Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/EB5EBC3A341D11EEBE89FE2FC4F9AE02.roa
File: EB5EBC3A341D11EEBE89FE2FC4F9AE02.roa (raw, json)
Hash identifier: FCDJlRGpsAtgYzNX7GgnijG96w+qPEoHtmq0Hme7HVA=
Subject key identifier: 14:18:3E:B8:D0:ED:EC:17:EF:A4:97:5C:01:C1:51:E3:F3:FF:F5:93
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: E1
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/EB5EBC3A341D11EEBE89FE2FC4F9AE02.roa
Signing time: Sun 06 Aug 2023 05:56:01 +0000
ROA not before: Sun 06 Aug 2023 05:56:01 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 15731
IP address blocks: 203.33.238.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 225 (0xe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Aug 6 05:56:01 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=64cf35f0-5390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:11:08:3a:77:93:e2:11:2b:23:86:86:08:61:
9d:c5:37:c5:f0:f1:d9:25:12:a5:78:28:c1:c2:19:
5e:3c:88:46:5c:ac:f8:7c:62:c1:d7:ab:11:df:55:
d6:72:e5:48:21:61:41:10:e8:74:01:0e:57:e9:e4:
90:51:6b:a0:00:36:7e:ff:15:fa:ac:f1:8f:ce:07:
6a:90:12:23:e0:f6:72:2b:66:00:ba:43:a6:3c:78:
14:16:a9:e1:e2:8e:57:97:21:02:f2:b0:26:8b:fc:
d4:ae:34:37:7b:0e:6e:c0:87:18:57:b6:01:fc:b7:
88:ea:aa:68:f2:00:cc:7b:c8:34:2d:59:2c:e8:82:
9c:43:6b:48:5e:35:7b:24:46:89:f2:63:1c:6f:6c:
90:50:c8:06:ad:5d:5d:eb:30:dc:b1:57:3b:77:d6:
dd:01:38:91:6d:af:df:0b:f8:c3:b1:5d:e3:a2:a0:
91:98:c1:8c:53:ad:27:02:ca:00:58:e4:00:d6:f6:
cc:21:0f:4f:10:90:f1:d1:a1:c7:af:e2:0d:db:ea:
35:96:46:87:a8:73:b6:43:a2:25:de:83:77:c3:c8:
2a:80:64:e5:c7:cc:21:d3:7e:eb:5b:17:ba:6e:5a:
7d:be:fe:38:2b:db:24:0d:86:07:55:4a:b8:13:cf:
3c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:18:3E:B8:D0:ED:EC:17:EF:A4:97:5C:01:C1:51:E3:F3:FF:F5:93
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/EB5EBC3A341D11EEBE89FE2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.238.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:ee:34:de:93:66:6f:b5:e1:e3:f7:b1:fe:75:c7:1e:6d:c6:
41:c1:25:2e:f8:4d:11:63:62:6f:0c:80:13:29:50:af:99:48:
78:8a:d1:88:7d:83:92:04:41:f0:18:e2:00:43:5f:19:0d:7b:
cc:96:4d:9b:7b:b1:ad:db:85:44:32:32:18:f4:3a:ad:d1:e7:
f8:3b:a9:df:60:69:62:a4:2e:ee:10:a5:d6:5d:28:04:3f:02:
b7:cc:6c:6b:a7:e1:1e:b5:7c:63:ab:19:bc:b6:b4:3e:81:4a:
53:c7:75:9d:96:6e:a3:33:85:23:89:0f:9d:eb:6c:d9:5f:2d:
14:8d:cc:0c:1c:52:17:74:30:53:3b:59:60:62:8f:b8:c6:f9:
26:4c:f3:f3:2c:e6:ca:45:ed:06:a4:62:2e:e0:c7:cd:6c:26:
f2:2a:c7:b2:b4:31:26:42:b8:79:fc:6e:f9:c9:ea:a5:9c:0b:
ed:44:79:b7:a9:28:7d:46:87:61:0e:93:c4:ba:69:72:9a:00:
62:f1:7d:c4:d7:43:15:fa:de:43:9d:7d:d0:f4:1e:a8:8d:8b:
46:36:0d:61:38:9e:3b:81:3a:ae:01:7a:83:fd:73:c0:20:ba:
36:34:77:ca:7e:36:c4:16:8e:c5:19:cf:b9:06:ba:b1:64:3c:
96:b6:75:09
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAOEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMwODA2MDU1NjAxWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNmMzVmMC01MzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0REIOneT4hErI4aGCGGdxTfF8PHZJRKleCjBwhlePIhGXKz4fGLB16sR31XW
cuVIIWFBEOh0AQ5X6eSQUWugADZ+/xX6rPGPzgdqkBIj4PZyK2YAukOmPHgUFqnh
4o5XlyEC8rAmi/zUrjQ3ew5uwIcYV7YB/LeI6qpo8gDMe8g0LVks6IKcQ2tIXjV7
JEaJ8mMcb2yQUMgGrV1d6zDcsVc7d9bdATiRba/fC/jDsV3joqCRmMGMU60nAsoA
WOQA1vbMIQ9PEJDx0aHHr+IN2+o1lkaHqHO2Q6Il3oN3w8gqgGTlx8wh037rWxe6
blp9vv44K9skDYYHVUq4E888DQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBQYPrjQ
7ewX76SXXAHBUePz//WTMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvRUI1RUJDM0Ez
NDFEMTFFRUJFODlGRTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIe4wDQYJKoZIhvcNAQELBQADggEBADruNN6TZm+14eP3
sf51xx5txkHBJS74TRFjYm8MgBMpUK+ZSHiK0Yh9g5IEQfAY4gBDXxkNe8yWTZt7
sa3bhUQyMhj0Oq3R5/g7qd9gaWKkLu4QpdZdKAQ/ArfMbGun4R61fGOrGby2tD6B
SlPHdZ2WbqMzhSOJD53rbNlfLRSNzAwcUhd0MFM7WWBij7jG+SZM8/Ms5spF7Qak
Yi7gx81sJvIqx7K0MSZCuHn8bvnJ6qWcC+1EebepKH1Gh2EOk8S6aXKaAGLxfcTX
QxX63kOdfdD0HqiNi0Y2DWE4njuBOq4BeoP9c8AgujY0d8p+NsQWjsUZz7kGurFk
PJa2dQk=
-----END CERTIFICATE-----
Generated at Wed Sep 27 10:10:05 2023 by rpki-client on console-fra.rpki-client.org