Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/5C4A6C529F7E11EE9D6BE54BC4F9AE02.roa
File: 5C4A6C529F7E11EE9D6BE54BC4F9AE02.roa (raw, json)
Hash identifier: pK7ux64RkAc6WI3uCysb/coq78CYs2NyjdF/zUmoros=
Subject key identifier: 67:3A:78:FE:85:7C:36:A9:14:36:3C:B4:19:F7:64:30:7E:8B:60:AB
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: 014B
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/5C4A6C529F7E11EE9D6BE54BC4F9AE02.roa
Signing time: Wed 20 Dec 2023 21:25:56 +0000
ROA not before: Wed 20 Dec 2023 21:25:56 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 147287
IP address blocks: 203.33.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 15:15:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 331 (0x14b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Dec 20 21:25:56 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65835be4-2dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c5:2c:ef:36:d5:87:f6:fb:78:b6:eb:88:e7:
dd:13:6d:fe:0f:b8:28:72:38:52:ab:f2:57:f9:71:
57:f1:cc:0b:a3:be:94:6c:62:dc:b4:5c:91:a1:dc:
a4:69:69:a3:da:ee:dc:2c:2f:fd:2b:4e:1a:f3:47:
92:27:8b:c0:31:eb:6a:8b:ef:f9:7a:86:e8:f2:84:
22:25:5a:ff:cf:d9:d6:3f:8a:3b:3a:fb:86:89:e5:
0d:40:b2:10:d2:ea:ff:b6:18:7b:c6:d6:bf:0d:0e:
ef:47:35:a2:ec:2b:7a:3f:b9:eb:f1:18:4b:69:03:
f2:12:3b:78:d4:e3:47:36:8e:d6:5a:8c:89:6f:ed:
39:00:3a:81:9e:65:0b:00:74:23:cb:f6:8f:67:2e:
86:cc:e0:dd:d8:ae:ab:92:40:2a:b6:7a:5e:74:4b:
cd:e2:a9:f6:d5:fc:2c:72:04:7f:86:4f:d0:e1:c3:
76:dd:af:1a:52:ba:8f:dc:b4:3e:60:9d:c3:8b:a1:
e6:7c:dd:0c:ac:f5:8f:9a:ef:28:10:4c:e7:06:e1:
d1:a3:f2:53:63:01:a8:83:60:12:7e:37:1c:c6:cd:
2d:14:d7:09:76:e5:a4:5e:23:2b:f1:2a:95:f7:e9:
69:19:b6:82:cd:09:83:a2:5c:0c:72:65:3d:78:ab:
c7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:3A:78:FE:85:7C:36:A9:14:36:3C:B4:19:F7:64:30:7E:8B:60:AB
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/5C4A6C529F7E11EE9D6BE54BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.238.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:74:1a:9a:4a:a2:32:39:ce:9a:7c:4f:e5:71:c2:77:09:9a:
63:88:c8:97:56:a5:2d:42:fc:c1:08:23:70:0c:07:d5:5f:e7:
2b:ba:69:5b:57:57:9f:fd:fe:88:ae:07:2d:c4:37:49:ae:42:
c7:92:e6:99:e2:85:e5:76:8b:10:29:ee:ab:51:a9:d0:ee:84:
89:c6:47:70:3d:a4:98:4e:b8:7d:f8:7c:87:c6:1d:80:e0:07:
24:a4:ec:a5:24:22:ff:69:6b:f9:4e:ad:ca:5b:44:d9:e4:37:
9e:49:1b:d6:20:28:20:3f:6e:39:54:58:0f:ef:32:a2:15:a3:
57:27:09:b2:b0:14:25:aa:b1:ce:2a:81:81:1f:ca:9e:08:12:
3c:1a:2c:f8:6b:a1:33:19:54:d8:98:01:10:c0:7c:93:a0:d5:
d3:ac:fe:71:80:c6:12:b3:82:9c:94:7a:d2:ee:2d:70:3b:95:
3b:87:d8:a6:a9:24:39:30:53:4e:c0:41:0b:23:a3:0e:74:33:
19:39:1f:04:b5:fb:81:67:63:d6:1f:98:ad:53:eb:87:46:da:
88:bd:52:40:ce:db:63:3f:fd:22:35:ff:c9:90:09:e4:f4:de:
ff:4d:02:e7:66:c7:43:93:61:51:d2:da:91:e5:2b:87:42:02:
72:ce:98:76
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMxMjIwMjEyNTU2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgzNWJlNC0yZGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3MUs7zbVh/b7eLbriOfdE23+D7gocjhSq/JX+XFX8cwLo76UbGLctFyRodyk
aWmj2u7cLC/9K04a80eSJ4vAMetqi+/5eobo8oQiJVr/z9nWP4o7OvuGieUNQLIQ
0ur/thh7xta/DQ7vRzWi7Ct6P7nr8RhLaQPyEjt41ONHNo7WWoyJb+05ADqBnmUL
AHQjy/aPZy6GzODd2K6rkkAqtnpedEvN4qn21fwscgR/hk/Q4cN23a8aUrqP3LQ+
YJ3Di6HmfN0MrPWPmu8oEEznBuHRo/JTYwGog2ASfjccxs0tFNcJduWkXiMr8SqV
9+lpGbaCzQmDolwMcmU9eKvHzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGc6eP6F
fDapFDY8tBn3ZDB+i2CrMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvNUM0QTZDNTI5
RjdFMTFFRTlENkJFNTRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIe4wDQYJKoZIhvcNAQELBQADggEBABx0GppKojI5zpp8
T+VxwncJmmOIyJdWpS1C/MEII3AMB9Vf5yu6aVtXV5/9/oiuBy3EN0muQseS5pni
heV2ixAp7qtRqdDuhInGR3A9pJhOuH34fIfGHYDgBySk7KUkIv9pa/lOrcpbRNnk
N55JG9YgKCA/bjlUWA/vMqIVo1cnCbKwFCWqsc4qgYEfyp4IEjwaLPhroTMZVNiY
ARDAfJOg1dOs/nGAxhKzgpyUetLuLXA7lTuH2KapJDkwU07AQQsjow50Mxk5HwS1
+4FnY9YfmK1T64dG2oi9UkDO22M//SI1/8mQCeT03v9NAudmx0OTYVHS2pHlK4dC
AnLOmHY=
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:03 2024 by rpki-client on console.sobornost.net