Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/7D5EF8A6931F11EE8153EF37C4F9AE02.roa
File: 7D5EF8A6931F11EE8153EF37C4F9AE02.roa (raw, json)
Hash identifier: BptYfj9gdzFtdWqxZfpx3PguM31jQDYEqraTobikPM4=
Subject key identifier: 3A:D5:2C:45:3E:C0:79:D4:AD:0F:E3:15:9F:77:EC:C6:27:72:EB:B4
Certificate issuer: /CN=A91E563F/serialNumber=482016E56A0241FD2D35BFD77BC972E673CE9F2F
Certificate serial: 07B5
Authority key identifier: 48:20:16:E5:6A:02:41:FD:2D:35:BF:D7:7B:C9:72:E6:73:CE:9F:2F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SCAW5WoCQf0tNb_Xe8ly5nPOny8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/7D5EF8A6931F11EE8153EF37C4F9AE02.roa
Signing time: Tue 05 Dec 2023 03:36:35 +0000
ROA not before: Tue 05 Dec 2023 03:36:35 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 17894
IP address blocks: 202.52.160.0/20 maxlen: 20
202.95.224.0/24 maxlen: 24
202.95.225.0/24 maxlen: 24
202.95.226.0/24 maxlen: 24
202.95.227.0/24 maxlen: 24
202.95.228.0/24 maxlen: 24
202.95.229.0/24 maxlen: 24
202.95.230.0/24 maxlen: 24
202.95.231.0/24 maxlen: 24
202.95.232.0/24 maxlen: 24
202.95.235.0/24 maxlen: 24
202.95.236.0/24 maxlen: 24
202.95.237.0/24 maxlen: 24
202.95.238.0/24 maxlen: 24
202.95.239.0/24 maxlen: 24
202.126.32.0/20 maxlen: 24
2401:b900::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 05 Dec 2023 03:53:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1973 (0x7b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E563F/serialNumber=482016E56A0241FD2D35BFD77BC972E673CE9F2F
Validity
Not Before: Dec 5 03:36:35 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=656e9ac3-1da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8a:d3:06:b8:9c:32:38:c8:21:71:b3:43:8e:
a9:c5:8c:ce:7f:23:02:2b:44:bf:48:16:7c:9b:8a:
81:69:78:67:4b:0f:eb:93:1e:8e:7b:e7:cd:3d:09:
5e:d5:e6:78:85:5d:ae:32:da:00:11:8b:1d:f8:59:
1f:ae:c7:37:ed:33:f0:43:38:b3:4f:c7:ab:5b:37:
f4:80:e3:ac:e3:9f:9c:26:b7:ad:68:fb:8d:36:8f:
d5:10:11:23:0f:45:e4:95:a1:df:9d:c9:e7:8d:29:
e5:25:dd:ae:72:b2:52:97:d1:19:20:ad:70:1b:a0:
71:09:82:97:73:bd:ab:0b:99:1f:c3:4a:2f:ee:bc:
3e:eb:28:c7:73:90:6f:c0:a2:ae:9c:7b:08:7b:df:
1b:e6:db:85:b8:60:e7:53:e4:ee:63:cf:82:dc:97:
e5:35:22:b7:ae:a5:23:99:81:f1:a2:37:8e:59:7e:
cc:72:c3:bf:e9:96:24:e2:5d:c4:ce:76:34:c0:0b:
2d:c3:97:f4:09:3b:0c:68:f8:5f:18:4c:ef:28:71:
31:b4:9b:d1:e8:19:41:6a:d9:90:41:66:ac:9a:97:
ff:95:fc:f1:a9:1e:36:df:5e:85:ad:a5:d4:b8:8b:
2e:bc:5f:19:3d:b7:62:ef:ea:50:15:65:c3:62:b7:
79:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D5:2C:45:3E:C0:79:D4:AD:0F:E3:15:9F:77:EC:C6:27:72:EB:B4
X509v3 Authority Key Identifier:
keyid:48:20:16:E5:6A:02:41:FD:2D:35:BF:D7:7B:C9:72:E6:73:CE:9F:2F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/SCAW5WoCQf0tNb_Xe8ly5nPOny8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SCAW5WoCQf0tNb_Xe8ly5nPOny8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/7D5EF8A6931F11EE8153EF37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.52.160.0/20
202.95.224.0-202.95.232.255
202.95.235.0-202.95.239.255
202.126.32.0/20
IPv6:
2401:b900::/32
Signature Algorithm: sha256WithRSAEncryption
87:30:e7:08:88:e5:fe:47:39:c9:9d:d3:14:13:f7:63:9d:ad:
d6:60:63:fa:1d:cc:db:03:45:31:f2:59:bc:d0:a6:7e:2c:47:
ec:ef:60:90:73:76:a1:bb:9a:cd:9d:2e:bc:02:25:27:af:d0:
33:9c:3f:52:20:5f:5f:49:a9:0d:95:d3:9f:94:0b:b1:07:76:
20:2c:4b:e4:81:75:46:f3:2b:60:9e:8a:c4:d3:73:9a:19:5f:
8e:f3:90:97:d8:72:55:82:5f:b9:ed:87:8b:bb:35:e2:bc:87:
7c:0f:2d:65:55:cb:44:2b:95:f2:66:fc:d8:9b:12:94:fe:59:
14:be:86:14:05:58:5b:02:82:0b:5e:92:da:bb:55:45:1d:37:
e1:62:5a:e2:8b:6b:63:c4:c3:ca:5c:f1:ec:9b:46:02:1c:bb:
62:d0:ff:a7:3e:8f:5d:2b:21:1b:70:8e:a4:7e:12:bb:46:a6:
72:1a:64:91:c8:a4:64:35:a3:8a:2a:2d:c0:ab:9f:db:64:44:
f7:76:a4:28:33:a7:64:35:a7:28:65:10:de:80:c1:fe:31:d0:
dd:b0:fb:b8:85:a6:25:ba:e6:51:bb:be:8c:4a:89:b7:58:5d:
77:ff:44:ce:f8:9c:aa:0f:45:49:79:8b:e0:9d:c1:94:8d:11:
3a:d7:bd:c9
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICB7UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTU2M0YxMTAvBgNVBAUTKDQ4MjAxNkU1NkEwMjQxRkQyRDM1QkZENzdCQzk3MkU2
NzNDRTlGMkYwHhcNMjMxMjA1MDMzNjM1WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZlOWFjMy0xZGE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuYrTBricMjjIIXGzQ46pxYzOfyMCK0S/SBZ8m4qBaXhnSw/rkx6Oe+fNPQle
1eZ4hV2uMtoAEYsd+Fkfrsc37TPwQzizT8erWzf0gOOs45+cJretaPuNNo/VEBEj
D0XklaHfncnnjSnlJd2ucrJSl9EZIK1wG6BxCYKXc72rC5kfw0ov7rw+6yjHc5Bv
wKKunHsIe98b5tuFuGDnU+TuY8+C3JflNSK3rqUjmYHxojeOWX7McsO/6ZYk4l3E
znY0wAstw5f0CTsMaPhfGEzvKHExtJvR6BlBatmQQWasmpf/lfzxqR42316FraXU
uIsuvF8ZPbdi7+pQFWXDYrd57QIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFDrVLEU+
wHnUrQ/jFZ937MYncuu0MB8GA1UdIwQYMBaAFEggFuVqAkH9LTW/13vJcuZzzp8v
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTYzRi8wQUI3NzdEQUI2
QTgxMUVBQUVFMTRGN0JDNEY5QUUwMi9TQ0FXNVdvQ1FmMHROYl9YZThseTVuUE9u
eTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDQVc1V29DUWYwdE5iX1hlOGx5NW5QT255OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTU2M0YvMEFCNzc3REFCNkE4MTFFQUFFRTE0RjdCQzRGOUFFMDIvN0Q1RUY4QTY5
MzFGMTFFRTgxNTNFRjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MC4EAgABMCgDBATKNKAwDAMEBcpf4AMEAMpf6DAMAwQAyl/rAwQEyl/gAwQE
yn4gMA0EAgACMAcDBQAkAbkAMA0GCSqGSIb3DQEBCwUAA4IBAQCHMOcIiOX+RznJ
ndMUE/djna3WYGP6HczbA0Ux8lm80KZ+LEfs72CQc3ahu5rNnS68AiUnr9AznD9S
IF9fSakNldOflAuxB3YgLEvkgXVG8ytgnorE03OaGV+O85CX2HJVgl+57YeLuzXi
vId8Dy1lVctEK5XyZvzYmxKU/lkUvoYUBVhbAoILXpLau1VFHTfhYlrii2tjxMPK
XPHsm0YCHLti0P+nPo9dKyEbcI6kfhK7RqZyGmSRyKRkNaOKKi3Aq5/bZET3dqQo
M6dkNacoZRDegMH+MdDdsPu4haYluuZRu76MSom3WF13/0TO+JyqD0VJeYvgncGU
jRE6173J
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org