Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/EB5EBC3A341D11EEBE89FE2FC4F9AE02.roa
File: EB5EBC3A341D11EEBE89FE2FC4F9AE02.roa (raw, json)
Hash identifier: Hzu6XGt0aePb64kn/McgbeRjIR6+CSepusAW1TyGEmM=
Subject key identifier: A1:92:95:CD:F1:65:03:7E:31:57:A6:31:4F:16:F9:D1:D8:91:27:AC
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: EE
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/EB5EBC3A341D11EEBE89FE2FC4F9AE02.roa
Signing time: Sun 27 Aug 2023 03:23:44 +0000
ROA not before: Sun 27 Aug 2023 03:23:44 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 15731
IP address blocks: 203.33.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Sep 2023 09:18:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 238 (0xee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Aug 27 03:23:44 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64eac1c0-92e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b0:15:ec:3a:88:db:f9:82:a2:44:d6:47:72:
82:4e:89:21:5c:1c:65:cd:01:71:ef:e3:81:3e:2e:
e1:92:1e:25:ce:c5:ce:5d:78:24:87:bf:98:10:b1:
39:4b:0c:34:67:b3:b8:6c:5f:0e:df:a2:c0:9d:8b:
58:4e:76:b0:f9:aa:c7:1b:a4:9d:ce:01:2f:c6:eb:
31:40:06:a5:d9:cf:66:cc:1a:64:a0:43:31:e6:4b:
ed:e2:18:8e:7f:73:71:09:a1:b1:2a:e3:65:32:8f:
19:40:31:8e:a3:bf:e4:d0:54:f3:93:f4:c2:79:d5:
29:4f:19:42:00:a5:24:93:6a:c8:9e:22:1b:72:45:
39:b5:cf:06:75:bc:cc:2d:10:17:43:f0:f1:d9:83:
19:d2:85:3b:3c:20:0e:f2:dc:0b:2d:e5:1c:1a:cd:
3a:f8:f5:1f:eb:98:d4:8a:fb:79:2a:e8:52:59:e5:
2a:06:a1:33:28:4d:ae:74:1e:43:4f:52:fe:71:53:
c1:80:5a:5b:50:45:9f:1d:a5:2a:04:e2:e2:1f:65:
4b:74:ed:4e:8f:03:b5:4b:47:df:a3:e1:c3:22:91:
40:82:f1:9f:fa:14:a1:a5:7c:a0:ee:a2:67:36:d7:
bd:dd:a7:76:42:de:61:39:69:84:1e:29:f1:7c:65:
8e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:92:95:CD:F1:65:03:7E:31:57:A6:31:4F:16:F9:D1:D8:91:27:AC
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/EB5EBC3A341D11EEBE89FE2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.238.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:48:4c:fd:a0:e4:4e:b1:9c:7f:2a:77:81:b2:1a:60:14:b2:
5e:52:35:13:c8:79:1f:1c:74:cf:34:be:12:bd:fc:36:b0:d0:
aa:18:c9:18:bf:a4:66:12:f9:ed:d5:e2:fa:56:a7:bb:f7:a9:
55:39:6a:53:d7:58:a6:1e:25:41:5c:60:2c:89:09:7e:09:00:
d3:25:8c:00:e4:0e:8c:30:3b:59:8c:40:ec:4f:59:75:02:7a:
38:eb:73:59:53:cb:75:f6:3d:7d:bc:d3:8a:bc:61:13:a9:cc:
86:46:5c:eb:ca:50:79:a9:16:15:a1:5a:ec:7d:10:39:91:c8:
2f:09:c8:62:29:7d:56:3e:df:48:ad:6f:15:11:a8:a9:23:6d:
b9:58:53:26:e2:35:78:d9:68:6c:29:a2:85:c1:1d:cd:fe:be:
4a:99:57:80:5d:e1:06:24:d7:73:5f:04:4f:e2:dd:55:2c:12:
2b:ad:6e:b7:ec:c5:0d:c6:55:5d:01:38:4e:cb:a6:09:80:59:
6a:46:c5:61:7c:20:71:fb:b2:a6:b9:a0:24:bc:d6:80:64:33:
4c:1b:52:10:be:e6:97:95:5b:7d:f5:9a:13:37:75:ac:d6:e5:
f3:ce:ce:46:43:5d:0a:c6:b3:75:aa:11:78:75:da:f1:85:e8:
7c:f3:77:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMwODI3MDMyMzQ0WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVhYzFjMC05MmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAybAV7DqI2/mCokTWR3KCTokhXBxlzQFx7+OBPi7hkh4lzsXOXXgkh7+YELE5
Sww0Z7O4bF8O36LAnYtYTnaw+arHG6SdzgEvxusxQAal2c9mzBpkoEMx5kvt4hiO
f3NxCaGxKuNlMo8ZQDGOo7/k0FTzk/TCedUpTxlCAKUkk2rIniIbckU5tc8GdbzM
LRAXQ/Dx2YMZ0oU7PCAO8twLLeUcGs06+PUf65jUivt5KuhSWeUqBqEzKE2udB5D
T1L+cVPBgFpbUEWfHaUqBOLiH2VLdO1OjwO1S0ffo+HDIpFAgvGf+hShpXyg7qJn
Nte93ad2Qt5hOWmEHinxfGWOjQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKGSlc3x
ZQN+MVemMU8W+dHYkSesMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvRUI1RUJDM0Ez
NDFEMTFFRUJFODlGRTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIe4wDQYJKoZIhvcNAQELBQADggEBAAxITP2g5E6xnH8q
d4GyGmAUsl5SNRPIeR8cdM80vhK9/Daw0KoYyRi/pGYS+e3V4vpWp7v3qVU5alPX
WKYeJUFcYCyJCX4JANMljADkDowwO1mMQOxPWXUCejjrc1lTy3X2PX2804q8YROp
zIZGXOvKUHmpFhWhWux9EDmRyC8JyGIpfVY+30itbxURqKkjbblYUybiNXjZaGwp
ooXBHc3+vkqZV4Bd4QYk13NfBE/i3VUsEiutbrfsxQ3GVV0BOE7LpgmAWWpGxWF8
IHH7sqa5oCS81oBkM0wbUhC+5peVW331mhM3dazW5fPOzkZDXQrGs3WqEXh12vGF
6Hzzd1E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org