Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/163269B886C311EF8CE6B01CC4F9AE02.roa
File: 163269B886C311EF8CE6B01CC4F9AE02.roa (raw, json)
Hash identifier: wRrY8k1mRpYkaOHaEPiukt8SR093j95maXr6lc7FeUE=
Subject key identifier: B2:10:6C:95:0A:E8:F9:13:C3:98:AF:ED:84:39:47:6D:2B:48:44:9A
Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Certificate serial: 09FA
Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/163269B886C311EF8CE6B01CC4F9AE02.roa
Signing time: Thu 10 Oct 2024 04:49:52 +0000
ROA not before: Thu 10 Oct 2024 04:49:52 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 4913
IP address blocks: 202.174.128.0/24 maxlen: 24
202.174.143.0/24 maxlen: 24
203.88.85.0/24 maxlen: 24
203.88.86.0/24 maxlen: 24
203.88.87.0/24 maxlen: 24
203.88.88.0/24 maxlen: 24
203.88.89.0/24 maxlen: 24
203.88.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 02:49:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2554 (0x9fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Validity
Not Before: Oct 10 04:49:52 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67075cf0-8393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4d:50:de:ec:79:a8:49:ab:6d:34:2c:ab:3f:
86:78:03:65:eb:19:38:60:75:82:f7:f9:de:7d:b6:
d6:50:f3:9b:ad:35:4e:c6:a2:a9:42:7f:e0:76:81:
33:7d:21:fd:65:a4:5f:b9:6b:9f:50:f5:1b:61:4d:
c4:1e:c1:7e:d1:df:58:d1:09:9e:1b:a0:74:5d:cc:
54:de:52:e6:01:b1:87:d7:12:0a:3b:9e:1d:9f:4e:
26:38:ac:37:8e:bb:a1:9b:00:d3:ec:91:7e:44:e3:
b7:37:b2:6a:3d:e1:8e:db:20:2b:2a:6c:cb:a8:f0:
2a:aa:71:c8:e6:e9:95:61:25:40:0e:d2:e8:27:71:
a1:39:f2:96:1d:8b:21:25:71:64:83:93:08:34:4b:
c2:0d:18:7e:e9:68:10:a1:a3:f9:4a:6a:3b:6d:b2:
45:d3:21:14:49:c4:7a:a3:b2:ca:b3:e8:ac:9c:76:
cb:f1:1a:d6:f2:2e:bb:87:73:33:04:3d:cf:c1:bd:
a3:51:6d:ea:55:f9:7a:fe:4f:53:8f:2a:96:01:43:
77:7f:17:27:10:7a:02:cb:68:26:66:d7:c5:2c:33:
60:61:db:e3:18:f7:6b:53:de:04:a2:59:cd:96:8f:
bb:eb:af:2d:ad:49:21:7c:85:f7:b6:22:d3:8e:0a:
7a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:10:6C:95:0A:E8:F9:13:C3:98:AF:ED:84:39:47:6D:2B:48:44:9A
X509v3 Authority Key Identifier:
keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/163269B886C311EF8CE6B01CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.174.128.0/24
202.174.143.0/24
203.88.85.0-203.88.90.255
Signature Algorithm: sha256WithRSAEncryption
8d:2d:c2:4f:c3:19:01:3d:03:e2:92:2b:5a:f3:da:02:b5:50:
d0:98:e1:b9:dc:56:0d:f1:8f:c0:ad:70:e5:17:c5:77:72:35:
19:0b:bd:04:95:77:f8:86:52:ec:09:11:41:c1:15:ac:15:b0:
77:cd:f4:0a:85:b1:b4:84:56:49:03:20:7a:cf:90:1f:bf:3d:
84:62:d1:5a:97:f2:e5:75:0b:ae:a6:77:99:ed:00:ee:83:db:
c1:25:46:88:df:56:97:93:93:05:90:f7:f1:4f:95:1c:b2:b1:
fe:6d:e3:ee:88:95:11:06:32:4c:32:57:99:9a:78:af:6d:9f:
07:c2:66:75:27:fc:1f:5d:28:8a:d2:bd:f5:b8:0e:0b:7b:b3:
18:78:05:ac:c5:b9:10:af:59:1c:7a:90:48:46:77:4d:cc:70:
92:72:0f:d5:77:13:d9:47:ef:e7:db:e8:db:b4:42:27:a8:c2:
69:0e:00:a2:ab:40:5a:46:1f:d1:15:70:42:d7:83:c1:b3:e3:
3e:f2:a3:58:2e:94:50:53:e1:32:3e:8c:bb:7b:50:7f:a1:b2:
c9:aa:f1:98:9c:75:49:ac:eb:19:02:94:66:43:1d:af:69:34:
2d:7e:15:93:19:a5:4d:52:b1:5f:f1:de:46:8f:bc:da:38:8a:
ca:6d:71:36
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw
OEM3NDNENEIwHhcNMjQxMDEwMDQ0OTUyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA3NWNmMC04MzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzE1Q3ux5qEmrbTQsqz+GeANl6xk4YHWC9/nefbbWUPObrTVOxqKpQn/gdoEz
fSH9ZaRfuWufUPUbYU3EHsF+0d9Y0QmeG6B0XcxU3lLmAbGH1xIKO54dn04mOKw3
jruhmwDT7JF+ROO3N7JqPeGO2yArKmzLqPAqqnHI5umVYSVADtLoJ3GhOfKWHYsh
JXFkg5MINEvCDRh+6WgQoaP5Smo7bbJF0yEUScR6o7LKs+isnHbL8RrW8i67h3Mz
BD3Pwb2jUW3qVfl6/k9TjyqWAUN3fxcnEHoCy2gmZtfFLDNgYdvjGPdrU94EolnN
lo+7668trUkhfIX3tiLTjgp6oQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFLIQbJUK
6PkTw5iv7YQ5R20rSESaMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG
M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNFMjcvRjM4ODg3NjY2RjNBMTFFQTk4NDAxMzNEQzRGOUFFMDIvMTYzMjY5Qjg4
NkMzMTFFRjhDRTZCMDFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBADKroADBADKro8wDAMEAMtYVQMEAMtYWjANBgkqhkiG9w0B
AQsFAAOCAQEAjS3CT8MZAT0D4pIrWvPaArVQ0JjhudxWDfGPwK1w5RfFd3I1GQu9
BJV3+IZS7AkRQcEVrBWwd830CoWxtIRWSQMges+QH789hGLRWpfy5XULrqZ3me0A
7oPbwSVGiN9Wl5OTBZD38U+VHLKx/m3j7oiVEQYyTDJXmZp4r22fB8JmdSf8H10o
itK99bgOC3uzGHgFrMW5EK9ZHHqQSEZ3TcxwknIP1XcT2Ufv59vo27RCJ6jCaQ4A
oqtAWkYf0RVwQteDwbPjPvKjWC6UUFPhMj6Mu3tQf6GyyarxmJx1SazrGQKUZkMd
r2k0LX4VkxmlTVKxX/HeRo+82jiKym1xNg==
-----END CERTIFICATE-----
Generated at Mon Nov 18 05:18:30 2024 by rpki-client on console-ams.rpki-client.org