Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/65572256473D11EF89DE2974C4F9AE02.roa
File: 65572256473D11EF89DE2974C4F9AE02.roa (raw, json)
Hash identifier: EvOMvbj92jn18Dy/N9AoGWCu+jbfnzk6LuCPU0NPRME=
Subject key identifier: 6D:8F:B6:AC:27:FF:DE:E1:A1:FA:20:DE:12:30:5A:2B:88:1E:BF:03
Certificate issuer: /CN=A91E91BC/serialNumber=6D5D50E88B9D65E8AFDA28C2CEA6150127038608
Certificate serial: 0298
Authority key identifier: 6D:5D:50:E8:8B:9D:65:E8:AF:DA:28:C2:CE:A6:15:01:27:03:86:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/65572256473D11EF89DE2974C4F9AE02.roa
Signing time: Sun 21 Jul 2024 10:32:07 +0000
ROA not before: Sun 21 Jul 2024 10:32:07 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 7545
IP address blocks: 202.12.87.0/24 maxlen: 24
202.12.88.0/24 maxlen: 24
202.12.90.0/24 maxlen: 24
203.0.12.0/24 maxlen: 24
203.0.13.0/24 maxlen: 24
203.3.124.0/22 maxlen: 22
203.4.226.0/24 maxlen: 24
203.14.152.0/24 maxlen: 24
203.14.154.0/24 maxlen: 24
203.14.155.0/24 maxlen: 24
203.14.156.0/23 maxlen: 23
203.14.158.0/23 maxlen: 24
203.27.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 664 (0x298)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E91BC
Validity
Not Before: Jul 21 10:32:07 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=669ce3a7-4d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d6:dc:de:ba:99:3d:8d:9f:f6:59:34:57:52:
40:ea:fc:ee:dc:91:80:21:d7:01:6f:07:a0:6a:80:
b2:5d:24:c8:db:bb:65:60:ba:08:8a:5c:48:5b:23:
51:19:1d:73:04:1b:a3:e0:9c:0d:e6:80:7e:e9:b1:
db:a4:0c:ab:48:0c:a9:8e:77:45:d3:c0:bb:75:4e:
ac:8f:e4:0d:90:19:a2:9c:e7:26:75:64:a4:b8:29:
3d:26:86:97:5b:c2:bd:29:fa:b0:db:b9:65:da:e8:
04:53:17:90:15:dd:e2:45:53:e6:06:58:98:1a:30:
01:f0:37:31:be:33:5f:33:54:f8:e0:a7:da:13:27:
db:87:7a:38:98:29:d5:ae:f2:ad:2e:2a:64:3f:6a:
73:cd:ea:c3:11:6f:68:d7:09:d7:7a:ef:20:81:a3:
73:50:46:19:d7:4a:7f:c2:72:d8:bf:7b:66:ad:f1:
80:ba:b6:a0:5b:8d:59:b3:fa:57:93:a8:f2:11:83:
e3:f0:15:07:aa:5e:96:ee:b9:ff:d5:4d:e1:be:87:
80:61:25:b5:20:74:6d:93:f8:eb:23:87:f2:9d:9e:
13:c6:20:fc:da:3a:9e:63:82:8a:9c:d2:cb:d1:6d:
d1:fd:99:2c:47:12:c5:b3:06:22:bb:69:0d:26:e1:
51:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8F:B6:AC:27:FF:DE:E1:A1:FA:20:DE:12:30:5A:2B:88:1E:BF:03
X509v3 Authority Key Identifier:
keyid:6D:5D:50:E8:8B:9D:65:E8:AF:DA:28:C2:CE:A6:15:01:27:03:86:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/bV1Q6IudZeiv2ijCzqYVAScDhgg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/65572256473D11EF89DE2974C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.12.87.0-202.12.88.255
202.12.90.0/24
203.0.12.0/23
203.3.124.0/22
203.4.226.0/24
203.14.152.0/24
203.14.154.0-203.14.159.255
203.27.126.0/24
Signature Algorithm: sha256WithRSAEncryption
22:1d:4f:a3:a4:6c:d2:2e:20:e7:45:d4:11:ed:59:d5:99:7c:
a8:c0:05:c4:79:49:8c:8c:84:37:32:ca:01:dc:31:c5:3f:ca:
3e:aa:ca:95:b9:2e:8e:16:f1:29:38:63:f9:f9:82:40:44:6d:
fe:cc:7f:f8:57:30:39:94:e2:72:b3:46:ab:7e:63:33:ac:0c:
89:75:76:14:2d:6c:df:05:9f:fa:97:be:1b:9f:d5:61:7a:c4:
c0:3e:31:44:90:5e:19:fa:dc:f6:b2:3b:b8:4c:49:f4:07:de:
5c:5b:f5:13:98:77:1e:01:1b:01:10:29:78:b1:0a:fd:c1:6a:
eb:2b:60:b3:50:69:c1:50:52:18:06:7a:d2:76:58:a5:b8:8b:
04:4b:af:b3:16:96:5a:63:1e:5b:16:88:e8:90:12:4c:7a:61:
38:5f:dc:f4:77:36:ef:a4:4f:34:65:17:8a:9c:14:cc:29:e5:
33:ee:97:68:b8:fa:88:31:00:bc:4a:8b:cc:6a:c8:7e:af:8d:
f7:0e:67:c3:36:d5:fd:f4:35:5e:1d:82:3f:3f:3e:2c:77:2d:
2d:c4:78:be:7f:ff:92:5a:2a:bc:f7:40:33:bc:56:7b:61:ad:
f5:92:1a:9e:ed:47:d9:f5:d4:b9:b7:60:b3:e8:1c:3f:77:91:
0b:e3:f8:eb
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICApgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTkxQkMxMTAvBgNVBAUTKDZENUQ1MEU4OEI5RDY1RThBRkRBMjhDMkNFQTYxNTAx
MjcwMzg2MDgwHhcNMjQwNzIxMTAzMjA3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjljZTNhNy00ZDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAutbc3rqZPY2f9lk0V1JA6vzu3JGAIdcBbwegaoCyXSTI27tlYLoIilxIWyNR
GR1zBBuj4JwN5oB+6bHbpAyrSAypjndF08C7dU6sj+QNkBminOcmdWSkuCk9JoaX
W8K9Kfqw27ll2ugEUxeQFd3iRVPmBliYGjAB8DcxvjNfM1T44KfaEyfbh3o4mCnV
rvKtLipkP2pzzerDEW9o1wnXeu8ggaNzUEYZ10p/wnLYv3tmrfGAuragW41Zs/pX
k6jyEYPj8BUHql6W7rn/1U3hvoeAYSW1IHRtk/jrI4fynZ4TxiD82jqeY4KKnNLL
0W3R/ZksRxLFswYiu2kNJuFRjwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFG2Ptqwn
/97hofog3hIwWiuIHr8DMB8GA1UdIwQYMBaAFG1dUOiLnWXor9oows6mFQEnA4YI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTFCQy9BRTQ0RDI0QURC
RTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9iVjFRNkl1ZFplaXYyaWpDenFZVkFTY0Ro
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JWMVE2SXVkWmVpdjJpakN6cVlWQVNjRGhnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTkxQkMvQUU0NEQyNEFEQkU5MTFFQzk1MTEwNTE1QzRGOUFFMDIvNjU1NzIyNTY0
NzNEMTFFRjg5REUyOTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEAwDAMEAMoMVwMEAMoMWAMEAMoMWgMEAcsADAMEAssDfAMEAMsE
4gMEAMsOmDAMAwQByw6aAwQFyw6AAwQAyxt+MA0GCSqGSIb3DQEBCwUAA4IBAQAi
HU+jpGzSLiDnRdQR7VnVmXyowAXEeUmMjIQ3MsoB3DHFP8o+qsqVuS6OFvEpOGP5
+YJARG3+zH/4VzA5lOJys0arfmMzrAyJdXYULWzfBZ/6l74bn9VhesTAPjFEkF4Z
+tz2sju4TEn0B95cW/UTmHceARsBECl4sQr9wWrrK2CzUGnBUFIYBnrSdliluIsE
S6+zFpZaYx5bFojokBJMemE4X9z0dzbvpE80ZReKnBTMKeUz7pdouPqIMQC8SovM
ash+r433DmfDNtX99DVeHYI/Pz4sdy0txHi+f/+SWiq890AzvFZ7Ya31khqe7UfZ
9dS5t2Cz6Bw/d5EL4/jr
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:56 2025 by rpki-client