Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/FF5FDA4E2FB911ECA05BB46EC4F9AE02.roa
File: FF5FDA4E2FB911ECA05BB46EC4F9AE02.roa (raw, json)
Hash identifier: WnRqldBKPmp3wJ2TV/+ukpdT7Sb/5YYprtoETEnia4A=
Subject key identifier: E6:06:6F:D6:0E:38:A1:1E:3D:8A:AF:3A:BF:12:CA:FB:0E:C9:A4:FD
Certificate issuer: /CN=A91DCAE8/serialNumber=AAB0E2B62F6343895730C05488E7FC4E26C51A6C
Certificate serial: 337A
Authority key identifier: AA:B0:E2:B6:2F:63:43:89:57:30:C0:54:88:E7:FC:4E:26:C5:1A:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/FF5FDA4E2FB911ECA05BB46EC4F9AE02.roa
Signing time: Fri 22 Sep 2023 14:50:58 +0000
ROA not before: Fri 22 Sep 2023 14:50:58 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 131203
IP address blocks: 202.57.209.0/24 maxlen: 24
2001:df2:a980::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Dec 2023 07:34:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13178 (0x337a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DCAE8/serialNumber=AAB0E2B62F6343895730C05488E7FC4E26C51A6C
Validity
Not Before: Sep 22 14:50:58 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=650da9d1-1e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:13:2c:0e:17:9a:cc:eb:a1:8b:3f:c9:35:16:
62:81:ca:c1:c9:e8:2f:08:53:8d:db:35:4a:90:5e:
d5:bd:83:66:1c:6c:89:83:a9:59:2a:a1:cb:8f:c7:
e0:37:73:d8:85:05:e9:a0:a5:67:d2:fd:61:c0:4e:
37:76:b4:7c:ed:7c:a1:8b:00:f5:05:1d:fc:d3:05:
25:b2:66:d2:a4:69:2c:32:05:67:9e:8a:71:89:84:
68:73:67:08:b1:0e:94:fe:77:4d:46:82:93:6c:1d:
74:db:11:ac:50:3e:e4:d5:51:f8:32:3e:0d:de:9a:
1a:10:ed:fb:53:10:df:4e:37:a3:5b:b7:ec:17:27:
bc:c6:4b:8b:6d:24:11:79:34:45:a8:e6:62:70:c8:
aa:6e:59:22:42:2d:49:21:5c:cd:60:a1:77:04:be:
4d:28:2d:79:23:08:39:dd:04:aa:8c:f0:fd:ff:b4:
73:2d:4f:ea:30:ee:1a:cb:73:0e:53:be:98:c6:38:
1b:62:d2:18:bf:93:9a:f1:1f:45:19:09:19:b6:2a:
76:ab:1c:9b:57:c4:b6:b5:ef:1b:3f:78:89:72:07:
2c:10:50:0b:87:e4:18:49:ea:e2:53:e3:9d:a5:c5:
e8:20:a5:ea:c0:03:1b:ae:9b:f6:7a:4e:b6:de:a4:
c0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:06:6F:D6:0E:38:A1:1E:3D:8A:AF:3A:BF:12:CA:FB:0E:C9:A4:FD
X509v3 Authority Key Identifier:
keyid:AA:B0:E2:B6:2F:63:43:89:57:30:C0:54:88:E7:FC:4E:26:C5:1A:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/FF5FDA4E2FB911ECA05BB46EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.57.209.0/24
IPv6:
2001:df2:a980::/48
Signature Algorithm: sha256WithRSAEncryption
49:4d:5a:f7:f6:70:56:da:94:4a:b4:57:0b:ce:de:e7:da:d6:
ed:82:96:84:af:b5:08:b3:77:76:89:db:43:f7:d8:87:ba:d8:
98:9d:c8:cc:cc:d8:7e:83:7f:77:59:44:6d:7c:09:4a:6a:6c:
e2:f1:b4:b9:77:a0:39:46:a3:60:8d:01:70:69:06:fe:d6:d2:
47:c8:a5:01:68:be:df:c7:24:35:dc:a9:a6:3c:4f:ff:26:fa:
50:50:f3:31:28:00:45:c4:f6:b2:a9:f0:7e:4a:2f:00:3a:30:
0f:c8:94:c8:56:86:cd:3b:41:9a:37:3f:13:09:16:2d:ea:97:
27:e3:ea:68:25:65:d5:0b:db:6f:09:2c:11:3e:45:5f:5e:93:
34:bd:48:8c:e5:52:d2:3e:05:7c:6f:59:02:71:99:fd:19:b7:
e7:5d:7f:a0:64:00:3b:6b:66:9d:ab:ea:f7:bf:8e:4e:03:42:
e4:a7:e9:4d:c6:ca:35:30:dd:2c:6c:c4:ea:6f:8e:aa:17:89:
44:8c:a8:3d:da:67:c7:43:84:b7:a2:6b:29:5d:7e:99:cb:56:
46:b1:b0:e1:f3:56:ed:50:30:db:04:67:f5:7d:7b:76:79:08:
e4:6a:f1:4a:83:30:32:fa:df:8d:a2:35:5a:ac:c0:9d:6e:e3:
4d:68:55:e1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICM3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENBRTgxMTAvBgNVBAUTKEFBQjBFMkI2MkY2MzQzODk1NzMwQzA1NDg4RTdGQzRF
MjZDNTFBNkMwHhcNMjMwOTIyMTQ1MDU4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBkYTlkMS0xZTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvRMsDheazOuhiz/JNRZigcrByegvCFON2zVKkF7VvYNmHGyJg6lZKqHLj8fg
N3PYhQXpoKVn0v1hwE43drR87XyhiwD1BR380wUlsmbSpGksMgVnnopxiYRoc2cI
sQ6U/ndNRoKTbB102xGsUD7k1VH4Mj4N3poaEO37UxDfTjejW7fsFye8xkuLbSQR
eTRFqOZicMiqblkiQi1JIVzNYKF3BL5NKC15Iwg53QSqjPD9/7RzLU/qMO4ay3MO
U76YxjgbYtIYv5Oa8R9FGQkZtip2qxybV8S2te8bP3iJcgcsEFALh+QYSeriU+Od
pcXoIKXqwAMbrpv2ek623qTAXQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOYGb9YO
OKEePYqvOr8SyvsOyaT9MB8GA1UdIwQYMBaAFKqw4rYvY0OJVzDAVIjn/E4mxRps
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0FFOC84QjZBREUxNDFE
OTMxMUUyOTJDQjIzRjcwOEIwMkNEMi9xckRpdGk5alE0bFhNTUJVaU9mOFRpYkZH
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FyRGl0aTlqUTRsWE1NQlVpT2Y4VGliRkdtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RENBRTgvOEI2QURFMTQxRDkzMTFFMjkyQ0IyM0Y3MDhCMDJDRDIvRkY1RkRBNEUy
RkI5MTFFQ0EwNUJCNDZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBADKOdEwDwQCAAIwCQMHACABDfKpgDANBgkqhkiG9w0BAQsF
AAOCAQEASU1a9/ZwVtqUSrRXC87e59rW7YKWhK+1CLN3donbQ/fYh7rYmJ3IzMzY
foN/d1lEbXwJSmps4vG0uXegOUajYI0BcGkG/tbSR8ilAWi+38ckNdyppjxP/yb6
UFDzMSgARcT2sqnwfkovADowD8iUyFaGzTtBmjc/EwkWLeqXJ+PqaCVl1Qvbbwks
ET5FX16TNL1IjOVS0j4FfG9ZAnGZ/Rm3511/oGQAO2tmnavq97+OTgNC5KfpTcbK
NTDdLGzE6m+OqheJRIyoPdpnx0OEt6JrKV1+mctWRrGw4fNW7VAw2wRn9X17dnkI
5GrxSoMwMvrfjaI1WqzAnW7jTWhV4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org