Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C53D/84B58F668CFB11EB9DC62C3BC4F9AE02/95EA616A8D7011EB9739D53DC4F9AE02.roa
File: 95EA616A8D7011EB9739D53DC4F9AE02.roa (raw, json)
Hash identifier: 8rXzXFIfBYrJbAesC9VAFWnLlvzpByca5UmICt99HUM=
Subject key identifier: 11:97:D2:9F:6A:63:A9:9B:0A:D6:E2:31:99:53:34:AB:1C:A3:07:43
Certificate issuer: /CN=A911C53D/serialNumber=A5C763E8A95F6B9AB24113601DA8153A159126EE
Certificate serial: 05C3
Authority key identifier: A5:C7:63:E8:A9:5F:6B:9A:B2:41:13:60:1D:A8:15:3A:15:91:26:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pcdj6Klfa5qyQRNgHagVOhWRJu4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C53D/84B58F668CFB11EB9DC62C3BC4F9AE02/95EA616A8D7011EB9739D53DC4F9AE02.roa
Signing time: Tue 06 Aug 2024 23:51:59 +0000
ROA not before: Tue 06 Aug 2024 23:51:59 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 135880
IP address blocks: 202.14.152.0/24 maxlen: 24
203.20.94.0/24 maxlen: 24
203.24.48.0/24 maxlen: 24
203.30.135.0/24 maxlen: 24
203.30.231.0/24 maxlen: 24
203.30.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 21:38:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1475 (0x5c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C53D/serialNumber=A5C763E8A95F6B9AB24113601DA8153A159126EE
Validity
Not Before: Aug 6 23:51:59 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66b2b71e-8b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3a:ab:f6:4f:a0:b1:fc:16:15:c0:1f:bd:b0:
d9:9b:e6:67:4d:5e:4d:e7:f8:b7:04:8c:5a:c3:ea:
7f:9d:87:91:22:ea:b1:9d:bf:49:53:ab:ab:d3:4c:
9d:86:a3:e2:42:d9:ef:2b:2f:b0:44:4c:ea:19:9f:
98:f5:15:f8:80:8d:a5:ba:db:97:0b:56:86:ad:de:
49:fb:c9:68:7a:a5:29:e9:44:c7:07:d5:8d:58:dc:
5b:61:aa:6a:9d:c4:76:63:63:e8:07:ff:57:9b:bd:
72:6e:74:37:c5:f3:e9:da:cf:12:16:4b:07:a2:56:
cb:05:34:6a:ac:0a:1e:6a:71:b7:64:a6:e5:be:81:
cd:df:f6:58:6d:89:97:dd:cc:7d:bc:30:f2:70:62:
3b:99:7b:96:c1:0a:bc:bb:8a:04:0f:b4:10:02:0c:
e3:d1:f8:a7:d7:45:e9:e3:60:d7:22:45:f3:4d:76:
c7:b2:e6:e1:a2:47:7e:bc:3d:3e:f4:ee:e5:f1:74:
3e:e6:e4:bd:d1:2f:77:da:73:ef:ea:f6:6d:14:0a:
09:fa:da:06:b0:da:5e:4d:45:1d:07:0a:f7:e9:75:
42:19:c0:70:0c:77:ab:b6:28:8b:cb:2d:13:7e:20:
86:88:c2:3a:0b:9f:ed:50:b9:31:19:b0:25:61:29:
2b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:97:D2:9F:6A:63:A9:9B:0A:D6:E2:31:99:53:34:AB:1C:A3:07:43
X509v3 Authority Key Identifier:
keyid:A5:C7:63:E8:A9:5F:6B:9A:B2:41:13:60:1D:A8:15:3A:15:91:26:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C53D/84B58F668CFB11EB9DC62C3BC4F9AE02/pcdj6Klfa5qyQRNgHagVOhWRJu4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pcdj6Klfa5qyQRNgHagVOhWRJu4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C53D/84B58F668CFB11EB9DC62C3BC4F9AE02/95EA616A8D7011EB9739D53DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.14.152.0/24
203.20.94.0/24
203.24.48.0/24
203.30.135.0/24
203.30.231.0/24
203.30.234.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:2f:1b:5c:af:37:d6:a9:24:ce:e5:c3:a7:4b:e3:76:99:8e:
83:ee:ef:1e:77:38:49:f9:42:f9:05:6a:f5:a5:0f:4b:bc:07:
42:16:5b:3c:78:f0:31:e3:1d:a5:2c:52:01:7e:cc:fa:14:aa:
01:1b:71:2b:b1:a9:4c:17:e8:e2:ba:7d:95:15:47:87:89:ed:
85:b9:29:97:27:90:17:e4:e5:f5:39:f9:61:2a:d8:9c:ef:e5:
1f:a1:01:03:ac:13:61:84:ee:36:80:a2:e6:a0:69:f9:dd:39:
a5:4d:28:a9:ac:2f:c7:4d:32:3f:3f:35:5f:4f:37:21:01:a6:
44:28:d3:b3:96:a8:b2:91:32:1e:cd:8f:81:6a:79:83:f6:5f:
f7:f0:5e:e6:54:4c:f5:83:ae:a8:9e:47:bb:45:8b:de:e2:2c:
42:1b:e5:8a:b0:bd:45:04:34:52:1d:27:c8:07:2e:0c:6c:7f:
cb:74:b5:9d:69:d0:a3:1f:c3:f3:f2:74:3e:0d:ca:ce:6d:de:
d2:1e:e4:fc:3d:60:72:54:85:06:2f:39:a2:6b:ed:50:b7:15:
35:9c:f8:07:e3:aa:63:00:c6:f6:6c:c3:06:1a:54:4d:c2:ec:
ee:e3:43:82:17:b0:67:6b:dc:01:a5:a3:8f:25:db:7b:c6:21:
82:a6:1e:e5
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM1M0QxMTAvBgNVBAUTKEE1Qzc2M0U4QTk1RjZCOUFCMjQxMTM2MDFEQTgxNTNB
MTU5MTI2RUUwHhcNMjQwODA2MjM1MTU5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIyYjcxZS04YjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5Dqr9k+gsfwWFcAfvbDZm+ZnTV5N5/i3BIxaw+p/nYeRIuqxnb9JU6ur00yd
hqPiQtnvKy+wREzqGZ+Y9RX4gI2lutuXC1aGrd5J+8loeqUp6UTHB9WNWNxbYapq
ncR2Y2PoB/9Xm71ybnQ3xfPp2s8SFksHolbLBTRqrAoeanG3ZKblvoHN3/ZYbYmX
3cx9vDDycGI7mXuWwQq8u4oED7QQAgzj0fin10Xp42DXIkXzTXbHsubhokd+vD0+
9O7l8XQ+5uS90S932nPv6vZtFAoJ+toGsNpeTUUdBwr36XVCGcBwDHertiiLyy0T
fiCGiMI6C5/tULkxGbAlYSkr/QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFBGX0p9q
Y6mbCtbiMZlTNKscowdDMB8GA1UdIwQYMBaAFKXHY+ipX2uaskETYB2oFToVkSbu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzUzRC84NEI1OEY2NjhD
RkIxMUVCOURDNjJDM0JDNEY5QUUwMi9wY2RqNktsZmE1cXlRUk5nSGFnVk9oV1JK
dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BjZGo2S2xmYTVxeVFSTmdIYWdWT2hXUkp1NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUM1M0QvODRCNThGNjY4Q0ZCMTFFQjlEQzYyQzNCQzRGOUFFMDIvOTVFQTYxNkE4
RDcwMTFFQjk3MzlENTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBADKDpgDBADLFF4DBADLGDADBADLHocDBADLHucDBADLHuow
DQYJKoZIhvcNAQELBQADggEBANcvG1yvN9apJM7lw6dL43aZjoPu7x53OEn5QvkF
avWlD0u8B0IWWzx48DHjHaUsUgF+zPoUqgEbcSuxqUwX6OK6fZUVR4eJ7YW5KZcn
kBfk5fU5+WEq2Jzv5R+hAQOsE2GE7jaAouagafndOaVNKKmsL8dNMj8/NV9PNyEB
pkQo07OWqLKRMh7Nj4FqeYP2X/fwXuZUTPWDrqieR7tFi97iLEIb5YqwvUUENFId
J8gHLgxsf8t0tZ1p0KMfw/PydD4Nys5t3tIe5Pw9YHJUhQYvOaJr7VC3FTWc+Afj
qmMAxvZswwYaVE3C7O7jQ4IXsGdr3AGlo48l23vGIYKmHuU=
-----END CERTIFICATE-----
Generated at Tue Nov 19 00:48:05 2024 by rpki-client on console-fra.rpki-client.org