Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/6A325000A94C11EEA5337B42C4F9AE02.roa
File: 6A325000A94C11EEA5337B42C4F9AE02.roa (raw, json)
Hash identifier: pSC/83G8mOY8efZCfMCF18Nloir/pmx9G6F00j4kAs4=
Subject key identifier: 38:D7:7C:18:DB:52:EB:E5:27:AC:5B:EF:B1:1E:A7:DD:6F:C0:04:83
Certificate issuer: /CN=A91E91BC/serialNumber=6D5D50E88B9D65E8AFDA28C2CEA6150127038608
Certificate serial: 020E
Authority key identifier: 6D:5D:50:E8:8B:9D:65:E8:AF:DA:28:C2:CE:A6:15:01:27:03:86:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/6A325000A94C11EEA5337B42C4F9AE02.roa
Signing time: Thu 04 Jan 2024 08:19:27 +0000
ROA not before: Thu 04 Jan 2024 08:19:27 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 151499
IP address blocks: 203.12.236.0/22 maxlen: 22
203.12.236.0/24 maxlen: 24
203.12.237.0/24 maxlen: 24
203.12.238.0/24 maxlen: 24
203.12.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jan 2024 08:35:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 526 (0x20e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E91BC/serialNumber=6D5D50E88B9D65E8AFDA28C2CEA6150127038608
Validity
Not Before: Jan 4 08:19:27 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65966a0e-dbd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d4:a4:04:e8:0d:71:e6:ed:a2:8e:c0:ec:f6:
d8:77:ad:04:90:fc:94:b4:87:0d:85:3c:11:4a:05:
01:dd:d4:5d:2e:f5:0e:cf:19:ef:97:73:50:81:b8:
f6:5e:83:db:4d:35:15:38:f1:4a:6e:b0:2b:23:67:
7e:24:a8:de:b0:48:d7:ec:cb:07:e8:ee:d8:3f:85:
35:97:ba:0f:6c:80:98:7f:31:23:79:e5:7e:78:04:
08:b3:58:55:49:18:00:9f:a5:84:f1:cf:0f:31:51:
99:5b:e0:ef:35:45:d5:bb:21:d6:13:f3:5a:f9:a9:
6d:b7:85:d7:d0:a9:a1:64:05:5e:f6:8f:d2:d2:85:
2c:9b:a6:a9:c4:95:ab:ca:4a:99:10:86:86:c3:a9:
92:bb:84:7b:e0:16:4a:0b:7e:55:58:eb:07:66:2d:
0f:c1:74:25:2e:45:c2:74:d4:f0:e9:2a:3f:a5:4d:
81:06:17:88:e2:10:b6:a4:8e:cd:29:5b:b6:3e:19:
b0:3a:9d:fb:2f:2a:ef:dc:c8:3f:94:53:49:c8:c7:
c3:f9:45:62:9d:cb:df:78:c0:d7:63:33:16:b4:09:
fc:dc:f7:f1:65:5c:8a:eb:57:f5:21:01:09:d0:b8:
b8:c8:fb:f9:99:81:64:3d:0f:7f:22:6b:75:0f:97:
fb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D7:7C:18:DB:52:EB:E5:27:AC:5B:EF:B1:1E:A7:DD:6F:C0:04:83
X509v3 Authority Key Identifier:
keyid:6D:5D:50:E8:8B:9D:65:E8:AF:DA:28:C2:CE:A6:15:01:27:03:86:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/bV1Q6IudZeiv2ijCzqYVAScDhgg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/6A325000A94C11EEA5337B42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.12.236.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:fc:10:13:b5:47:4d:58:76:83:c2:db:21:7a:dc:eb:bb:41:
42:66:a6:ef:09:fa:9d:fe:0a:83:b2:6c:cd:51:ff:36:97:83:
9c:f7:ed:48:c9:37:00:d8:91:9d:db:72:2d:48:26:80:dc:e1:
62:a6:03:35:62:b7:8d:5f:4f:a1:04:d3:a2:0c:6b:ff:6a:32:
32:e4:9e:82:7f:d9:35:bd:09:45:0f:ff:67:9d:10:86:81:43:
fb:1b:52:8e:40:a5:ca:fe:55:3e:4a:aa:67:ec:8d:32:7b:34:
9c:30:1a:6f:95:9c:68:b4:10:5e:be:99:e3:e9:a7:7e:3f:61:
ad:9c:ba:75:b2:57:2b:df:7c:c7:01:4a:8f:2b:6e:60:0e:71:
5a:f7:8c:af:47:40:66:b0:ee:d2:9b:44:bd:2d:c1:e1:cf:74:
99:22:81:4d:8d:3f:7b:39:95:43:b2:dd:09:df:9b:32:52:7a:
2f:70:33:02:aa:9c:ed:01:6a:77:cc:7d:e1:af:be:33:21:32:
17:6b:42:42:c7:7d:4d:cd:0d:26:56:87:4a:d1:a2:d5:f0:e0:
45:a3:c7:a9:10:72:07:3e:52:22:a0:c3:df:e8:e2:bf:ba:c1:
1e:a9:1d:03:f9:2e:24:14:cb:e2:0b:63:ee:b0:76:1b:9d:d9:
da:a0:97:b9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAg4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTkxQkMxMTAvBgNVBAUTKDZENUQ1MEU4OEI5RDY1RThBRkRBMjhDMkNFQTYxNTAx
MjcwMzg2MDgwHhcNMjQwMTA0MDgxOTI3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk2NmEwZS1kYmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2NSkBOgNcebtoo7A7PbYd60EkPyUtIcNhTwRSgUB3dRdLvUOzxnvl3NQgbj2
XoPbTTUVOPFKbrArI2d+JKjesEjX7MsH6O7YP4U1l7oPbICYfzEjeeV+eAQIs1hV
SRgAn6WE8c8PMVGZW+DvNUXVuyHWE/Na+altt4XX0KmhZAVe9o/S0oUsm6apxJWr
ykqZEIaGw6mSu4R74BZKC35VWOsHZi0PwXQlLkXCdNTw6So/pU2BBheI4hC2pI7N
KVu2PhmwOp37Lyrv3Mg/lFNJyMfD+UVincvfeMDXYzMWtAn83PfxZVyK61f1IQEJ
0Li4yPv5mYFkPQ9/Imt1D5f7MQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDjXfBjb
UuvlJ6xb77Eep91vwASDMB8GA1UdIwQYMBaAFG1dUOiLnWXor9oows6mFQEnA4YI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTFCQy9BRTQ0RDI0QURC
RTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9iVjFRNkl1ZFplaXYyaWpDenFZVkFTY0Ro
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JWMVE2SXVkWmVpdjJpakN6cVlWQVNjRGhnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTkxQkMvQUU0NEQyNEFEQkU5MTFFQzk1MTEwNTE1QzRGOUFFMDIvNkEzMjUwMDBB
OTRDMTFFRUE1MzM3QjQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALLDOwwDQYJKoZIhvcNAQELBQADggEBAA38EBO1R01YdoPC
2yF63Ou7QUJmpu8J+p3+CoOybM1R/zaXg5z37UjJNwDYkZ3bci1IJoDc4WKmAzVi
t41fT6EE06IMa/9qMjLknoJ/2TW9CUUP/2edEIaBQ/sbUo5Apcr+VT5KqmfsjTJ7
NJwwGm+VnGi0EF6+mePpp34/Ya2cunWyVyvffMcBSo8rbmAOcVr3jK9HQGaw7tKb
RL0tweHPdJkigU2NP3s5lUOy3QnfmzJSei9wMwKqnO0BanfMfeGvvjMhMhdrQkLH
fU3NDSZWh0rRotXw4EWjx6kQcgc+UiKgw9/o4r+6wR6pHQP5LiQUy+ILY+6wdhud
2dqgl7k=
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:03 2024 by rpki-client on console.sobornost.net