Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/D81D8D845E8111EEAC46A534C4F9AE02.roa
File: D81D8D845E8111EEAC46A534C4F9AE02.roa (raw, json)
Hash identifier: tEfxOYBJaLrvJ3nR9g6hPzVMpYgZ2kkuqzupMneezWY=
Subject key identifier: AB:18:7E:B0:AE:11:62:FA:EF:AF:18:E0:F6:2D:02:E0:82:A1:9C:0D
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 088B
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/D81D8D845E8111EEAC46A534C4F9AE02.roa
Signing time: Fri 29 Sep 2023 04:37:07 +0000
ROA not before: Fri 29 Sep 2023 04:37:07 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 7631
IP address blocks: 123.176.112.0/22 maxlen: 22
123.176.112.0/23 maxlen: 23
123.176.112.0/24 maxlen: 24
123.176.113.0/24 maxlen: 24
123.176.114.0/23 maxlen: 23
123.176.115.0/24 maxlen: 24
123.176.116.0/22 maxlen: 22
123.176.116.0/23 maxlen: 23
123.176.116.0/24 maxlen: 24
125.253.36.0/23 maxlen: 23
203.189.4.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2187 (0x88b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: Sep 29 04:37:07 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=65165472-87b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:47:26:f4:ee:0b:6c:1a:d4:58:52:6b:e0:93:
e1:79:ac:fe:97:58:bf:25:dc:4b:7e:69:2e:87:aa:
40:ea:3a:d9:8e:04:63:75:aa:37:40:91:f8:05:f4:
0c:ad:bb:86:0d:a2:c7:8b:51:5f:8a:4b:25:26:0c:
8a:fd:36:e8:af:51:fc:13:3f:e4:36:b0:10:9a:c6:
67:30:7f:73:9d:c3:16:ec:19:0a:8d:8a:b4:20:e3:
17:31:d3:fd:11:8e:80:5a:07:ea:1f:df:57:34:2b:
a8:cb:fc:ae:ec:53:25:3d:c3:6b:17:4a:2e:94:3b:
da:3c:28:80:5f:36:13:bd:b3:ad:fd:26:da:52:46:
47:28:76:3d:70:d9:e0:69:f3:a6:f9:c7:60:59:25:
0a:9a:4e:25:ac:57:cf:2a:75:f0:e4:6a:88:5b:67:
dd:aa:58:7c:29:b6:a3:c8:df:db:a1:0f:24:41:18:
26:e3:9a:55:ac:d6:f2:c1:d1:7c:10:f9:19:51:ab:
cc:5c:fb:3e:5e:51:f0:f2:14:dc:d7:a8:c9:1b:b3:
41:56:e8:94:e4:8a:59:d2:c2:65:71:a3:d4:68:66:
59:0b:dd:a4:b3:39:4c:97:d9:6e:fd:06:34:cb:bd:
cd:18:9f:71:fe:63:e7:39:64:96:3b:cb:a5:c0:a5:
ea:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:18:7E:B0:AE:11:62:FA:EF:AF:18:E0:F6:2D:02:E0:82:A1:9C:0D
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/D81D8D845E8111EEAC46A534C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.176.112.0/21
125.253.36.0/23
203.189.4.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:5a:06:44:24:a1:0c:13:81:b8:a0:ff:78:fd:87:df:44:15:
aa:3a:e2:e2:cc:f3:83:be:54:3a:ac:61:f7:bb:b3:89:ab:8f:
b9:a6:b8:7b:da:17:e1:48:42:a6:d7:d0:79:9b:76:5b:78:75:
fd:c2:c0:28:27:6f:12:40:83:5a:94:c9:fe:d4:f7:da:22:de:
c6:0b:cb:17:78:80:1b:b9:a9:53:5a:c1:3d:16:e7:ea:13:7d:
d3:6f:20:f4:23:e4:31:73:9b:f9:1d:4f:7e:3c:a0:f7:e3:f1:
dd:c0:15:78:af:a1:50:9c:c9:54:97:47:41:a3:1e:c5:b8:33:
38:c8:91:c8:02:6c:dd:bb:f1:fa:e7:79:fc:05:d3:93:a9:de:
e3:61:85:e3:1d:b4:d2:28:e1:0a:6d:bb:5d:c9:89:a3:e8:05:
16:61:5d:53:b4:56:37:92:9a:56:66:a6:21:dd:cb:4a:61:7d:
f2:dd:67:83:5d:ce:24:7b:af:3a:24:5a:0e:89:a2:d8:cb:31:
cd:39:b1:10:b4:05:a0:c9:e8:0e:07:a8:5c:c1:be:41:5c:a2:
33:bb:db:33:48:03:31:39:9a:e3:4c:d3:db:6a:4c:c7:8c:af:
72:a8:42:c4:a8:52:f4:73:05:f4:d8:73:41:39:5b:f6:74:cd:
6d:a3:cd:5e
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjMwOTI5MDQzNzA3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE2NTQ3Mi04N2I2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Ecm9O4LbBrUWFJr4JPheaz+l1i/JdxLfmkuh6pA6jrZjgRjdao3QJH4BfQM
rbuGDaLHi1FfikslJgyK/Tbor1H8Ez/kNrAQmsZnMH9zncMW7BkKjYq0IOMXMdP9
EY6AWgfqH99XNCuoy/yu7FMlPcNrF0oulDvaPCiAXzYTvbOt/SbaUkZHKHY9cNng
afOm+cdgWSUKmk4lrFfPKnXw5GqIW2fdqlh8KbajyN/boQ8kQRgm45pVrNbywdF8
EPkZUavMXPs+XlHw8hTc16jJG7NBVuiU5IpZ0sJlcaPUaGZZC92kszlMl9lu/QY0
y73NGJ9x/mPnOWSWO8ulwKXqGQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKsYfrCu
EWL6768Y4PYtAuCCoZwNMB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvRDgxRDhEODQ1
RTgxMTFFRUFDNDZBNTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAN7sHADBAF9/SQDBADLvQQwDQYJKoZIhvcNAQELBQADggEB
AF5aBkQkoQwTgbig/3j9h99EFao64uLM84O+VDqsYfe7s4mrj7mmuHvaF+FIQqbX
0Hmbdlt4df3CwCgnbxJAg1qUyf7U99oi3sYLyxd4gBu5qVNawT0W5+oTfdNvIPQj
5DFzm/kdT348oPfj8d3AFXivoVCcyVSXR0GjHsW4MzjIkcgCbN278frnefwF05Op
3uNhheMdtNIo4Qptu13JiaPoBRZhXVO0VjeSmlZmpiHdy0phffLdZ4NdziR7rzok
Wg6JotjLMc05sRC0BaDJ6A4HqFzBvkFcojO72zNIAzE5muNM09tqTMeMr3KoQsSo
UvRzBfTYc0E5W/Z0zW2jzV4=
-----END CERTIFICATE-----
Generated at Wed Oct 4 01:16:14 2023 by rpki-client on console-ams.rpki-client.org