Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/D60146262E6011EFBAA74C3DC4F9AE02.roa
File: D60146262E6011EFBAA74C3DC4F9AE02.roa (raw, json)
Hash identifier: KwVLAwyar92M6QgWYByY/G6BdlPV7rTKaxm1ALHNJzA=
Subject key identifier: BA:79:7E:83:B3:F5:7F:29:27:08:DF:3C:06:0E:84:A5:25:93:49:73
Certificate issuer: /CN=A912F387/serialNumber=1D00C283CAA1AB3CC4371A2A384D62B1CD44FBA7
Certificate serial: 7F
Authority key identifier: 1D:00:C2:83:CA:A1:AB:3C:C4:37:1A:2A:38:4D:62:B1:CD:44:FB:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQDCg8qhqzzENxoqOE1isc1E-6c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/D60146262E6011EFBAA74C3DC4F9AE02.roa
Signing time: Wed 19 Jun 2024 17:26:00 +0000
ROA not before: Wed 19 Jun 2024 17:26:00 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 63801
IP address blocks: 202.47.187.0/24 maxlen: 24
2001:df3:25c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Sep 2024 04:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127 (0x7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912F387/serialNumber=1D00C283CAA1AB3CC4371A2A384D62B1CD44FBA7
Validity
Not Before: Jun 19 17:26:00 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=667314a8-5be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2d:9b:1a:e4:81:3c:8b:fc:96:fc:2d:f0:88:
8f:04:75:80:71:6e:46:0d:6e:0f:3d:97:d6:6c:61:
41:81:fd:40:35:7a:07:b0:b8:f5:a8:b9:c3:95:3e:
2c:ab:cc:05:78:4c:19:6c:35:8a:73:30:0f:98:71:
a7:94:ba:79:a9:74:47:25:fa:df:38:58:9a:d0:46:
20:c5:16:57:39:bd:99:0a:21:91:e9:8b:35:9e:49:
8b:54:fd:9f:e0:8d:16:a8:5c:ef:0d:d9:ae:33:b8:
c4:65:24:f8:29:1a:d5:78:06:43:2a:1c:b9:00:06:
3a:62:a8:49:57:9c:3d:ff:08:9e:38:8f:b9:57:01:
7b:a3:bf:9c:ad:fe:af:96:13:91:94:9d:8f:8a:41:
a6:ff:54:36:ec:35:7a:86:a6:5a:27:9c:ad:e1:69:
09:d9:9c:4f:8d:21:d7:d4:75:f6:a0:42:90:13:a7:
b5:59:47:ac:6f:83:95:ed:d0:b0:d6:b6:44:98:13:
01:4f:17:08:73:47:6c:93:3b:48:61:79:ec:5a:59:
3c:fa:2e:36:f9:8a:6c:d9:5c:7a:12:e5:5a:2e:7b:
11:bf:17:26:60:e6:f5:e1:72:03:f8:d5:a1:be:e2:
da:9b:4f:ba:e4:b9:6d:3e:bf:cf:37:42:30:09:84:
50:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:79:7E:83:B3:F5:7F:29:27:08:DF:3C:06:0E:84:A5:25:93:49:73
X509v3 Authority Key Identifier:
keyid:1D:00:C2:83:CA:A1:AB:3C:C4:37:1A:2A:38:4D:62:B1:CD:44:FB:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQDCg8qhqzzENxoqOE1isc1E-6c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/D60146262E6011EFBAA74C3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.47.187.0/24
IPv6:
2001:df3:25c0::/48
Signature Algorithm: sha256WithRSAEncryption
70:f2:4a:fc:8b:bf:71:d8:3c:97:29:49:01:86:f7:f1:fc:80:
77:96:68:04:5b:86:e3:05:c1:9a:d2:84:05:c9:10:df:7c:d3:
10:f5:4c:fd:06:b3:e0:40:e2:21:32:c4:40:78:00:b0:3e:13:
42:a6:c9:ee:c5:bb:e2:f9:03:89:ca:23:10:13:d6:e0:46:25:
97:7e:1e:35:e3:42:ae:f0:96:34:3f:66:3e:7e:94:55:19:df:
7e:4d:b7:37:aa:9e:eb:df:ab:51:18:fc:99:a9:73:06:3e:7b:
5b:4d:a5:db:46:04:9c:5f:bc:d7:5b:d8:ca:42:dc:d7:f7:35:
ff:d2:1d:d8:d9:65:64:a8:bc:38:9a:d3:a7:07:a4:70:28:37:
63:da:41:9a:b5:3c:aa:bb:01:47:f2:8c:2d:29:4e:67:19:dd:
ae:65:e1:8f:4c:85:8f:5c:33:cc:85:7c:df:bc:0b:c7:7f:19:
ea:55:ec:86:4d:b8:85:ba:4e:a8:ae:86:73:85:2d:a8:e6:77:
f5:18:ed:66:a9:bb:f3:a0:a0:08:e6:bf:56:b9:73:a1:bb:f6:
12:11:3e:ed:88:a2:ad:37:11:35:7e:61:eb:40:6f:5b:6d:a3:
e7:61:a7:53:04:83:87:ec:20:bf:3a:01:ec:16:25:b9:88:d3:
9a:3e:8a:bf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBfzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RjM4NzExMC8GA1UEBRMoMUQwMEMyODNDQUExQUIzQ0M0MzcxQTJBMzg0RDYyQjFD
RDQ0RkJBNzAeFw0yNDA2MTkxNzI2MDBaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NzMxNGE4LTViZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyLZsa5IE8i/yW/C3wiI8EdYBxbkYNbg89l9ZsYUGB/UA1egewuPWoucOVPiyr
zAV4TBlsNYpzMA+YcaeUunmpdEcl+t84WJrQRiDFFlc5vZkKIZHpizWeSYtU/Z/g
jRaoXO8N2a4zuMRlJPgpGtV4BkMqHLkABjpiqElXnD3/CJ44j7lXAXujv5yt/q+W
E5GUnY+KQab/VDbsNXqGplonnK3haQnZnE+NIdfUdfagQpATp7VZR6xvg5Xt0LDW
tkSYEwFPFwhzR2yTO0hheexaWTz6Ljb5imzZXHoS5VouexG/FyZg5vXhcgP41aG+
4tqbT7rkuW0+v883QjAJhFDfAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUunl+g7P1
fyknCN88Bg6EpSWTSXMwHwYDVR0jBBgwFoAUHQDCg8qhqzzENxoqOE1isc1E+6cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJGMzg3LzVGM0M4NDk2ODNB
MzExRUVBMEI0MjgxQ0M0RjlBRTAyL0hRRENnOHFocXp6RU54b3FPRTFpc2MxRS02
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSFFEQ2c4cWhxenpFTnhvcU9FMWlzYzFFLTZjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RjM4Ny81RjNDODQ5NjgzQTMxMUVFQTBCNDI4MUNDNEY5QUUwMi9ENjAxNDYyNjJF
NjAxMUVGQkFBNzRDM0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAMovuzAPBAIAAjAJAwcAIAEN8yXAMA0GCSqGSIb3DQEBCwUA
A4IBAQBw8kr8i79x2DyXKUkBhvfx/IB3lmgEW4bjBcGa0oQFyRDffNMQ9Uz9BrPg
QOIhMsRAeACwPhNCpsnuxbvi+QOJyiMQE9bgRiWXfh4140Ku8JY0P2Y+fpRVGd9+
Tbc3qp7r36tRGPyZqXMGPntbTaXbRgScX7zXW9jKQtzX9zX/0h3Y2WVkqLw4mtOn
B6RwKDdj2kGatTyquwFH8owtKU5nGd2uZeGPTIWPXDPMhXzfvAvHfxnqVeyGTbiF
uk6oroZzhS2o5nf1GO1mqbvzoKAI5r9WuXOhu/YSET7tiKKtNxE1fmHrQG9bbaPn
YadTBIOH7CC/OgHsFiW5iNOaPoq/
-----END CERTIFICATE-----
Generated at Tue Sep 24 05:55:20 2024 by rpki-client on console-ams.rpki-client.org