Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911E242/6208E37C6CDD11EE92F5520DC4F9AE02/2E7B4B846CE811EE972BF770C4F9AE02.roa
File: 2E7B4B846CE811EE972BF770C4F9AE02.roa (raw, json)
Hash identifier: K696ty9bexoFLkDUzWLni2rYzh0TMwfK3nxv2q7EmLw=
Subject key identifier: 55:98:8B:33:51:98:89:59:33:32:4F:B5:C8:A0:40:BE:DE:5A:4E:95
Certificate issuer: /CN=A911E242/serialNumber=20504FE642324B7E6066202B1E1EB9B78270F0F0
Certificate serial: 04
Authority key identifier: 20:50:4F:E6:42:32:4B:7E:60:66:20:2B:1E:1E:B9:B7:82:70:F0:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IFBP5kIyS35gZiArHh65t4Jw8PA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911E242/6208E37C6CDD11EE92F5520DC4F9AE02/2E7B4B846CE811EE972BF770C4F9AE02.roa
Signing time: Tue 17 Oct 2023 12:24:57 +0000
ROA not before: Tue 17 Oct 2023 12:24:57 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 9435
IP address blocks: 203.21.152.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 00:10:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911E242/serialNumber=20504FE642324B7E6066202B1E1EB9B78270F0F0
Validity
Not Before: Oct 17 12:24:57 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=652e7d18-aa51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:40:a3:f4:7a:0c:c7:6e:41:e9:94:e4:54:01:
d6:d1:41:5b:21:0c:10:10:3c:b0:aa:14:08:c2:23:
f3:d1:e3:82:f6:fc:59:b4:89:89:d6:23:33:15:06:
5a:ba:46:ae:07:0b:5b:a3:5c:1f:fa:63:64:ac:75:
a1:e0:0c:a8:c9:80:d4:ae:4b:75:70:af:3f:db:c8:
17:9b:37:31:82:41:52:eb:9e:4d:3c:79:2f:05:31:
75:92:77:59:cd:24:cd:22:d6:81:db:58:57:d1:04:
a2:9f:c1:2b:b8:5c:39:1e:0f:30:9c:23:88:01:95:
c3:54:d7:dd:79:22:84:3a:3b:4c:48:00:8a:38:ef:
37:6e:ea:13:0a:55:7c:33:7f:07:b5:30:e9:34:95:
a8:16:41:30:be:29:85:56:17:73:6c:0f:37:43:39:
75:bb:03:a8:6e:12:2f:52:fa:05:2c:5d:f1:cf:66:
ce:1c:05:d6:c4:f8:19:52:a3:63:67:35:d2:8c:bd:
bb:f7:42:32:69:0e:6d:c5:6c:67:ca:be:49:8c:77:
15:77:d4:d7:1e:8d:d7:dd:10:46:b3:e9:18:72:5f:
30:a2:b3:10:fd:6f:92:11:4a:89:9b:f9:88:34:9c:
83:7b:e4:20:7f:96:e4:2a:eb:0e:4a:ce:48:90:87:
b1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:98:8B:33:51:98:89:59:33:32:4F:B5:C8:A0:40:BE:DE:5A:4E:95
X509v3 Authority Key Identifier:
keyid:20:50:4F:E6:42:32:4B:7E:60:66:20:2B:1E:1E:B9:B7:82:70:F0:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911E242/6208E37C6CDD11EE92F5520DC4F9AE02/IFBP5kIyS35gZiArHh65t4Jw8PA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IFBP5kIyS35gZiArHh65t4Jw8PA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E242/6208E37C6CDD11EE92F5520DC4F9AE02/2E7B4B846CE811EE972BF770C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.21.152.0/23
Signature Algorithm: sha256WithRSAEncryption
71:3b:6c:bc:17:59:0b:a9:d4:e9:e5:c9:f7:6b:96:c7:e0:bb:
18:22:f7:2a:cb:9d:6e:2f:31:6e:e2:2c:07:20:3b:8f:22:9f:
25:54:0f:3b:91:06:87:09:95:61:19:d1:96:9f:49:ec:f0:e6:
3d:77:b4:03:32:c5:88:37:6a:28:77:ed:27:cc:2e:18:5a:cb:
cc:8d:61:1f:92:e7:00:0e:f1:a3:c3:8e:dd:7c:68:16:e6:1f:
0c:bc:ea:15:d4:00:e0:31:0e:a5:0e:1a:1b:29:b2:8b:37:4a:
40:88:d0:43:b8:c9:d2:19:b1:dc:ba:de:6f:dd:5a:91:ab:f8:
1e:42:1d:d8:e2:93:65:36:e5:9c:5c:21:92:d4:c8:68:f7:7e:
a9:d9:f2:b3:b9:9e:07:23:1a:15:b1:28:11:65:7c:29:b6:05:
34:97:ab:98:cc:9e:22:50:fc:e0:b1:9d:a0:98:02:3e:b5:7f:
01:00:5b:23:82:a4:41:5f:4b:b3:f1:78:5b:12:bb:a4:8b:38:
c6:03:98:73:cb:09:c5:1b:14:0f:8b:51:5e:98:6e:e1:95:7c:
a9:05:6a:20:13:d6:58:fc:f9:b9:31:07:f6:61:58:11:fb:4d:
59:b9:77:41:e2:a0:8d:50:95:75:09:ba:aa:b6:25:70:70:2c:
18:14:92:6e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RTI0MjExMC8GA1UEBRMoMjA1MDRGRTY0MjMyNEI3RTYwNjYyMDJCMUUxRUI5Qjc4
MjcwRjBGMDAeFw0yMzEwMTcxMjI0NTdaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MmU3ZDE4LWFhNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDrQKP0egzHbkHplORUAdbRQVshDBAQPLCqFAjCI/PR44L2/Fm0iYnWIzMVBlq6
Rq4HC1ujXB/6Y2SsdaHgDKjJgNSuS3Vwrz/byBebNzGCQVLrnk08eS8FMXWSd1nN
JM0i1oHbWFfRBKKfwSu4XDkeDzCcI4gBlcNU1915IoQ6O0xIAIo47zdu6hMKVXwz
fwe1MOk0lagWQTC+KYVWF3NsDzdDOXW7A6huEi9S+gUsXfHPZs4cBdbE+BlSo2Nn
NdKMvbv3QjJpDm3FbGfKvkmMdxV31NcejdfdEEaz6RhyXzCisxD9b5IRSomb+Yg0
nIN75CB/luQq6w5KzkiQh7FZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUVZiLM1GY
iVkzMk+1yKBAvt5aTpUwHwYDVR0jBBgwFoAUIFBP5kIyS35gZiArHh65t4Jw8PAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFMjQyLzYyMDhFMzdDNkNE
RDExRUU5MkY1NTIwREM0RjlBRTAyL0lGQlA1a0l5UzM1Z1ppQXJIaDY1dDRKdzhQ
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSUZCUDVrSXlTMzVnWmlBckhoNjV0NEp3OFBBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RTI0Mi82MjA4RTM3QzZDREQxMUVFOTJGNTUyMERDNEY5QUUwMi8yRTdCNEI4NDZD
RTgxMUVFOTcyQkY3NzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcsVmDANBgkqhkiG9w0BAQsFAAOCAQEAcTtsvBdZC6nU6eXJ
92uWx+C7GCL3Ksudbi8xbuIsByA7jyKfJVQPO5EGhwmVYRnRlp9J7PDmPXe0AzLF
iDdqKHftJ8wuGFrLzI1hH5LnAA7xo8OO3XxoFuYfDLzqFdQA4DEOpQ4aGymyizdK
QIjQQ7jJ0hmx3Lreb91akav4HkId2OKTZTblnFwhktTIaPd+qdnys7meByMaFbEo
EWV8KbYFNJermMyeIlD84LGdoJgCPrV/AQBbI4KkQV9Ls/F4WxK7pIs4xgOYc8sJ
xRsUD4tRXphu4ZV8qQVqIBPWWPz5uTEH9mFYEftNWbl3QeKgjVCVdQm6qrYlcHAs
GBSSbg==
-----END CERTIFICATE-----
Generated at Tue Aug 13 03:10:47 2024 by rpki-client on console-fra.rpki-client.org