Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/37384CF2FDC311ED8AC77F65C4F9AE02.roa
File: 37384CF2FDC311ED8AC77F65C4F9AE02.roa (raw, json)
Hash identifier: KF0iS7UOeUzXPkIEGqir1EfTTD6r+zss+0OJua7hzQg=
Subject key identifier: 2A:C0:D5:0E:23:05:5B:1A:27:BD:9F:62:AA:1C:C4:05:73:5A:72:6C
Certificate issuer: /CN=A9171634/serialNumber=3FC971292CE91A591A8CDFA7D1AE09CA46E03E87
Certificate serial: 3355
Authority key identifier: 3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/37384CF2FDC311ED8AC77F65C4F9AE02.roa
Signing time: Mon 29 May 2023 01:50:41 +0000
ROA not before: Mon 29 May 2023 01:50:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 37989
IP address blocks: 203.123.48.0/21 maxlen: 21
203.123.48.0/22 maxlen: 22
203.123.48.0/24 maxlen: 24
203.123.49.0/24 maxlen: 24
203.123.50.0/24 maxlen: 24
203.123.51.0/24 maxlen: 24
2405:fc00::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 May 2023 02:50:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13141 (0x3355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171634/serialNumber=3FC971292CE91A591A8CDFA7D1AE09CA46E03E87
Validity
Not Before: May 29 01:50:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=647404f0-b269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9c:12:25:77:53:b4:17:34:4a:4c:1d:24:78:
09:28:ab:1b:39:e1:c7:3c:a6:1d:3c:4e:ce:14:58:
0e:01:e0:9b:8f:46:83:b1:22:b6:fa:b4:1a:e1:3f:
2f:80:b8:c8:27:7e:37:22:16:46:91:68:01:c9:4e:
69:df:54:64:7e:e9:6c:82:a1:6a:c4:2a:1c:57:57:
dd:a9:2b:01:06:6a:23:06:e6:49:0d:d5:91:49:9d:
ab:09:dd:4b:09:66:b8:1c:9b:3e:a5:e5:b1:cc:88:
f5:16:54:73:94:52:97:ed:dc:2f:51:5e:22:5f:32:
0d:2e:70:54:b5:c3:ed:12:02:8d:dc:75:a6:7c:09:
69:5a:d2:53:94:0e:e8:a0:e6:35:e5:ce:c3:dd:47:
05:3b:f6:00:2f:a6:d3:ef:af:d3:f4:fb:8a:d2:99:
c9:df:49:76:d7:8a:10:52:50:5a:8c:ab:a6:4d:83:
9a:e7:c0:3d:b1:92:7d:7d:3f:1d:04:ea:7a:a1:31:
e0:c3:85:e5:0f:a2:29:aa:94:a3:7e:72:27:1d:05:
05:80:e2:de:00:3a:2f:ca:fc:4c:be:c1:47:4c:ea:
fc:8d:56:a9:77:36:d4:8e:d6:94:99:93:db:cf:cd:
7e:07:aa:1f:c8:2d:24:f1:9c:ac:92:6a:47:fb:9d:
46:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C0:D5:0E:23:05:5B:1A:27:BD:9F:62:AA:1C:C4:05:73:5A:72:6C
X509v3 Authority Key Identifier:
keyid:3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/P8lxKSzpGlkajN-n0a4JykbgPoc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/37384CF2FDC311ED8AC77F65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.123.48.0/21
IPv6:
2405:fc00::/32
Signature Algorithm: sha256WithRSAEncryption
8d:bd:64:ae:b2:0c:8d:f8:a0:ae:6f:c2:8a:2a:1b:f7:1c:e3:
c9:9c:9b:87:27:99:4f:cf:53:b4:58:92:70:d0:d4:6d:6c:94:
e7:fb:a9:27:39:c4:73:53:9b:51:4c:a8:f2:d3:25:04:5c:05:
66:df:70:eb:46:58:c1:17:b5:ac:7b:ca:20:d2:02:1b:dc:4c:
3e:68:ff:39:e8:ca:d8:9e:a5:e5:ee:34:de:8c:9a:1d:c6:4b:
88:be:b6:6e:ce:bb:31:3c:90:81:05:a1:4e:39:b3:78:39:c6:
12:b9:84:9a:bb:ee:77:14:fb:85:68:a6:13:63:4b:33:d8:b3:
61:4b:fc:9f:b6:db:d8:b4:d9:37:1c:3e:ec:77:b4:18:10:02:
e7:fc:cb:42:b2:60:e6:86:ef:07:ca:69:9a:ed:d5:69:ed:af:
87:8f:25:f9:9d:3e:75:f3:92:ed:c8:59:53:46:14:51:1f:f0:
ac:b9:a8:c0:e3:80:a1:8d:fc:a9:58:ee:79:f9:7d:9a:62:3d:
f0:8d:1e:b2:75:11:aa:90:d7:7f:6d:f3:8a:e1:f6:7f:82:3c:
3d:e1:fb:40:c7:f1:45:72:13:c2:49:46:55:b5:47:22:7a:83:
16:d4:c5:f0:e1:c4:10:d8:d9:0f:a6:33:dd:80:c4:1a:5c:53:
f5:9e:14:32
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICM1UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE2MzQxMTAvBgNVBAUTKDNGQzk3MTI5MkNFOTFBNTkxQThDREZBN0QxQUUwOUNB
NDZFMDNFODcwHhcNMjMwNTI5MDE1MDQxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc0MDRmMC1iMjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArZwSJXdTtBc0SkwdJHgJKKsbOeHHPKYdPE7OFFgOAeCbj0aDsSK2+rQa4T8v
gLjIJ343IhZGkWgByU5p31RkfulsgqFqxCocV1fdqSsBBmojBuZJDdWRSZ2rCd1L
CWa4HJs+peWxzIj1FlRzlFKX7dwvUV4iXzINLnBUtcPtEgKN3HWmfAlpWtJTlA7o
oOY15c7D3UcFO/YAL6bT76/T9PuK0pnJ30l214oQUlBajKumTYOa58A9sZJ9fT8d
BOp6oTHgw4XlD6IpqpSjfnInHQUFgOLeADovyvxMvsFHTOr8jVapdzbUjtaUmZPb
z81+B6ofyC0k8ZyskmpH+51GzQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCrA1Q4j
BVsaJ72fYqocxAVzWnJsMB8GA1UdIwQYMBaAFD/JcSks6RpZGozfp9GuCcpG4D6H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTYzNC85NDJCODNCQzFE
OTAxMUUyQTM2MTY2RjAwOEIwMkNEMi9QOGx4S1N6cEdsa2FqTi1uMGE0SnlrYmdQ
b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A4bHhLU3pwR2xrYWpOLW4wYTRKeWtiZ1BvYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE2MzQvOTQyQjgzQkMxRDkwMTFFMkEzNjE2NkYwMDhCMDJDRDIvMzczODRDRjJG
REMzMTFFRDhBQzc3RjY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAPLezAwDQQCAAIwBwMFACQF/AAwDQYJKoZIhvcNAQELBQAD
ggEBAI29ZK6yDI34oK5vwooqG/cc48mcm4cnmU/PU7RYknDQ1G1slOf7qSc5xHNT
m1FMqPLTJQRcBWbfcOtGWMEXtax7yiDSAhvcTD5o/znoytiepeXuNN6Mmh3GS4i+
tm7OuzE8kIEFoU45s3g5xhK5hJq77ncU+4VophNjSzPYs2FL/J+229i02TccPux3
tBgQAuf8y0KyYOaG7wfKaZrt1Wntr4ePJfmdPnXzku3IWVNGFFEf8Ky5qMDjgKGN
/KlY7nn5fZpiPfCNHrJ1EaqQ139t84rh9n+CPD3h+0DH8UVyE8JJRlW1RyJ6gxbU
xfDhxBDY2Q+mM92AxBpcU/WeFDI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org