Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/425044268F1011EEB304C060C4F9AE02.roa
File: 425044268F1011EEB304C060C4F9AE02.roa (raw, json)
Hash identifier: 3I3mKaCL0Gf9AkUJEuCKBKyq/cnFBVbF5b2dmaxJq3k=
Subject key identifier: 0C:0F:40:17:4F:8A:BE:88:C8:FD:29:3C:E2:A4:E7:F1:64:81:D3:34
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 02DF
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/425044268F1011EEB304C060C4F9AE02.roa
Signing time: Wed 29 Nov 2023 23:37:29 +0000
ROA not before: Wed 29 Nov 2023 23:37:29 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 9443
IP address blocks: 203.32.26.0/24 maxlen: 24
203.32.28.0/24 maxlen: 24
203.32.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Dec 2023 10:25:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 735 (0x2df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Nov 29 23:37:29 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6567cb39-ff12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8d:a2:67:42:e9:ac:85:55:dc:6d:e5:c3:36:
c8:d2:e8:c2:32:c6:c8:41:ce:52:a1:df:d9:5f:ad:
9e:6c:cb:e7:c5:e0:df:3c:66:0a:9d:2d:90:ef:c6:
10:0d:66:94:99:af:59:3d:b2:ce:46:e4:27:7a:76:
73:72:98:0f:ad:5f:0f:cb:f2:f3:a7:6d:44:03:3b:
f4:c9:12:8f:98:b3:2a:6c:99:9d:8e:c5:23:23:46:
39:3f:e6:13:6c:9f:cc:fd:97:e3:c8:95:4a:c4:b1:
90:a0:a2:df:27:e5:31:4f:0b:65:fd:e5:e4:be:c2:
43:3e:93:7f:00:99:ab:60:33:37:54:5a:82:12:54:
78:0c:15:93:7b:32:7c:46:28:e5:4e:b2:af:e3:f6:
89:0c:6b:9b:29:16:81:5d:25:4c:b7:c4:58:88:65:
8e:89:31:11:8a:ff:76:21:6f:5d:aa:ba:2d:a1:c4:
38:42:04:c3:8d:ed:39:1c:eb:80:57:aa:3d:ac:be:
91:89:8d:7b:36:99:34:9f:ea:a3:f3:fc:60:06:2d:
31:78:94:74:2f:43:db:48:9a:6d:f8:db:26:4d:67:
49:f2:22:c8:f1:03:4e:6c:f3:1e:05:22:4b:49:8b:
4a:43:ad:b5:6b:62:65:05:f7:92:7b:2f:d2:2a:a0:
38:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0F:40:17:4F:8A:BE:88:C8:FD:29:3C:E2:A4:E7:F1:64:81:D3:34
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/425044268F1011EEB304C060C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.26.0/24
203.32.28.0/24
203.32.32.0/24
Signature Algorithm: sha256WithRSAEncryption
12:1d:b7:0a:4c:51:01:91:c2:0e:11:11:5a:15:56:6e:e5:aa:
f6:91:88:7c:08:44:06:18:5e:96:e8:d1:43:5f:32:f9:64:95:
22:c2:d2:22:26:33:e7:dd:b1:9a:b3:81:23:24:8a:91:51:a0:
0c:47:77:ec:dc:f1:71:8d:1e:ed:f9:7e:54:85:9b:4b:7b:30:
83:b1:aa:5f:a4:02:d2:97:b1:91:59:ba:29:98:2c:34:2a:57:
d6:05:a0:63:94:df:3f:72:7a:97:75:64:8d:10:03:5d:76:f3:
24:d5:c8:44:f0:06:9d:67:33:63:93:0a:d0:5f:bd:d7:74:be:
af:f7:fd:89:ba:e6:e8:4a:f7:9f:93:11:b5:3e:6e:84:ac:c3:
87:5e:5e:50:ae:e2:96:d4:a6:48:ec:1f:f0:23:f6:2c:a7:1d:
97:bf:df:03:18:31:49:cf:2d:e9:8e:46:15:a3:ac:7a:33:48:
14:24:67:ab:44:c4:c1:4c:96:d3:dd:e8:d0:7d:85:cc:93:ce:
85:69:7a:b0:11:52:15:79:e6:99:8d:2e:86:40:9c:97:7e:90:
5c:25:ba:40:da:1c:73:9a:37:26:f8:43:e3:8a:72:00:3e:13:
5b:ad:c4:dc:93:a9:d6:88:05:da:da:2e:c1:a4:f3:00:7d:42:
d0:62:57:7a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAt8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMxMTI5MjMzNzI5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY3Y2IzOS1mZjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxY2iZ0LprIVV3G3lwzbI0ujCMsbIQc5Sod/ZX62ebMvnxeDfPGYKnS2Q78YQ
DWaUma9ZPbLORuQnenZzcpgPrV8Py/Lzp21EAzv0yRKPmLMqbJmdjsUjI0Y5P+YT
bJ/M/ZfjyJVKxLGQoKLfJ+UxTwtl/eXkvsJDPpN/AJmrYDM3VFqCElR4DBWTezJ8
RijlTrKv4/aJDGubKRaBXSVMt8RYiGWOiTERiv92IW9dqrotocQ4QgTDje05HOuA
V6o9rL6RiY17Npk0n+qj8/xgBi0xeJR0L0PbSJpt+NsmTWdJ8iLI8QNObPMeBSJL
SYtKQ621a2JlBfeSey/SKqA4awIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAwPQBdP
ir6IyP0pPOKk5/FkgdM0MB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNDI1MDQ0MjY4
RjEwMTFFRUIzMDRDMDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADLIBoDBADLIBwDBADLICAwDQYJKoZIhvcNAQELBQADggEB
ABIdtwpMUQGRwg4REVoVVm7lqvaRiHwIRAYYXpbo0UNfMvlklSLC0iImM+fdsZqz
gSMkipFRoAxHd+zc8XGNHu35flSFm0t7MIOxql+kAtKXsZFZuimYLDQqV9YFoGOU
3z9yepd1ZI0QA1128yTVyETwBp1nM2OTCtBfvdd0vq/3/Ym65uhK95+TEbU+boSs
w4deXlCu4pbUpkjsH/Aj9iynHZe/3wMYMUnPLemORhWjrHozSBQkZ6tExMFMltPd
6NB9hcyTzoVperARUhV55pmNLoZAnJd+kFwlukDaHHOaNyb4Q+OKcgA+E1utxNyT
qdaIBdraLsGk8wB9QtBiV3o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org