Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/CC8CE01E0C1911EF90D8414CC4F9AE02.roa
File: CC8CE01E0C1911EF90D8414CC4F9AE02.roa (raw, json)
Hash identifier: 4ZONNEIv4Bzhho+02KFfXrtubrO1VqT/IzbqYCNDHtU=
Subject key identifier: C0:14:CD:C8:5D:BE:18:2A:7F:D3:C7:51:54:7C:DB:ED:B1:44:A2:86
Certificate issuer: /CN=A91DF93A/serialNumber=07A1C08545CACC65E0882D49E9F2F8CFD2BE8260
Certificate serial: 07D8
Authority key identifier: 07:A1:C0:85:45:CA:CC:65:E0:88:2D:49:E9:F2:F8:CF:D2:BE:82:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B6HAhUXKzGXgiC1J6fL4z9K-gmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/CC8CE01E0C1911EF90D8414CC4F9AE02.roa
Signing time: Tue 07 May 2024 02:30:42 +0000
ROA not before: Tue 07 May 2024 02:30:42 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 21859
IP address blocks: 164.90.70.0/24 maxlen: 24
164.90.71.0/24 maxlen: 24
164.90.73.0/24 maxlen: 24
164.90.75.0/24 maxlen: 24
164.90.97.0/24 maxlen: 24
164.90.103.0/24 maxlen: 24
164.90.104.0/24 maxlen: 24
164.90.112.0/24 maxlen: 24
164.90.123.0/24 maxlen: 24
164.90.124.0/24 maxlen: 24
202.63.36.0/24 maxlen: 24
202.63.39.0/24 maxlen: 24
202.63.40.0/24 maxlen: 24
202.168.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 12:14:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2008 (0x7d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF93A/serialNumber=07A1C08545CACC65E0882D49E9F2F8CFD2BE8260
Validity
Not Before: May 7 02:30:42 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=66399251-a231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:15:1b:c0:c8:a2:d9:9b:bb:0e:1f:46:a7:ae:
65:eb:09:51:76:62:f4:b2:ba:2a:ed:c4:d2:39:65:
6a:a7:ac:aa:44:17:36:cf:c9:d8:85:ac:d8:9e:96:
4a:0c:99:11:09:aa:47:99:4b:6d:89:d6:d8:4a:50:
08:4f:91:28:4a:05:e9:0d:1f:e5:d6:24:80:ec:61:
9e:25:be:5e:e6:bf:ed:fe:00:1d:92:2d:5d:ac:f5:
b7:7b:20:dc:9e:1c:01:c1:3e:77:8e:19:bf:2d:48:
3e:c1:92:e5:b1:27:a3:7b:42:76:ce:7c:e8:b5:25:
98:8c:3a:51:46:31:d5:50:70:0a:cc:28:3b:7e:54:
4c:4e:db:a3:fa:88:e7:4c:fc:b7:f0:4d:a2:17:b1:
52:96:92:4d:65:a5:56:fe:af:73:54:2d:f8:4b:24:
29:2b:69:53:26:da:ff:68:27:d4:99:98:ed:a4:6c:
90:e2:3a:4a:40:fa:9a:68:96:af:c2:fb:25:2b:ff:
30:4b:8b:4d:5a:87:66:f9:73:17:90:40:1c:43:a5:
35:ca:a9:62:37:34:81:e4:85:c7:46:f3:3c:b2:f2:
71:70:60:c7:06:60:57:b7:f5:71:ce:20:95:a8:08:
c7:31:28:cc:e4:aa:37:58:8b:78:d1:ae:a1:e0:15:
27:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:14:CD:C8:5D:BE:18:2A:7F:D3:C7:51:54:7C:DB:ED:B1:44:A2:86
X509v3 Authority Key Identifier:
keyid:07:A1:C0:85:45:CA:CC:65:E0:88:2D:49:E9:F2:F8:CF:D2:BE:82:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/B6HAhUXKzGXgiC1J6fL4z9K-gmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B6HAhUXKzGXgiC1J6fL4z9K-gmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/CC8CE01E0C1911EF90D8414CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
164.90.70.0/23
164.90.73.0/24
164.90.75.0/24
164.90.97.0/24
164.90.103.0-164.90.104.255
164.90.112.0/24
164.90.123.0-164.90.124.255
202.63.36.0/24
202.63.39.0-202.63.40.255
202.168.111.0/24
Signature Algorithm: sha256WithRSAEncryption
97:bb:ca:13:21:08:c8:3a:82:78:41:e5:ad:b1:44:f1:47:53:
f7:4b:ca:8e:e1:d8:aa:c3:75:f4:e9:8d:2b:46:6a:ee:6b:57:
2c:5c:b9:fc:3b:ba:7c:21:75:17:bc:b6:48:72:3a:7f:d8:93:
b9:83:64:96:3b:ec:af:7d:08:ea:6f:f6:03:08:f9:64:85:c3:
48:09:23:e4:c7:2a:8f:eb:4c:90:47:4b:de:14:04:78:a6:91:
7c:f6:d2:ad:5f:97:42:9c:76:2b:db:60:10:e0:18:4c:11:12:
4e:3f:01:a4:c9:9e:91:39:58:54:d2:46:a7:71:0f:01:1d:d1:
66:7e:cf:ce:60:2b:30:7e:9e:13:1b:0b:8d:ea:d2:a7:3b:37:
42:af:d5:1a:e2:35:e1:1b:cc:cb:43:db:0e:51:5b:e8:f4:c3:
a8:99:04:5e:d7:e4:86:ed:9c:0b:14:bc:c6:8d:e4:b3:d1:ed:
73:0d:f5:a1:0f:0c:3e:05:f1:bf:46:06:82:29:c4:eb:49:95:
b9:0b:0a:4a:35:e4:fa:96:eb:70:47:bc:2d:c1:ba:ea:84:78:
74:a1:e1:4c:bf:cc:7e:f7:eb:50:70:7b:5f:d0:ed:42:83:64:
59:ca:f8:f4:91:88:60:20:94:f7:5f:bf:aa:b4:1e:bf:70:6f:
3d:bc:e9:d2
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgICB9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY5M0ExMTAvBgNVBAUTKDA3QTFDMDg1NDVDQUNDNjVFMDg4MkQ0OUU5RjJGOENG
RDJCRTgyNjAwHhcNMjQwNTA3MDIzMDQyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM5OTI1MS1hMjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuBUbwMii2Zu7Dh9Gp65l6wlRdmL0sroq7cTSOWVqp6yqRBc2z8nYhazYnpZK
DJkRCapHmUttidbYSlAIT5EoSgXpDR/l1iSA7GGeJb5e5r/t/gAdki1drPW3eyDc
nhwBwT53jhm/LUg+wZLlsSeje0J2znzotSWYjDpRRjHVUHAKzCg7flRMTtuj+ojn
TPy38E2iF7FSlpJNZaVW/q9zVC34SyQpK2lTJtr/aCfUmZjtpGyQ4jpKQPqaaJav
wvslK/8wS4tNWodm+XMXkEAcQ6U1yqliNzSB5IXHRvM8svJxcGDHBmBXt/VxziCV
qAjHMSjM5Ko3WIt40a6h4BUnKwIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFMAUzchd
vhgqf9PHUVR82+2xRKKGMB8GA1UdIwQYMBaAFAehwIVFysxl4IgtSeny+M/SvoJg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GRjUxRTU5RUU1
RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9CNkhBaFVYS3pHWGdpQzFKNmZMNHo5Sy1n
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0I2SEFoVVhLekdYZ2lDMUo2Zkw0ejlLLWdtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY5M0EvRkY1MUU1OUVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvQ0M4Q0UwMUUw
QzE5MTFFRjkwRDg0MTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQcBAf8E
XjBcMFoEAgABMFQDBAGkWkYDBACkWkkDBACkWksDBACkWmEwDAMEAKRaZwMEAKRa
aAMEAKRacDAMAwQApFp7AwQApFp8AwQAyj8kMAwDBADKPycDBADKPygDBADKqG8w
DQYJKoZIhvcNAQELBQADggEBAJe7yhMhCMg6gnhB5a2xRPFHU/dLyo7h2KrDdfTp
jStGau5rVyxcufw7unwhdRe8tkhyOn/Yk7mDZJY77K99COpv9gMI+WSFw0gJI+TH
Ko/rTJBHS94UBHimkXz20q1fl0KcdivbYBDgGEwREk4/AaTJnpE5WFTSRqdxDwEd
0WZ+z85gKzB+nhMbC43q0qc7N0Kv1RriNeEbzMtD2w5RW+j0w6iZBF7X5IbtnAsU
vMaN5LPR7XMN9aEPDD4F8b9GBoIpxOtJlbkLCko15PqW63BHvC3BuuqEeHSh4Uy/
zH7361Bwe1/Q7UKDZFnK+PSRiGAglPdfv6q0Hr9wbz286dI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org