Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/3A671478DAFC11EEBFDF493AC4F9AE02.roa
File: 3A671478DAFC11EEBFDF493AC4F9AE02.roa (raw, json)
Hash identifier: Xvx6Xaah6R0UvUoJSOMhkHoBk4qofzbf3t+jRFyKQZs=
Subject key identifier: CA:13:A3:57:91:90:D3:C6:43:A8:B2:D4:E4:FC:E8:A7:FE:E9:32:CA
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: 03F5
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/3A671478DAFC11EEBFDF493AC4F9AE02.roa
Signing time: Tue 29 Oct 2024 01:26:37 +0000
ROA not before: Tue 29 Oct 2024 01:26:37 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 22773
IP address blocks: 113.20.40.0/22 maxlen: 22
113.20.48.0/22 maxlen: 22
113.20.52.0/22 maxlen: 22
113.20.56.0/22 maxlen: 22
113.20.60.0/22 maxlen: 22
223.29.128.0/22 maxlen: 22
223.29.136.0/22 maxlen: 22
223.29.140.0/22 maxlen: 22
223.29.144.0/22 maxlen: 22
223.29.148.0/22 maxlen: 22
223.29.152.0/22 maxlen: 22
223.29.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 02 Dec 2024 09:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1013 (0x3f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73
Validity
Not Before: Oct 29 01:26:37 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=672039cd-8d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:28:e5:7e:51:83:40:02:f7:e0:f3:69:98:14:
72:4f:16:e0:7c:a6:c9:93:57:bf:1f:bf:02:62:25:
54:e4:f3:72:73:58:09:c8:f2:95:76:cc:cd:2c:5a:
8d:9c:25:33:c6:a7:84:6a:4d:c8:0a:9f:b3:36:d1:
45:d2:30:07:b0:ff:92:46:b1:4c:18:69:44:0b:76:
36:7f:80:37:00:83:52:a2:de:03:57:c5:9f:c7:a6:
a7:3b:93:39:4c:eb:d1:58:6c:50:33:34:4a:4b:ae:
6e:0a:89:c9:77:31:57:12:52:b5:f0:ba:18:7c:14:
e9:b6:1f:0c:17:d3:09:48:bb:ab:a7:25:2d:59:07:
50:73:05:70:24:bd:6c:3d:68:9a:2c:95:f5:17:b9:
b1:31:41:51:09:b4:a8:aa:80:80:9e:ed:24:c7:8d:
50:93:43:9c:04:fb:bf:36:a9:e5:36:8e:e0:5a:ea:
a9:a3:eb:17:94:72:e3:ae:d1:70:5c:46:37:ed:ee:
8d:8b:89:a2:e4:40:2c:22:db:73:da:f9:ed:c5:7d:
b7:3d:11:9b:51:7c:2c:c6:d6:6e:49:5f:63:2b:44:
e0:1e:99:64:fa:dc:f0:83:cc:ae:6a:fa:b8:58:80:
a1:dc:9e:56:29:05:d4:00:82:02:c3:7b:56:72:c2:
3a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:13:A3:57:91:90:D3:C6:43:A8:B2:D4:E4:FC:E8:A7:FE:E9:32:CA
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/3A671478DAFC11EEBFDF493AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.20.40.0/22
113.20.48.0/20
223.29.128.0/22
223.29.136.0-223.29.159.255
Signature Algorithm: sha256WithRSAEncryption
61:e6:49:57:e2:55:34:3a:e7:1d:e9:12:78:91:a6:db:81:58:
11:e7:79:9a:c4:2d:d9:e3:58:46:b1:58:06:17:68:b4:3e:17:
7f:47:30:1f:ed:b5:64:79:1d:2b:31:b9:f8:06:99:c8:b9:b5:
a7:07:6d:55:8b:21:4d:a3:0b:91:4f:a6:1a:66:73:96:e7:d3:
0d:a0:02:ee:c6:20:2f:22:80:ee:e7:98:fc:ac:7c:0b:7a:e7:
07:e9:c5:6f:f9:cb:36:d1:d5:aa:10:d5:f9:5d:d3:83:dc:73:
92:2c:a8:44:e2:45:1e:b6:23:a2:2f:d9:fb:07:e2:2f:35:f5:
51:1f:7c:5f:ed:4b:93:f8:08:51:08:78:5c:18:f4:e2:a3:eb:
f8:b1:ba:c1:31:9c:7b:e9:57:17:94:c0:bc:31:4c:08:0f:ee:
65:b7:68:91:e5:ae:e6:6f:7d:9b:d0:9b:3f:52:57:ad:ba:17:
a9:a8:b7:08:ef:e1:9e:30:3c:58:1f:0f:d1:14:fe:66:d1:0a:
a0:9e:38:ec:92:00:04:af:08:10:f9:2a:1b:0e:a5:be:e7:7c:
62:24:b6:04:60:a5:17:32:0b:34:6a:e4:23:d5:31:29:34:27:
4a:ab:2d:9c:e3:ff:2d:5d:d4:dd:4a:9c:95:28:16:90:03:1d:
ee:d4:0c:62
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICA/UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjQxMDI5MDEyNjM3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIwMzljZC04ZDg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2ijlflGDQAL34PNpmBRyTxbgfKbJk1e/H78CYiVU5PNyc1gJyPKVdszNLFqN
nCUzxqeEak3ICp+zNtFF0jAHsP+SRrFMGGlEC3Y2f4A3AINSot4DV8Wfx6anO5M5
TOvRWGxQMzRKS65uConJdzFXElK18LoYfBTpth8MF9MJSLurpyUtWQdQcwVwJL1s
PWiaLJX1F7mxMUFRCbSoqoCAnu0kx41Qk0OcBPu/NqnlNo7gWuqpo+sXlHLjrtFw
XEY37e6Ni4mi5EAsIttz2vntxX23PRGbUXwsxtZuSV9jK0TgHplk+tzwg8yuavq4
WICh3J5WKQXUAIICw3tWcsI6OwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFMoTo1eR
kNPGQ6iy1OT86Kf+6TLKMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvM0E2NzE0NzhE
QUZDMTFFRUJGREY0OTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAJxFCgDBARxFDADBALfHYAwDAMEA98diAMEBd8dgDANBgkq
hkiG9w0BAQsFAAOCAQEAYeZJV+JVNDrnHekSeJGm24FYEed5msQt2eNYRrFYBhdo
tD4Xf0cwH+21ZHkdKzG5+AaZyLm1pwdtVYshTaMLkU+mGmZzlufTDaAC7sYgLyKA
7ueY/Kx8C3rnB+nFb/nLNtHVqhDV+V3Tg9xzkiyoROJFHrYjoi/Z+wfiLzX1UR98
X+1Lk/gIUQh4XBj04qPr+LG6wTGce+lXF5TAvDFMCA/uZbdokeWu5m99m9CbP1JX
rboXqai3CO/hnjA8WB8P0RT+ZtEKoJ447JIABK8IEPkqGw6lvud8YiS2BGClFzIL
NGrkI9UxKTQnSqstnOP/LV3U3UqclSgWkAMd7tQMYg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:24 2025 by rpki-client