Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/D280BEF05FC611EE857BE480C4F9AE02.roa
File: D280BEF05FC611EE857BE480C4F9AE02.roa (raw, json)
Hash identifier: a1dv6aH/7Hg2gN7txusD3768mg8p/SmhFZY1v4Rc9uU=
Subject key identifier: B4:CC:1C:06:69:A6:9F:9F:13:D6:BA:26:CA:59:C6:20:03:BA:13:F6
Certificate issuer: /CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Certificate serial: 20A0
Authority key identifier: 53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/D280BEF05FC611EE857BE480C4F9AE02.roa
Signing time: Sat 30 Sep 2023 19:23:24 +0000
ROA not before: Sat 30 Sep 2023 19:23:24 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 203363
IP address blocks: 180.210.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 10:44:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8352 (0x20a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Validity
Not Before: Sep 30 19:23:24 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=651875ab-004d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:25:47:b4:8a:e4:92:cd:ba:ec:95:44:88:fc:
f4:50:3e:b8:cb:32:50:c3:18:94:b5:cc:24:9b:90:
11:64:ee:6b:4c:6f:e6:03:87:1b:d8:7a:26:f0:49:
5f:d6:8a:f3:d4:4b:5a:7a:a9:14:a5:1c:85:02:89:
40:2e:af:69:69:b8:16:f0:4c:5b:da:1b:01:56:4b:
df:7c:e5:68:91:62:39:56:c4:d6:c9:12:d4:23:9d:
0e:38:00:cd:4c:cb:d3:f9:88:07:5b:b6:61:1a:ba:
d0:02:1e:a6:2a:eb:a7:17:39:98:cb:cb:a6:26:55:
5d:d6:2c:4d:e9:05:9f:67:71:0a:45:e1:75:e2:bd:
cf:ac:44:eb:63:c9:c0:48:7c:33:66:fe:0c:4b:a0:
8e:53:25:e9:b0:4e:9d:a1:f9:82:55:63:43:ea:6c:
10:0b:5e:0b:7a:79:5b:6c:83:bd:9f:5e:13:84:7c:
bd:f7:1c:6c:31:06:89:e3:0d:3c:2a:55:2c:cd:fb:
52:76:35:f5:3c:d2:b9:16:5a:58:d5:71:fc:4c:a9:
3a:e8:ab:bd:4a:61:01:15:ad:24:2e:23:3b:1f:6d:
dc:39:a5:94:58:51:9a:2e:79:68:83:f6:37:04:59:
e8:d0:2c:ba:76:3c:a5:75:4c:59:bc:de:0c:e1:e6:
1b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:CC:1C:06:69:A6:9F:9F:13:D6:BA:26:CA:59:C6:20:03:BA:13:F6
X509v3 Authority Key Identifier:
keyid:53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/U78N14DbA47OFNQEWbq5xo9phTs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/D280BEF05FC611EE857BE480C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.210.222.0/24
Signature Algorithm: sha256WithRSAEncryption
33:ae:50:22:91:b0:df:05:e6:de:20:a5:33:66:78:4f:58:8e:
be:4f:12:ec:74:07:9b:71:9c:d3:46:52:1b:34:17:e5:8b:32:
c7:55:c3:9e:57:31:2b:66:f0:dc:10:eb:62:6e:0c:cd:3f:d0:
14:b7:cc:ea:30:1c:c7:1a:64:bf:71:fe:32:79:1b:97:5b:08:
2f:ac:4b:cc:56:54:b8:39:09:91:8b:b0:cf:2d:dc:6e:7d:06:
ed:27:a5:1a:31:e4:68:18:ee:d6:dd:e2:1b:9e:7e:bc:71:a9:
f4:fe:f6:d4:d6:e2:fd:16:8f:4f:fa:71:ac:df:ae:ad:df:e2:
89:59:d6:7c:52:03:b7:c1:1b:92:57:9b:fa:0c:f6:e3:74:44:
31:9b:2a:f7:0e:b5:10:3f:bb:9d:cc:94:5a:fd:dd:27:30:62:
55:dd:07:a8:46:72:de:38:ae:8b:ba:38:fe:cc:9e:9f:3b:10:
75:2a:86:5f:a4:e1:f6:d5:e7:c3:f3:dd:48:16:72:68:c2:ba:
bd:93:a9:fe:47:f2:df:ec:7b:d6:16:79:6c:56:86:84:9a:36:
08:df:e5:5a:94:b1:2c:06:cc:e2:16:17:be:c5:7e:d0:33:4d:
a7:5c:d5:15:ae:dd:2e:75:69:42:be:18:2e:8a:20:5b:95:36:
ca:dd:dc:49
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICIKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDRDYxMTAvBgNVBAUTKDUzQkYwREQ3ODBEQjAzOEVDRTE0RDQwNDU5QkFCOUM2
OEY2OTg1M0IwHhcNMjMwOTMwMTkyMzI0WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE4NzVhYi0wMDRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArSVHtIrkks267JVEiPz0UD64yzJQwxiUtcwkm5ARZO5rTG/mA4cb2Hom8Elf
1orz1EtaeqkUpRyFAolALq9pabgW8Exb2hsBVkvffOVokWI5VsTWyRLUI50OOADN
TMvT+YgHW7ZhGrrQAh6mKuunFzmYy8umJlVd1ixN6QWfZ3EKReF14r3PrETrY8nA
SHwzZv4MS6COUyXpsE6dofmCVWND6mwQC14LenlbbIO9n14ThHy99xxsMQaJ4w08
KlUszftSdjX1PNK5FlpY1XH8TKk66Ku9SmEBFa0kLiM7H23cOaWUWFGaLnlog/Y3
BFno0Cy6djyldUxZvN4M4eYbHwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLTMHAZp
pp+fE9a6JspZxiADuhP2MB8GA1UdIwQYMBaAFFO/DdeA2wOOzhTUBFm6ucaPaYU7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkNENi8xRTlFMUFBQ0Qy
RUExMUU1QUZCMUUyNENDNEY5QUUwMi9VNzhOMTREYkE0N09GTlFFV2JxNXhvOXBo
VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3OE4xNERiQTQ3T0ZOUUVXYnE1eG85cGhUcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDRDYvMUU5RTFBQUNEMkVBMTFFNUFGQjFFMjRDQzRGOUFFMDIvRDI4MEJFRjA1
RkM2MTFFRTg1N0JFNDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAC00t4wDQYJKoZIhvcNAQELBQADggEBADOuUCKRsN8F5t4g
pTNmeE9Yjr5PEux0B5txnNNGUhs0F+WLMsdVw55XMStm8NwQ62JuDM0/0BS3zOow
HMcaZL9x/jJ5G5dbCC+sS8xWVLg5CZGLsM8t3G59Bu0npRox5GgY7tbd4huefrxx
qfT+9tTW4v0Wj0/6cazfrq3f4olZ1nxSA7fBG5JXm/oM9uN0RDGbKvcOtRA/u53M
lFr93ScwYlXdB6hGct44rou6OP7Mnp87EHUqhl+k4fbV58Pz3UgWcmjCur2Tqf5H
8t/se9YWeWxWhoSaNgjf5VqUsSwGzOIWF77FftAzTadc1RWu3S51aUK+GC6KIFuV
Nsrd3Ek=
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:51 2024 by rpki-client on console-fra.rpki-client.org