Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/1E6549CA05A511EEA86A0C2BC4F9AE02.roa
File: 1E6549CA05A511EEA86A0C2BC4F9AE02.roa (raw, json)
Hash identifier: D5AQBQYl47DaO5kwZcot6mgbihiW8kPiP43BR8VoM4U=
Subject key identifier: AB:F0:7A:52:2A:5F:29:17:24:6B:AF:18:D4:99:C3:63:1F:46:5C:AD
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1986
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/1E6549CA05A511EEA86A0C2BC4F9AE02.roa
Signing time: Thu 08 Jun 2023 02:35:23 +0000
ROA not before: Thu 08 Jun 2023 02:35:23 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 134543
IP address blocks: 112.96.8.0/24 maxlen: 24
112.97.160.0/19 maxlen: 19
112.97.208.0/20 maxlen: 20
112.97.240.0/20 maxlen: 20
120.80.72.0/22 maxlen: 22
122.13.156.0/24 maxlen: 24
122.13.160.0/24 maxlen: 24
122.13.162.0/24 maxlen: 24
122.13.163.0/24 maxlen: 24
163.177.216.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6534 (0x1986)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 02:35:23 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64813e6b-65df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cb:72:89:ed:a3:19:76:c2:90:7c:e4:8b:56:
ba:53:e5:92:1f:6e:c3:6f:5f:3f:02:cf:2c:15:a3:
17:15:11:e9:ee:6a:24:82:8f:ea:32:42:0c:44:d5:
58:57:b4:9c:32:a2:17:22:bb:b6:15:a5:fe:9e:b4:
bf:02:71:1b:f5:9d:a9:7f:84:f6:c1:2d:23:5f:f1:
89:b2:e2:f9:c0:1f:c2:2c:ca:84:d1:48:86:3a:06:
81:2b:bb:df:35:f6:a2:df:f2:69:35:33:e6:95:9f:
ce:d0:88:af:01:81:6f:81:0c:3e:65:8c:58:03:29:
8a:48:53:37:86:6e:e7:5d:cb:8b:dc:34:57:25:26:
9a:6f:06:fc:01:78:b0:ce:24:77:ad:0b:de:3d:57:
13:e0:5f:f7:87:9c:f6:4d:de:7c:eb:75:90:d3:e4:
58:e8:7e:88:23:ae:26:87:cb:63:12:1e:23:4b:8a:
9b:ee:a7:7e:dc:a6:2f:e8:13:5d:52:f2:0b:2b:03:
20:8a:10:8b:61:05:f8:f8:2f:48:a1:47:03:c8:25:
1c:e3:22:f1:db:cf:eb:62:38:14:5d:d8:61:75:a6:
e3:9e:ec:c9:76:c2:4d:ba:c8:da:02:af:4a:32:d6:
99:e9:e5:ba:83:11:27:10:aa:b7:02:32:aa:6f:02:
48:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F0:7A:52:2A:5F:29:17:24:6B:AF:18:D4:99:C3:63:1F:46:5C:AD
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/1E6549CA05A511EEA86A0C2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.96.8.0/24
112.97.160.0/19
112.97.208.0/20
112.97.240.0/20
120.80.72.0/22
122.13.156.0/24
122.13.160.0/24
122.13.162.0/23
163.177.216.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:4b:64:48:a3:c8:e7:5a:ee:27:75:04:3a:90:08:75:c6:30:
54:b3:a5:c5:58:ac:6b:c8:32:ab:98:c3:6a:e6:04:13:61:bc:
45:4c:e1:8a:68:26:33:11:e2:dd:eb:51:04:60:d5:ec:2e:11:
3d:6e:3d:c8:dc:b7:95:98:66:df:c5:74:0f:e8:dd:0e:35:58:
55:14:8f:91:28:7a:4f:40:cd:09:df:11:36:f1:ef:fc:7c:ee:
14:be:e7:6d:ee:d1:1b:a9:05:9f:2a:9c:1b:b1:5b:44:77:83:
98:51:be:a2:75:56:fc:f5:ac:3f:30:6d:64:ea:0e:74:95:9e:
d3:03:61:2f:15:65:9e:a9:b1:ee:ae:53:fd:38:e9:11:cb:e1:
98:00:ba:e5:92:50:54:0a:fc:f5:f9:ea:33:dd:c3:87:e9:d7:
b9:b9:47:d9:f0:05:21:85:61:f2:87:99:58:31:bb:8b:85:ff:
d5:ea:4b:d6:68:c7:bd:03:9a:d0:51:dc:0a:6f:ce:1a:17:5c:
27:55:bb:be:f1:ae:6e:90:ff:99:1c:16:ef:39:36:c2:f1:47:
e5:fb:71:7e:81:1d:13:ef:f2:72:cb:21:e1:f4:34:67:cb:d7:
e4:33:23:63:e9:49:a2:ea:2d:9b:83:14:c4:9b:01:1e:c5:84:
ae:60:12:a6
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICGYYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDIzNTIzWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxM2U2Yi02NWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtstyie2jGXbCkHzki1a6U+WSH27Db18/As8sFaMXFRHp7mokgo/qMkIMRNVY
V7ScMqIXIru2FaX+nrS/AnEb9Z2pf4T2wS0jX/GJsuL5wB/CLMqE0UiGOgaBK7vf
Nfai3/JpNTPmlZ/O0IivAYFvgQw+ZYxYAymKSFM3hm7nXcuL3DRXJSaabwb8AXiw
ziR3rQvePVcT4F/3h5z2Td5863WQ0+RY6H6II64mh8tjEh4jS4qb7qd+3KYv6BNd
UvILKwMgihCLYQX4+C9IoUcDyCUc4yLx28/rYjgUXdhhdabjnuzJdsJNusjaAq9K
MtaZ6eW6gxEnEKq3AjKqbwJIQwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFKvwelIq
XykXJGuvGNSZw2MfRlytMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvMUU2NTQ5Q0Ew
NUE1MTFFRUE4NkEwQzJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYDBABwYAgDBAVwYaADBARwYdADBARwYfADBAJ4UEgDBAB6DZwD
BAB6DaADBAF6DaIDBAOjsdgwDQYJKoZIhvcNAQELBQADggEBAJ1LZEijyOda7id1
BDqQCHXGMFSzpcVYrGvIMquYw2rmBBNhvEVM4YpoJjMR4t3rUQRg1ewuET1uPcjc
t5WYZt/FdA/o3Q41WFUUj5Eoek9AzQnfETbx7/x87hS+523u0RupBZ8qnBuxW0R3
g5hRvqJ1Vvz1rD8wbWTqDnSVntMDYS8VZZ6pse6uU/046RHL4ZgAuuWSUFQK/PX5
6jPdw4fp17m5R9nwBSGFYfKHmVgxu4uF/9XqS9Zox70DmtBR3ApvzhoXXCdVu77x
rm6Q/5kcFu85NsLxR+X7cX6BHRPv8nLLIeH0NGfL1+QzI2PpSaLqLZuDFMSbAR7F
hK5gEqY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:38 2023 by rpki-client on console-ams.rpki-client.org