Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171A5B/17E10102993B11E79ABB8181C4F9AE02/3D5A85F6993C11E7B6DA8883C4F9AE02.roa
File: 3D5A85F6993C11E7B6DA8883C4F9AE02.roa (raw, json)
Hash identifier: GLW0IZzBIqn4pSt9VM6IUQn3OV7LMbaI2MzjE/2SIDo=
Subject key identifier: BC:76:F6:E5:4F:A4:7B:3A:AE:E4:00:94:21:57:7F:D9:46:27:9C:54
Certificate issuer: /CN=A9171A5B/serialNumber=AB7D0BD5D2AB5DEE2F1CD696B829BAEF977F78CE
Certificate serial: 1709
Authority key identifier: AB:7D:0B:D5:D2:AB:5D:EE:2F:1C:D6:96:B8:29:BA:EF:97:7F:78:CE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q30L1dKrXe4vHNaWuCm675d_eM4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171A5B/17E10102993B11E79ABB8181C4F9AE02/3D5A85F6993C11E7B6DA8883C4F9AE02.roa
Signing time: Fri 10 Feb 2023 17:24:46 +0000
ROA not before: Fri 10 Feb 2023 17:24:46 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 18001
IP address blocks: 123.231.0.0/17 maxlen: 17
123.231.0.0/18 maxlen: 18
123.231.2.0/24 maxlen: 24
123.231.64.0/19 maxlen: 19
123.231.64.0/24 maxlen: 24
123.231.65.0/24 maxlen: 24
123.231.68.0/24 maxlen: 24
123.231.69.0/24 maxlen: 24
123.231.72.0/24 maxlen: 24
123.231.73.0/24 maxlen: 24
123.231.80.0/22 maxlen: 22
123.231.84.0/22 maxlen: 22
123.231.96.0/19 maxlen: 19
123.231.104.0/22 maxlen: 22
123.231.108.0/22 maxlen: 22
123.231.120.0/22 maxlen: 22
123.231.124.0/22 maxlen: 22
203.189.64.0/20 maxlen: 20
203.189.70.0/24 maxlen: 24
203.189.73.0/24 maxlen: 24
2405:4400::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5897 (0x1709)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171A5B/serialNumber=AB7D0BD5D2AB5DEE2F1CD696B829BAEF977F78CE
Validity
Not Before: Feb 10 17:24:46 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63e67ddd-bcc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b3:b6:ec:0d:08:20:a7:10:f1:aa:93:bb:ae:
9b:07:51:c1:eb:86:73:b4:99:4f:bf:3b:00:6a:1d:
db:aa:90:3d:db:c1:b0:74:2e:82:ee:93:30:b6:dc:
6b:9e:9e:db:a4:59:b4:92:08:c9:6f:bf:b6:a9:b9:
9a:8a:cc:e3:02:b6:d4:c2:25:a8:bc:64:df:33:9d:
99:21:39:f9:84:8a:aa:65:a7:71:34:b0:17:f9:e9:
5e:15:f4:30:d7:6b:33:a2:72:f8:12:f4:7f:07:8d:
37:7b:44:43:b1:bd:0e:52:ee:b8:02:d8:4d:ff:ac:
7b:ab:4b:5a:55:70:35:d8:51:7b:cb:89:c0:d4:6b:
b5:1d:4b:0c:0d:a7:a2:a8:50:57:f6:1e:90:72:dc:
6d:e5:c8:c6:8c:c9:20:26:60:23:6a:09:24:88:26:
f4:49:24:5a:64:57:ca:2e:22:4c:d0:d1:74:f9:24:
99:0d:87:14:96:1c:ce:8a:f4:b3:4e:91:8d:e0:f7:
1a:dc:64:b9:0e:55:46:19:44:d9:67:f1:91:1f:df:
d5:9c:39:9b:73:f5:27:83:1a:0b:06:dd:87:54:26:
8a:77:d5:80:91:bc:e5:29:ea:46:0c:82:60:f4:58:
19:82:3c:a5:5e:03:4a:2a:31:f3:ac:77:ee:e6:6e:
c0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:76:F6:E5:4F:A4:7B:3A:AE:E4:00:94:21:57:7F:D9:46:27:9C:54
X509v3 Authority Key Identifier:
keyid:AB:7D:0B:D5:D2:AB:5D:EE:2F:1C:D6:96:B8:29:BA:EF:97:7F:78:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171A5B/17E10102993B11E79ABB8181C4F9AE02/q30L1dKrXe4vHNaWuCm675d_eM4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q30L1dKrXe4vHNaWuCm675d_eM4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171A5B/17E10102993B11E79ABB8181C4F9AE02/3D5A85F6993C11E7B6DA8883C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.231.0.0/17
203.189.64.0/20
IPv6:
2405:4400::/32
Signature Algorithm: sha256WithRSAEncryption
0a:66:8c:e7:e0:f0:65:29:8c:2d:53:52:f6:56:03:e0:8a:1f:
7c:a6:87:d3:92:69:96:d6:85:95:b0:89:fb:c8:19:d1:39:e4:
30:34:cf:a6:78:2f:66:f0:fc:b8:45:0e:23:54:9e:14:73:30:
a0:e1:75:4a:6c:4f:e0:72:2a:19:6e:68:02:d3:63:c3:88:08:
6e:60:88:bb:a3:28:bc:86:26:49:4b:b6:19:c0:22:fe:6f:32:
aa:27:b5:cf:2d:6d:c3:4b:1a:26:81:70:eb:30:1c:24:0d:aa:
99:b1:4c:9f:8f:8b:55:84:d4:ba:05:a4:38:7b:3c:77:c9:dc:
0c:dd:54:9e:f1:ca:ab:71:1c:2d:ab:99:13:f8:dc:35:c3:d5:
84:7f:7e:23:f7:4c:05:28:b5:5e:f2:cc:9c:1b:a4:14:f7:87:
48:43:5b:cb:f0:bd:93:6a:d4:d5:ae:0f:65:4c:01:07:fd:b4:
9f:73:10:ff:63:3c:1e:54:c8:4b:6c:c5:0d:0f:95:ab:50:d2:
38:f3:fb:7b:e5:5a:69:1e:7d:a7:17:65:3f:f6:48:82:b4:62:
fa:c5:47:5b:97:a1:ba:73:aa:48:76:d5:3c:fa:55:e1:fb:f2:
63:6d:8d:45:9b:4e:20:ae:a3:3e:a7:7c:dc:7a:3b:ac:43:d2:
9b:64:d4:6a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICFwkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzFBNUIxMTAvBgNVBAUTKEFCN0QwQkQ1RDJBQjVERUUyRjFDRDY5NkI4MjlCQUVG
OTc3Rjc4Q0UwHhcNMjMwMjEwMTcyNDQ2WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2U2N2RkZC1iY2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwLO27A0IIKcQ8aqTu66bB1HB64ZztJlPvzsAah3bqpA928GwdC6C7pMwttxr
np7bpFm0kgjJb7+2qbmaiszjArbUwiWovGTfM52ZITn5hIqqZadxNLAX+eleFfQw
12szonL4EvR/B403e0RDsb0OUu64AthN/6x7q0taVXA12FF7y4nA1Gu1HUsMDaei
qFBX9h6Qctxt5cjGjMkgJmAjagkkiCb0SSRaZFfKLiJM0NF0+SSZDYcUlhzOivSz
TpGN4Pca3GS5DlVGGUTZZ/GRH9/VnDmbc/UngxoLBt2HVCaKd9WAkbzlKepGDIJg
9FgZgjylXgNKKjHzrHfu5m7AtwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLx29uVP
pHs6ruQAlCFXf9lGJ5xUMB8GA1UdIwQYMBaAFKt9C9XSq13uLxzWlrgpuu+Xf3jO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUE1Qi8xN0UxMDEwMjk5
M0IxMUU3OUFCQjgxODFDNEY5QUUwMi9xMzBMMWRLclhlNHZITmFXdUNtNjc1ZF9l
TTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3EzMEwxZEtyWGU0dkhOYVd1Q202NzVkX2VNNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzFBNUIvMTdFMTAxMDI5OTNCMTFFNzlBQkI4MTgxQzRGOUFFMDIvM0Q1QTg1RjY5
OTNDMTFFN0I2REE4ODgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAd75wADBATLvUAwDQQCAAIwBwMFACQFRAAwDQYJKoZIhvcN
AQELBQADggEBAApmjOfg8GUpjC1TUvZWA+CKH3ymh9OSaZbWhZWwifvIGdE55DA0
z6Z4L2bw/LhFDiNUnhRzMKDhdUpsT+ByKhluaALTY8OICG5giLujKLyGJklLthnA
Iv5vMqontc8tbcNLGiaBcOswHCQNqpmxTJ+Pi1WE1LoFpDh7PHfJ3AzdVJ7xyqtx
HC2rmRP43DXD1YR/fiP3TAUotV7yzJwbpBT3h0hDW8vwvZNq1NWuD2VMAQf9tJ9z
EP9jPB5UyEtsxQ0PlatQ0jjz+3vlWmkefacXZT/2SIK0YvrFR1uXobpzqkh21Tz6
VeH78mNtjUWbTiCuoz6nfNx6O6xD0ptk1Go=
-----END CERTIFICATE-----
Generated at Wed Oct 25 08:30:03 2023 by rpki-client on console-ams.rpki-client.org