Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/B028DBE894C811EAB8C45A7BC4F9AE02.roa
File: B028DBE894C811EAB8C45A7BC4F9AE02.roa (raw, json)
Hash identifier: 2ndC2bbzio3DRuJpcnV7jJ43hv7qBpllb/Kb7sC9yE8=
Subject key identifier: 2C:E5:E1:D2:83:52:FB:2E:84:9D:75:22:C1:32:C1:EC:A5:3A:6F:A9
Certificate issuer: /CN=A91F6FC3/serialNumber=66025976B75F5C29F42C1D80CF4888F7D46058D7
Certificate serial: 33B3
Authority key identifier: 66:02:59:76:B7:5F:5C:29:F4:2C:1D:80:CF:48:88:F7:D4:60:58:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/B028DBE894C811EAB8C45A7BC4F9AE02.roa
Signing time: Thu 08 Feb 2024 00:26:03 +0000
ROA not before: Thu 08 Feb 2024 00:26:03 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 10083
IP address blocks: 122.200.160.0/20 maxlen: 20
203.4.162.0/24 maxlen: 24
203.5.127.0/24 maxlen: 24
203.31.57.0/24 maxlen: 24
203.31.101.0/24 maxlen: 24
203.33.71.0/24 maxlen: 24
203.55.18.0/24 maxlen: 24
2402:5600::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 30 Oct 2024 22:21:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13235 (0x33b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F6FC3/serialNumber=66025976B75F5C29F42C1D80CF4888F7D46058D7
Validity
Not Before: Feb 8 00:26:03 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65c41f9b-513a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:26:3e:c0:a1:65:6f:ec:a5:18:1d:ab:4b:b9:
25:80:f8:9b:c3:cb:59:b9:75:68:05:df:d7:9a:a9:
49:2f:e4:45:05:a9:81:8f:f2:b0:68:ca:03:d6:7e:
54:b2:7d:83:68:40:2d:87:70:08:98:46:79:83:3b:
f5:08:94:06:74:85:b6:a4:9f:e3:31:5e:50:95:72:
0e:db:62:52:77:e2:9b:17:4f:22:15:68:33:dd:64:
67:11:be:0a:1c:13:77:c4:ea:d3:c1:18:83:68:01:
d0:28:87:05:96:3b:d3:b9:00:39:fc:6a:e5:71:07:
e9:88:f7:ac:ee:e1:c3:f2:b8:23:10:58:e3:61:84:
ce:fc:90:34:87:4d:67:25:9e:65:fd:8d:c6:63:37:
96:ad:30:05:09:75:9c:b4:39:8b:45:52:52:9e:22:
53:5d:4b:59:bc:2f:1c:32:59:4e:c8:0c:9c:c1:fa:
58:3f:d7:e7:e3:9d:41:fc:31:b2:df:51:35:11:1c:
e8:e0:ce:a1:c0:62:21:ad:1a:72:f6:b1:8a:f3:aa:
db:22:dd:cd:16:bb:ca:e7:48:d7:51:da:a0:17:dd:
b7:1f:7f:fd:4e:fc:09:a8:17:8a:13:f5:98:6f:6e:
ee:48:46:8c:05:74:2a:91:e3:96:6b:88:52:d6:1d:
18:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:E5:E1:D2:83:52:FB:2E:84:9D:75:22:C1:32:C1:EC:A5:3A:6F:A9
X509v3 Authority Key Identifier:
keyid:66:02:59:76:B7:5F:5C:29:F4:2C:1D:80:CF:48:88:F7:D4:60:58:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/B028DBE894C811EAB8C45A7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.200.160.0/20
203.4.162.0/24
203.5.127.0/24
203.31.57.0/24
203.31.101.0/24
203.33.71.0/24
203.55.18.0/24
IPv6:
2402:5600::/32
Signature Algorithm: sha256WithRSAEncryption
79:18:c4:3e:52:50:85:e4:af:ad:23:aa:44:da:c7:03:93:76:
81:5a:56:ed:89:6f:b9:97:96:3d:bb:62:da:4c:2c:dd:2f:c8:
5e:df:d4:24:35:97:9a:9c:51:b0:e4:5e:f6:49:f3:36:f4:7f:
9e:86:d8:6d:48:9a:b9:e3:38:6f:38:46:15:dc:b8:56:f7:99:
45:b6:c4:2c:73:5e:7d:87:7c:50:8f:de:67:f9:42:46:4e:1b:
c4:c6:34:2f:f5:fa:5a:4a:70:ef:fa:15:b3:05:dc:92:0e:59:
cb:21:b0:cd:f9:7a:dd:e4:67:b9:56:e1:f0:81:fc:04:3c:43:
dd:36:6d:90:57:36:7a:2e:5c:d5:52:b5:4e:66:8c:58:ef:61:
cb:0d:79:19:ee:27:62:69:de:18:0f:c1:e3:28:ee:d4:db:45:
e5:c1:57:9f:cc:39:f9:da:f3:39:83:3b:ae:d4:01:4b:40:5c:
d9:0b:eb:a2:01:b9:57:93:30:ed:ea:0f:02:2c:21:48:c8:17:
e3:e4:86:5e:0c:86:3f:28:87:8a:a1:0e:62:11:78:fe:30:b7:
b1:06:e5:d1:05:3a:f9:30:37:e5:49:1e:a3:87:b4:df:07:00:
90:70:fd:9b:50:bb:6b:23:82:c8:5b:da:52:c3:a2:10:16:e0:
b2:fe:dc:86
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICM7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjZGQzMxMTAvBgNVBAUTKDY2MDI1OTc2Qjc1RjVDMjlGNDJDMUQ4MENGNDg4OEY3
RDQ2MDU4RDcwHhcNMjQwMjA4MDAyNjAzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWM0MWY5Yi01MTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1iY+wKFlb+ylGB2rS7klgPibw8tZuXVoBd/XmqlJL+RFBamBj/KwaMoD1n5U
sn2DaEAth3AImEZ5gzv1CJQGdIW2pJ/jMV5QlXIO22JSd+KbF08iFWgz3WRnEb4K
HBN3xOrTwRiDaAHQKIcFljvTuQA5/GrlcQfpiPes7uHD8rgjEFjjYYTO/JA0h01n
JZ5l/Y3GYzeWrTAFCXWctDmLRVJSniJTXUtZvC8cMllOyAycwfpYP9fn451B/DGy
31E1ERzo4M6hwGIhrRpy9rGK86rbIt3NFrvK50jXUdqgF923H3/9TvwJqBeKE/WY
b27uSEaMBXQqkeOWa4hS1h0YvwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFCzl4dKD
UvsuhJ11IsEyweylOm+pMB8GA1UdIwQYMBaAFGYCWXa3X1wp9CwdgM9IiPfUYFjX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkZDMy9GQzkwNzgwMjFE
OTIxMUUyQjNCQzJDRjYwOEIwMkNEMi9aZ0paZHJkZlhDbjBMQjJBejBpSTk5UmdX
TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pnSlpkcmRmWENuMExCMkF6MGlJOTlSZ1dOYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjZGQzMvRkM5MDc4MDIxRDkyMTFFMkIzQkMyQ0Y2MDhCMDJDRDIvQjAyOERCRTg5
NEM4MTFFQUI4QzQ1QTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAR6yKADBADLBKIDBADLBX8DBADLHzkDBADLH2UDBADLIUcD
BADLNxIwDQQCAAIwBwMFACQCVgAwDQYJKoZIhvcNAQELBQADggEBAHkYxD5SUIXk
r60jqkTaxwOTdoFaVu2Jb7mXlj27YtpMLN0vyF7f1CQ1l5qcUbDkXvZJ8zb0f56G
2G1ImrnjOG84RhXcuFb3mUW2xCxzXn2HfFCP3mf5QkZOG8TGNC/1+lpKcO/6FbMF
3JIOWcshsM35et3kZ7lW4fCB/AQ8Q902bZBXNnouXNVStU5mjFjvYcsNeRnuJ2Jp
3hgPweMo7tTbReXBV5/MOfna8zmDO67UAUtAXNkL66IBuVeTMO3qDwIsIUjIF+Pk
hl4Mhj8oh4qhDmIReP4wt7EG5dEFOvkwN+VJHqOHtN8HAJBw/ZtQu2sjgshb2lLD
ohAW4LL+3IY=
-----END CERTIFICATE-----
Generated at Thu Oct 31 00:24:09 2024 by rpki-client on console-fra.rpki-client.org