Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912DD15/C761A0AACC5211EDA8291D10C4F9AE02/A4373DE0CC5E11ED8812DA68C4F9AE02.roa
File: A4373DE0CC5E11ED8812DA68C4F9AE02.roa (raw, json)
Hash identifier: EoyMhknjQcRNWXxDYwJk/1nuk39rU2aevXiAmvLsdC8=
Subject key identifier: C6:FE:8B:87:E3:A4:EB:0F:8E:9E:E8:4E:66:82:35:97:19:1C:64:E2
Certificate issuer: /CN=A912DD15/serialNumber=EC51A9EA06C1C857F48EBD2D273A41F201EA6434
Certificate serial: 0D
Authority key identifier: EC:51:A9:EA:06:C1:C8:57:F4:8E:BD:2D:27:3A:41:F2:01:EA:64:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7FGp6gbByFf0jr0tJzpB8gHqZDQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912DD15/C761A0AACC5211EDA8291D10C4F9AE02/A4373DE0CC5E11ED8812DA68C4F9AE02.roa
Signing time: Tue 28 Mar 2023 05:17:12 +0000
ROA not before: Tue 28 Mar 2023 05:17:12 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 9328
IP address blocks: 202.0.108.0/24 maxlen: 24
202.2.0.0/22 maxlen: 22
203.7.130.0/23 maxlen: 23
203.26.100.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912DD15/serialNumber=EC51A9EA06C1C857F48EBD2D273A41F201EA6434
Validity
Not Before: Mar 28 05:17:12 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=64227857-ce0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:53:59:90:76:c8:09:9f:73:73:7d:cf:ca:09:
ff:17:0e:43:3e:da:16:a2:f6:c9:23:15:58:9d:76:
e8:f4:37:f5:ee:53:8a:6c:da:0b:7d:0f:a5:03:42:
e8:dc:f9:57:22:af:f1:7d:e2:3a:e7:28:28:a5:1c:
37:4f:37:35:07:bf:4c:cb:dd:d6:5f:3a:22:f6:fe:
79:d9:b4:90:c5:57:68:ee:d1:bf:e9:d0:32:1d:c2:
1c:f6:83:e8:30:3b:ca:6e:ff:3f:5b:72:74:84:a5:
5d:63:80:7d:71:7b:bf:12:49:8d:ef:ee:28:0f:76:
c6:90:fc:2b:42:0c:33:1a:cd:12:65:7d:d7:58:6d:
f4:60:86:66:ae:06:03:09:ca:be:41:aa:0e:49:42:
5f:14:86:cc:56:ef:d1:f4:20:ae:e2:bd:55:c8:b9:
e1:73:83:4c:7a:d0:7c:a8:a7:5a:45:76:35:c5:4f:
5c:a9:8b:ba:39:ad:d6:0e:c7:80:14:22:d1:47:8e:
02:53:d1:0e:40:83:0d:10:f8:69:a8:f1:d4:8b:21:
d9:07:cf:1e:2d:93:43:79:69:16:de:d0:b1:35:1e:
ca:94:c5:e0:c4:aa:3f:8e:71:dc:04:16:33:07:8d:
27:0f:46:87:a7:56:36:f9:48:30:75:68:a3:84:85:
fc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FE:8B:87:E3:A4:EB:0F:8E:9E:E8:4E:66:82:35:97:19:1C:64:E2
X509v3 Authority Key Identifier:
keyid:EC:51:A9:EA:06:C1:C8:57:F4:8E:BD:2D:27:3A:41:F2:01:EA:64:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912DD15/C761A0AACC5211EDA8291D10C4F9AE02/7FGp6gbByFf0jr0tJzpB8gHqZDQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7FGp6gbByFf0jr0tJzpB8gHqZDQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DD15/C761A0AACC5211EDA8291D10C4F9AE02/A4373DE0CC5E11ED8812DA68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.0.108.0/24
202.2.0.0/22
203.7.130.0/23
203.26.100.0/24
Signature Algorithm: sha256WithRSAEncryption
68:50:1b:e9:2f:6e:41:a6:d4:82:14:db:46:7b:03:30:b7:af:
3f:0d:8f:15:e4:5c:be:da:24:bb:ec:66:12:5f:c3:d4:f5:8a:
58:75:13:e8:58:d2:ba:7f:53:d7:4f:1b:ad:4a:da:27:27:a4:
54:e9:3d:8a:9a:39:4b:a2:9f:37:4e:b2:1e:fc:9b:19:55:b6:
e9:88:26:76:02:26:e7:eb:c4:fd:6c:4b:75:8c:48:93:b5:d0:
77:bd:a6:fa:f8:ec:d5:2d:67:33:fe:2f:b1:ea:db:a9:d4:ec:
30:f3:b6:90:83:9f:a9:9d:c3:d8:2b:36:9e:bb:3b:c7:be:f8:
1a:73:f1:24:43:1f:5f:f9:7a:d0:5b:27:50:fc:02:07:b4:d5:
c8:36:0f:05:15:c7:c8:bb:54:83:b7:55:74:95:7e:22:58:33:
64:7f:74:1c:54:f3:8f:df:e4:c3:7a:cd:0e:15:a0:df:b2:ee:
e4:bf:a6:fb:74:eb:4c:a5:2b:06:fb:d6:9d:ce:0b:30:02:77:
d4:71:9c:2d:bf:3e:76:9b:2e:0a:de:cc:bf:af:77:34:89:b7:
31:89:9f:c5:8e:6e:be:c2:81:87:5e:68:46:18:65:74:6b:ff:
ba:00:30:b9:03:c9:fa:f8:56:1e:88:2d:d8:a8:e1:3e:dd:ad:
f9:16:3b:7b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
REQxNTExMC8GA1UEBRMoRUM1MUE5RUEwNkMxQzg1N0Y0OEVCRDJEMjczQTQxRjIw
MUVBNjQzNDAeFw0yMzAzMjgwNTE3MTJaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MjI3ODU3LWNlMGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCsU1mQdsgJn3Nzfc/KCf8XDkM+2hai9skjFVidduj0N/XuU4ps2gt9D6UDQujc
+Vcir/F94jrnKCilHDdPNzUHv0zL3dZfOiL2/nnZtJDFV2ju0b/p0DIdwhz2g+gw
O8pu/z9bcnSEpV1jgH1xe78SSY3v7igPdsaQ/CtCDDMazRJlfddYbfRghmauBgMJ
yr5Bqg5JQl8UhsxW79H0IK7ivVXIueFzg0x60Hyop1pFdjXFT1ypi7o5rdYOx4AU
ItFHjgJT0Q5Agw0Q+Gmo8dSLIdkHzx4tk0N5aRbe0LE1HsqUxeDEqj+OcdwEFjMH
jScPRoenVjb5SDB1aKOEhfyTAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUxv6Lh+Ok
6w+OnuhOZoI1lxkcZOIwHwYDVR0jBBgwFoAU7FGp6gbByFf0jr0tJzpB8gHqZDQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJERDE1L0M3NjFBMEFBQ0M1
MjExRURBODI5MUQxMEM0RjlBRTAyLzdGR3A2Z2JCeUZmMGpyMHRKenBCOGdIcVpE
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvN0ZHcDZnYkJ5RmYwanIwdEp6cEI4Z0hxWkRRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
REQxNS9DNzYxQTBBQUNDNTIxMUVEQTgyOTFEMTBDNEY5QUUwMi9BNDM3M0RFMEND
NUUxMUVEODgxMkRBNjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAEwGAMEAMoAbAMEAsoCAAMEAcsHggMEAMsaZDANBgkqhkiG9w0BAQsF
AAOCAQEAaFAb6S9uQabUghTbRnsDMLevPw2PFeRcvtoku+xmEl/D1PWKWHUT6FjS
un9T108brUraJyekVOk9ipo5S6KfN06yHvybGVW26YgmdgIm5+vE/WxLdYxIk7XQ
d72m+vjs1S1nM/4vserbqdTsMPO2kIOfqZ3D2Cs2nrs7x774GnPxJEMfX/l60Fsn
UPwCB7TVyDYPBRXHyLtUg7dVdJV+IlgzZH90HFTzj9/kw3rNDhWg37Lu5L+m+3Tr
TKUrBvvWnc4LMAJ31HGcLb8+dpsuCt7Mv693NIm3MYmfxY5uvsKBh15oRhhldGv/
ugAwuQPJ+vhWHogt2KjhPt2t+RY7ew==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:35 2023 by rpki-client on console-ams.rpki-client.org