Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/D448BA587A0111EEA3D4E14CC4F9AE02.roa
File: D448BA587A0111EEA3D4E14CC4F9AE02.roa (raw, json)
Hash identifier: 3ul64Enpz64WvhXtzLI4+ngQDIKdpd0NlJZ03Ffq4Mo=
Subject key identifier: 3E:56:08:45:5F:C3:96:E5:AC:AF:07:89:43:79:8F:E4:80:E2:BF:2B
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 34FF
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/D448BA587A0111EEA3D4E14CC4F9AE02.roa
Signing time: Fri 03 Nov 2023 04:31:17 +0000
ROA not before: Fri 03 Nov 2023 04:31:17 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 131865
IP address blocks: 203.191.134.0/24 maxlen: 24
203.191.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Nov 2023 00:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13567 (0x34ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Validity
Not Before: Nov 3 04:31:17 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65447795-fe3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:25:38:e3:e1:2c:0a:3e:b4:c1:b0:5e:ba:d9:
f5:32:dd:e3:52:c8:39:ca:c3:32:05:dd:7a:f0:46:
0a:b8:33:56:47:b3:54:40:89:be:f5:f1:03:1d:78:
d5:c6:ce:41:ab:82:7d:2d:f2:a1:d4:3d:c1:f4:cb:
e5:cf:33:2c:56:12:6f:79:7d:b2:e3:47:f0:43:65:
1d:c0:b1:fc:00:f5:e1:a5:ee:6b:48:55:72:00:d0:
c2:3a:1b:f2:fd:b5:a1:cd:40:c7:2a:e1:d4:d8:a0:
12:62:8e:68:58:0c:fd:d8:56:b4:b9:e9:f6:2e:6f:
de:e1:99:1e:70:65:16:20:57:52:4f:45:42:f0:c1:
fc:d3:02:7e:8e:eb:5b:72:f0:a3:8b:05:15:8e:56:
6b:5f:28:f4:4f:de:99:a3:cb:c2:55:7c:c8:a3:eb:
77:69:3a:14:d7:c2:b3:10:aa:3c:07:ac:d5:2a:cd:
fd:ae:4d:f6:38:2b:b2:d9:ae:6a:e2:71:8a:92:5d:
20:f2:b3:17:5d:e0:ce:28:da:32:30:f1:fc:49:02:
6d:e1:50:a9:71:f9:e3:33:9d:1d:01:a1:40:5a:87:
b0:eb:71:de:18:45:fe:a2:38:b9:8a:c7:9f:79:9d:
7f:57:9f:07:61:2e:91:85:79:a8:84:e0:c3:31:99:
fd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:56:08:45:5F:C3:96:E5:AC:AF:07:89:43:79:8F:E4:80:E2:BF:2B
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/D448BA587A0111EEA3D4E14CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.191.134.0/23
Signature Algorithm: sha256WithRSAEncryption
11:e6:4f:52:bb:ea:a0:6b:fb:74:6a:cc:e5:fb:0f:66:cc:6c:
b1:39:f7:7b:7d:ed:83:28:67:90:c9:ee:e5:0e:17:f5:0b:d0:
5b:a2:73:bb:c1:dd:56:1d:68:2a:61:39:5b:62:a0:58:51:49:
2d:b4:6e:f5:aa:62:30:ca:b8:4e:26:ed:f9:26:d4:0d:05:f9:
bb:d2:5c:a9:ca:5e:22:99:45:52:5b:e3:09:04:b9:2f:dd:d8:
51:50:34:f4:cc:f0:4f:33:14:43:a5:ff:2b:f1:88:42:77:0a:
3f:1b:ab:b7:6b:e8:98:0c:7f:eb:36:22:5e:3a:bc:36:b6:f9:
e8:32:85:09:0a:d6:e8:0a:f5:58:49:00:1d:13:fe:e3:28:b0:
36:b4:8a:c3:2a:d0:af:fe:00:6c:8c:3c:07:87:8f:7b:bb:d1:
9e:27:11:45:cc:36:59:ef:38:74:d7:98:ac:86:5f:31:0e:ff:
2b:a8:a0:9b:08:92:d1:c9:c4:7a:0f:f5:47:0c:76:4b:03:ef:
f2:46:e7:b6:ec:f9:2c:e4:f3:8f:f4:99:4b:a3:4d:2a:90:a5:
d6:78:5e:51:79:38:1b:db:e1:8c:5c:f0:ff:0f:62:87:d9:ee:
3b:14:f2:02:e5:41:f4:01:c3:da:b9:de:e8:93:f7:0d:f2:ea:
e3:dc:43:69
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjMxMTAzMDQzMTE3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0Nzc5NS1mZTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0iU44+EsCj60wbBeutn1Mt3jUsg5ysMyBd168EYKuDNWR7NUQIm+9fEDHXjV
xs5Bq4J9LfKh1D3B9MvlzzMsVhJveX2y40fwQ2UdwLH8APXhpe5rSFVyANDCOhvy
/bWhzUDHKuHU2KASYo5oWAz92Fa0uen2Lm/e4ZkecGUWIFdST0VC8MH80wJ+jutb
cvCjiwUVjlZrXyj0T96Zo8vCVXzIo+t3aToU18KzEKo8B6zVKs39rk32OCuy2a5q
4nGKkl0g8rMXXeDOKNoyMPH8SQJt4VCpcfnjM50dAaFAWoew63HeGEX+oji5isef
eZ1/V58HYS6RhXmohODDMZn9TQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD5WCEVf
w5blrK8HiUN5j+SA4r8rMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvRDQ0OEJBNTg3
QTAxMTFFRUEzRDRFMTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLv4YwDQYJKoZIhvcNAQELBQADggEBABHmT1K76qBr+3Rq
zOX7D2bMbLE593t97YMoZ5DJ7uUOF/UL0Fuic7vB3VYdaCphOVtioFhRSS20bvWq
YjDKuE4m7fkm1A0F+bvSXKnKXiKZRVJb4wkEuS/d2FFQNPTM8E8zFEOl/yvxiEJ3
Cj8bq7dr6JgMf+s2Il46vDa2+egyhQkK1ugK9VhJAB0T/uMosDa0isMq0K/+AGyM
PAeHj3u70Z4nEUXMNlnvOHTXmKyGXzEO/yuooJsIktHJxHoP9UcMdksD7/JG57bs
+Szk84/0mUujTSqQpdZ4XlF5OBvb4Yxc8P8PYofZ7jsU8gLlQfQBw9q53uiT9w3y
6uPcQ2k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org