Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9175D84/F806943C86C811EEAAD34414C4F9AE02/8F6D316EC18411EE9D8AE97EC4F9AE02.roa
File: 8F6D316EC18411EE9D8AE97EC4F9AE02.roa (raw, json)
Hash identifier: fUYERCnGCraHVzPJDvoVzjCDxBvMZBcW4OH5DFbWj9s=
Subject key identifier: 58:23:13:B5:FB:BB:6D:0F:F4:39:BE:49:66:24:A4:BF:EF:45:96:24
Certificate issuer: /CN=A9175D84/serialNumber=949B647A5F8C79F6DA4AE36D9E00C44E02A9A7A4
Certificate serial: 2F
Authority key identifier: 94:9B:64:7A:5F:8C:79:F6:DA:4A:E3:6D:9E:00:C4:4E:02:A9:A7:A4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lJtkel-MefbaSuNtngDETgKpp6Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9175D84/F806943C86C811EEAAD34414C4F9AE02/8F6D316EC18411EE9D8AE97EC4F9AE02.roa
Signing time: Fri 02 Feb 2024 04:35:58 +0000
ROA not before: Fri 02 Feb 2024 04:35:58 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 141045
IP address blocks: 203.145.36.0/23 maxlen: 24
2401:5020::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 04 Mar 2024 10:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47 (0x2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9175D84/serialNumber=949B647A5F8C79F6DA4AE36D9E00C44E02A9A7A4
Validity
Not Before: Feb 2 04:35:58 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65bc712e-f356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:dd:00:07:ff:d8:c0:6b:18:04:89:be:2b:ec:
86:37:9a:ae:81:07:d1:0e:2e:89:f2:97:53:f1:d9:
e2:90:b0:6a:f9:44:90:07:f4:eb:16:81:96:ae:17:
e3:2f:2d:0e:78:36:c4:55:a7:25:13:01:0e:ee:85:
53:1d:f9:6a:cf:14:97:71:3a:f5:65:19:e6:30:7e:
95:ec:b2:06:94:78:1a:e0:f4:23:05:81:4c:49:fa:
d1:f6:75:c0:e0:94:32:f2:1b:29:fb:97:a8:2c:48:
9e:ab:b2:e4:01:9f:a8:b3:24:d1:c4:78:cd:dc:19:
da:c3:44:33:f7:c7:6d:3e:17:8d:d5:8e:0f:85:8c:
5c:65:81:c6:f4:fb:da:6c:16:5d:41:dc:a0:12:fa:
0d:4c:96:20:fe:af:65:be:56:70:57:dc:08:3d:87:
ae:67:fe:d0:85:b1:6e:23:71:e6:07:f1:d2:66:46:
90:5c:bd:48:3f:c8:97:c1:76:aa:49:70:1e:77:a7:
76:7a:d9:3b:b3:2c:2d:06:50:09:c2:d2:db:24:6b:
2a:70:50:17:59:a7:fb:ac:23:34:47:d0:e0:b1:cf:
9e:2f:bd:9e:79:e8:a9:73:f6:88:27:2b:72:ad:cd:
98:60:7a:8d:32:c9:47:5f:54:57:49:37:6e:ea:eb:
5f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:23:13:B5:FB:BB:6D:0F:F4:39:BE:49:66:24:A4:BF:EF:45:96:24
X509v3 Authority Key Identifier:
keyid:94:9B:64:7A:5F:8C:79:F6:DA:4A:E3:6D:9E:00:C4:4E:02:A9:A7:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9175D84/F806943C86C811EEAAD34414C4F9AE02/lJtkel-MefbaSuNtngDETgKpp6Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lJtkel-MefbaSuNtngDETgKpp6Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175D84/F806943C86C811EEAAD34414C4F9AE02/8F6D316EC18411EE9D8AE97EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.145.36.0/23
IPv6:
2401:5020::/32
Signature Algorithm: sha256WithRSAEncryption
39:64:38:ed:ec:2b:b2:1a:b5:ee:34:c7:06:06:5d:c9:76:77:
a7:10:23:3d:f3:00:91:32:fa:de:0f:0d:20:b0:d6:c6:b4:97:
12:9d:d7:a0:4d:6f:ac:da:35:94:2f:56:f0:eb:82:48:f5:a8:
14:fb:60:4f:22:15:70:d1:8d:2c:2c:be:01:be:ef:80:8b:11:
a2:4d:96:59:77:4a:e9:d9:15:29:27:49:a5:40:4a:98:ed:b4:
62:bb:ed:93:33:2d:65:63:f5:a4:c3:55:70:83:63:93:f1:25:
69:23:fb:77:cd:bd:d2:7a:56:b1:88:37:ef:7d:cf:f1:c5:10:
b2:27:38:38:b3:74:53:62:01:44:de:c9:12:d9:31:6b:47:0f:
9c:09:8b:2a:78:e4:11:eb:e7:c8:69:28:d4:68:0d:75:21:2e:
fd:c0:aa:9e:e0:4f:af:e0:d2:64:f2:1d:d2:c6:82:ae:f4:f2:
e3:9a:53:79:aa:1b:7b:a2:ba:cb:b5:e9:aa:5a:f7:0b:cf:3c:
25:cf:c6:62:ab:84:91:99:a9:15:03:57:9d:fe:06:87:70:65:
ff:34:2e:e1:39:a6:fb:4a:6d:e5:a4:c3:4f:0d:f1:1b:70:20:
86:c3:61:34:f4:95:c7:cd:07:0f:3c:59:43:e2:3d:b6:c7:77:
85:50:2e:65
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBLzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NUQ4NDExMC8GA1UEBRMoOTQ5QjY0N0E1RjhDNzlGNkRBNEFFMzZEOUUwMEM0NEUw
MkE5QTdBNDAeFw0yNDAyMDIwNDM1NThaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YmM3MTJlLWYzNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZ3QAH/9jAaxgEib4r7IY3mq6BB9EOLonyl1Px2eKQsGr5RJAH9OsWgZauF+Mv
LQ54NsRVpyUTAQ7uhVMd+WrPFJdxOvVlGeYwfpXssgaUeBrg9CMFgUxJ+tH2dcDg
lDLyGyn7l6gsSJ6rsuQBn6izJNHEeM3cGdrDRDP3x20+F43Vjg+FjFxlgcb0+9ps
Fl1B3KAS+g1MliD+r2W+VnBX3Ag9h65n/tCFsW4jceYH8dJmRpBcvUg/yJfBdqpJ
cB53p3Z62TuzLC0GUAnC0tskaypwUBdZp/usIzRH0OCxz54vvZ556Klz9ognK3Kt
zZhgeo0yyUdfVFdJN27q618TAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUWCMTtfu7
bQ/0Ob5JZiSkv+9FliQwHwYDVR0jBBgwFoAUlJtkel+MefbaSuNtngDETgKpp6Qw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1RDg0L0Y4MDY5NDNDODZD
ODExRUVBQUQzNDQxNEM0RjlBRTAyL2xKdGtlbC1NZWZiYVN1TnRuZ0RFVGdLcHA2
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbEp0a2VsLU1lZmJhU3VOdG5nREVUZ0twcDZRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NUQ4NC9GODA2OTQzQzg2QzgxMUVFQUFEMzQ0MTRDNEY5QUUwMi84RjZEMzE2RUMx
ODQxMUVFOUQ4QUU5N0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAcuRJDANBAIAAjAHAwUAJAFQIDANBgkqhkiG9w0BAQsFAAOC
AQEAOWQ47ewrshq17jTHBgZdyXZ3pxAjPfMAkTL63g8NILDWxrSXEp3XoE1vrNo1
lC9W8OuCSPWoFPtgTyIVcNGNLCy+Ab7vgIsRok2WWXdK6dkVKSdJpUBKmO20Yrvt
kzMtZWP1pMNVcINjk/ElaSP7d8290npWsYg3733P8cUQsic4OLN0U2IBRN7JEtkx
a0cPnAmLKnjkEevnyGko1GgNdSEu/cCqnuBPr+DSZPId0saCrvTy45pTeaobe6K6
y7Xpqlr3C888Jc/GYquEkZmpFQNXnf4Gh3Bl/zQu4Tmm+0pt5aTDTw3xG3AghsNh
NPSVx80HDzxZQ+I9tsd3hVAuZQ==
-----END CERTIFICATE-----
Generated at Mon Mar 4 14:43:32 2024 by rpki-client on console-ams.rpki-client.org