Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/5AC4E462599111EEB5169B59C4F9AE02.roa
File: 5AC4E462599111EEB5169B59C4F9AE02.roa (raw, json)
Hash identifier: br0nrO/KnmLVLWCrjYtaHGXIQT3EtZQ/6V8e5EwwHx0=
Subject key identifier: 20:75:A6:BC:63:9F:73:4E:A3:D8:40:A0:9D:61:88:7B:35:30:E2:F6
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 027A
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/5AC4E462599111EEB5169B59C4F9AE02.roa
Signing time: Tue 26 Sep 2023 23:05:04 +0000
ROA not before: Tue 26 Sep 2023 23:05:04 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 9443
IP address blocks: 203.32.7.0/24 maxlen: 24
203.32.21.0/24 maxlen: 24
203.32.25.0/24 maxlen: 24
203.32.26.0/24 maxlen: 24
203.32.32.0/24 maxlen: 24
203.32.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Sep 2023 01:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 634 (0x27a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Sep 26 23:05:04 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6513639f-7eb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:42:fb:02:9b:b3:86:01:e9:5c:df:1d:b2:
97:9f:57:3a:ec:59:c8:b8:fd:f1:86:3f:52:0b:da:
83:76:b9:f0:ad:b5:c8:3b:53:9d:3a:22:d1:5e:51:
7e:56:fe:c9:a6:6a:55:d8:4a:20:7f:df:44:a3:60:
ec:20:6f:55:c8:56:8e:45:e6:77:2c:09:6b:ed:34:
7b:17:37:fd:b6:b5:e3:95:cd:db:f7:6f:7b:df:80:
8d:cd:b1:dc:97:d6:5d:cd:e4:6a:29:b7:61:5a:6f:
ad:09:24:ca:1e:13:21:f4:56:23:9e:ae:2d:c6:35:
3f:38:9b:85:32:df:5e:20:20:90:01:34:3d:6c:36:
db:4e:80:57:15:b7:4c:0b:32:87:6a:be:2a:74:a7:
83:7d:d4:c0:21:91:c1:a2:af:4e:d3:3a:2e:8d:d7:
77:1e:cf:82:39:f5:2d:46:fc:d0:7f:88:f5:87:1d:
e3:6c:a8:57:2a:e9:3f:eb:66:82:af:ce:94:dc:77:
07:45:aa:1c:a5:8a:7a:35:af:d3:ab:0d:d3:82:84:
57:49:cb:d2:4b:b3:0c:46:e6:29:5e:29:bd:e4:95:
15:40:d3:3f:0a:ee:33:54:43:64:d9:3e:1a:b5:47:
24:15:b5:bd:28:3e:c6:12:e0:bb:20:55:21:1e:f6:
d7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:75:A6:BC:63:9F:73:4E:A3:D8:40:A0:9D:61:88:7B:35:30:E2:F6
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/5AC4E462599111EEB5169B59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.7.0/24
203.32.21.0/24
203.32.25.0-203.32.26.255
203.32.32.0/24
203.32.40.0/24
Signature Algorithm: sha256WithRSAEncryption
01:df:61:dc:9b:aa:38:cf:ec:04:62:f0:07:81:52:41:d2:ca:
78:c9:6e:89:13:3a:fb:ed:88:02:7b:51:c2:89:53:b0:fb:93:
be:7b:45:c7:2f:9c:5e:70:43:37:b0:88:72:6c:1b:0e:e4:0c:
c9:07:3d:6a:fc:c9:39:fb:a4:19:ae:13:85:89:51:74:37:02:
c5:17:67:67:72:49:e5:61:1c:df:6f:a8:9a:07:8b:e0:93:44:
5b:60:28:e4:a3:e4:0f:d1:ed:82:02:64:d8:e9:e1:cd:49:11:
a9:2f:96:b9:a6:9a:eb:f4:5c:80:af:b7:e0:bd:94:fa:bc:50:
fe:d7:a7:ba:af:69:54:d7:1d:84:c2:40:b6:ef:5e:64:7d:b1:
f3:73:12:6a:a1:8e:70:ec:21:ee:a1:7c:bc:89:9f:f7:10:de:
16:a7:78:ab:93:79:d8:9f:88:c8:84:00:6b:65:71:b8:f2:90:
1e:4b:9f:38:96:bd:ed:c2:d9:77:5e:cc:83:23:87:8d:ee:c9:
3e:ba:c9:09:53:11:79:b8:94:0b:3e:d9:c2:f7:54:59:ff:9a:
e6:34:df:fb:3d:88:d8:1b:b9:b9:d6:f8:0e:d2:05:7e:df:f0:
c2:3d:a8:85:48:3b:ff:e9:5c:f1:64:4f:43:e3:55:5c:3c:5c:
ce:c4:86:f3
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICAnowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwOTI2MjMwNTA0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEzNjM5Zi03ZWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy4tC+wKbs4YB6VzfHbKXn1c67FnIuP3xhj9SC9qDdrnwrbXIO1OdOiLRXlF+
Vv7JpmpV2Eogf99Eo2DsIG9VyFaOReZ3LAlr7TR7Fzf9trXjlc3b929734CNzbHc
l9ZdzeRqKbdhWm+tCSTKHhMh9FYjnq4txjU/OJuFMt9eICCQATQ9bDbbToBXFbdM
CzKHar4qdKeDfdTAIZHBoq9O0zoujdd3Hs+COfUtRvzQf4j1hx3jbKhXKuk/62aC
r86U3HcHRaocpYp6Na/Tqw3TgoRXScvSS7MMRuYpXim95JUVQNM/Cu4zVENk2T4a
tUckFbW9KD7GEuC7IFUhHvbX4QIDAQABo4ICtTCCArEwHQYDVR0OBBYEFCB1prxj
n3NOo9hAoJ1hiHs1MOL2MB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNUFDNEU0NjI1
OTkxMTFFRUI1MTY5QjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBADLIAcDBADLIBUwDAMEAMsgGQMEAMsgGgMEAMsgIAMEAMsg
KDANBgkqhkiG9w0BAQsFAAOCAQEAAd9h3JuqOM/sBGLwB4FSQdLKeMluiRM6++2I
AntRwolTsPuTvntFxy+cXnBDN7CIcmwbDuQMyQc9avzJOfukGa4ThYlRdDcCxRdn
Z3JJ5WEc32+omgeL4JNEW2Ao5KPkD9HtggJk2OnhzUkRqS+Wuaaa6/RcgK+34L2U
+rxQ/tenuq9pVNcdhMJAtu9eZH2x83MSaqGOcOwh7qF8vImf9xDeFqd4q5N52J+I
yIQAa2VxuPKQHkufOJa97cLZd17MgyOHje7JPrrJCVMRebiUCz7ZwvdUWf+a5jTf
+z2I2Bu5udb4DtIFft/wwj2ohUg7/+lc8WRPQ+NVXDxczsSG8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org