Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF1AE/AD29E698DF2011EEAA104D15C4F9AE02/03E6331ADF2111EE808F5016C4F9AE02.roa
File: 03E6331ADF2111EE808F5016C4F9AE02.roa (raw, json)
Hash identifier: /LEauKgNszQhHaV6kp+dm++8aB4s4kAPA+0yYh2du+I=
Subject key identifier: 7C:2A:E9:16:27:48:67:83:1D:50:46:E4:5A:0F:34:B0:65:2E:C2:D7
Certificate issuer: /CN=A91DF1AE/serialNumber=DD1E19AE124323A4197C5A1C47B98F84EDB2425A
Certificate serial: 04
Authority key identifier: DD:1E:19:AE:12:43:23:A4:19:7C:5A:1C:47:B9:8F:84:ED:B2:42:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3R4ZrhJDI6QZfFocR7mPhO2yQlo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF1AE/AD29E698DF2011EEAA104D15C4F9AE02/03E6331ADF2111EE808F5016C4F9AE02.roa
Signing time: Sun 10 Mar 2024 21:00:02 +0000
ROA not before: Sun 10 Mar 2024 21:00:02 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 18199
IP address blocks: 202.50.240.0/24 maxlen: 24
202.169.192.0/20 maxlen: 20
202.169.208.0/21 maxlen: 22
202.169.216.0/21 maxlen: 21
202.169.216.0/22 maxlen: 22
202.169.220.0/23 maxlen: 23
202.169.222.0/23 maxlen: 23
2403:de00::/32 maxlen: 40
Validation: Failed, certificate revoked on Mon 22 Jul 2024 11:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF1AE/serialNumber=DD1E19AE124323A4197C5A1C47B98F84EDB2425A
Validity
Not Before: Mar 10 21:00:02 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65ee1f52-1442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f7:5d:eb:b5:43:eb:ed:de:95:9d:7c:23:b9:
ff:7a:6a:d6:58:7d:b1:bb:ee:ce:46:99:a5:98:a7:
6c:ea:29:8e:fb:86:39:e0:16:0c:26:84:cd:83:67:
64:c5:14:36:04:b6:f1:5e:fe:2a:84:43:26:37:93:
81:46:0b:df:1b:48:12:4b:bd:2b:9b:69:38:d1:31:
5a:84:07:40:c6:ef:96:dd:bb:a0:bd:96:d7:7c:9e:
f4:ba:b0:14:42:ea:a1:5d:8c:64:01:f0:0c:7d:1b:
87:b2:e3:63:e2:50:23:bf:30:82:58:19:ab:69:ae:
35:d0:fb:e3:51:6e:c8:81:d9:7f:27:2a:8a:ad:76:
01:82:ac:1c:42:6f:3d:41:e2:5c:fe:46:8a:f7:eb:
66:2d:03:ef:d5:d6:e6:9e:fb:f4:2f:f4:20:3d:3c:
33:1e:a6:97:04:db:87:bc:1f:82:c1:9c:4b:ad:a1:
fb:f5:bc:b7:30:2b:46:b1:4f:4d:81:84:ae:f8:c6:
9f:4c:d3:ad:79:a2:36:d7:22:9b:09:2a:dc:23:5e:
63:41:0e:b8:63:fe:40:05:a8:78:83:e4:70:54:03:
a3:bc:71:1e:3c:94:59:24:30:63:a6:69:75:a7:83:
a3:49:0a:01:83:1b:d4:d7:c8:07:0f:a2:37:a2:f2:
9f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:2A:E9:16:27:48:67:83:1D:50:46:E4:5A:0F:34:B0:65:2E:C2:D7
X509v3 Authority Key Identifier:
keyid:DD:1E:19:AE:12:43:23:A4:19:7C:5A:1C:47:B9:8F:84:ED:B2:42:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF1AE/AD29E698DF2011EEAA104D15C4F9AE02/3R4ZrhJDI6QZfFocR7mPhO2yQlo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3R4ZrhJDI6QZfFocR7mPhO2yQlo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF1AE/AD29E698DF2011EEAA104D15C4F9AE02/03E6331ADF2111EE808F5016C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.50.240.0/24
202.169.192.0/19
IPv6:
2403:de00::/32
Signature Algorithm: sha256WithRSAEncryption
03:55:a7:f0:dc:c1:aa:1a:19:c4:3d:ef:ad:21:d2:90:00:52:
db:8b:7c:cb:8b:36:02:b0:ab:b6:2f:04:d1:2b:e5:e3:6f:c8:
6c:ec:36:9a:39:2c:40:c6:40:23:c2:7b:e9:b5:1f:0b:97:39:
ac:47:09:67:ee:56:6b:90:86:a6:95:bb:88:67:5c:19:7a:f5:
e7:4a:d3:27:74:71:1f:aa:6d:1c:ef:fd:80:15:80:84:40:37:
38:58:01:99:b0:35:d3:6d:11:15:a4:aa:ae:7c:7c:3d:96:ce:
55:9c:9c:63:f8:3d:a5:fb:46:0c:db:5f:17:5a:72:f5:83:e2:
4d:4e:60:8c:4c:b2:6b:f6:71:9a:32:df:cf:6b:c3:ed:76:7c:
57:08:6d:99:07:3d:3f:60:ac:ba:d4:da:80:5b:3e:e1:5c:fe:
e4:8c:d7:d7:9c:07:70:db:56:72:81:e7:db:5c:36:b2:4a:68:
28:4f:77:73:fe:78:48:3e:d0:3c:f5:74:18:80:f4:8d:9e:49:
36:70:3f:4b:76:ae:6e:06:8f:ce:82:1d:e1:d8:39:a0:28:d7:
e8:0a:92:50:d4:b3:32:07:b1:6e:24:c2:b4:fe:0f:f5:42:51:
23:42:1f:25:fe:34:d3:c3:88:6a:d6:a0:a1:e8:a3:a8:e5:c8:
fe:b0:a2:06
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
RjFBRTExMC8GA1UEBRMoREQxRTE5QUUxMjQzMjNBNDE5N0M1QTFDNDdCOThGODRF
REIyNDI1QTAeFw0yNDAzMTAyMTAwMDJaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZWUxZjUyLTE0NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCn913rtUPr7d6VnXwjuf96atZYfbG77s5GmaWYp2zqKY77hjngFgwmhM2DZ2TF
FDYEtvFe/iqEQyY3k4FGC98bSBJLvSubaTjRMVqEB0DG75bdu6C9ltd8nvS6sBRC
6qFdjGQB8Ax9G4ey42PiUCO/MIJYGatprjXQ++NRbsiB2X8nKoqtdgGCrBxCbz1B
4lz+Ror362YtA+/V1uae+/Qv9CA9PDMeppcE24e8H4LBnEutofv1vLcwK0axT02B
hK74xp9M0615ojbXIpsJKtwjXmNBDrhj/kAFqHiD5HBUA6O8cR48lFkkMGOmaXWn
g6NJCgGDG9TXyAcPojei8p8jAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUfCrpFidI
Z4MdUEbkWg80sGUuwtcwHwYDVR0jBBgwFoAU3R4ZrhJDI6QZfFocR7mPhO2yQlow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURGMUFFL0FEMjlFNjk4REYy
MDExRUVBQTEwNEQxNUM0RjlBRTAyLzNSNFpyaEpESTZRWmZGb2NSN21QaE8yeVFs
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvM1I0WnJoSkRJNlFaZkZvY1I3bVBoTzJ5UWxvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RjFBRS9BRDI5RTY5OERGMjAxMUVFQUExMDREMTVDNEY5QUUwMi8wM0U2MzMxQURG
MjExMUVFODA4RjUwMTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAMoy8AMEBcqpwDANBAIAAjAHAwUAJAPeADANBgkqhkiG9w0B
AQsFAAOCAQEAA1Wn8NzBqhoZxD3vrSHSkABS24t8y4s2ArCrti8E0Svl42/IbOw2
mjksQMZAI8J76bUfC5c5rEcJZ+5Wa5CGppW7iGdcGXr150rTJ3RxH6ptHO/9gBWA
hEA3OFgBmbA1020RFaSqrnx8PZbOVZycY/g9pftGDNtfF1py9YPiTU5gjEyya/Zx
mjLfz2vD7XZ8VwhtmQc9P2CsutTagFs+4Vz+5IzX15wHcNtWcoHn21w2skpoKE93
c/54SD7QPPV0GID0jZ5JNnA/S3aubgaPzoId4dg5oCjX6AqSUNSzMgexbiTCtP4P
9UJRI0IfJf4008OIatagoeijqOXI/rCiBg==
-----END CERTIFICATE-----
Generated at Mon Jul 22 14:12:10 2024 by rpki-client on console-ams.rpki-client.org