Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/778BC2CA9D8C11EE94731716C4F9AE02.roa
File: 778BC2CA9D8C11EE94731716C4F9AE02.roa (raw, json)
Hash identifier: DyzA/+XQ0YnIyG0aRJVhw4WkHAIyna6S1qL3xn7mCJw=
Subject key identifier: 77:0F:31:CD:15:67:EF:E7:63:F0:34:42:15:7A:E2:02:3D:72:4F:9D
Certificate issuer: /CN=A915AE5F/serialNumber=AFE727E4209DCDF82762574B5E33C8083787A18F
Certificate serial: 1D5C
Authority key identifier: AF:E7:27:E4:20:9D:CD:F8:27:62:57:4B:5E:33:C8:08:37:87:A1:8F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/778BC2CA9D8C11EE94731716C4F9AE02.roa
Signing time: Mon 18 Dec 2023 10:05:50 +0000
ROA not before: Mon 18 Dec 2023 10:05:49 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 58659
IP address blocks: 202.179.65.0/24 maxlen: 24
202.179.77.0/24 maxlen: 24
202.179.78.0/23 maxlen: 24
202.179.80.0/24 maxlen: 24
202.179.83.0/24 maxlen: 24
202.179.84.0/23 maxlen: 24
202.179.87.0/24 maxlen: 24
202.179.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jan 2024 13:41:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7516 (0x1d5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915AE5F/serialNumber=AFE727E4209DCDF82762574B5E33C8083787A18F
Validity
Not Before: Dec 18 10:05:49 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6580197d-86a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:b1:e7:fa:77:43:17:05:2d:f9:31:66:a1:4e:
dc:88:35:a0:ed:c7:40:48:21:b5:d3:54:b1:49:e0:
5c:4d:31:9e:eb:14:f2:57:1c:b2:1d:d6:32:b3:91:
a1:59:84:d1:91:0d:21:ff:ce:c3:09:77:79:9e:92:
48:07:1d:4d:75:ba:00:38:26:2f:4f:5e:36:5f:34:
a5:cc:ed:23:de:f0:7e:f9:93:8c:46:03:43:1d:c0:
f6:6d:24:9d:a1:5b:e9:c5:b1:55:23:fb:c8:ac:8a:
66:97:32:38:ae:37:c7:d8:22:cb:67:c7:23:e0:bd:
3e:c3:18:04:21:ab:6a:7b:0b:70:6c:aa:44:66:e9:
2a:8e:b7:b6:0f:36:20:4d:b0:31:63:75:ce:21:11:
51:4d:67:e8:ba:cc:87:d8:dd:eb:fa:df:e8:8b:2d:
f8:55:f5:03:69:2e:bb:19:5a:03:d0:21:7c:d8:f5:
86:34:34:10:f3:d7:c2:ff:fd:1b:68:14:14:bd:09:
78:54:7d:c8:e7:ba:f6:64:3b:74:26:d4:da:d8:a1:
e1:fd:92:a2:24:d4:4b:85:7d:a6:40:10:ee:98:a2:
42:22:ed:bc:81:d6:94:c3:16:63:b1:e9:c9:01:62:
dd:d7:c2:a3:4d:eb:84:a8:66:d6:a8:70:bb:51:b1:
16:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:0F:31:CD:15:67:EF:E7:63:F0:34:42:15:7A:E2:02:3D:72:4F:9D
X509v3 Authority Key Identifier:
keyid:AF:E7:27:E4:20:9D:CD:F8:27:62:57:4B:5E:33:C8:08:37:87:A1:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/r-cn5CCdzfgnYldLXjPICDeHoY8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/778BC2CA9D8C11EE94731716C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.179.65.0/24
202.179.77.0-202.179.80.255
202.179.83.0-202.179.85.255
202.179.87.0-202.179.89.255
Signature Algorithm: sha256WithRSAEncryption
70:89:02:4c:ac:d2:b7:ba:f7:f1:8a:b5:8f:59:34:3b:72:20:
65:ec:d5:da:f2:b8:21:f4:c5:0a:df:e0:49:02:b4:d1:4f:4b:
c5:e3:9c:44:66:c6:cc:8e:08:48:3c:3f:cc:a7:76:e5:f3:0b:
88:5c:31:51:d2:37:87:47:a4:11:59:03:f0:f7:9d:98:16:4a:
40:e9:f6:14:90:5e:4c:d4:88:73:40:37:4f:ab:1a:2c:c7:8c:
f7:ac:e5:7d:aa:75:4a:d7:75:11:97:4a:a4:e2:fb:97:bf:48:
59:47:d3:a0:07:40:52:d5:c9:d0:2a:ff:b9:c1:a4:ea:d7:22:
c1:1f:98:ee:c7:d0:9b:a0:1a:93:6f:f3:0f:39:67:5f:74:d2:
e2:27:00:16:8e:fa:5f:03:b0:b2:bd:c2:ce:39:7b:92:a7:87:
60:7f:47:e4:e3:8e:42:8b:3e:9a:da:0a:e6:df:1e:c5:d6:7b:
01:ba:42:ba:55:d1:ac:2a:51:fd:98:2e:d2:44:28:d8:72:90:
4d:56:07:68:f9:b1:25:5b:21:a9:12:41:a8:f2:2b:31:11:13:
af:a9:a5:e7:37:da:d9:7a:b6:9c:5a:6c:17:fa:5e:40:eb:09:
57:d0:b1:61:0d:ee:b9:f3:d2:84:8e:b7:d0:b6:ce:b5:b3:20:
5e:2a:f9:92
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICHVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUFFNUYxMTAvBgNVBAUTKEFGRTcyN0U0MjA5RENERjgyNzYyNTc0QjVFMzNDODA4
Mzc4N0ExOEYwHhcNMjMxMjE4MTAwNTQ5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgwMTk3ZC04NmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+LHn+ndDFwUt+TFmoU7ciDWg7cdASCG101SxSeBcTTGe6xTyVxyyHdYys5Gh
WYTRkQ0h/87DCXd5npJIBx1NdboAOCYvT142XzSlzO0j3vB++ZOMRgNDHcD2bSSd
oVvpxbFVI/vIrIpmlzI4rjfH2CLLZ8cj4L0+wxgEIatqewtwbKpEZukqjre2DzYg
TbAxY3XOIRFRTWfousyH2N3r+t/oiy34VfUDaS67GVoD0CF82PWGNDQQ89fC//0b
aBQUvQl4VH3I57r2ZDt0JtTa2KHh/ZKiJNRLhX2mQBDumKJCIu28gdaUwxZjsenJ
AWLd18KjTeuEqGbWqHC7UbEWiwIDAQABo4ICvzCCArswHQYDVR0OBBYEFHcPMc0V
Z+/nY/A0QhV64gI9ck+dMB8GA1UdIwQYMBaAFK/nJ+Qgnc34J2JXS14zyAg3h6GP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QUU1Ri84Qjc5QjY3ODg4
NTExMUU2QTY5MkRFNzhDNEY5QUUwMi9yLWNuNUNDZHpmZ25ZbGRMWGpQSUNEZUhv
WTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ItY241Q0NkemZnbllsZExYalBJQ0RlSG9ZOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUFFNUYvOEI3OUI2Nzg4ODUxMTFFNkE2OTJERTc4QzRGOUFFMDIvNzc4QkMyQ0E5
RDhDMTFFRTk0NzMxNzE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBADKs0EwDAMEAMqzTQMEAMqzUDAMAwQAyrNTAwQByrNUMAwD
BADKs1cDBAHKs1gwDQYJKoZIhvcNAQELBQADggEBAHCJAkys0re69/GKtY9ZNDty
IGXs1dryuCH0xQrf4EkCtNFPS8XjnERmxsyOCEg8P8ynduXzC4hcMVHSN4dHpBFZ
A/D3nZgWSkDp9hSQXkzUiHNAN0+rGizHjPes5X2qdUrXdRGXSqTi+5e/SFlH06AH
QFLVydAq/7nBpOrXIsEfmO7H0JugGpNv8w85Z1900uInABaO+l8DsLK9ws45e5Kn
h2B/R+TjjkKLPpraCubfHsXWewG6QrpV0awqUf2YLtJEKNhykE1WB2j5sSVbIakS
QajyKzERE6+ppec32tl6tpxabBf6XkDrCVfQsWEN7rnz0oSOt9C2zrWzIF4q+ZI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-ams.rpki-client.org