Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/C3C38464631911EE9AC5F37DC4F9AE02.roa
File: C3C38464631911EE9AC5F37DC4F9AE02.roa (raw, json)
Hash identifier: uUGAEJLJS1cXa6hkPgSFMoa9ESh8FQmwYVKT3Li4Wdk=
Subject key identifier: 96:6F:A2:D9:DA:40:8E:92:C1:AA:A1:B1:B5:7E:F3:31:42:18:B6:B4
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 08B8
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/C3C38464631911EE9AC5F37DC4F9AE02.roa
Signing time: Thu 02 Nov 2023 22:10:20 +0000
ROA not before: Thu 02 Nov 2023 22:10:20 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 7631
IP address blocks: 123.176.113.0/24 maxlen: 24
123.176.114.0/23 maxlen: 23
123.176.115.0/24 maxlen: 24
123.176.116.0/22 maxlen: 22
123.176.116.0/23 maxlen: 23
123.176.116.0/24 maxlen: 24
125.253.36.0/23 maxlen: 23
203.189.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 00:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2232 (0x8b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: Nov 2 22:10:20 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65441e4c-4bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:01:af:3b:ce:b4:83:dc:d5:5e:b8:83:67:a8:
e5:3a:7e:f9:cf:07:e1:fd:9d:2d:72:ed:2d:cb:03:
c9:7f:77:84:62:ff:90:f1:71:1f:8a:92:dd:b8:47:
cc:d8:cc:75:a5:e4:ce:d4:c8:25:e6:74:58:45:68:
08:f6:9e:35:8b:d5:b9:2d:e7:56:b1:db:6d:5d:08:
b2:72:e7:48:df:02:1b:57:42:6b:58:c5:53:3f:b1:
9f:f2:00:03:7d:48:1f:63:89:e8:38:75:7a:96:be:
44:3c:30:dd:b6:fd:0e:21:dc:3e:31:62:16:0d:30:
64:d0:92:b0:e5:4b:f5:39:1a:0d:8e:3f:b4:d4:95:
48:05:d4:5c:6e:71:f2:53:80:4f:32:67:fc:1c:f9:
16:83:c5:d4:a0:c0:84:c2:ff:c7:11:87:bc:84:8c:
c0:bb:f5:21:a8:a3:ab:69:06:bf:c7:4c:ce:82:fe:
85:0c:38:c3:8d:a0:5b:07:82:99:25:6e:7f:4c:cf:
59:df:dd:98:b4:9f:39:e3:bb:a7:3e:11:da:c3:30:
d5:02:ce:37:63:a9:13:78:56:a9:96:ba:b4:ae:01:
34:60:4a:ad:04:26:85:3d:22:2f:9a:f3:55:6e:20:
0a:c4:fd:dc:d2:0b:62:21:9f:dc:80:9e:f5:fd:69:
ce:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:6F:A2:D9:DA:40:8E:92:C1:AA:A1:B1:B5:7E:F3:31:42:18:B6:B4
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/C3C38464631911EE9AC5F37DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.176.113.0-123.176.119.255
125.253.36.0/23
203.189.4.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:5f:22:83:b7:29:b1:39:08:3c:f6:81:55:af:5f:34:61:01:
15:07:73:e7:46:37:0f:76:31:93:7d:2f:93:d1:11:5d:f1:59:
1e:b7:61:21:52:39:b7:ef:40:2b:c1:ff:7b:70:7b:7e:76:fc:
94:34:bb:cc:a7:73:ab:83:9f:6a:fd:dd:9a:f8:2a:4f:d0:d7:
5e:be:a4:5f:b4:e5:a2:e9:8a:d9:9b:75:17:ee:d6:ef:f7:35:
d6:70:77:1c:8a:df:e7:e0:8a:8e:80:1c:cf:37:3e:30:76:e9:
00:4e:43:9b:f4:f7:1f:ba:9b:f6:99:d1:40:29:d3:84:8f:71:
d0:e3:a9:29:1f:7e:76:c9:9e:84:a0:7c:37:a6:5e:1d:d5:41:
8f:c9:a7:33:3d:39:7b:5f:2b:d7:33:cf:f6:be:2c:ab:3c:f4:
06:43:6d:22:c0:12:23:96:4d:73:2d:2c:ae:b0:2c:a3:59:18:
a0:f6:95:51:35:1f:f2:6f:54:46:29:e6:35:c4:82:5f:b2:5b:
87:ab:38:d7:c9:31:cf:d9:ac:ff:d4:4b:8c:e2:b3:bb:41:de:
22:c4:a0:28:8d:fd:e9:e0:4f:04:a7:56:a8:ed:e0:7d:91:ef:
1b:5e:45:46:37:e9:08:c4:eb:5c:83:04:d4:a2:29:a8:1b:42:
0d:ea:44:9b
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjMxMTAyMjIxMDIwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0MWU0Yy00YmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4QGvO860g9zVXriDZ6jlOn75zwfh/Z0tcu0tywPJf3eEYv+Q8XEfipLduEfM
2Mx1peTO1Mgl5nRYRWgI9p41i9W5LedWsdttXQiycudI3wIbV0JrWMVTP7Gf8gAD
fUgfY4noOHV6lr5EPDDdtv0OIdw+MWIWDTBk0JKw5Uv1ORoNjj+01JVIBdRcbnHy
U4BPMmf8HPkWg8XUoMCEwv/HEYe8hIzAu/UhqKOraQa/x0zOgv6FDDjDjaBbB4KZ
JW5/TM9Z392YtJ8547unPhHawzDVAs43Y6kTeFaplrq0rgE0YEqtBCaFPSIvmvNV
biAKxP3c0gtiIZ/cgJ71/WnOVQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFJZvotna
QI6SwaqhsbV+8zFCGLa0MB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvQzNDMzg0NjQ2
MzE5MTFFRTlBQzVGMzdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAHuwcQMEA3uwcAMEAX39JAMEAMu9BDANBgkqhkiG9w0B
AQsFAAOCAQEAO18ig7cpsTkIPPaBVa9fNGEBFQdz50Y3D3Yxk30vk9ERXfFZHrdh
IVI5t+9AK8H/e3B7fnb8lDS7zKdzq4Ofav3dmvgqT9DXXr6kX7TloumK2Zt1F+7W
7/c11nB3HIrf5+CKjoAczzc+MHbpAE5Dm/T3H7qb9pnRQCnThI9x0OOpKR9+dsme
hKB8N6ZeHdVBj8mnMz05e18r1zPP9r4sqzz0BkNtIsASI5ZNcy0srrAso1kYoPaV
UTUf8m9URinmNcSCX7Jbh6s418kxz9ms/9RLjOKzu0HeIsSgKI396eBPBKdWqO3g
fZHvG15FRjfpCMTrXIME1KIpqBtCDepEmw==
-----END CERTIFICATE-----
Generated at Mon May 6 02:18:25 2024 by rpki-client on console-ams.rpki-client.org