Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4A16/BAE7EFFECC5311ED81F4C515C4F9AE02/AAE6C020CC5E11ED8812DA68C4F9AE02.roa
File: AAE6C020CC5E11ED8812DA68C4F9AE02.roa (raw, json)
Hash identifier: WbQpfOLd/dPbTF/n3+lUuuOjo7ixVRwlwrd6dJB/zkc=
Subject key identifier: 06:56:8C:69:59:90:6D:75:56:47:D7:95:CC:34:15:E5:B6:18:46:0C
Certificate issuer: /CN=A91D4A16/serialNumber=B13832FCA4934496236AC3894998C3DD513D7C09
Certificate serial: 011F
Authority key identifier: B1:38:32:FC:A4:93:44:96:23:6A:C3:89:49:98:C3:DD:51:3D:7C:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sTgy_KSTRJYjasOJSZjD3VE9fAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D4A16/BAE7EFFECC5311ED81F4C515C4F9AE02/AAE6C020CC5E11ED8812DA68C4F9AE02.roa
Signing time: Fri 27 Sep 2024 03:57:26 +0000
ROA not before: Fri 27 Sep 2024 03:57:26 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 24316
IP address blocks: 203.30.100.0/22 maxlen: 22
203.30.100.0/23 maxlen: 23
203.30.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 04:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287 (0x11f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D4A16/serialNumber=B13832FCA4934496236AC3894998C3DD513D7C09
Validity
Not Before: Sep 27 03:57:26 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f62d25-4da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:82:4e:52:7a:7e:6d:09:dc:a4:cc:41:f8:c5:
a8:ba:49:3a:22:c0:4f:f9:1e:ee:50:81:d9:c9:21:
6a:7b:16:a0:3c:6f:11:52:48:b9:60:f6:94:04:7b:
6d:36:10:62:a0:22:b0:1d:3e:34:50:7a:91:78:87:
31:77:ac:e2:ab:1b:8f:dd:4b:40:f1:a0:da:64:9a:
3e:c6:bc:ec:e9:22:96:11:20:a2:14:6c:af:b4:c4:
90:a3:22:3e:ed:93:0a:d9:8b:c4:d7:d4:9b:86:6b:
aa:c3:db:25:c9:02:3f:3a:86:9b:79:a7:a1:f7:c7:
89:37:86:8b:01:2a:c5:13:73:90:cd:d0:5d:4b:42:
cb:66:4f:5a:62:48:8a:35:61:51:41:66:00:45:5b:
86:6f:3c:57:ff:ff:3b:4b:ec:b1:c1:14:e3:fb:1c:
91:47:3d:4a:df:90:f4:c2:6e:c0:e0:0e:f4:5a:f4:
f2:f7:9a:c5:31:8e:9e:7c:a3:d4:8d:71:a3:6e:d8:
db:be:29:52:53:14:ed:35:7b:7f:3c:b9:3f:f2:b7:
dd:06:e0:24:e8:ad:4c:9a:5d:4c:b9:3a:fe:13:6d:
ea:52:88:a3:3a:15:e7:37:d7:47:a1:53:34:ca:4a:
89:0b:e5:8d:5f:ae:ad:e0:14:30:5a:cc:17:a9:17:
71:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:56:8C:69:59:90:6D:75:56:47:D7:95:CC:34:15:E5:B6:18:46:0C
X509v3 Authority Key Identifier:
keyid:B1:38:32:FC:A4:93:44:96:23:6A:C3:89:49:98:C3:DD:51:3D:7C:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D4A16/BAE7EFFECC5311ED81F4C515C4F9AE02/sTgy_KSTRJYjasOJSZjD3VE9fAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sTgy_KSTRJYjasOJSZjD3VE9fAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4A16/BAE7EFFECC5311ED81F4C515C4F9AE02/AAE6C020CC5E11ED8812DA68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.30.100.0/22
Signature Algorithm: sha256WithRSAEncryption
96:90:bb:10:c7:79:b2:3b:eb:6d:0e:f9:ff:65:eb:13:d3:4a:
5f:16:af:b3:98:42:6e:60:c5:22:9b:f0:e8:91:d9:c9:52:f0:
39:a6:10:12:0e:1b:bd:a1:d4:31:dd:d5:e6:7d:83:14:e3:63:
4f:d2:13:a5:0b:81:8e:fe:64:83:7c:60:e2:18:d2:6a:36:53:
0d:b0:f5:4a:55:b4:f7:6d:e1:f4:b3:f0:fd:05:3a:dd:b6:67:
b7:51:24:13:65:da:05:85:b6:2b:4d:bf:0b:98:0c:0a:a1:c8:
91:4b:a9:a8:25:9a:05:21:f0:d6:4a:64:89:5b:43:01:3e:43:
df:c2:fe:24:4d:f9:1a:78:8a:e5:f9:58:fe:f1:3c:59:c9:32:
80:f1:9d:77:a4:eb:94:ad:eb:c9:72:5f:b7:5e:9f:01:7e:ad:
df:18:c3:62:91:7d:ca:c1:ea:e0:bb:c2:cf:2e:e1:47:9c:08:
d5:a4:e0:17:16:24:2a:38:8d:24:a9:00:75:1c:20:7e:4a:90:
22:af:c3:17:e9:8d:41:ca:d3:c5:da:09:b4:c1:e6:c5:91:cb:
3a:f2:fc:82:67:d2:a4:ca:c4:22:f4:69:ee:50:a6:6d:fe:54:
67:be:9c:d0:b1:1d:1c:d9:53:de:c8:86:ec:44:51:70:fd:45:
b0:bd:92:97
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDRBMTYxMTAvBgNVBAUTKEIxMzgzMkZDQTQ5MzQ0OTYyMzZBQzM4OTQ5OThDM0RE
NTEzRDdDMDkwHhcNMjQwOTI3MDM1NzI2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2MmQyNS00ZGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx4JOUnp+bQncpMxB+MWoukk6IsBP+R7uUIHZySFqexagPG8RUki5YPaUBHtt
NhBioCKwHT40UHqReIcxd6ziqxuP3UtA8aDaZJo+xrzs6SKWESCiFGyvtMSQoyI+
7ZMK2YvE19Sbhmuqw9slyQI/Ooabeaeh98eJN4aLASrFE3OQzdBdS0LLZk9aYkiK
NWFRQWYARVuGbzxX//87S+yxwRTj+xyRRz1K35D0wm7A4A70WvTy95rFMY6efKPU
jXGjbtjbvilSUxTtNXt/PLk/8rfdBuAk6K1Mml1MuTr+E23qUoijOhXnN9dHoVM0
ykqJC+WNX66t4BQwWswXqRdxrQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAZWjGlZ
kG11VkfXlcw0FeW2GEYMMB8GA1UdIwQYMBaAFLE4Mvykk0SWI2rDiUmYw91RPXwJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEExNi9CQUU3RUZGRUND
NTMxMUVEODFGNEM1MTVDNEY5QUUwMi9zVGd5X0tTVFJKWWphc09KU1pqRDNWRTlm
QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NUZ3lfS1NUUkpZamFzT0pTWmpEM1ZFOWZBay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDRBMTYvQkFFN0VGRkVDQzUzMTFFRDgxRjRDNTE1QzRGOUFFMDIvQUFFNkMwMjBD
QzVFMTFFRDg4MTJEQTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALLHmQwDQYJKoZIhvcNAQELBQADggEBAJaQuxDHebI7620O
+f9l6xPTSl8Wr7OYQm5gxSKb8OiR2clS8DmmEBIOG72h1DHd1eZ9gxTjY0/SE6UL
gY7+ZIN8YOIY0mo2Uw2w9UpVtPdt4fSz8P0FOt22Z7dRJBNl2gWFtitNvwuYDAqh
yJFLqaglmgUh8NZKZIlbQwE+Q9/C/iRN+Rp4iuX5WP7xPFnJMoDxnXek65St68ly
X7denwF+rd8Yw2KRfcrB6uC7ws8u4UecCNWk4BcWJCo4jSSpAHUcIH5KkCKvwxfp
jUHK08XaCbTB5sWRyzry/IJn0qTKxCL0ae5Qpm3+VGe+nNCxHRzZU97IhuxEUXD9
RbC9kpc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:42:01 2024 by rpki-client on console-ams.rpki-client.org