Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/3D34B48A447311EB93194320C4F9AE02.roa
File: 3D34B48A447311EB93194320C4F9AE02.roa (raw, json)
Hash identifier: IbsPrJ6gERxtK6X3A9+hmBhHHsKeEYWSc7yGewvYPMc=
Subject key identifier: 2D:2C:65:31:F9:A0:1E:6B:2D:14:B8:5A:21:87:DB:92:06:A5:0C:89
Certificate issuer: /CN=A915AE5F/serialNumber=AFE727E4209DCDF82762574B5E33C8083787A18F
Certificate serial: 1D4D
Authority key identifier: AF:E7:27:E4:20:9D:CD:F8:27:62:57:4B:5E:33:C8:08:37:87:A1:8F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/3D34B48A447311EB93194320C4F9AE02.roa
Signing time: Tue 28 Nov 2023 16:43:24 +0000
ROA not before: Tue 28 Nov 2023 16:43:24 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 58659
IP address blocks: 202.179.65.0/24 maxlen: 24
202.179.77.0/24 maxlen: 24
202.179.78.0/23 maxlen: 24
202.179.80.0/23 maxlen: 24
202.179.82.0/23 maxlen: 24
202.179.84.0/23 maxlen: 24
202.179.87.0/24 maxlen: 24
202.179.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Dec 2023 10:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7501 (0x1d4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915AE5F/serialNumber=AFE727E4209DCDF82762574B5E33C8083787A18F
Validity
Not Before: Nov 28 16:43:24 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=656618ac-1459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b1:7e:98:0a:62:3f:dc:5b:f0:17:92:cc:91:
06:f8:b8:f5:29:ba:ac:c3:e0:6c:8c:5a:ca:aa:77:
f8:d6:23:1f:61:ac:fe:b2:55:46:3e:d4:23:c0:bf:
cd:de:a7:fa:df:1f:88:ca:01:97:9c:fc:f7:f2:80:
9b:23:c3:0e:17:1f:6c:72:c6:92:12:25:34:b8:17:
e4:1b:c9:9f:6e:54:a3:a5:ff:ef:24:79:34:05:41:
e2:fa:58:a1:e8:e9:8f:d9:5e:2e:4e:5c:94:ed:e7:
74:d9:17:e3:1e:94:e2:7a:25:50:4f:4a:78:d6:90:
cd:31:9c:57:ac:5e:c0:18:27:28:a4:ca:d0:3c:39:
79:4c:86:26:bd:ab:d0:b8:71:fe:fc:a5:9e:8f:d6:
30:cf:b4:e4:28:d2:8c:56:13:e7:e4:6d:df:12:58:
68:f0:36:43:7d:e1:a5:49:53:80:87:19:46:a0:a7:
39:45:b9:43:d5:43:40:61:79:63:82:69:1d:b5:51:
cb:4e:2c:dd:8f:3b:56:b2:fb:cb:e2:c8:a3:f0:bf:
54:d1:0e:7d:b2:12:2c:59:2d:60:c7:68:31:12:21:
a6:81:57:c6:0f:cb:bb:30:f5:33:c2:9c:59:25:09:
dd:d0:88:eb:f7:4d:85:31:d3:42:25:2b:a0:f7:cb:
a0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2C:65:31:F9:A0:1E:6B:2D:14:B8:5A:21:87:DB:92:06:A5:0C:89
X509v3 Authority Key Identifier:
keyid:AF:E7:27:E4:20:9D:CD:F8:27:62:57:4B:5E:33:C8:08:37:87:A1:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/r-cn5CCdzfgnYldLXjPICDeHoY8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/3D34B48A447311EB93194320C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.179.65.0/24
202.179.77.0-202.179.85.255
202.179.87.0-202.179.89.255
Signature Algorithm: sha256WithRSAEncryption
17:c2:59:bc:08:6c:f5:14:e4:37:45:59:53:3d:43:d3:b8:29:
cd:ad:f6:1a:be:d0:7f:89:59:96:e3:36:d5:0f:2a:49:a2:8a:
ce:48:09:16:73:21:28:79:79:07:94:4f:09:42:0b:7b:32:8e:
76:a3:35:c3:99:b7:87:2b:3f:6c:a8:90:9e:d1:c3:f7:a6:23:
41:f9:fc:f1:3f:ed:31:1b:c7:c0:d6:b7:2b:90:48:55:11:71:
e0:4e:fb:e1:9e:0b:7b:de:3b:98:e2:77:d6:1f:36:65:22:34:
16:46:95:1d:be:4e:78:0f:4b:6a:e6:c8:35:d5:82:ce:c3:11:
e4:84:3f:f1:53:99:ea:44:5b:87:a9:13:0b:24:77:39:58:fd:
55:10:a1:70:df:28:84:82:52:86:72:92:d5:e8:6d:ea:3a:b7:
c3:9f:79:38:f9:3b:7e:79:cb:ac:60:6b:97:c3:a7:c5:a1:f3:
60:6a:12:c2:b0:08:f3:47:64:e9:f9:77:ca:f3:9c:2d:ee:d0:
e2:30:e5:4d:eb:c4:f2:54:d0:19:0a:94:3e:f1:e7:4f:be:ad:
b2:05:7b:4e:db:73:f8:67:60:58:5f:96:39:35:25:a3:84:94:
06:b9:c9:dd:00:47:0e:93:12:98:4d:8a:40:2c:9e:51:6f:ba:
08:9b:83:f9
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICHU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUFFNUYxMTAvBgNVBAUTKEFGRTcyN0U0MjA5RENERjgyNzYyNTc0QjVFMzNDODA4
Mzc4N0ExOEYwHhcNMjMxMTI4MTY0MzI0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY2MThhYy0xNDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw7F+mApiP9xb8BeSzJEG+Lj1Kbqsw+BsjFrKqnf41iMfYaz+slVGPtQjwL/N
3qf63x+IygGXnPz38oCbI8MOFx9scsaSEiU0uBfkG8mfblSjpf/vJHk0BUHi+lih
6OmP2V4uTlyU7ed02RfjHpTieiVQT0p41pDNMZxXrF7AGCcopMrQPDl5TIYmvavQ
uHH+/KWej9Ywz7TkKNKMVhPn5G3fElho8DZDfeGlSVOAhxlGoKc5RblD1UNAYXlj
gmkdtVHLTizdjztWsvvL4sij8L9U0Q59shIsWS1gx2gxEiGmgVfGD8u7MPUzwpxZ
JQnd0Ijr902FMdNCJSug98ugmwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFC0sZTH5
oB5rLRS4WiGH25IGpQyJMB8GA1UdIwQYMBaAFK/nJ+Qgnc34J2JXS14zyAg3h6GP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QUU1Ri84Qjc5QjY3ODg4
NTExMUU2QTY5MkRFNzhDNEY5QUUwMi9yLWNuNUNDZHpmZ25ZbGRMWGpQSUNEZUhv
WTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ItY241Q0NkemZnbllsZExYalBJQ0RlSG9ZOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUFFNUYvOEI3OUI2Nzg4ODUxMTFFNkE2OTJERTc4QzRGOUFFMDIvM0QzNEI0OEE0
NDczMTFFQjkzMTk0MzIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIDBADKs0EwDAMEAMqzTQMEAcqzVDAMAwQAyrNXAwQByrNYMA0G
CSqGSIb3DQEBCwUAA4IBAQAXwlm8CGz1FOQ3RVlTPUPTuCnNrfYavtB/iVmW4zbV
DypJoorOSAkWcyEoeXkHlE8JQgt7Mo52ozXDmbeHKz9sqJCe0cP3piNB+fzxP+0x
G8fA1rcrkEhVEXHgTvvhngt73juY4nfWHzZlIjQWRpUdvk54D0tq5sg11YLOwxHk
hD/xU5nqRFuHqRMLJHc5WP1VEKFw3yiEglKGcpLV6G3qOrfDn3k4+Tt+ecusYGuX
w6fFofNgahLCsAjzR2Tp+XfK85wt7tDiMOVN68TyVNAZCpQ+8edPvq2yBXtO23P4
Z2BYX5Y5NSWjhJQGucndAEcOkxKYTYpALJ5Rb7oIm4P5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-ams.rpki-client.org