Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/CA021440A55711EF9167ED6BC4F9AE02.roa
File: CA021440A55711EF9167ED6BC4F9AE02.roa (raw, json)
Hash identifier: b/h42B6WeeS3Lhs1yn0JA5JQ/WvW1s6VrZm2TaVl/9Q=
Subject key identifier: B7:49:03:35:51:17:FE:21:65:16:00:7E:90:21:25:90:36:72:AC:C7
Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Certificate serial: 0A28
Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/CA021440A55711EF9167ED6BC4F9AE02.roa
Signing time: Mon 18 Nov 2024 02:49:54 +0000
ROA not before: Mon 18 Nov 2024 02:49:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 4913
IP address blocks: 203.88.85.0/24 maxlen: 24
203.88.86.0/24 maxlen: 24
203.88.87.0/24 maxlen: 24
203.88.88.0/24 maxlen: 24
203.88.89.0/24 maxlen: 24
203.88.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 05:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2600 (0xa28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Validity
Not Before: Nov 18 02:49:54 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=673aab52-1f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:41:ef:d6:3f:c3:36:d8:03:f3:da:0e:20:f2:
71:0f:6e:24:8d:35:43:e8:20:40:dc:8d:16:3e:85:
51:bd:5a:40:0e:51:33:ba:42:0c:92:2c:58:f4:28:
13:5c:96:90:6a:92:96:d4:56:6d:f3:31:40:33:46:
bf:58:21:1e:a8:8f:82:d4:16:dd:dd:00:35:6b:ca:
af:c1:5c:a6:74:e6:6c:52:82:1e:79:7e:c2:33:d2:
4e:9e:11:f2:9b:af:91:79:40:85:48:ab:97:0c:a2:
81:1b:bc:aa:d9:9c:5d:e1:e8:34:02:44:8a:90:b3:
8b:65:68:c5:77:2a:91:a3:69:45:a8:98:f7:00:7e:
82:28:3b:a5:73:de:5f:cb:36:d4:0c:92:24:5e:01:
21:cf:fb:f2:7a:21:21:1e:16:6f:16:b8:db:ae:55:
29:4a:93:77:d7:ad:02:f0:df:38:bb:4e:66:09:fe:
32:b9:cd:5c:b6:7c:97:11:5e:0e:a7:59:98:79:ac:
6d:62:af:58:e7:48:8c:18:4a:1a:e5:1e:e5:0b:9a:
03:a3:2f:5b:99:ab:b3:8f:1c:dd:61:79:5e:f9:57:
32:e3:1e:3d:01:b1:af:9f:75:56:c2:d9:e2:95:34:
64:d8:ab:24:2d:0a:70:ba:f3:52:a6:4b:cd:0a:73:
57:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:49:03:35:51:17:FE:21:65:16:00:7E:90:21:25:90:36:72:AC:C7
X509v3 Authority Key Identifier:
keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/CA021440A55711EF9167ED6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.88.85.0-203.88.90.255
Signature Algorithm: sha256WithRSAEncryption
91:a5:12:af:41:83:12:d0:6e:df:e7:c7:7c:f4:62:54:68:15:
87:56:30:e7:32:85:0d:98:b2:ff:46:10:d8:b3:cf:f6:17:7f:
ac:b2:8f:49:d3:8b:f5:4f:09:65:72:19:e1:6d:d4:22:7e:2a:
ac:5b:38:51:95:18:8c:4f:ac:3c:a4:76:a1:c5:88:9d:e7:56:
d7:f5:5b:e6:82:5f:c4:05:b7:94:38:13:f1:d6:fc:df:4a:a7:
ed:7d:58:49:8f:26:3c:14:4a:99:59:58:be:c1:f4:f8:2c:d7:
a4:1a:4c:a4:9b:22:ea:8d:00:39:81:86:1d:f3:bf:9b:1c:27:
23:8a:eb:7e:0d:96:ab:1b:c5:5a:82:f3:31:b5:7c:6e:de:4a:
41:cf:4a:ed:05:35:b2:e5:a1:27:b3:d0:28:66:81:56:33:3b:
28:29:89:cb:eb:6b:49:57:0a:c4:a6:c8:96:62:7e:17:37:fb:
44:b2:6d:80:7c:3d:da:f8:57:6e:b1:22:87:a3:91:5f:96:04:
3a:e3:db:6a:7a:8e:44:cd:dd:66:f3:1b:bf:c2:ad:c1:21:dc:
37:d3:8b:58:b3:3a:18:36:ab:c7:07:02:65:de:20:97:8a:b9:
95:f7:e3:4d:6a:23:33:76:28:8e:74:de:fb:8f:62:4e:74:48:
d6:76:3e:0e
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw
OEM3NDNENEIwHhcNMjQxMTE4MDI0OTU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNhYWI1Mi0xZjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsEHv1j/DNtgD89oOIPJxD24kjTVD6CBA3I0WPoVRvVpADlEzukIMkixY9CgT
XJaQapKW1FZt8zFAM0a/WCEeqI+C1Bbd3QA1a8qvwVymdOZsUoIeeX7CM9JOnhHy
m6+ReUCFSKuXDKKBG7yq2Zxd4eg0AkSKkLOLZWjFdyqRo2lFqJj3AH6CKDulc95f
yzbUDJIkXgEhz/vyeiEhHhZvFrjbrlUpSpN3160C8N84u05mCf4yuc1ctnyXEV4O
p1mYeaxtYq9Y50iMGEoa5R7lC5oDoy9bmauzjxzdYXle+Vcy4x49AbGvn3VWwtni
lTRk2KskLQpwuvNSpkvNCnNXGQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFLdJAzVR
F/4hZRYAfpAhJZA2cqzHMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG
M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNFMjcvRjM4ODg3NjY2RjNBMTFFQTk4NDAxMzNEQzRGOUFFMDIvQ0EwMjE0NDBB
NTU3MTFFRjkxNjdFRDZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAMtYVQMEAMtYWjANBgkqhkiG9w0BAQsFAAOCAQEAkaUS
r0GDEtBu3+fHfPRiVGgVh1Yw5zKFDZiy/0YQ2LPP9hd/rLKPSdOL9U8JZXIZ4W3U
In4qrFs4UZUYjE+sPKR2ocWInedW1/Vb5oJfxAW3lDgT8db830qn7X1YSY8mPBRK
mVlYvsH0+CzXpBpMpJsi6o0AOYGGHfO/mxwnI4rrfg2WqxvFWoLzMbV8bt5KQc9K
7QU1suWhJ7PQKGaBVjM7KCmJy+trSVcKxKbIlmJ+Fzf7RLJtgHw92vhXbrEih6OR
X5YEOuPbanqORM3dZvMbv8KtwSHcN9OLWLM6GDarxwcCZd4gl4q5lffjTWojM3Yo
jnTe+49iTnRI1nY+Dg==
-----END CERTIFICATE-----
Generated at Mon Nov 18 07:12:12 2024 by rpki-client on console-ams.rpki-client.org