Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/8E3CACE2416A11EEA70CF50AC4F9AE02.roa
File: 8E3CACE2416A11EEA70CF50AC4F9AE02.roa (raw, json)
Hash identifier: 1j5Qa+KJomXwaQlKe5ZVgD/7FDE1/2fLihhhgkwd2Ys=
Subject key identifier: 4C:7D:88:E0:8E:69:40:F0:C7:07:0F:5C:03:D9:5A:BB:F1:03:AA:45
Certificate issuer: /CN=A91F3FAF/serialNumber=1E85A860D62E26079233CB7A01DB0BACBB0369A6
Certificate serial: 06
Authority key identifier: 1E:85:A8:60:D6:2E:26:07:92:33:CB:7A:01:DB:0B:AC:BB:03:69:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HoWoYNYuJgeSM8t6AdsLrLsDaaY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/8E3CACE2416A11EEA70CF50AC4F9AE02.roa
Signing time: Thu 24 Aug 2023 09:09:26 +0000
ROA not before: Thu 24 Aug 2023 09:09:26 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 4609
IP address blocks: 45.64.20.0/22 maxlen: 22
45.64.20.0/24 maxlen: 24
45.64.21.0/24 maxlen: 24
45.64.22.0/24 maxlen: 24
45.64.23.0/24 maxlen: 24
202.175.0.0/24 maxlen: 24
202.175.1.0/24 maxlen: 24
202.175.10.0/24 maxlen: 24
202.175.11.0/24 maxlen: 24
202.175.12.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3FAF/serialNumber=1E85A860D62E26079233CB7A01DB0BACBB0369A6
Validity
Not Before: Aug 24 09:09:26 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64e71e45-103b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e3:7f:b2:8f:0e:0f:ad:bd:99:4b:81:05:ba:
4a:ae:53:9b:9c:44:1e:58:f7:65:f3:4f:01:63:4c:
b7:84:d0:a7:a6:b1:b1:ba:77:5c:8a:fa:24:87:69:
5d:68:59:b7:d9:aa:00:ed:a4:10:a0:e1:32:de:73:
17:92:5a:dd:60:72:ef:fd:9c:75:6e:5c:61:5b:42:
26:d0:3f:59:46:ad:1e:ad:71:9c:d2:8f:3b:79:2f:
5e:b8:0e:a6:49:1e:a5:cb:90:7f:62:8b:8e:06:c9:
f7:87:49:7e:fe:f1:d6:99:f8:57:39:5d:41:0d:02:
c2:f7:65:a2:13:d7:4a:b5:c3:c6:05:29:fc:4f:07:
ed:ed:d5:41:2f:ad:16:40:ad:8c:10:41:26:16:9f:
aa:8c:8e:58:2f:ac:d0:67:e7:9d:9b:8a:27:b1:ae:
1f:5b:12:c2:d4:11:b1:03:ee:43:7a:ea:c6:47:04:
6c:78:62:4d:1e:3b:d7:eb:5a:1c:be:df:34:2f:7a:
ab:d1:4c:33:bf:25:1a:57:24:7e:93:58:d5:bf:6f:
a0:e1:64:c4:ce:35:c3:b5:02:7a:43:7a:9e:48:b7:
d9:d6:bb:83:de:d7:91:69:0a:6b:22:98:c9:83:ec:
c8:f5:51:d5:55:96:17:59:05:6c:3b:03:10:31:db:
1e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7D:88:E0:8E:69:40:F0:C7:07:0F:5C:03:D9:5A:BB:F1:03:AA:45
X509v3 Authority Key Identifier:
keyid:1E:85:A8:60:D6:2E:26:07:92:33:CB:7A:01:DB:0B:AC:BB:03:69:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/HoWoYNYuJgeSM8t6AdsLrLsDaaY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HoWoYNYuJgeSM8t6AdsLrLsDaaY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/8E3CACE2416A11EEA70CF50AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.20.0/22
202.175.0.0/23
202.175.10.0-202.175.12.255
Signature Algorithm: sha256WithRSAEncryption
98:99:08:b7:01:5d:13:5b:32:26:f3:00:9c:ea:f7:81:a9:6f:
1d:62:a0:9f:72:85:1a:b9:d6:d1:7d:d1:50:66:a0:e5:f4:f8:
74:27:d5:8a:96:95:a8:bc:5b:ed:c8:dd:ff:7c:a1:3f:b5:03:
d2:84:b3:49:00:f8:01:c9:58:59:4f:d1:3f:fe:f5:e6:07:c4:
71:22:07:79:07:be:2e:1c:1b:b5:e3:8a:13:72:37:2b:c0:70:
72:7f:fb:51:e5:ec:cf:2e:b7:92:95:9c:8f:fa:f2:97:1f:65:
2c:06:e5:e9:99:95:a3:c7:33:6c:34:ed:5d:b9:5f:b6:05:2c:
a3:39:74:0b:48:ae:d2:64:d4:65:42:25:52:b3:27:5d:2b:04:
d3:34:45:cd:a2:ca:4c:b7:51:3f:7c:a9:ca:67:32:81:ec:15:
56:60:6a:10:ee:5d:eb:a5:91:02:66:98:ad:7d:a4:43:20:7a:
59:ee:63:72:ee:52:15:6f:6c:fb:34:05:d7:4c:af:b0:2a:b3:
d5:ff:8f:10:ab:c4:c6:14:7d:0c:5d:d0:0a:03:b5:a1:a0:bb:
40:93:fe:63:fe:2b:db:1a:af:1c:31:6f:de:34:c6:72:b5:2b:
b9:c6:d1:3b:9a:3d:18:f6:f2:6a:f5:3f:7c:ae:3a:8a:9e:b8:
90:3d:66:c7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
M0ZBRjExMC8GA1UEBRMoMUU4NUE4NjBENjJFMjYwNzkyMzNDQjdBMDFEQjBCQUNC
QjAzNjlBNjAeFw0yMzA4MjQwOTA5MjZaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZTcxZTQ1LTEwM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/43+yjw4Prb2ZS4EFukquU5ucRB5Y92XzTwFjTLeE0KemsbG6d1yK+iSHaV1o
WbfZqgDtpBCg4TLecxeSWt1gcu/9nHVuXGFbQibQP1lGrR6tcZzSjzt5L164DqZJ
HqXLkH9ii44GyfeHSX7+8daZ+Fc5XUENAsL3ZaIT10q1w8YFKfxPB+3t1UEvrRZA
rYwQQSYWn6qMjlgvrNBn552biiexrh9bEsLUEbED7kN66sZHBGx4Yk0eO9frWhy+
3zQveqvRTDO/JRpXJH6TWNW/b6DhZMTONcO1AnpDep5It9nWu4Pe15FpCmsimMmD
7Mj1UdVVlhdZBWw7AxAx2x5rAgMBAAGjggKpMIICpTAdBgNVHQ4EFgQUTH2I4I5p
QPDHBw9cA9lau/EDqkUwHwYDVR0jBBgwFoAUHoWoYNYuJgeSM8t6AdsLrLsDaaYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzRkFGL0E5MEQxQjk2NDE1
QzExRUU5RDM1NUQyQ0M0RjlBRTAyL0hvV29ZTll1SmdlU004dDZBZHNMckxzRGFh
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSG9Xb1lOWXVKZ2VTTTh0NkFkc0xyTHNEYWFZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
M0ZBRi9BOTBEMUI5NjQxNUMxMUVFOUQzNTVEMkNDNEY5QUUwMi84RTNDQUNFMjQx
NkExMUVFQTcwQ0Y1MEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAzBggrBgEFBQcBBwEB/wQk
MCIwIAQCAAEwGgMEAi1AFAMEAcqvADAMAwQByq8KAwQAyq8MMA0GCSqGSIb3DQEB
CwUAA4IBAQCYmQi3AV0TWzIm8wCc6veBqW8dYqCfcoUaudbRfdFQZqDl9Ph0J9WK
lpWovFvtyN3/fKE/tQPShLNJAPgByVhZT9E//vXmB8RxIgd5B74uHBu144oTcjcr
wHByf/tR5ezPLreSlZyP+vKXH2UsBuXpmZWjxzNsNO1duV+2BSyjOXQLSK7SZNRl
QiVSsyddKwTTNEXNospMt1E/fKnKZzKB7BVWYGoQ7l3rpZECZpitfaRDIHpZ7mNy
7lIVb2z7NAXXTK+wKrPV/48Qq8TGFH0MXdAKA7WhoLtAk/5j/ivbGq8cMW/eNMZy
tSu5xtE7mj0Y9vJq9T98rjqKnriQPWbH
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:59 2023 by rpki-client on console.sobornost.net