Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/02444D44903411EE9E456953C4F9AE02.roa
File: 02444D44903411EE9E456953C4F9AE02.roa (raw, json)
Hash identifier: OlKvHhc+kQIEwHYia7VniUrOTPNcffUgEWcl9Re31QQ=
Subject key identifier: D7:87:87:CF:EF:F1:A8:07:5C:15:3B:BF:25:EA:A8:E5:F4:33:9A:23
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 02EB
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/02444D44903411EE9E456953C4F9AE02.roa
Signing time: Tue 05 Dec 2023 22:09:53 +0000
ROA not before: Tue 05 Dec 2023 22:09:53 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 9443
IP address blocks: 203.32.25.0/24 maxlen: 24
203.32.28.0/24 maxlen: 24
203.32.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Dec 2023 04:36:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 747 (0x2eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Dec 5 22:09:53 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=656f9fb1-a75f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:23:a8:42:5d:c1:2c:cb:6b:df:ba:53:e7:91:
cf:9f:43:5d:c0:a8:d9:0f:19:b3:70:be:be:eb:3f:
6f:30:96:52:3a:6f:76:14:56:c3:b6:0f:f7:21:38:
32:33:09:60:53:f9:47:9e:47:3c:8d:5b:83:02:c4:
69:50:10:09:14:31:46:d7:b0:d9:22:20:77:b0:8d:
e0:ab:2d:50:9e:06:11:40:66:9e:2d:6a:41:35:c8:
8a:be:c5:68:d8:1d:72:8d:5f:cf:29:7d:c0:08:8c:
49:97:45:b0:3d:c5:6f:fb:25:6d:1d:08:9b:55:4f:
d9:77:69:8e:79:06:6f:53:7d:41:50:c6:da:ee:54:
6f:17:57:06:b7:ff:11:5b:86:58:bb:95:fc:19:56:
b5:9c:49:1e:f0:53:4a:50:96:02:7b:7e:b7:e8:1b:
c4:de:4c:82:0c:79:55:29:49:38:9e:e6:90:14:e2:
ef:ee:e3:75:cd:59:10:f8:47:9d:66:20:a4:9b:a8:
a8:d2:a0:49:8b:34:32:eb:9a:ee:d2:42:4c:c5:f3:
30:0f:e0:a5:61:45:5a:94:14:1e:8a:e5:5a:27:d1:
b8:d1:d4:42:ba:34:c7:69:77:d5:07:f3:b0:b7:d1:
fe:2e:75:40:65:08:e4:84:a8:bd:2d:f7:cd:5e:6b:
38:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:87:87:CF:EF:F1:A8:07:5C:15:3B:BF:25:EA:A8:E5:F4:33:9A:23
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/02444D44903411EE9E456953C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.25.0/24
203.32.28.0/24
203.32.32.0/24
Signature Algorithm: sha256WithRSAEncryption
59:e8:06:f5:82:e1:45:65:e4:59:99:d3:d3:cc:ab:2a:cc:8c:
99:f6:34:5f:fa:e5:e5:d3:ae:37:80:22:bc:ec:62:9d:a8:a7:
43:31:7b:9c:e6:84:70:ee:d8:01:b4:b2:72:d1:07:2e:4a:3d:
a3:4e:31:7c:cc:9a:47:70:1e:dd:41:2b:59:11:e8:a3:04:bc:
c9:3c:c4:83:f7:45:f5:de:e5:8b:f5:f7:07:85:7d:db:14:f4:
12:22:53:92:7f:c8:58:4f:f6:fa:fe:65:0f:d0:5a:cf:f6:3f:
24:a3:b2:0e:f1:22:2f:80:68:4f:c3:14:e2:4e:47:d5:f9:15:
92:86:69:c4:44:b6:aa:c7:ee:23:fe:db:1a:b1:4a:50:6a:eb:
e8:e9:95:2c:d2:70:4e:2d:05:30:ac:b7:73:3e:ef:6b:94:4e:
c0:cd:41:a7:86:c5:42:ec:93:c7:2c:ab:80:0a:fe:5a:9f:54:
49:c7:84:5c:67:1c:1a:9b:ce:39:1c:e3:22:62:f9:7a:67:1c:
03:c6:fa:54:73:d9:76:cd:39:a9:96:04:93:e0:17:c3:de:cd:
ca:c7:3d:a0:32:14:4a:c5:fc:ef:7f:c2:cd:2e:74:8f:c7:db:
d6:8c:ed:73:81:ce:8b:61:fd:78:53:a2:c8:eb:0b:ba:48:3b:
60:04:27:32
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAuswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMxMjA1MjIwOTUzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZmOWZiMS1hNzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwyOoQl3BLMtr37pT55HPn0NdwKjZDxmzcL6+6z9vMJZSOm92FFbDtg/3ITgy
MwlgU/lHnkc8jVuDAsRpUBAJFDFG17DZIiB3sI3gqy1QngYRQGaeLWpBNciKvsVo
2B1yjV/PKX3ACIxJl0WwPcVv+yVtHQibVU/Zd2mOeQZvU31BUMba7lRvF1cGt/8R
W4ZYu5X8GVa1nEke8FNKUJYCe3636BvE3kyCDHlVKUk4nuaQFOLv7uN1zVkQ+Eed
ZiCkm6io0qBJizQy65ru0kJMxfMwD+ClYUValBQeiuVaJ9G40dRCujTHaXfVB/Ow
t9H+LnVAZQjkhKi9LffNXms4QQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNeHh8/v
8agHXBU7vyXqqOX0M5ojMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvMDI0NDRENDQ5
MDM0MTFFRTlFNDU2OTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADLIBkDBADLIBwDBADLICAwDQYJKoZIhvcNAQELBQADggEB
AFnoBvWC4UVl5FmZ09PMqyrMjJn2NF/65eXTrjeAIrzsYp2op0Mxe5zmhHDu2AG0
snLRBy5KPaNOMXzMmkdwHt1BK1kR6KMEvMk8xIP3RfXe5Yv19weFfdsU9BIiU5J/
yFhP9vr+ZQ/QWs/2PySjsg7xIi+AaE/DFOJOR9X5FZKGacREtqrH7iP+2xqxSlBq
6+jplSzScE4tBTCst3M+72uUTsDNQaeGxULsk8csq4AK/lqfVEnHhFxnHBqbzjkc
4yJi+XpnHAPG+lRz2XbNOamWBJPgF8PezcrHPaAyFErF/O9/ws0udI/H29aM7XOB
zoth/XhTosjrC7pIO2AEJzI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org