Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/D3794DB4433A11EB838F7828C4F9AE02.roa
File: D3794DB4433A11EB838F7828C4F9AE02.roa (raw, json)
Hash identifier: eewOflE6h1c5j0TQkOj3RM8AuzjrS2UeAvOnGr/71NI=
Subject key identifier: E2:8C:D8:71:24:8E:1C:F5:23:8C:BC:38:00:A9:AC:5C:BF:5F:D9:D4
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 08B5
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/D3794DB4433A11EB838F7828C4F9AE02.roa
Signing time: Thu 02 Nov 2023 22:10:18 +0000
ROA not before: Thu 02 Nov 2023 22:10:18 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 24233
IP address blocks: 103.1.52.0/22 maxlen: 22
116.255.42.0/24 maxlen: 24
123.176.118.0/24 maxlen: 24
125.253.9.0/24 maxlen: 24
125.253.18.0/24 maxlen: 24
125.253.19.0/24 maxlen: 24
125.253.31.0/24 maxlen: 24
125.253.58.0/24 maxlen: 24
125.253.59.0/24 maxlen: 24
202.144.160.0/20 maxlen: 20
203.132.68.0/23 maxlen: 23
203.132.74.0/23 maxlen: 23
203.132.76.0/22 maxlen: 22
203.132.80.0/21 maxlen: 21
203.132.82.0/24 maxlen: 24
203.212.16.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jun 2024 11:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2229 (0x8b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: Nov 2 22:10:18 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65441e49-7d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b3:79:d6:df:e3:eb:9c:b0:07:70:37:00:5f:
29:b5:db:88:d6:fd:ea:53:89:e7:c6:5c:9b:93:be:
a5:d5:ef:9f:80:f4:b2:4d:6e:d9:1d:ee:6c:82:ed:
01:3a:40:0f:c7:d7:b7:ad:30:78:75:c2:f3:62:a8:
15:ac:0e:95:bb:f6:1a:8b:6f:11:32:e7:cc:9c:ac:
2f:a9:b3:9c:65:b1:75:e3:60:32:69:fe:9b:77:29:
ca:9f:53:b1:a3:d6:2b:81:10:10:73:2c:0a:9c:cc:
f0:6c:3b:19:bd:a3:9b:a7:4a:91:06:be:02:29:e1:
56:ea:bf:3e:aa:ce:7d:e7:8d:ca:05:6f:d4:d1:37:
fa:d5:06:c5:a7:b5:46:ed:88:56:26:70:cd:66:65:
bc:a2:c0:03:a0:ca:40:40:d9:71:75:59:a9:4f:4e:
f3:fa:9c:00:12:23:69:35:ec:0f:6f:bc:2e:fe:f3:
9f:f6:3d:6d:88:0b:11:8a:d4:5a:e1:3a:b3:d5:93:
50:f3:bc:87:42:62:14:2f:67:65:46:0e:e1:ff:06:
62:d5:a3:b2:37:5f:70:b9:d8:d9:90:da:c5:5e:5d:
69:40:73:ec:4b:93:d0:2e:0e:af:c0:12:6b:4a:52:
d4:7b:01:60:f4:ea:4c:a6:67:8a:24:8f:04:d0:f4:
e8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:8C:D8:71:24:8E:1C:F5:23:8C:BC:38:00:A9:AC:5C:BF:5F:D9:D4
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/D3794DB4433A11EB838F7828C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.1.52.0/22
116.255.42.0/24
123.176.118.0/24
125.253.9.0/24
125.253.18.0/23
125.253.31.0/24
125.253.58.0/23
202.144.160.0/20
203.132.68.0/23
203.132.74.0-203.132.87.255
203.212.16.0/21
Signature Algorithm: sha256WithRSAEncryption
b2:bb:23:bb:53:4b:26:f1:12:08:c4:ff:a3:4a:7e:3d:61:73:
0e:a8:22:9c:1e:db:08:a6:ce:05:89:0b:6a:64:62:38:58:03:
a1:a6:be:f8:7e:33:33:65:e3:1f:02:0d:44:36:a1:96:59:ed:
98:e5:a1:17:6e:34:a3:f4:0f:5d:32:bd:00:c4:9f:51:9f:2b:
be:cd:e0:a2:cc:ba:56:17:c2:8e:d8:85:8d:6d:58:38:93:a9:
14:59:33:8f:75:47:ea:e8:e0:94:8f:e7:0c:42:a8:9d:eb:5d:
fb:61:e4:e1:3b:97:ce:d6:4b:c2:b3:2b:ca:3c:f4:1b:a8:a2:
3f:54:b4:8d:32:69:04:f3:c4:16:ab:48:52:e0:53:a5:01:06:
d1:f6:a1:58:11:36:dc:ed:a7:fa:69:64:de:d8:6a:42:9f:87:
40:f3:98:6e:7e:07:e5:30:2d:65:f7:13:cd:6c:5f:dd:95:22:
a8:4c:d8:70:37:11:70:e2:77:8f:a0:76:d9:67:60:63:1f:d8:
04:41:08:21:b8:6e:ab:47:ad:0a:b2:19:82:0b:8f:3a:d8:47:
f3:bc:24:fe:a8:a6:b0:8a:e7:2d:1d:18:04:4b:ad:00:00:03:
85:cd:89:fc:4e:60:31:60:6e:05:cc:8f:72:88:ba:9b:ec:d8:
81:71:13:8e
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICCLUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjMxMTAyMjIxMDE4WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0MWU0OS03ZDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsLN51t/j65ywB3A3AF8ptduI1v3qU4nnxlybk76l1e+fgPSyTW7ZHe5sgu0B
OkAPx9e3rTB4dcLzYqgVrA6Vu/Yai28RMufMnKwvqbOcZbF142Ayaf6bdynKn1Ox
o9YrgRAQcywKnMzwbDsZvaObp0qRBr4CKeFW6r8+qs59543KBW/U0Tf61QbFp7VG
7YhWJnDNZmW8osADoMpAQNlxdVmpT07z+pwAEiNpNewPb7wu/vOf9j1tiAsRitRa
4Tqz1ZNQ87yHQmIUL2dlRg7h/wZi1aOyN19wudjZkNrFXl1pQHPsS5PQLg6vwBJr
SlLUewFg9OpMpmeKJI8E0PTolwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFOKM2HEk
jhz1I4y8OACprFy/X9nUMB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvRDM3OTREQjQ0
MzNBMTFFQjgzOEY3ODI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMFAEAgABMEoDBAJnATQDBAB0/yoDBAB7sHYDBAB9/QkDBAF9/RIDBAB9/R8D
BAF9/ToDBATKkKADBAHLhEQwDAMEAcuESgMEA8uEUAMEA8vUEDANBgkqhkiG9w0B
AQsFAAOCAQEAsrsju1NLJvESCMT/o0p+PWFzDqginB7bCKbOBYkLamRiOFgDoaa+
+H4zM2XjHwINRDahllntmOWhF240o/QPXTK9AMSfUZ8rvs3gosy6VhfCjtiFjW1Y
OJOpFFkzj3VH6ujglI/nDEKonetd+2Hk4TuXztZLwrMryjz0G6iiP1S0jTJpBPPE
FqtIUuBTpQEG0fahWBE23O2n+mlk3thqQp+HQPOYbn4H5TAtZfcTzWxf3ZUiqEzY
cDcRcOJ3j6B22WdgYx/YBEEIIbhuq0etCrIZgguPOthH87wk/qimsIrnLR0YBEut
AAADhc2J/E5gMWBuBcyPcoi6m+zYgXETjg==
-----END CERTIFICATE-----
Generated at Wed Jun 19 16:25:58 2024 by rpki-client on console-ams.rpki-client.org