Route Origin Authorization
$ rpki-client -vvf rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e31302e36312e302f32342d3234203d3e203234303231.roa
File: 3230332e31302e36312e302f32342d3234203d3e203234303231.roa (raw, json)
Hash identifier: LgqvV37GD7eOQjWpliR3SlBc5hL7QLRzlb7qLONzMMc=
Subject key identifier: 99:F8:BB:BD:6E:AD:28:40:76:4A:E7:6A:CA:0A:4F:BB:BC:4B:76:CB
Certificate issuer: /CN=A91872ED0001/serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
Certificate serial: 0B5D44571AAE7B465507ED8AC80E335432AA946A
Authority key identifier: C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
Subject info access: rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e31302e36312e302f32342d3234203d3e203234303231.roa
Signing time: Tue 11 Apr 2023 10:46:36 +0000
ROA not before: Tue 11 Apr 2023 10:41:36 +0000
ROA not after: Tue 09 Apr 2024 10:46:36 +0000
asID: 24021
IP address blocks: 203.10.61.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:5d:44:57:1a:ae:7b:46:55:07:ed:8a:c8:0e:33:54:32:aa:94:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91872ED0001/serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
Validity
Not Before: Apr 11 10:41:36 2023 GMT
Not After : Apr 9 10:46:36 2024 GMT
Subject: CN=99F8BBBD6EAD2840764AE76ACA0A4FBBBC4B76CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:de:56:c5:23:3d:b7:64:a0:9a:5f:07:4d:ce:
a7:a9:55:c0:42:16:0c:0d:b5:4a:d8:99:e5:d4:41:
a3:d9:e3:e0:73:5c:a5:6a:d8:ce:14:a9:3c:34:45:
c4:87:c2:8e:84:51:65:a4:70:31:6e:45:ac:96:db:
33:12:21:c9:5d:aa:8f:3c:d8:ce:d3:85:83:41:a3:
df:87:3f:06:ed:af:bf:d7:7b:d3:f7:bd:4e:23:0e:
22:da:33:d4:0d:e8:03:1c:80:0a:d1:92:54:72:de:
fc:11:41:df:58:58:be:34:e6:03:cf:50:aa:b2:52:
f8:de:11:dd:46:25:3b:50:b1:bd:e9:87:52:6f:d9:
10:e9:96:b5:60:f7:26:81:3f:80:5f:1b:83:16:5c:
bd:1f:16:01:a0:8a:cb:ed:c2:8e:dc:40:66:88:7e:
e0:d7:d1:50:d1:f0:dd:f1:7e:af:15:aa:24:d9:12:
bb:0b:85:17:04:5c:fc:ba:13:5a:40:74:e5:56:1d:
52:5e:78:48:62:df:33:e6:c2:82:e6:51:e7:f2:3f:
f1:90:31:60:38:66:eb:f8:a9:36:24:b3:5f:c9:3c:
f8:0e:4d:8e:0a:ac:6c:10:f5:c4:89:01:67:a2:e9:
fe:f2:a6:51:71:90:b0:6c:be:00:9f:be:97:86:bc:
19:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F8:BB:BD:6E:AD:28:40:76:4A:E7:6A:CA:0A:4F:BB:BC:4B:76:CB
X509v3 Authority Key Identifier:
keyid:C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e31302e36312e302f32342d3234203d3e203234303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.10.61.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:a1:ac:bb:51:c7:61:e6:3a:78:4c:9b:55:3a:46:83:9e:19:
86:9d:c4:c9:8b:2e:d4:4a:38:4e:1b:0c:ad:d5:55:33:49:f3:
c9:9a:3e:72:97:25:f7:15:8f:f3:22:79:8f:0b:43:f0:eb:74:
14:d6:b4:5c:1b:7c:68:bd:71:6f:ff:3e:47:3c:68:51:0d:8f:
4d:46:cc:f0:d1:56:d3:a6:5a:78:8b:84:61:34:d6:d2:52:8f:
74:75:ea:86:4e:24:e6:a3:68:5e:34:64:5b:ca:30:59:03:ac:
c9:6e:d2:ef:6d:8f:66:61:0e:e7:87:19:92:df:10:2a:71:8f:
7c:09:06:ed:8d:bf:56:c5:71:2a:b6:e0:ac:06:14:1c:8a:c4:
d6:7c:6d:1a:ed:6d:f5:88:55:30:66:6c:93:68:bf:74:fc:84:
aa:b7:0e:76:2b:90:0b:af:10:8a:75:ac:67:2b:f2:96:9b:c2:
81:08:8f:96:3b:cb:74:9e:24:71:c9:e1:99:d5:0d:4c:c1:62:
b3:29:2f:26:c7:4b:41:aa:6b:c1:41:86:f0:a9:6a:e7:20:04:
bb:45:7b:a5:85:af:a8:27:62:ee:82:58:5f:56:3e:f9:cc:33:
91:89:f5:83:d3:0f:60:a6:44:ca:0a:4a:a6:93:67:f4:a4:29:
58:4e:fa:8a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUC11EVxque0ZVB+2KyA4zVDKqlGowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODcyRUQwMDAxMTEwLwYDVQQFEyhDMDkwNkExOUE3
REUzNDlCRkEyQjMyQjNDM0VCNEMyRDE3NzYwQ0UxMB4XDTIzMDQxMTEwNDEzNloX
DTI0MDQwOTEwNDYzNlowMzExMC8GA1UEAxMoOTlGOEJCQkQ2RUFEMjg0MDc2NEFF
NzZBQ0EwQTRGQkJCQzRCNzZDQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDeVsUjPbdkoJpfB03Op6lVwEIWDA21StiZ5dRBo9nj4HNcpWrYzhSpPDRF
xIfCjoRRZaRwMW5FrJbbMxIhyV2qjzzYztOFg0Gj34c/Bu2vv9d70/e9TiMOItoz
1A3oAxyACtGSVHLe/BFB31hYvjTmA89QqrJS+N4R3UYlO1CxvemHUm/ZEOmWtWD3
JoE/gF8bgxZcvR8WAaCKy+3CjtxAZoh+4NfRUNHw3fF+rxWqJNkSuwuFFwRc/LoT
WkB05VYdUl54SGLfM+bCguZR5/I/8ZAxYDhm6/ipNiSzX8k8+A5NjgqsbBD1xIkB
Z6Lp/vKmUXGQsGy+AJ++l4a8GUUCAwEAAaOCAgUwggIBMB0GA1UdDgQWBBSZ+Lu9
bq0oQHZK52rKCk+7vEt2yzAfBgNVHSMEGDAWgBTAkGoZp940m/orMrPD60wtF3YM
4TAOBgNVHQ8BAf8EBAMCB4AwbQYDVR0fBGYwZDBioGCgXoZccnN5bmM6Ly9ycGtp
LnJhbmQuYXBuaWMubmV0L3JlcG8vQTkxODcyRUQwMDAxLzAvQzA5MDZBMTlBN0RF
MzQ5QkZBMkIzMkIzQzNFQjRDMkQxNzc2MENFMS5jcmwwfgYIKwYBBQUHAQEEcjBw
MG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
QjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd0pCcUdhZmVOSnY2S3pL
enctdE1MUmQyRE9FLmNlcjCBhAYIKwYBBQUHAQsEeDB2MHQGCCsGAQUFBzALhmhy
c3luYzovL3Jwa2kucmFuZC5hcG5pYy5uZXQvcmVwby9BOTE4NzJFRDAwMDEvMC8z
MjMwMzMyZTMxMzAyZTM2MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM0MzAz
MjMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAywo9MA0GCSqGSIb3DQEBCwUAA4IBAQDFoay7Ucdh5jp4
TJtVOkaDnhmGncTJiy7USjhOGwyt1VUzSfPJmj5ylyX3FY/zInmPC0Pw63QU1rRc
G3xovXFv/z5HPGhRDY9NRszw0VbTplp4i4RhNNbSUo90deqGTiTmo2heNGRbyjBZ
A6zJbtLvbY9mYQ7nhxmS3xAqcY98CQbtjb9WxXEqtuCsBhQcisTWfG0a7W31iFUw
ZmyTaL90/ISqtw52K5ALrxCKdaxnK/KWm8KBCI+WO8t0niRxyeGZ1Q1MwWKzKS8m
x0tBqmvBQYbwqWrnIAS7RXulha+oJ2LuglhfVj75zDORifWD0w9gpkTKCkqmk2f0
pClYTvqK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:44 2023 by rpki-client on console-ams.rpki-client.org