Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9128992/FADBC56C87A111E5AEB47F4DC4F9AE02/F5928D4E6E9611EF99BD1939C4F9AE02.roa
File: F5928D4E6E9611EF99BD1939C4F9AE02.roa (raw, json)
Hash identifier: +uso0+Caf1AA/LXpZ8Bqa85zFGEAXsIuBq7jdRJB3ww=
Subject key identifier: 12:7E:10:45:09:32:F0:7D:3E:B5:34:DC:60:F9:36:4B:4C:7B:5A:9B
Certificate issuer: /CN=A9128992/serialNumber=79014A5F07319F0460FCD04FC4AAABCCE09ED344
Certificate serial: 22BB
Authority key identifier: 79:01:4A:5F:07:31:9F:04:60:FC:D0:4F:C4:AA:AB:CC:E0:9E:D3:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQFKXwcxnwRg_NBPxKqrzOCe00Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9128992/FADBC56C87A111E5AEB47F4DC4F9AE02/F5928D4E6E9611EF99BD1939C4F9AE02.roa
Signing time: Mon 09 Sep 2024 10:33:32 +0000
ROA not before: Mon 09 Sep 2024 10:33:32 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45282
IP address blocks: 123.176.56.0/22 maxlen: 22
123.176.56.0/24 maxlen: 24
123.176.57.0/24 maxlen: 24
123.176.59.0/24 maxlen: 24
202.129.192.0/22 maxlen: 22
202.129.192.0/24 maxlen: 24
202.129.193.0/24 maxlen: 24
202.129.194.0/24 maxlen: 24
202.129.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 23:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8891 (0x22bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9128992/serialNumber=79014A5F07319F0460FCD04FC4AAABCCE09ED344
Validity
Not Before: Sep 9 10:33:32 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66decefb-b52a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2b:da:99:1d:eb:b6:cd:55:9a:be:93:99:db:
7b:6f:e7:f4:97:55:d5:11:2f:06:1b:10:15:a0:5a:
f5:ca:27:80:88:db:58:e3:b3:10:2e:db:ba:d1:96:
31:ef:6f:63:3a:7c:79:73:61:de:31:79:44:aa:71:
87:99:d9:c7:af:56:8e:83:e5:8b:81:96:06:3d:d1:
28:cc:a6:1b:7a:a2:a4:61:9e:da:52:ba:db:6c:7f:
88:d5:90:95:af:3a:0a:70:d8:a4:77:36:b7:c8:64:
b5:44:ac:be:b4:c2:0b:e7:94:0a:98:98:84:e5:3a:
99:ea:db:a0:23:e8:a1:89:14:3a:80:75:0a:db:3a:
8b:5a:d2:3b:ca:ac:e0:3c:6a:9c:72:15:70:b4:2e:
c2:5c:fb:cc:91:14:2e:77:ca:f3:08:f7:1b:47:05:
cd:05:9e:a6:9f:6d:80:0d:c1:01:e1:a5:6c:70:9d:
02:c6:ec:5b:04:d4:7c:d4:29:c6:e9:09:e6:95:22:
5d:93:92:4b:fc:f3:f7:01:c7:0e:a1:c6:99:29:be:
56:88:fc:eb:73:6a:6f:47:4d:a2:35:c1:53:0a:88:
8a:17:8d:f5:cd:a7:e9:a1:de:ac:c5:3a:27:25:98:
33:65:20:7d:bd:15:81:30:c1:a8:6e:55:b0:aa:3a:
2a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:7E:10:45:09:32:F0:7D:3E:B5:34:DC:60:F9:36:4B:4C:7B:5A:9B
X509v3 Authority Key Identifier:
keyid:79:01:4A:5F:07:31:9F:04:60:FC:D0:4F:C4:AA:AB:CC:E0:9E:D3:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9128992/FADBC56C87A111E5AEB47F4DC4F9AE02/eQFKXwcxnwRg_NBPxKqrzOCe00Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQFKXwcxnwRg_NBPxKqrzOCe00Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128992/FADBC56C87A111E5AEB47F4DC4F9AE02/F5928D4E6E9611EF99BD1939C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.176.56.0/22
202.129.192.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:d4:60:59:e2:91:74:82:9d:19:7b:4e:89:48:25:96:33:d4:
60:7b:32:e7:81:40:ea:28:2c:16:a1:b7:f2:05:1b:71:81:0d:
c7:ae:a9:d6:7c:50:85:63:7e:49:33:18:79:b2:fd:9f:bf:c8:
0e:c7:7d:65:c8:ef:1e:2d:b6:c2:3c:48:8c:0a:4a:e4:fe:ee:
90:cf:36:31:72:04:43:db:d8:92:c9:6e:88:d1:41:14:96:84:
8a:21:b2:49:5a:b7:6e:02:b5:79:a0:13:0e:35:6b:4e:d9:7d:
36:0e:8b:2f:82:19:03:d3:e6:52:ce:5b:11:da:f2:d8:f8:89:
3f:03:0d:b7:b0:19:d4:2d:ca:82:ff:e3:95:4a:c5:83:30:fd:
42:22:fb:ae:79:7f:8b:fb:a2:89:85:e4:19:a6:f1:e2:d2:b8:
20:15:98:67:ed:f5:e5:60:a6:03:15:af:b1:56:f3:44:8f:cd:
eb:47:a4:2e:77:f6:59:62:bc:82:3a:f2:91:54:4f:17:f9:91:
3f:17:ae:9c:6f:d8:d6:28:9f:27:f4:42:ed:dd:a1:43:9b:f9:
86:f9:0e:20:c2:50:55:c4:9a:f0:34:f4:33:46:ec:1d:2f:1c:
6e:e1:ac:34:c7:7a:9d:de:79:a2:fb:29:4e:f7:0e:c2:95:78:
15:f3:6c:cd
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICIrswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjg5OTIxMTAvBgNVBAUTKDc5MDE0QTVGMDczMTlGMDQ2MEZDRDA0RkM0QUFBQkND
RTA5RUQzNDQwHhcNMjQwOTA5MTAzMzMyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmRlY2VmYi1iNTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3yvamR3rts1Vmr6Tmdt7b+f0l1XVES8GGxAVoFr1yieAiNtY47MQLtu60ZYx
729jOnx5c2HeMXlEqnGHmdnHr1aOg+WLgZYGPdEozKYbeqKkYZ7aUrrbbH+I1ZCV
rzoKcNikdza3yGS1RKy+tMIL55QKmJiE5TqZ6tugI+ihiRQ6gHUK2zqLWtI7yqzg
PGqcchVwtC7CXPvMkRQud8rzCPcbRwXNBZ6mn22ADcEB4aVscJ0CxuxbBNR81CnG
6QnmlSJdk5JL/PP3AccOocaZKb5WiPzrc2pvR02iNcFTCoiKF431zafpod6sxTon
JZgzZSB9vRWBMMGoblWwqjoqWQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBJ+EEUJ
MvB9PrU03GD5NktMe1qbMB8GA1UdIwQYMBaAFHkBSl8HMZ8EYPzQT8Sqq8zgntNE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODk5Mi9GQURCQzU2Qzg3
QTExMUU1QUVCNDdGNERDNEY5QUUwMi9lUUZLWHdjeG53UmdfTkJQeEtxcnpPQ2Uw
MFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VRRktYd2N4bndSZ19OQlB4S3Fyek9DZTAwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjg5OTIvRkFEQkM1NkM4N0ExMTFFNUFFQjQ3RjREQzRGOUFFMDIvRjU5MjhENEU2
RTk2MTFFRjk5QkQxOTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJ7sDgDBALKgcAwDQYJKoZIhvcNAQELBQADggEBAIrUYFni
kXSCnRl7TolIJZYz1GB7MueBQOooLBaht/IFG3GBDceuqdZ8UIVjfkkzGHmy/Z+/
yA7HfWXI7x4ttsI8SIwKSuT+7pDPNjFyBEPb2JLJbojRQRSWhIohsklat24CtXmg
Ew41a07ZfTYOiy+CGQPT5lLOWxHa8tj4iT8DDbewGdQtyoL/45VKxYMw/UIi+655
f4v7oomF5Bmm8eLSuCAVmGft9eVgpgMVr7FW80SPzetHpC539llivII68pFUTxf5
kT8Xrpxv2NYonyf0Qu3doUOb+Yb5DiDCUFXEmvA09DNG7B0vHG7hrDTHep3eeaL7
KU73DsKVeBXzbM0=
-----END CERTIFICATE-----
Generated at Thu Sep 12 01:17:28 2024 by rpki-client on console-ams.rpki-client.org