Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914D6FC/88759182432F11EDBBD98F5CC4F9AE02/6864FC4A433211EDB64D3261C4F9AE02.roa
File: 6864FC4A433211EDB64D3261C4F9AE02.roa (raw, json)
Hash identifier: c6ogYpOXEMBKoCJ4Y7qL5Y5SKNdYez+zB70iijIpOt8=
Subject key identifier: C8:AF:05:7B:A0:95:02:68:08:B1:51:95:41:39:64:D3:D7:F5:E7:1E
Certificate issuer: /CN=A914D6FC/serialNumber=A8BF54F6081967221935CB17CC13EBFB841A60C2
Certificate serial: 015E
Authority key identifier: A8:BF:54:F6:08:19:67:22:19:35:CB:17:CC:13:EB:FB:84:1A:60:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qL9U9ggZZyIZNcsXzBPr-4QaYMI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914D6FC/88759182432F11EDBBD98F5CC4F9AE02/6864FC4A433211EDB64D3261C4F9AE02.roa
Signing time: Mon 29 Jul 2024 03:45:20 +0000
ROA not before: Mon 29 Jul 2024 03:45:20 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 4658
IP address blocks: 202.81.224.0/19 maxlen: 24
2401:300::/35 maxlen: 35
2401:300:2000::/35 maxlen: 35
2401:300:4000::/35 maxlen: 35
2401:300:6000::/35 maxlen: 35
2401:300:8000::/35 maxlen: 35
2401:300:a000::/35 maxlen: 35
2401:300:c000::/35 maxlen: 35
2401:300:e000::/35 maxlen: 35
Validation: Failed, certificate revoked on Wed 02 Oct 2024 01:54:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350 (0x15e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914D6FC/serialNumber=A8BF54F6081967221935CB17CC13EBFB841A60C2
Validity
Not Before: Jul 29 03:45:20 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a71050-8f8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8f:d5:7c:d7:83:16:08:95:d5:1d:9a:69:b8:
8d:2d:d9:ee:21:f6:a1:d4:37:61:39:66:02:ec:32:
74:94:5f:37:1f:b2:a3:38:1b:41:b1:fb:34:27:7f:
28:95:78:1f:58:77:d3:0a:8d:b9:8f:90:63:76:f3:
c1:a6:88:e8:db:b6:c6:c4:41:cb:28:d5:ab:16:3b:
14:5f:78:b4:d6:b4:7e:97:26:9b:82:41:d6:64:7e:
aa:9b:27:30:ce:66:66:fb:59:91:c3:21:6a:01:b8:
e0:7b:21:f4:33:66:b5:68:e1:ca:b6:c4:d2:c0:ef:
fd:d1:e7:67:0e:3c:da:ca:70:a3:4f:57:8e:14:ad:
22:84:ad:86:d6:7c:a0:2c:f7:ae:59:f3:ef:0c:7a:
4d:bb:72:8b:59:5b:47:b5:35:55:c2:d1:21:22:c5:
c9:c2:40:88:43:aa:da:fc:fa:86:f9:04:5e:1b:2b:
aa:d0:8b:42:5e:12:b9:34:27:09:a4:5e:31:0e:f9:
67:20:e9:ec:d8:30:56:e4:4c:76:53:d9:b0:a4:ba:
51:b9:22:3e:a9:b1:eb:e4:2d:7f:2d:4c:56:71:02:
27:be:26:76:eb:54:fc:8b:85:e1:64:81:1a:40:50:
c8:16:e7:a6:25:da:eb:c5:97:38:23:56:17:d3:7b:
e5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:AF:05:7B:A0:95:02:68:08:B1:51:95:41:39:64:D3:D7:F5:E7:1E
X509v3 Authority Key Identifier:
keyid:A8:BF:54:F6:08:19:67:22:19:35:CB:17:CC:13:EB:FB:84:1A:60:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914D6FC/88759182432F11EDBBD98F5CC4F9AE02/qL9U9ggZZyIZNcsXzBPr-4QaYMI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qL9U9ggZZyIZNcsXzBPr-4QaYMI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D6FC/88759182432F11EDBBD98F5CC4F9AE02/6864FC4A433211EDB64D3261C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.81.224.0/19
IPv6:
2401:300::/32
Signature Algorithm: sha256WithRSAEncryption
22:bc:ae:ca:f9:2a:45:95:03:c4:dc:7a:32:c4:41:72:e6:87:
e4:4e:78:a3:bf:68:e9:94:fa:c4:a7:fb:89:98:3d:c2:fd:69:
c8:08:c6:a8:0e:c8:a4:84:47:ef:68:18:17:41:b3:94:fb:9b:
0f:9e:20:2a:66:aa:16:f2:d4:6c:a0:eb:7a:95:20:63:55:11:
71:a6:db:ec:63:25:2b:ad:4e:ed:1a:25:94:94:fd:80:80:72:
d5:5d:c8:f6:99:92:a6:87:11:c9:23:fd:3d:8a:26:d9:7b:b9:
ac:18:a8:c6:d5:19:bf:37:5c:c2:39:f8:34:75:f2:63:23:5f:
3d:db:12:f9:bc:16:90:ab:e0:75:ef:fc:ed:5c:92:30:00:c0:
6c:e0:07:70:01:cf:0b:4d:27:b7:b1:92:2f:50:c4:e1:14:04:
4f:a2:c3:0b:f5:86:6d:69:97:de:8f:b3:a3:72:05:ee:76:4c:
d7:a3:a7:7d:da:8a:a4:82:8b:84:17:d8:82:f8:f2:35:1a:78:
44:98:9b:ac:8b:7b:45:ab:8e:c4:18:ce:dd:00:ed:15:5c:48:
c5:75:44:88:36:55:6b:18:1e:9d:9f:26:bf:6c:fa:86:6b:35:
13:92:8e:a1:33:a9:d1:12:f5:05:20:19:e0:59:ba:6c:68:3c:
df:b3:ed:66
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEQ2RkMxMTAvBgNVBAUTKEE4QkY1NEY2MDgxOTY3MjIxOTM1Q0IxN0NDMTNFQkZC
ODQxQTYwQzIwHhcNMjQwNzI5MDM0NTIwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE3MTA1MC04ZjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0o/VfNeDFgiV1R2aabiNLdnuIfah1DdhOWYC7DJ0lF83H7KjOBtBsfs0J38o
lXgfWHfTCo25j5BjdvPBpojo27bGxEHLKNWrFjsUX3i01rR+lyabgkHWZH6qmycw
zmZm+1mRwyFqAbjgeyH0M2a1aOHKtsTSwO/90ednDjzaynCjT1eOFK0ihK2G1nyg
LPeuWfPvDHpNu3KLWVtHtTVVwtEhIsXJwkCIQ6ra/PqG+QReGyuq0ItCXhK5NCcJ
pF4xDvlnIOns2DBW5Ex2U9mwpLpRuSI+qbHr5C1/LUxWcQInviZ261T8i4XhZIEa
QFDIFuemJdrrxZc4I1YX03vl9wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMivBXug
lQJoCLFRlUE5ZNPX9eceMB8GA1UdIwQYMBaAFKi/VPYIGWciGTXLF8wT6/uEGmDC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RDZGQy84ODc1OTE4MjQz
MkYxMUVEQkJEOThGNUNDNEY5QUUwMi9xTDlVOWdnWlp5SVpOY3NYekJQci00UWFZ
TUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FMOVU5Z2daWnlJWk5jc1h6QlByLTRRYVlNSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEQ2RkMvODg3NTkxODI0MzJGMTFFREJCRDk4RjVDQzRGOUFFMDIvNjg2NEZDNEE0
MzMyMTFFREI2NEQzMjYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAXKUeAwDQQCAAIwBwMFACQBAwAwDQYJKoZIhvcNAQELBQAD
ggEBACK8rsr5KkWVA8TcejLEQXLmh+ROeKO/aOmU+sSn+4mYPcL9acgIxqgOyKSE
R+9oGBdBs5T7mw+eICpmqhby1Gyg63qVIGNVEXGm2+xjJSutTu0aJZSU/YCActVd
yPaZkqaHEckj/T2KJtl7uawYqMbVGb83XMI5+DR18mMjXz3bEvm8FpCr4HXv/O1c
kjAAwGzgB3ABzwtNJ7exki9QxOEUBE+iwwv1hm1pl96Ps6NyBe52TNejp33aiqSC
i4QX2IL48jUaeESYm6yLe0WrjsQYzt0A7RVcSMV1RIg2VWsYHp2fJr9s+oZrNROS
jqEzqdES9QUgGeBZumxoPN+z7WY=
-----END CERTIFICATE-----
Generated at Wed Oct 2 04:15:26 2024 by rpki-client on console-ams.rpki-client.org