Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/86306ED26F4311EAB6C07F58C4F9AE02.roa
File: 86306ED26F4311EAB6C07F58C4F9AE02.roa (raw, json)
Hash identifier: 4KTGvSTWEL/t17sH+Bt8oI/CL/hWHgB6vHfOJekklIg=
Subject key identifier: FC:6F:49:95:DF:0B:2F:AB:48:AD:07:2F:FA:B1:9E:56:98:FB:B8:3F
Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Certificate serial: 09A9
Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/86306ED26F4311EAB6C07F58C4F9AE02.roa
Signing time: Thu 30 May 2024 21:27:51 +0000
ROA not before: Thu 30 May 2024 21:27:51 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 4913
IP address blocks: 175.176.247.0/24 maxlen: 24
175.176.249.0/24 maxlen: 24
202.174.128.0/24 maxlen: 24
202.174.143.0/24 maxlen: 24
203.88.85.0/24 maxlen: 24
203.88.86.0/24 maxlen: 24
203.88.87.0/24 maxlen: 24
203.88.88.0/24 maxlen: 24
203.88.89.0/24 maxlen: 24
203.88.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 04:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2473 (0x9a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Validity
Not Before: May 30 21:27:51 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6658ef57-b87a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:98:66:0b:9b:4a:49:0d:45:e6:6a:f9:d4:1f:
4f:b3:bb:3e:64:4b:66:44:82:bc:01:94:f3:51:09:
73:48:a1:d1:7f:52:b9:2f:5e:1c:97:bd:ea:7c:d4:
5e:fc:b2:9a:35:17:46:7d:b6:aa:b0:9c:20:74:82:
2b:32:fd:02:9b:25:ad:56:df:35:a8:da:88:3c:9a:
17:b1:3b:58:99:f9:0a:6a:67:15:cf:48:78:c3:81:
3e:15:f4:41:e8:ae:5e:71:df:71:95:48:7f:13:b6:
7e:92:51:17:09:e3:d0:7d:be:90:48:b7:28:ac:21:
44:d3:d8:1a:fe:c0:56:6a:ba:36:b8:0a:72:13:0b:
e8:44:be:f0:08:32:88:39:12:9a:f7:58:a3:30:6d:
1b:d0:ca:d8:32:57:5b:ff:0c:d2:62:8b:01:78:f0:
cf:fd:f2:42:01:ec:7e:e4:b9:fe:88:05:4e:77:78:
9f:22:36:f0:a5:f4:25:07:db:6b:a3:80:9b:ff:db:
8b:97:85:31:30:1c:0a:1d:18:27:40:26:2b:a2:8f:
6c:75:4c:04:46:42:43:d5:81:ff:35:52:1a:1f:4e:
53:ac:9f:b5:3c:d9:ec:01:57:e2:04:ee:84:0d:a6:
b3:ab:a8:8b:17:7c:ce:e1:49:44:4c:10:d6:46:20:
52:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:6F:49:95:DF:0B:2F:AB:48:AD:07:2F:FA:B1:9E:56:98:FB:B8:3F
X509v3 Authority Key Identifier:
keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/86306ED26F4311EAB6C07F58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.176.247.0/24
175.176.249.0/24
202.174.128.0/24
202.174.143.0/24
203.88.85.0-203.88.90.255
Signature Algorithm: sha256WithRSAEncryption
80:82:ba:3e:bb:1b:5b:b1:59:98:2a:7f:f9:eb:52:41:58:c4:
40:32:a2:51:80:38:74:ed:96:57:31:d9:02:37:95:8f:4a:14:
ce:8c:56:d1:6e:fc:d4:d9:a7:52:47:6d:18:9f:c6:1e:e7:57:
d1:bb:af:39:4f:62:4d:e3:58:98:71:8b:85:73:24:4f:37:a4:
3d:1c:fa:fb:48:68:b1:9c:02:8f:8b:63:25:ac:67:6e:13:d0:
de:d0:9e:f1:ee:9c:59:c6:9e:d8:a9:51:f3:6d:76:54:05:83:
37:f0:22:8f:29:d5:be:da:e1:43:6e:b8:49:d9:29:2a:90:63:
b0:0b:f1:80:02:a2:1c:b1:56:a0:20:b8:57:7a:84:e0:4e:8b:
50:a5:3e:cd:48:53:aa:30:9a:b0:9b:b0:f8:5f:10:4f:95:58:
9c:d4:ec:6a:75:59:d0:05:8d:a1:5c:6d:5a:2e:d0:f2:bc:97:
2c:f7:65:8f:35:e3:58:03:1b:9f:70:af:96:e5:4d:3a:82:f3:
7e:b8:93:6a:54:b4:64:f9:14:64:30:f1:19:22:c2:85:82:31:
a7:3d:f1:89:5b:f3:fd:08:ae:82:e7:f1:d8:dc:58:d3:17:b7:
b7:7d:74:34:b8:a2:f0:71:e9:19:90:e3:80:94:5e:78:3b:15:
24:51:1d:97
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICCakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw
OEM3NDNENEIwHhcNMjQwNTMwMjEyNzUxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU4ZWY1Ny1iODdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2phmC5tKSQ1F5mr51B9Ps7s+ZEtmRIK8AZTzUQlzSKHRf1K5L14cl73qfNRe
/LKaNRdGfbaqsJwgdIIrMv0CmyWtVt81qNqIPJoXsTtYmfkKamcVz0h4w4E+FfRB
6K5ecd9xlUh/E7Z+klEXCePQfb6QSLcorCFE09ga/sBWaro2uApyEwvoRL7wCDKI
ORKa91ijMG0b0MrYMldb/wzSYosBePDP/fJCAex+5Ln+iAVOd3ifIjbwpfQlB9tr
o4Cb/9uLl4UxMBwKHRgnQCYroo9sdUwERkJD1YH/NVIaH05TrJ+1PNnsAVfiBO6E
Daazq6iLF3zO4UlETBDWRiBSkwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFPxvSZXf
Cy+rSK0HL/qxnlaY+7g/MB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG
M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNFMjcvRjM4ODg3NjY2RjNBMTFFQTk4NDAxMzNEQzRGOUFFMDIvODYzMDZFRDI2
RjQzMTFFQUI2QzA3RjU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBACvsPcDBACvsPkDBADKroADBADKro8wDAMEAMtYVQMEAMtY
WjANBgkqhkiG9w0BAQsFAAOCAQEAgIK6PrsbW7FZmCp/+etSQVjEQDKiUYA4dO2W
VzHZAjeVj0oUzoxW0W781NmnUkdtGJ/GHudX0buvOU9iTeNYmHGLhXMkTzekPRz6
+0hosZwCj4tjJaxnbhPQ3tCe8e6cWcae2KlR8212VAWDN/AijynVvtrhQ264Sdkp
KpBjsAvxgAKiHLFWoCC4V3qE4E6LUKU+zUhTqjCasJuw+F8QT5VYnNTsanVZ0AWN
oVxtWi7Q8ryXLPdljzXjWAMbn3CvluVNOoLzfriTalS0ZPkUZDDxGSLChYIxpz3x
iVvz/Qiugufx2NxY0xe3t310NLii8HHpGZDjgJReeDsVJFEdlw==
-----END CERTIFICATE-----
Generated at Thu Oct 10 07:48:30 2024 by rpki-client on console-fra.rpki-client.org