0:
ff:53:1b:cd:82:11:35:13:11:95:06:e3:73:7b:25:
23:1e:d4:f6:ec:9d:99:9b:16:5a:c1:7c:1b:5f:ec:
f8:94:49:b4:b6:60:6c:21:44:ad:d5:2a:4d:60:c5:
f6:92:f4:59:5a:29:f3:a0:b7:32:6e:94:a2:06:26:
20:37:1a:8d:7b:bf:30:41:af:fd:0e:5a:1b:cc:18:
c2:98:73:a7:5c:f1:0d:20:0e:fa:ce:81:09:09:bf:
a2:82:1c:3a:59:30:6e:6b:03:14:0c:ea:f9:98:c1:
0d:4d:30:1d:30:31:01:20:96:97:f0:09:d3:31:7c:
78:cb:c3:84:6d:d5:a3:29:a1:4c:42:ac:68:5f:a9:
2b:87:80:d1:8a:02:c6:5f:80:ac:c2:52:5c:48:95:
56:1a:39:98:7a:5d:e0:7d:3e:ab:5b:6f:9a:20:5f:
1b:b7:57:7b:36:bc:f0:13:c6:d8:4f:69:84:14:0b:
99:3c:fc:12:a4:8b:5d:b3:48:5a:d0:ca:01:81:94:
22:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:75:7E:57:65:D1:8B:87:F3:2C:B8:D5:DC:AA:62:C8:20:9D:EC:AE
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/8AFB99D4D4D211EEBEC4547BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.238.0/24
Signature Algorithm: sha256WithRSAEncryption
32:5f:48:06:c8:87:fc:21:cc:81:cd:a8:92:d3:f8:9b:02:a4:
7a:db:2f:48:47:02:6e:54:aa:fa:d5:a1:6d:23:69:59:13:54:
97:18:81:a3:e6:81:f0:7e:f7:d4:5a:45:ee:43:96:47:7c:5d:
f2:7e:9f:ad:e2:8b:80:99:17:79:af:1e:4b:ba:f0:3d:96:33:
43:60:3a:a2:59:d9:9f:2e:2e:c5:63:1f:e2:de:96:de:ed:8c:
66:36:f9:59:61:13:03:a6:9b:d1:4a:c3:49:c9:b9:8a:55:36:
e9:ea:bb:30:f5:c7:ad:0f:2e:59:68:a6:a7:14:6f:86:f7:13:
77:f6:0b:d6:b6:0f:da:18:84:b8:de:0f:a0:a7:83:41:d9:87:
96:53:9b:c6:31:83:a4:9f:d8:88:d9:6e:67:9e:bc:dd:33:ab:
c0:59:9d:69:7e:1b:14:0e:98:47:c0:1d:aa:1a:62:a5:54:99:
f4:0c:d3:15:45:7d:ed:43:cb:05:00:37:cf:5e:06:50:18:c3:
f3:b1:23:5d:07:8e:78:7f:69:3c:4e:2e:42:47:54:ab:b0:99:
62:73:3d:31:3a:72:80:f5:ac:ab:c6:92:34:a2:a1:50:84:cb:
b9:43:5d:4d:50:52:5d:62:2d:83:95:b7:a9:57:17:0e:ba:c5:
71:53:6a:48
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAXowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjQwMjI2MTgxMjA0WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRjZDQ3My1mOTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwWkEOea9dsxAYPc4adrzxae388adu1SvEfulHxqTRcb+jtfIJLopgE9NxImP
SGo4L5ZpPc2I9ZPvwbD/UxvNghE1ExGVBuNzeyUjHtT27J2ZmxZawXwbX+z4lEm0
tmBsIUSt1SpNYMX2kvRZWinzoLcybpSiBiYgNxqNe78wQa/9DlobzBjCmHOnXPEN
IA76zoEJCb+ighw6WTBuawMUDOr5mMENTTAdMDEBIJaX8AnTMXx4y8OEbdWjKaFM
QqxoX6krh4DRigLGX4CswlJcSJVWGjmYel3gfT6rW2+aIF8bt1d7NrzwE8bYT2mE
FAuZPPwSpItds0ha0MoBgZQi4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFDx1fldl
0YuH8yy41dyqYsggneyuMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvOEFGQjk5RDRE
NEQyMTFFRUJFQzQ1NDdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIe4wDQYJKoZIhvcNAQELBQADggEBADJfSAbIh/whzIHN
qJLT+JsCpHrbL0hHAm5UqvrVoW0jaVkTVJcYgaPmgfB+99RaRe5Dlkd8XfJ+n63i
i4CZF3mvHku68D2WM0NgOqJZ2Z8uLsVjH+Lelt7tjGY2+VlhEwOmm9FKw0nJuYpV
NunquzD1x60PLllopqcUb4b3E3f2C9a2D9oYhLjeD6Cng0HZh5ZTm8Yxg6Sf2IjZ
bmeevN0zq8BZnWl+GxQOmEfAHaoaYqVUmfQM0xVFfe1DywUAN89eBlAYw/OxI10H
jnh/aTxOLkJHVKuwmWJzPTE6coD1rKvGkjSioVCEy7lDXU1QUl1iLYOVt6lXFw66
xXFTakg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org