Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/8AD5E6DEFD6911EE801FFF6CC4F9AE02.roa
File: 8AD5E6DEFD6911EE801FFF6CC4F9AE02.roa (raw, json)
Hash identifier: D0m//wk8qu5e10gNkh8ScU3S2PGmG9rdKQ3V6odFCrY=
Subject key identifier: B9:9E:5C:C1:0E:91:F5:91:11:F6:DE:87:0C:94:78:CF:6C:A0:61:D0
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 0752
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/8AD5E6DEFD6911EE801FFF6CC4F9AE02.roa
Signing time: Thu 18 Apr 2024 09:53:44 +0000
ROA not before: Thu 18 Apr 2024 09:53:44 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 134143
IP address blocks: 202.148.152.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 10:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1874 (0x752)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Validity
Not Before: Apr 18 09:53:44 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6620eda8-524e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a7:7a:58:15:82:e2:ab:a7:92:ac:d0:ba:23:
5f:e0:6c:87:ba:f0:59:cc:50:14:73:f4:7f:39:39:
4e:5a:65:22:46:06:43:0e:30:aa:53:0b:9f:35:d1:
36:93:ca:0b:10:9b:29:16:8d:53:d9:d7:92:12:0f:
e6:bc:79:d9:b8:0d:16:bc:6e:f6:93:a4:a1:f2:55:
0c:81:18:6e:15:49:f0:fb:aa:97:60:de:5a:64:23:
73:76:f6:46:cd:f1:2c:32:06:b7:57:22:83:f3:07:
9c:58:89:ee:bf:b9:b8:63:cc:51:34:79:5b:86:72:
16:63:a8:c2:4c:7c:d1:b8:c1:5d:2b:a6:9f:bb:1f:
27:eb:89:3e:ce:f9:60:e2:08:df:1d:62:c8:2e:c9:
2d:6f:6a:f1:3c:15:ba:5b:05:0a:87:fd:15:d7:ee:
02:94:b4:34:34:41:bf:8b:47:af:22:cb:fe:ec:4e:
fc:d2:98:d7:79:a9:0a:90:a8:ea:0f:3d:56:5c:30:
62:5f:5b:a3:35:94:d4:3d:ad:5c:5d:3e:ba:cb:1d:
f5:b3:0b:67:1f:37:0e:f1:27:b3:bd:e6:61:20:51:
64:d7:2a:af:7f:26:cc:9e:2b:48:9b:87:35:be:2d:
68:33:32:bd:94:aa:cf:ea:c5:1e:b6:e9:b4:a9:f2:
bf:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9E:5C:C1:0E:91:F5:91:11:F6:DE:87:0C:94:78:CF:6C:A0:61:D0
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/8AD5E6DEFD6911EE801FFF6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.148.152.0/21
Signature Algorithm: sha256WithRSAEncryption
15:b0:a4:f3:80:cd:d9:fe:8d:1b:ef:82:96:96:69:25:2e:2f:
d5:5b:fb:14:27:14:1b:10:0a:1c:8f:23:95:83:00:a0:02:0b:
d5:3d:2c:e5:67:d3:90:0b:b4:93:00:6f:ed:e6:3d:c3:cc:a2:
f7:49:8a:57:1e:4d:35:ad:39:61:6d:49:7a:9f:f7:bd:26:da:
3d:35:a7:1d:fc:a3:1a:2b:0a:e2:8a:cb:91:ae:a4:e1:e3:04:
26:7b:dc:8a:75:a4:48:f5:5c:fd:5f:a0:d8:28:a5:be:45:6d:
8b:d1:ad:ce:e2:e7:4c:a1:c9:1e:d7:9d:a3:66:6a:36:b1:c6:
52:1a:d5:63:72:9b:6e:ef:63:ec:5b:b6:16:64:0f:88:d6:b3:
44:d7:58:bc:9e:6c:d7:e0:5b:2c:07:21:96:94:c4:43:c0:8d:
8e:27:01:a3:d8:d2:7f:4b:3a:ed:cf:11:c7:51:a6:e2:bf:7a:
8d:1a:0a:b1:c5:4f:a5:c0:43:20:79:dc:e0:e7:ed:75:25:6c:
94:17:5a:b7:87:57:d3:e0:72:7a:61:4b:5c:7e:fb:f7:20:65:
9a:33:4e:59:0c:18:84:b2:1f:94:bd:a5:6a:07:26:56:50:43:
0b:42:1a:96:67:98:69:e0:6d:a1:c4:1d:04:c3:56:4a:c3:0d:
b4:f2:c1:3e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB1IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjQwNDE4MDk1MzQ0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIwZWRhOC01MjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxqd6WBWC4qunkqzQuiNf4GyHuvBZzFAUc/R/OTlOWmUiRgZDDjCqUwufNdE2
k8oLEJspFo1T2deSEg/mvHnZuA0WvG72k6Sh8lUMgRhuFUnw+6qXYN5aZCNzdvZG
zfEsMga3VyKD8wecWInuv7m4Y8xRNHlbhnIWY6jCTHzRuMFdK6afux8n64k+zvlg
4gjfHWLILsktb2rxPBW6WwUKh/0V1+4ClLQ0NEG/i0evIsv+7E780pjXeakKkKjq
Dz1WXDBiX1ujNZTUPa1cXT66yx31swtnHzcO8SezveZhIFFk1yqvfybMnitIm4c1
vi1oMzK9lKrP6sUetum0qfK/mwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLmeXMEO
kfWREfbehwyUeM9soGHQMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvOEFENUU2REVG
RDY5MTFFRTgwMUZGRjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPKlJgwDQYJKoZIhvcNAQELBQADggEBABWwpPOAzdn+jRvv
gpaWaSUuL9Vb+xQnFBsQChyPI5WDAKACC9U9LOVn05ALtJMAb+3mPcPMovdJilce
TTWtOWFtSXqf970m2j01px38oxorCuKKy5GupOHjBCZ73Ip1pEj1XP1foNgopb5F
bYvRrc7i50yhyR7XnaNmajaxxlIa1WNym27vY+xbthZkD4jWs0TXWLyebNfgWywH
IZaUxEPAjY4nAaPY0n9LOu3PEcdRpuK/eo0aCrHFT6XAQyB53ODn7XUlbJQXWreH
V9PgcnphS1x++/cgZZozTlkMGISyH5S9pWoHJlZQQwtCGpZnmGngbaHEHQTDVkrD
DbTywT4=
-----END CERTIFICATE-----
Generated at Thu Apr 18 18:13:35 2024 by rpki-client on console.sobornost.net