Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/9EA09F4E7D0F11EFA05A4C3FC4F9AE02.roa
File: 9EA09F4E7D0F11EFA05A4C3FC4F9AE02.roa (raw, json)
Hash identifier: 6NiBOAA7VW560hQeh3Vj4hDUn787hfPqczrN2rkrM+U=
Subject key identifier: 4E:1A:81:74:E8:0D:9F:30:78:AC:4C:D9:7D:9E:EC:74:22:E5:65:AF
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: 01F7
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/9EA09F4E7D0F11EFA05A4C3FC4F9AE02.roa
Signing time: Fri 27 Sep 2024 20:32:31 +0000
ROA not before: Fri 27 Sep 2024 20:32:31 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 215930
IP address blocks: 203.21.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 09:25:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 503 (0x1f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Sep 27 20:32:31 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66f7165f-284b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b1:7e:83:65:db:39:c6:41:99:bc:65:5c:ce:
55:65:59:be:5b:95:5a:8d:63:f7:fa:d9:86:b9:b8:
73:b7:34:6e:a3:29:49:34:3f:48:f2:10:e3:49:c8:
67:c3:93:a2:97:75:bb:aa:2b:5c:0a:d6:ed:01:a1:
5d:3f:76:8a:5d:fa:b4:8f:5d:cb:b1:1f:59:ee:0f:
83:29:4e:b6:71:23:4e:78:90:52:c1:8b:58:54:63:
2b:38:fa:fc:ca:62:33:be:ee:23:6a:b7:04:00:0b:
7f:0c:ef:d6:80:a5:51:54:47:c6:2b:23:6b:ce:8a:
ff:54:1b:e2:59:31:3b:fe:59:c8:7f:05:28:3d:e2:
8b:6a:54:3e:b6:4d:71:b7:f8:95:f0:e2:be:36:85:
8a:36:17:e1:84:45:2c:73:85:d8:a0:57:09:d1:1f:
20:1c:60:fb:9c:07:e5:a2:4b:3c:ee:4d:a0:b9:77:
49:ac:6d:79:47:cd:fe:58:cf:70:81:b2:7c:fc:b2:
6e:19:fb:ae:42:00:82:11:03:7c:3d:ad:b6:ec:d0:
d1:b5:5d:2c:ba:2b:32:db:64:aa:8b:0b:ce:af:68:
6a:a0:59:38:34:d0:f1:be:ac:6c:af:e5:01:97:c0:
40:47:5f:cc:93:08:5c:0f:e2:eb:6f:0b:c2:28:e5:
56:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1A:81:74:E8:0D:9F:30:78:AC:4C:D9:7D:9E:EC:74:22:E5:65:AF
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/9EA09F4E7D0F11EFA05A4C3FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.21.72.0/24
Signature Algorithm: sha256WithRSAEncryption
18:b5:44:bd:17:ab:21:31:76:f2:b2:24:84:51:3c:3d:4a:66:
8c:ed:ef:b4:6e:a2:a3:d8:5f:0a:a9:1a:e3:07:29:86:13:fa:
db:c0:96:5c:c6:2d:4b:90:df:38:67:1c:ad:d1:ca:83:95:66:
dd:22:71:72:a4:cc:6d:c1:a4:55:d1:c7:a4:bc:e1:fb:8d:ea:
a1:c5:9e:e4:ee:b8:d5:bc:58:98:8e:ec:35:ba:d8:c3:d9:07:
2b:c2:26:da:48:11:29:3f:58:41:19:e9:39:ec:6a:9a:fb:32:
be:1f:9d:b7:38:16:83:af:ca:98:dd:43:3e:fa:25:d1:1d:46:
00:ba:39:9f:d3:e8:0c:68:83:28:95:e4:cd:f0:be:b7:4f:ea:
f5:c2:da:c2:84:be:e0:30:b0:0a:4d:bd:29:ad:46:b0:c8:22:
eb:ff:5b:b6:6e:76:6e:82:53:c8:75:77:36:e2:f2:79:71:08:
7d:9a:ac:2b:b5:af:33:d2:5f:b0:37:ce:27:99:1f:48:f1:dd:
bf:0a:c3:8e:f7:c8:b4:66:61:7c:e7:44:88:96:77:fa:55:00:
a9:75:60:49:fa:07:36:6c:b8:7e:bb:23:3e:9e:ef:4a:09:55:
4b:05:65:f9:4d:27:8b:eb:c5:26:ce:b9:14:6e:1e:74:09:1e:
aa:99:f6:2c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAfcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjQwOTI3MjAzMjMxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY3MTY1Zi0yODRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwbF+g2XbOcZBmbxlXM5VZVm+W5VajWP3+tmGubhztzRuoylJND9I8hDjSchn
w5Oil3W7qitcCtbtAaFdP3aKXfq0j13LsR9Z7g+DKU62cSNOeJBSwYtYVGMrOPr8
ymIzvu4jarcEAAt/DO/WgKVRVEfGKyNrzor/VBviWTE7/lnIfwUoPeKLalQ+tk1x
t/iV8OK+NoWKNhfhhEUsc4XYoFcJ0R8gHGD7nAfloks87k2guXdJrG15R83+WM9w
gbJ8/LJuGfuuQgCCEQN8Pa227NDRtV0suisy22SqiwvOr2hqoFk4NNDxvqxsr+UB
l8BAR1/MkwhcD+LrbwvCKOVWBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE4agXTo
DZ8weKxM2X2e7HQi5WWvMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvOUVBMDlGNEU3
RDBGMTFFRkEwNUE0QzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLFUgwDQYJKoZIhvcNAQELBQADggEBABi1RL0XqyExdvKy
JIRRPD1KZozt77RuoqPYXwqpGuMHKYYT+tvAllzGLUuQ3zhnHK3RyoOVZt0icXKk
zG3BpFXRx6S84fuN6qHFnuTuuNW8WJiO7DW62MPZByvCJtpIESk/WEEZ6Tnsapr7
Mr4fnbc4FoOvypjdQz76JdEdRgC6OZ/T6AxogyiV5M3wvrdP6vXC2sKEvuAwsApN
vSmtRrDIIuv/W7Zudm6CU8h1dzbi8nlxCH2arCu1rzPSX7A3zieZH0jx3b8Kw473
yLRmYXznRIiWd/pVAKl1YEn6BzZsuH67Iz6e70oJVUsFZflNJ4vrxSbOuRRuHnQJ
HqqZ9iw=
-----END CERTIFICATE-----
Generated at Thu Oct 3 10:49:53 2024 by rpki-client on console-fra.rpki-client.org