Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91268DC/D438C2EC461211EEBDF7946CC4F9AE02/395E3F76461311EE8F2CC36DC4F9AE02.roa
File: 395E3F76461311EE8F2CC36DC4F9AE02.roa (raw, json)
Hash identifier: wFKJ2Cc3O6J7PFSkzXXtWRQJnf1Sx6GpzTD5pAczOWc=
Subject key identifier: 31:6D:00:88:D5:2C:38:BF:F2:40:22:41:25:38:4C:28:FD:17:A3:52
Certificate issuer: /CN=A91268DC/serialNumber=C1B440EAB44AA587908016E9BD4B32FDE13F44CC
Certificate serial: 53
Authority key identifier: C1:B4:40:EA:B4:4A:A5:87:90:80:16:E9:BD:4B:32:FD:E1:3F:44:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wbRA6rRKpYeQgBbpvUsy_eE_RMw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91268DC/D438C2EC461211EEBDF7946CC4F9AE02/395E3F76461311EE8F2CC36DC4F9AE02.roa
Signing time: Tue 16 Jan 2024 13:40:47 +0000
ROA not before: Tue 16 Jan 2024 13:40:47 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 7616
IP address blocks: 203.130.128.0/19 maxlen: 20
203.130.144.0/24 maxlen: 24
203.130.145.0/24 maxlen: 24
203.147.16.0/20 maxlen: 21
203.147.32.0/20 maxlen: 21
203.147.48.0/20 maxlen: 20
203.156.48.0/20 maxlen: 20
203.156.64.0/20 maxlen: 20
203.156.80.0/20 maxlen: 20
203.156.128.0/18 maxlen: 19
2403:bf00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 17 Jan 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83 (0x53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91268DC/serialNumber=C1B440EAB44AA587908016E9BD4B32FDE13F44CC
Validity
Not Before: Jan 16 13:40:47 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65a6875f-b231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:79:58:04:7b:53:94:eb:eb:30:37:5a:47:a8:
73:57:f9:b0:db:2c:eb:2c:2a:12:0f:96:8d:0a:47:
f2:56:e4:b8:3c:05:94:1b:1d:cd:35:b5:bc:57:4a:
dd:43:ea:91:a9:ef:12:3b:ba:57:bc:1e:cd:2b:72:
1e:51:5a:3a:6f:bb:3c:eb:ef:19:83:07:c0:f8:fc:
81:e6:95:59:1c:0e:e6:46:72:cf:0b:5b:9b:60:86:
4e:82:15:5d:3e:ba:55:2f:85:cb:aa:c7:98:a4:74:
bc:42:43:70:64:a5:5d:7f:c9:43:5b:67:1e:06:6e:
cf:7c:16:a3:38:c6:45:20:6f:48:94:b0:28:bd:4c:
6a:a5:d2:a9:ee:18:ab:ac:5e:41:61:ac:b0:26:80:
d4:fb:b2:1d:e4:cd:7a:16:f3:00:9f:94:d1:c7:bc:
29:13:78:40:14:ed:fd:2b:c3:ae:ab:42:fc:45:45:
56:b1:17:88:e9:4b:79:92:80:23:2b:ab:ad:6f:43:
1e:84:47:72:88:47:76:19:b3:17:71:93:c5:f0:80:
27:33:d1:a4:26:63:b4:4b:80:ef:eb:e1:70:4b:23:
cb:dd:2d:23:e8:50:61:d8:bd:8a:de:92:72:4e:61:
58:e4:7a:d4:65:75:0c:73:4d:17:9c:a8:ad:6d:24:
e1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6D:00:88:D5:2C:38:BF:F2:40:22:41:25:38:4C:28:FD:17:A3:52
X509v3 Authority Key Identifier:
keyid:C1:B4:40:EA:B4:4A:A5:87:90:80:16:E9:BD:4B:32:FD:E1:3F:44:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91268DC/D438C2EC461211EEBDF7946CC4F9AE02/wbRA6rRKpYeQgBbpvUsy_eE_RMw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wbRA6rRKpYeQgBbpvUsy_eE_RMw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91268DC/D438C2EC461211EEBDF7946CC4F9AE02/395E3F76461311EE8F2CC36DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.130.128.0/19
203.147.16.0-203.147.63.255
203.156.48.0-203.156.95.255
203.156.128.0/18
IPv6:
2403:bf00::/32
Signature Algorithm: sha256WithRSAEncryption
96:8f:90:d5:7b:c5:21:bb:3a:73:97:b9:83:7f:e8:8c:48:9d:
5f:50:ee:b2:ef:61:08:a0:1b:6f:5e:50:9c:05:55:4d:53:1d:
19:4c:bd:13:f1:19:d9:3b:27:7d:a4:fc:c3:49:19:91:3c:1c:
ab:76:73:f5:1b:9a:d9:35:18:23:77:9f:d3:25:4d:65:06:db:
67:68:a4:4c:c2:03:ba:0b:59:c5:39:f2:ce:d5:96:7a:d6:7f:
db:7e:49:da:0d:0c:02:8e:66:95:d9:36:9f:27:26:dd:de:c2:
28:10:c5:9e:25:74:db:b5:3d:42:05:71:fc:06:aa:3f:3b:cb:
72:48:8b:53:8a:de:4c:b2:17:fe:7f:60:ae:1e:f3:b3:99:44:
ac:52:c4:4f:91:c2:b5:20:91:e7:55:28:db:93:aa:91:a6:c1:
d8:4d:2a:ec:c3:d6:2b:35:32:98:45:ab:3d:9b:dd:24:18:5d:
0c:97:45:66:89:94:66:74:13:01:b2:4f:0d:ad:35:27:9a:15:
18:3c:8b:6b:38:ee:83:51:63:73:6d:f7:54:d0:d7:6d:6c:e1:
a8:0a:23:dc:c2:d7:4d:78:96:6b:70:d7:a2:f5:a9:ac:0f:c0:
cd:a5:2e:ef:c8:d4:12:26:62:1f:14:ef:e0:af:4f:99:30:9d:
1c:22:05:0a
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIBUzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
NjhEQzExMC8GA1UEBRMoQzFCNDQwRUFCNDRBQTU4NzkwODAxNkU5QkQ0QjMyRkRF
MTNGNDRDQzAeFw0yNDAxMTYxMzQwNDdaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YTY4NzVmLWIyMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDKeVgEe1OU6+swN1pHqHNX+bDbLOssKhIPlo0KR/JW5Lg8BZQbHc01tbxXSt1D
6pGp7xI7ule8Hs0rch5RWjpvuzzr7xmDB8D4/IHmlVkcDuZGcs8LW5tghk6CFV0+
ulUvhcuqx5ikdLxCQ3BkpV1/yUNbZx4Gbs98FqM4xkUgb0iUsCi9TGql0qnuGKus
XkFhrLAmgNT7sh3kzXoW8wCflNHHvCkTeEAU7f0rw66rQvxFRVaxF4jpS3mSgCMr
q61vQx6ER3KIR3YZsxdxk8XwgCcz0aQmY7RLgO/r4XBLI8vdLSPoUGHYvYreknJO
YVjketRldQxzTRecqK1tJOH1AgMBAAGjggLGMIICwjAdBgNVHQ4EFgQUMW0AiNUs
OL/yQCJBJThMKP0Xo1IwHwYDVR0jBBgwFoAUwbRA6rRKpYeQgBbpvUsy/eE/RMww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI2OERDL0Q0MzhDMkVDNDYx
MjExRUVCREY3OTQ2Q0M0RjlBRTAyL3diUkE2clJLcFllUWdCYnB2VXN5X2VFX1JN
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvd2JSQTZyUktwWWVRZ0JicHZVc3lfZUVfUk13LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NjhEQy9ENDM4QzJFQzQ2MTIxMUVFQkRGNzk0NkNDNEY5QUUwMi8zOTVFM0Y3NjQ2
MTMxMUVFOEYyQ0MzNkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBQBggrBgEFBQcBBwEB/wRB
MD8wLgQCAAEwKAMEBcuCgDAMAwQEy5MQAwQGy5MAMAwDBATLnDADBAXLnEADBAbL
nIAwDQQCAAIwBwMFACQDvwAwDQYJKoZIhvcNAQELBQADggEBAJaPkNV7xSG7OnOX
uYN/6IxInV9Q7rLvYQigG29eUJwFVU1THRlMvRPxGdk7J32k/MNJGZE8HKt2c/Ub
mtk1GCN3n9MlTWUG22dopEzCA7oLWcU58s7VlnrWf9t+SdoNDAKOZpXZNp8nJt3e
wigQxZ4ldNu1PUIFcfwGqj87y3JIi1OK3kyyF/5/YK4e87OZRKxSxE+RwrUgkedV
KNuTqpGmwdhNKuzD1is1MphFqz2b3SQYXQyXRWaJlGZ0EwGyTw2tNSeaFRg8i2s4
7oNRY3Nt91TQ121s4agKI9zC1014lmtw16L1qawPwM2lLu/I1BImYh8U7+CvT5kw
nRwiBQo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org