Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/040EFE90FD6B11EEBD975961C4F9AE02.roa
File: 040EFE90FD6B11EEBD975961C4F9AE02.roa (raw, json)
Hash identifier: BKrQk2VSRcaY3XuBBjeBlZE7v7lDE+5oQonZZftEKBA=
Subject key identifier: 4F:F5:3F:C4:B5:ED:29:6A:39:4E:52:E8:65:00:9A:0A:27:EB:A0:69
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 0757
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/040EFE90FD6B11EEBD975961C4F9AE02.roa
Signing time: Thu 18 Apr 2024 10:04:17 +0000
ROA not before: Thu 18 Apr 2024 10:04:17 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 834
IP address blocks: 202.139.224.0/22 maxlen: 24
202.139.230.0/23 maxlen: 24
202.139.232.0/21 maxlen: 24
202.139.240.0/20 maxlen: 24
202.148.144.0/20 maxlen: 24
210.247.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 10:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1879 (0x757)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: Apr 18 10:04:17 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6620f020-9b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:11:ac:21:ca:6f:7d:97:8f:ea:0d:17:5e:d6:
de:91:9e:f0:7e:e7:15:74:2e:78:71:76:66:c0:65:
7f:83:30:13:6d:8b:8b:a8:bf:11:51:36:98:d8:b5:
2c:c7:cf:ba:9d:ac:c7:fa:52:96:ff:c6:8f:bc:03:
02:5e:1a:9c:2b:2a:81:ed:ff:74:6b:d5:29:69:ed:
9e:01:9e:4c:a5:04:9b:98:04:28:dc:b4:21:0a:68:
aa:83:66:d9:bd:11:52:72:ac:ea:e7:55:18:9e:4c:
19:f5:e2:e5:15:cd:5d:97:39:ba:91:59:b7:f2:36:
2f:d7:9e:29:67:e6:fc:16:bd:ad:cf:62:86:df:58:
71:e4:85:24:60:86:5d:2b:d1:5e:c5:67:11:da:03:
76:f7:c3:2e:42:9b:80:55:32:d8:75:04:37:f6:18:
0a:ac:17:2a:c0:b8:12:81:a0:e7:b8:90:f6:74:ff:
99:74:6e:b6:48:18:a4:3c:71:f3:70:61:be:fa:6c:
42:0d:7d:db:91:2b:c7:0d:9f:88:49:44:39:2b:c3:
e3:e3:41:30:17:70:d6:0a:02:7b:39:ba:22:cd:70:
5f:50:24:e2:85:3f:f6:43:71:fd:e2:de:3f:ed:a0:
86:9f:0c:3d:91:65:7f:96:84:fa:79:76:9c:30:b5:
96:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F5:3F:C4:B5:ED:29:6A:39:4E:52:E8:65:00:9A:0A:27:EB:A0:69
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/040EFE90FD6B11EEBD975961C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.139.224.0/22
202.139.230.0-202.139.255.255
202.148.144.0/20
210.247.232.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:60:49:a0:86:7a:e7:9b:27:8b:f7:27:64:01:23:96:b3:62:
69:db:64:05:ce:4e:ea:ed:00:59:26:7d:0c:0f:29:72:e8:87:
97:f4:4d:0c:41:8e:14:61:4c:ca:de:37:00:bc:68:fe:72:ca:
b2:14:ed:fc:85:29:c1:d9:9e:d3:3b:79:1c:cb:53:ba:4a:39:
8c:35:35:3f:d5:cd:dc:44:d9:75:ad:db:d8:5a:51:96:09:8e:
10:04:cb:48:2f:9f:e8:f3:c5:13:d0:c2:13:8e:aa:3a:b7:0a:
61:ed:82:1d:87:16:38:18:f8:12:fa:20:6d:f8:42:33:28:1d:
7d:c9:79:ac:4e:7e:04:5b:26:6a:56:1b:a5:4a:49:e1:c0:5a:
5b:df:03:6e:8c:cc:0c:1b:88:cd:4b:b0:70:3c:23:12:b6:30:
1e:a5:78:1e:e5:16:ff:ab:5d:74:39:ac:69:84:ac:04:e8:a1:
af:87:86:6c:90:fe:92:f4:1c:db:c6:fe:1e:eb:4d:a5:a9:41:
1f:78:b3:82:ad:14:09:f5:c9:f6:1a:15:6b:c0:42:d9:30:58:
bd:fe:6c:a6:a1:2e:6b:67:fa:d5:cd:0b:3b:59:c4:28:be:7f:
d2:d2:d8:5f:59:41:37:27:86:9d:3d:dc:8a:19:1a:dd:f9:0d:
2f:da:2a:02
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICB1cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjQwNDE4MTAwNDE3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIwZjAyMC05YjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1xGsIcpvfZeP6g0XXtbekZ7wfucVdC54cXZmwGV/gzATbYuLqL8RUTaY2LUs
x8+6nazH+lKW/8aPvAMCXhqcKyqB7f90a9Upae2eAZ5MpQSbmAQo3LQhCmiqg2bZ
vRFScqzq51UYnkwZ9eLlFc1dlzm6kVm38jYv154pZ+b8Fr2tz2KG31hx5IUkYIZd
K9FexWcR2gN298MuQpuAVTLYdQQ39hgKrBcqwLgSgaDnuJD2dP+ZdG62SBikPHHz
cGG++mxCDX3bkSvHDZ+ISUQ5K8Pj40EwF3DWCgJ7OboizXBfUCTihT/2Q3H94t4/
7aCGnww9kWV/loT6eXacMLWWLQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFE/1P8S1
7SlqOU5S6GUAmgon66BpMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvMDQwRUZFOTBG
RDZCMTFFRUJEOTc1OTYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMCUEAgABMB8DBALKi+AwCwMEAcqL5gMDAsqIAwQEypSQAwQD0vfoMA0GCSqG
SIb3DQEBCwUAA4IBAQBaYEmghnrnmyeL9ydkASOWs2Jp22QFzk7q7QBZJn0MDyly
6IeX9E0MQY4UYUzK3jcAvGj+csqyFO38hSnB2Z7TO3kcy1O6SjmMNTU/1c3cRNl1
rdvYWlGWCY4QBMtIL5/o88UT0MITjqo6twph7YIdhxY4GPgS+iBt+EIzKB19yXms
Tn4EWyZqVhulSknhwFpb3wNujMwMG4jNS7BwPCMStjAepXge5Rb/q110OaxphKwE
6KGvh4ZskP6S9Bzbxv4e602lqUEfeLOCrRQJ9cn2GhVrwELZMFi9/mymoS5rZ/rV
zQs7WcQovn/S0thfWUE3J4adPdyKGRrd+Q0v2ioC
-----END CERTIFICATE-----
Generated at Thu Apr 18 18:13:35 2024 by rpki-client on console.sobornost.net