Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/174A19AC4D0A11EEA9E1CE6BC4F9AE02.roa
File: 174A19AC4D0A11EEA9E1CE6BC4F9AE02.roa (raw, json)
Hash identifier: fnmc4zNj1BC1nZw1UL4LxvqcM3wZl/k+Y8sYgbvRl8w=
Subject key identifier: B1:8D:F9:BB:CC:AE:1F:60:CD:92:68:57:EA:D6:1F:0C:9F:7B:AA:57
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 0255
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/174A19AC4D0A11EEA9E1CE6BC4F9AE02.roa
Signing time: Wed 06 Sep 2023 23:07:03 +0000
ROA not before: Wed 06 Sep 2023 23:07:03 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 9443
IP address blocks: 203.32.7.0/24 maxlen: 24
203.32.25.0/24 maxlen: 24
203.32.26.0/24 maxlen: 24
203.32.32.0/24 maxlen: 24
203.32.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 597 (0x255)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Sep 6 23:07:03 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64f90617-a1b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:25:c6:13:10:7f:64:bc:4d:81:e9:3b:dc:87:
ca:f4:38:94:68:e2:1d:90:fe:20:c2:c3:f1:c2:0b:
05:a9:42:19:fe:27:73:16:cd:36:a5:b0:6e:81:b3:
22:a6:58:80:1d:f4:d8:93:52:17:d8:e3:70:38:97:
5c:0d:86:82:0c:9a:96:42:71:d9:40:06:d9:53:97:
69:7e:fc:d7:d8:30:6b:9b:d0:bf:74:5f:da:00:5c:
3e:f8:4d:59:a0:c3:94:8c:9b:54:3e:87:12:42:ca:
42:f6:60:91:02:03:50:d2:bb:19:de:3e:80:38:51:
00:c6:f1:f4:90:04:0e:69:2e:f0:c9:80:78:27:dc:
34:8f:7a:a4:49:35:39:4a:7d:8a:d6:0f:7c:cd:f0:
92:fe:0d:7c:b9:b9:7b:36:97:8e:b2:8b:21:99:ae:
55:c1:9d:9c:8e:eb:7c:02:71:de:dd:00:ff:ea:52:
30:7d:b2:a9:88:aa:8e:62:11:a0:04:f6:1c:c4:64:
bd:78:27:f4:30:32:82:17:05:26:4b:5e:81:64:86:
fa:11:1a:2e:25:9b:c7:5b:f3:7d:4b:20:73:6c:fc:
0b:41:ca:81:91:23:c0:58:94:bc:b1:97:c5:2c:75:
ec:f3:15:e4:55:71:fe:9e:ca:1a:95:f0:ea:b9:3a:
23:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8D:F9:BB:CC:AE:1F:60:CD:92:68:57:EA:D6:1F:0C:9F:7B:AA:57
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/174A19AC4D0A11EEA9E1CE6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.7.0/24
203.32.25.0-203.32.26.255
203.32.32.0/24
203.32.38.0/24
Signature Algorithm: sha256WithRSAEncryption
24:92:df:a0:a7:5d:34:b8:b7:19:70:b9:0b:a2:d8:75:eb:7f:
e6:71:08:26:95:23:99:d1:f4:34:b1:e7:dd:37:99:c8:e5:e8:
c8:98:aa:3c:3d:5d:53:eb:23:e5:1d:db:12:d7:50:e1:52:65:
0e:33:8f:73:67:9d:f7:d3:b8:64:7d:e9:ad:3b:81:96:e9:d6:
1f:1e:9f:11:7b:d3:b2:33:6c:f9:1b:6f:70:b2:5f:a8:27:c3:
f7:82:5f:5c:f0:62:1e:b6:e1:f6:8b:50:98:41:85:b8:e3:b3:
ac:df:2e:8f:83:fa:e5:9f:7f:21:77:80:11:af:b5:fb:bf:5b:
a8:aa:4e:12:40:d9:e3:85:8e:95:fe:17:53:0f:d0:c9:1d:58:
3e:a9:43:3e:5e:c1:63:43:e2:21:c9:b4:9f:f3:91:49:99:87:
d0:da:e0:ce:53:8d:f0:35:65:5b:97:e7:ae:ee:aa:e4:54:62:
51:ba:8d:1a:49:fb:43:fb:15:a1:fa:b4:dd:3d:b3:01:b4:77:
f1:79:e7:f3:91:9a:6f:56:4a:b1:55:9f:84:4d:06:ef:a9:a5:
71:59:91:df:f0:0c:49:7c:fa:d0:b2:1b:68:17:95:6b:c1:71:
8e:ca:4c:a6:38:46:16:5f:26:fb:c4:7d:d7:5a:6e:2a:05:3f:
c1:42:6e:c4
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAlUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwOTA2MjMwNzAzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY5MDYxNy1hMWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwiXGExB/ZLxNgek73IfK9DiUaOIdkP4gwsPxwgsFqUIZ/idzFs02pbBugbMi
pliAHfTYk1IX2ONwOJdcDYaCDJqWQnHZQAbZU5dpfvzX2DBrm9C/dF/aAFw++E1Z
oMOUjJtUPocSQspC9mCRAgNQ0rsZ3j6AOFEAxvH0kAQOaS7wyYB4J9w0j3qkSTU5
Sn2K1g98zfCS/g18ubl7NpeOsoshma5VwZ2cjut8AnHe3QD/6lIwfbKpiKqOYhGg
BPYcxGS9eCf0MDKCFwUmS16BZIb6ERouJZvHW/N9SyBzbPwLQcqBkSPAWJS8sZfF
LHXs8xXkVXH+nsoalfDquTojhQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFLGN+bvM
rh9gzZJoV+rWHwyfe6pXMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvMTc0QTE5QUM0
RDBBMTFFRUE5RTFDRTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBADLIAcwDAMEAMsgGQMEAMsgGgMEAMsgIAMEAMsgJjANBgkq
hkiG9w0BAQsFAAOCAQEAJJLfoKddNLi3GXC5C6LYdet/5nEIJpUjmdH0NLHn3TeZ
yOXoyJiqPD1dU+sj5R3bEtdQ4VJlDjOPc2ed99O4ZH3prTuBlunWHx6fEXvTsjNs
+RtvcLJfqCfD94JfXPBiHrbh9otQmEGFuOOzrN8uj4P65Z9/IXeAEa+1+79bqKpO
EkDZ44WOlf4XUw/QyR1YPqlDPl7BY0PiIcm0n/ORSZmH0NrgzlON8DVlW5fnru6q
5FRiUbqNGkn7Q/sVofq03T2zAbR38Xnn85Gab1ZKsVWfhE0G76mlcVmR3/AMSXz6
0LIbaBeVa8FxjspMpjhGFl8m+8R911puKgU/wUJuxA==
-----END CERTIFICATE-----
Generated at Thu Sep 7 00:02:36 2023 by rpki-client on console-fra.rpki-client.org