Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/F171C570834811EEBF399927C4F9AE02.roa
File: F171C570834811EEBF399927C4F9AE02.roa (raw, json)
Hash identifier: ZPiSVoYP36/NcGNAqfoQM8MVKzffWOr8LFZa/jn+Lfo=
Subject key identifier: 7B:37:89:90:2F:00:43:AA:DD:53:0E:97:72:7D:D3:9D:8F:86:45:29
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 02D7
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/F171C570834811EEBF399927C4F9AE02.roa
Signing time: Sat 25 Nov 2023 05:09:56 +0000
ROA not before: Sat 25 Nov 2023 05:09:56 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 9443
IP address blocks: 203.32.7.0/24 maxlen: 24
203.32.26.0/24 maxlen: 24
203.32.28.0/24 maxlen: 24
203.32.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 23:37:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 727 (0x2d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Nov 25 05:09:56 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=656181a4-e89a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a2:d2:87:23:4d:b0:89:e6:03:d4:2d:d4:be:
f7:8d:5e:81:3e:fd:79:3b:f8:9a:eb:e3:15:85:ea:
be:55:ad:d7:68:f6:68:d7:27:d6:86:af:33:e0:46:
64:f8:f4:e0:fa:42:80:de:b1:73:1e:d1:3a:ae:63:
3a:2c:49:ba:f4:de:ff:99:88:80:ac:01:6a:8c:7c:
71:0e:88:63:32:52:1f:1e:a8:ff:f1:05:5b:2a:b0:
bc:d6:78:cd:fe:66:a8:22:88:b7:3c:5b:c1:45:45:
7f:99:09:13:d5:60:75:cd:bb:cf:40:ea:13:d9:e6:
8b:78:88:73:7e:ee:4b:e1:2e:a3:c2:d0:8c:d1:94:
f0:78:18:d7:1d:70:40:d7:f5:a1:5a:7b:5b:6e:14:
67:b2:1a:16:9b:f3:3f:b3:fb:6b:4f:ea:e6:d2:c4:
d0:8d:ae:41:80:2f:72:a0:96:3c:ca:67:03:27:04:
e3:4e:00:4c:4e:7f:f9:d0:3a:ad:52:de:ce:50:d3:
95:38:a7:3f:76:c3:d1:a9:52:8f:e8:c2:cb:ca:3b:
8e:08:8c:eb:2c:e6:fb:d3:e9:bd:ba:67:ff:5e:f4:
c6:87:52:f2:e7:79:1e:67:54:89:a0:eb:dc:cc:f6:
01:77:8e:23:91:30:da:77:50:27:61:db:24:0c:bd:
5e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:37:89:90:2F:00:43:AA:DD:53:0E:97:72:7D:D3:9D:8F:86:45:29
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/F171C570834811EEBF399927C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.7.0/24
203.32.26.0/24
203.32.28.0/24
203.32.32.0/24
Signature Algorithm: sha256WithRSAEncryption
69:57:79:af:b0:c3:7e:c2:f5:d7:62:4b:e3:f6:54:bc:fb:68:
97:9d:3d:83:3f:de:48:5a:18:6a:ce:80:24:a3:3e:ed:3d:36:
4d:38:c0:22:f6:f6:78:fb:7f:26:e4:df:e9:0e:91:54:2d:e9:
d5:87:22:cc:fa:ad:c3:f3:74:24:91:81:ba:0b:c6:4a:5d:e9:
51:1f:64:11:81:b2:a9:f9:e3:21:de:85:fa:46:7f:6a:3c:e1:
80:6b:1e:85:4f:9f:76:9c:60:5b:0f:9a:40:77:42:3f:1a:6e:
2d:d7:79:3b:38:e9:eb:9a:62:99:b7:cf:c1:7f:19:09:25:01:
46:07:63:e2:52:45:12:08:26:ae:41:07:40:e5:d4:03:04:86:
f7:47:20:87:d0:cb:98:b3:a9:72:05:5f:f7:03:2e:ac:84:69:
f5:e8:f5:86:11:e2:08:6f:18:09:5d:fd:cf:e1:05:08:9a:f6:
24:e3:64:a4:5c:4e:78:ab:04:a6:c1:92:ac:de:1d:6b:f1:0d:
5c:31:10:e3:16:6a:6b:72:2a:7b:49:e7:e9:18:66:ce:64:dc:
c9:24:e2:6d:7e:b9:02:27:32:44:0e:2f:e3:da:65:6e:62:b5:
e0:40:d8:b1:f3:e0:c4:4a:55:f5:9c:1d:75:df:56:05:b7:5d:
d4:37:a5:5c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAtcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMxMTI1MDUwOTU2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTYxODFhNC1lODlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs6LShyNNsInmA9Qt1L73jV6BPv15O/ia6+MVheq+Va3XaPZo1yfWhq8z4EZk
+PTg+kKA3rFzHtE6rmM6LEm69N7/mYiArAFqjHxxDohjMlIfHqj/8QVbKrC81njN
/maoIoi3PFvBRUV/mQkT1WB1zbvPQOoT2eaLeIhzfu5L4S6jwtCM0ZTweBjXHXBA
1/WhWntbbhRnshoWm/M/s/trT+rm0sTQja5BgC9yoJY8ymcDJwTjTgBMTn/50Dqt
Ut7OUNOVOKc/dsPRqVKP6MLLyjuOCIzrLOb70+m9umf/XvTGh1Ly53keZ1SJoOvc
zPYBd44jkTDad1AnYdskDL1ehQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFHs3iZAv
AEOq3VMOl3J9052PhkUpMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRjE3MUM1NzA4
MzQ4MTFFRUJGMzk5OTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBADLIAcDBADLIBoDBADLIBwDBADLICAwDQYJKoZIhvcNAQEL
BQADggEBAGlXea+ww37C9ddiS+P2VLz7aJedPYM/3khaGGrOgCSjPu09Nk04wCL2
9nj7fybk3+kOkVQt6dWHIsz6rcPzdCSRgboLxkpd6VEfZBGBsqn54yHehfpGf2o8
4YBrHoVPn3acYFsPmkB3Qj8abi3XeTs46euaYpm3z8F/GQklAUYHY+JSRRIIJq5B
B0Dl1AMEhvdHIIfQy5izqXIFX/cDLqyEafXo9YYR4ghvGAld/c/hBQia9iTjZKRc
TnirBKbBkqzeHWvxDVwxEOMWamtyKntJ5+kYZs5k3Mkk4m1+uQInMkQOL+PaZW5i
teBA2LHz4MRKVfWcHXXfVgW3XdQ3pVw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org