Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/5CA7CDC278B211EE958E5E42C4F9AE02.roa
File: 5CA7CDC278B211EE958E5E42C4F9AE02.roa (raw, json)
Hash identifier: AF3t7Kn+UjVA/DzX6GFh3ZNwsEpoS1QKwqV61WtnYIk=
Subject key identifier: DA:43:F5:33:61:1D:71:E7:79:BB:01:22:7C:24:99:5B:72:97:E7:92
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 02B4
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/5CA7CDC278B211EE958E5E42C4F9AE02.roa
Signing time: Fri 03 Nov 2023 20:18:10 +0000
ROA not before: Fri 03 Nov 2023 20:18:10 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 9443
IP address blocks: 203.32.7.0/24 maxlen: 24
203.32.21.0/24 maxlen: 24
203.32.22.0/24 maxlen: 24
203.32.23.0/24 maxlen: 24
203.32.32.0/24 maxlen: 24
203.32.38.0/24 maxlen: 24
203.32.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 11:33:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 692 (0x2b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Nov 3 20:18:10 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65455581-991c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:03:d9:7d:0f:0d:ea:a1:ad:eb:42:c4:f0:1c:
02:3d:5f:64:bb:28:4d:d2:5a:ab:4f:5e:c6:cc:45:
0b:7f:cd:6c:b9:42:75:ad:07:4d:fe:19:74:b6:cc:
09:f4:d3:a9:33:bf:21:92:9c:1a:b5:e3:0e:6e:62:
0d:ac:6f:77:37:10:67:9c:5e:da:ee:e9:23:4e:67:
8f:f6:4a:70:19:a0:ee:12:02:cb:28:98:0b:4e:eb:
17:dd:8a:55:c4:49:c0:f3:bc:bd:00:d8:1e:16:bd:
48:e5:53:15:45:ae:aa:0a:8b:d5:23:a6:38:d3:6f:
c9:b0:9e:88:4d:17:7c:3b:dc:fa:37:8a:55:d7:c0:
7d:fb:d0:1a:22:05:3e:fd:04:e3:dd:8f:88:a8:a0:
b1:2f:22:29:f2:75:15:54:86:cc:23:a7:69:cb:2b:
4c:aa:99:1a:6b:1f:0f:df:a7:64:e4:5d:b6:7c:20:
05:e8:d8:4a:d1:1f:3a:6e:2e:f9:37:3d:93:c6:3d:
a3:75:91:9c:ab:99:21:6a:f2:49:87:3c:e1:92:92:
97:a4:a1:00:fa:27:f5:fb:54:b2:21:5c:5d:88:05:
15:84:a5:c7:21:9f:13:65:71:f6:5c:e0:29:ef:a9:
a7:f3:75:a9:39:b2:2b:da:f4:db:e5:07:f6:41:1b:
34:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:43:F5:33:61:1D:71:E7:79:BB:01:22:7C:24:99:5B:72:97:E7:92
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/5CA7CDC278B211EE958E5E42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.7.0/24
203.32.21.0-203.32.23.255
203.32.32.0/24
203.32.38.0/24
203.32.40.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:90:93:c4:3c:b6:73:e9:9f:82:d4:d2:b7:79:4b:39:41:6e:
81:16:b4:69:c5:6f:9b:07:1e:dd:e4:fd:c5:aa:e4:98:10:26:
ee:1c:91:e1:85:e4:cf:f7:00:9a:53:dd:be:23:96:fe:9e:bc:
04:f3:2b:6f:86:1e:0e:6e:5e:1c:67:0e:e2:cf:55:9a:bf:06:
dc:b3:7c:e5:3a:f4:16:a2:9c:d2:c0:49:dc:76:ee:72:b3:85:
57:42:bd:8f:c3:34:e2:28:19:ab:c0:81:7a:31:ae:01:c1:ba:
40:6b:45:e2:3c:6f:c4:d0:e4:97:0d:e2:b2:3a:99:1f:24:1f:
f1:98:a1:76:23:66:fe:da:0a:ac:0f:20:4d:a4:7a:50:81:96:
42:87:33:18:ff:a4:f6:cf:ba:fe:b1:89:1f:a4:1a:f6:3f:aa:
d1:3c:e2:73:4d:cc:b9:ee:93:8b:df:44:00:10:84:f3:45:2e:
d5:1e:b9:75:5e:b0:4c:48:2d:bc:0a:a9:6a:7d:14:56:40:05:
88:1d:28:49:45:38:22:ea:af:4e:5c:08:81:0e:93:3f:30:ce:
11:4c:12:36:a6:d8:5b:0b:58:97:83:23:cf:a3:f0:11:ce:4e:
7d:f5:bf:d9:77:e9:53:83:e8:e4:b4:45:14:0d:d4:f7:88:d6:
c5:16:5d:11
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICArQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMxMTAzMjAxODEwWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ1NTU4MS05OTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0wPZfQ8N6qGt60LE8BwCPV9kuyhN0lqrT17GzEULf81suUJ1rQdN/hl0tswJ
9NOpM78hkpwateMObmINrG93NxBnnF7a7ukjTmeP9kpwGaDuEgLLKJgLTusX3YpV
xEnA87y9ANgeFr1I5VMVRa6qCovVI6Y402/JsJ6ITRd8O9z6N4pV18B9+9AaIgU+
/QTj3Y+IqKCxLyIp8nUVVIbMI6dpyytMqpkaax8P36dk5F22fCAF6NhK0R86bi75
Nz2Txj2jdZGcq5khavJJhzzhkpKXpKEA+if1+1SyIVxdiAUVhKXHIZ8TZXH2XOAp
76mn83WpObIr2vTb5Qf2QRs0sQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFNpD9TNh
HXHnebsBInwkmVtyl+eSMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNUNBN0NEQzI3
OEIyMTFFRTk1OEU1RTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBADLIAcwDAMEAMsgFQMEA8sgEAMEAMsgIAMEAMsgJgMEAMsg
KDANBgkqhkiG9w0BAQsFAAOCAQEAKpCTxDy2c+mfgtTSt3lLOUFugRa0acVvmwce
3eT9xarkmBAm7hyR4YXkz/cAmlPdviOW/p68BPMrb4YeDm5eHGcO4s9Vmr8G3LN8
5Tr0FqKc0sBJ3HbucrOFV0K9j8M04igZq8CBejGuAcG6QGtF4jxvxNDklw3isjqZ
HyQf8ZihdiNm/toKrA8gTaR6UIGWQoczGP+k9s+6/rGJH6Qa9j+q0Tzic03Mue6T
i99EABCE80Uu1R65dV6wTEgtvAqpan0UVkAFiB0oSUU4IuqvTlwIgQ6TPzDOEUwS
NqbYWwtYl4Mjz6PwEc5OffW/2XfpU4Po5LRFFA3U94jWxRZdEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org