Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911AD81/87D3520A89E111EF8921404DC4F9AE02/D15F3AB889E311EF9999930CC4F9AE02.roa
File: D15F3AB889E311EF9999930CC4F9AE02.roa (raw, json)
Hash identifier: fYSkpo3JBsyvXIRxFyOVIzexvJbSczRXcTsTWzN5ae8=
Subject key identifier: 34:01:BF:3E:A1:47:FA:2D:B2:96:92:FF:6B:65:C1:8B:6B:21:46:C0
Certificate issuer: /CN=A911AD81/serialNumber=2DE8F216DCD2BEC6D38FEBF01E06D8A990270EBF
Certificate serial: 05
Authority key identifier: 2D:E8:F2:16:DC:D2:BE:C6:D3:8F:EB:F0:1E:06:D8:A9:90:27:0E:BF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LejyFtzSvsbTj-vwHgbYqZAnDr8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911AD81/87D3520A89E111EF8921404DC4F9AE02/D15F3AB889E311EF9999930CC4F9AE02.roa
Signing time: Mon 14 Oct 2024 04:22:25 +0000
ROA not before: Mon 14 Oct 2024 04:22:25 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 8075
IP address blocks: 203.20.128.0/24 maxlen: 24
203.20.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 00:44:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AD81/serialNumber=2DE8F216DCD2BEC6D38FEBF01E06D8A990270EBF
Validity
Not Before: Oct 14 04:22:25 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=670c9c81-4a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:57:71:72:e5:7c:13:9d:c6:28:64:70:d8:4a:
c2:19:ad:7c:5e:02:16:ba:4c:56:91:ac:94:f2:74:
65:56:53:0b:43:ea:dc:40:a0:e2:c1:08:45:e0:ce:
18:5f:d8:01:18:fa:e1:e6:9d:7f:6f:3d:8c:8f:49:
19:a0:6c:95:7c:6e:38:9a:5e:e3:43:4d:32:84:8b:
53:dd:c7:66:05:9d:6e:2f:89:df:88:2c:fd:3a:f7:
85:37:30:f8:df:18:81:cc:0a:4b:80:44:ad:e5:f1:
26:d6:39:83:ed:d6:63:29:cb:0c:89:14:1b:65:ec:
8c:0f:0f:ea:0f:de:e9:ea:65:85:a6:f9:e7:2f:d5:
54:a3:e7:38:b1:21:b6:2e:82:81:10:4a:75:64:5a:
05:c7:ad:92:60:3c:76:b0:92:24:cf:03:e3:8c:36:
5b:5d:56:41:dc:b9:2a:d0:93:b2:be:62:4c:7c:95:
70:e8:04:7e:aa:7a:b4:40:f5:9e:a6:6d:6a:aa:cf:
49:75:c6:55:15:c6:32:1d:61:85:9b:3d:6a:18:e5:
48:66:0d:30:f1:ca:d9:57:bf:ee:9f:7b:ba:71:25:
95:c4:4e:9f:8c:97:93:d1:84:d3:67:bd:0e:04:2d:
08:fc:e6:f9:06:3e:be:60:da:16:f3:c6:f7:54:69:
4b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:01:BF:3E:A1:47:FA:2D:B2:96:92:FF:6B:65:C1:8B:6B:21:46:C0
X509v3 Authority Key Identifier:
keyid:2D:E8:F2:16:DC:D2:BE:C6:D3:8F:EB:F0:1E:06:D8:A9:90:27:0E:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911AD81/87D3520A89E111EF8921404DC4F9AE02/LejyFtzSvsbTj-vwHgbYqZAnDr8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LejyFtzSvsbTj-vwHgbYqZAnDr8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AD81/87D3520A89E111EF8921404DC4F9AE02/D15F3AB889E311EF9999930CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.20.128.0/23
Signature Algorithm: sha256WithRSAEncryption
32:e6:74:35:c2:26:06:b3:75:36:60:bd:6e:7e:06:47:6d:a9:
8a:f8:30:91:3a:fc:6c:fc:d1:23:0b:9d:89:a1:df:c7:72:72:
ac:30:46:34:ff:67:56:bb:f3:95:3e:f3:28:ec:4b:1b:3e:64:
21:8f:08:b9:ac:bc:cc:86:d4:5c:97:f6:ec:6d:fa:03:bf:be:
e2:87:da:e8:9c:c2:12:29:e3:aa:93:07:28:d6:8b:20:d8:ea:
20:3c:4c:4f:51:1a:e1:b1:7f:58:c8:26:69:80:fe:95:4c:b3:
57:45:8d:04:29:9a:6f:32:a2:1b:bc:93:fe:b5:d2:18:d4:93:
76:dd:be:a1:ce:68:04:e1:3a:1f:cc:39:46:92:be:90:55:a9:
71:1b:f3:fc:63:a1:13:23:8a:e9:3e:80:0b:ec:d0:f6:8c:5a:
02:d7:b5:8f:c6:ea:ab:b9:94:5f:40:d4:9f:fe:29:d1:c1:4e:
83:85:13:04:fd:63:e6:b5:1b:1f:b1:aa:59:03:96:7f:2c:7d:
a6:14:0b:9f:54:f3:a8:3d:d0:2a:87:ab:ec:33:b5:59:dd:67:
fb:15:24:98:f9:d9:64:e1:9d:d3:13:54:65:33:9c:06:07:62:
13:6b:f2:e4:66:f3:78:c1:6c:ea:d0:c8:ca:73:08:62:73:e3:
3b:b0:fa:95
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QUQ4MTExMC8GA1UEBRMoMkRFOEYyMTZEQ0QyQkVDNkQzOEZFQkYwMUUwNkQ4QTk5
MDI3MEVCRjAeFw0yNDEwMTQwNDIyMjVaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MGM5YzgxLTRhMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCVV3Fy5XwTncYoZHDYSsIZrXxeAha6TFaRrJTydGVWUwtD6txAoOLBCEXgzhhf
2AEY+uHmnX9vPYyPSRmgbJV8bjiaXuNDTTKEi1Pdx2YFnW4vid+ILP0694U3MPjf
GIHMCkuARK3l8SbWOYPt1mMpywyJFBtl7IwPD+oP3unqZYWm+ecv1VSj5zixIbYu
goEQSnVkWgXHrZJgPHawkiTPA+OMNltdVkHcuSrQk7K+Ykx8lXDoBH6qerRA9Z6m
bWqqz0l1xlUVxjIdYYWbPWoY5UhmDTDxytlXv+6fe7pxJZXETp+Ml5PRhNNnvQ4E
LQj85vkGPr5g2hbzxvdUaUt9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNAG/PqFH
+i2ylpL/a2XBi2shRsAwHwYDVR0jBBgwFoAULejyFtzSvsbTj+vwHgbYqZAnDr8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBRDgxLzg3RDM1MjBBODlF
MTExRUY4OTIxNDA0REM0RjlBRTAyL0xlanlGdHpTdnNiVGotdndIZ2JZcVpBbkRy
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTGVqeUZ0elN2c2JUai12d0hnYllxWkFuRHI4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QUQ4MS84N0QzNTIwQTg5RTExMUVGODkyMTQwNERDNEY5QUUwMi9EMTVGM0FCODg5
RTMxMUVGOTk5OTkzMENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcsUgDANBgkqhkiG9w0BAQsFAAOCAQEAMuZ0NcImBrN1NmC9
bn4GR22pivgwkTr8bPzRIwudiaHfx3JyrDBGNP9nVrvzlT7zKOxLGz5kIY8Iuay8
zIbUXJf27G36A7++4ofa6JzCEinjqpMHKNaLINjqIDxMT1Ea4bF/WMgmaYD+lUyz
V0WNBCmabzKiG7yT/rXSGNSTdt2+oc5oBOE6H8w5RpK+kFWpcRvz/GOhEyOK6T6A
C+zQ9oxaAte1j8bqq7mUX0DUn/4p0cFOg4UTBP1j5rUbH7GqWQOWfyx9phQLn1Tz
qD3QKoer7DO1Wd1n+xUkmPnZZOGd0xNUZTOcBgdiE2vy5GbzeMFs6tDIynMIYnPj
O7D6lQ==
-----END CERTIFICATE-----
Generated at Tue Oct 15 02:07:18 2024 by rpki-client on console-ams.rpki-client.org