Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/7CD32286A5E411EEB2C1AD0DC4F9AE02.roa
File: 7CD32286A5E411EEB2C1AD0DC4F9AE02.roa (raw, json)
Hash identifier: FdOTSZ8k0RtOOyXx+S/y0fPvxoathE2h1wPc0mDMTOE=
Subject key identifier: 37:44:70:E6:60:0E:81:AB:40:17:39:AA:58:1B:BA:9E:8E:2F:5B:E2
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: 0318
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/7CD32286A5E411EEB2C1AD0DC4F9AE02.roa
Signing time: Fri 29 Dec 2023 08:39:14 +0000
ROA not before: Fri 29 Dec 2023 08:39:14 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 22773
IP address blocks: 113.20.40.0/22 maxlen: 22
113.20.48.0/22 maxlen: 22
113.20.52.0/22 maxlen: 22
113.20.56.0/22 maxlen: 22
113.20.60.0/22 maxlen: 22
223.29.128.0/22 maxlen: 22
223.29.132.0/22 maxlen: 22
223.29.136.0/22 maxlen: 22
223.29.140.0/22 maxlen: 22
223.29.144.0/22 maxlen: 22
223.29.148.0/22 maxlen: 22
223.29.152.0/22 maxlen: 22
223.29.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 05 Mar 2024 14:25:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 792 (0x318)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Validity
Not Before: Dec 29 08:39:14 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=658e85b2-fed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:73:68:b7:c8:5d:98:bf:c2:d2:6b:01:d5:b8:
95:56:b8:f0:b0:45:9b:6b:34:0d:18:52:b2:37:8f:
d3:7f:28:98:bc:2c:9a:59:22:6d:c9:35:60:8c:5c:
b0:87:d4:d1:0a:ac:51:fe:1a:e2:18:11:e1:a4:a4:
60:91:75:25:95:91:58:54:00:9f:44:59:ea:63:9f:
18:a6:7d:82:07:f4:61:62:ad:0e:a5:99:77:fc:63:
45:a8:2e:b4:ca:29:17:c3:7b:f4:4b:95:c5:46:92:
1c:d9:00:ed:4a:47:dd:fc:24:5c:96:9d:f7:5e:ea:
ba:a6:05:62:05:d1:09:e9:6d:3e:73:8b:e0:f6:c5:
be:a7:b4:92:0f:0a:f7:d9:ea:65:56:31:76:15:20:
87:9e:e9:b4:f3:f5:2c:15:ca:85:a4:8c:6f:f3:5a:
73:99:1c:1c:92:45:1f:4b:6c:be:53:05:1f:f9:4c:
d0:11:dd:c9:3b:98:78:53:75:7c:cf:dd:d7:8e:8e:
5d:a2:8e:0e:96:05:b9:5d:41:54:54:b2:eb:96:3c:
65:e9:f9:66:85:b3:34:5f:1f:ff:ca:89:01:4d:88:
a5:99:e2:0c:c4:55:b1:4d:20:d8:0e:85:ad:70:16:
f9:01:9e:5c:cd:2d:65:4a:fc:00:89:6f:f7:d4:53:
94:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:44:70:E6:60:0E:81:AB:40:17:39:AA:58:1B:BA:9E:8E:2F:5B:E2
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/7CD32286A5E411EEB2C1AD0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.20.40.0/22
113.20.48.0/20
223.29.128.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:c8:91:f0:45:b4:36:16:2a:9a:1f:3a:4a:27:67:9e:1c:63:
c1:e3:fc:1d:16:32:c1:88:d8:aa:0d:2d:ea:0d:74:4c:bd:87:
dd:17:e0:d4:d5:28:ff:43:7b:d6:db:eb:ee:2d:a0:04:2e:94:
54:77:cc:ff:ca:1d:ea:b0:13:f8:63:ce:ab:30:97:4f:3b:69:
04:e1:3d:95:28:16:19:c6:11:bb:ba:cf:5c:b7:1d:03:7f:f2:
41:c6:c6:96:d1:c2:e4:a4:9f:db:8f:a1:c3:dd:76:cd:67:a1:
0c:d6:66:a0:e4:38:8f:10:6f:e4:d5:65:4c:fb:bb:42:b6:d4:
86:9c:7c:34:4a:74:95:27:08:19:a3:52:46:26:34:46:2d:2b:
3c:c5:f6:f5:4c:24:4b:99:c6:f9:a1:0d:74:c5:b3:11:5a:ec:
1b:6b:28:1e:38:f4:14:c1:0e:1f:a4:c3:be:81:f1:7e:f7:2a:
cf:f7:33:ab:93:fd:65:cd:8f:5b:0d:be:b4:f5:18:9d:a2:3d:
11:1c:45:2a:c3:99:f3:11:67:04:ca:e9:e3:49:cb:e9:c7:79:
4e:1d:8e:7a:46:a7:9f:71:c5:2e:bf:84:0d:2b:9e:0f:f2:53:
cc:ff:6b:d4:07:c6:8c:00:97:ea:54:09:e7:dc:3d:23:d0:37:
b0:08:da:8c
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAxgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjMxMjI5MDgzOTE0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThlODViMi1mZWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvHNot8hdmL/C0msB1biVVrjwsEWbazQNGFKyN4/TfyiYvCyaWSJtyTVgjFyw
h9TRCqxR/hriGBHhpKRgkXUllZFYVACfRFnqY58Ypn2CB/RhYq0OpZl3/GNFqC60
yikXw3v0S5XFRpIc2QDtSkfd/CRclp33Xuq6pgViBdEJ6W0+c4vg9sW+p7SSDwr3
2eplVjF2FSCHnum08/UsFcqFpIxv81pzmRwckkUfS2y+UwUf+UzQEd3JO5h4U3V8
z93Xjo5doo4OlgW5XUFUVLLrljxl6flmhbM0Xx//yokBTYilmeIMxFWxTSDYDoWt
cBb5AZ5czS1lSvwAiW/31FOUGwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDdEcOZg
DoGrQBc5qlgbup6OL1viMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvN0NEMzIyODZB
NUU0MTFFRUIyQzFBRDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJxFCgDBARxFDADBAXfHYAwDQYJKoZIhvcNAQELBQADggEB
AJvIkfBFtDYWKpofOkonZ54cY8Hj/B0WMsGI2KoNLeoNdEy9h90X4NTVKP9De9bb
6+4toAQulFR3zP/KHeqwE/hjzqswl087aQThPZUoFhnGEbu6z1y3HQN/8kHGxpbR
wuSkn9uPocPdds1noQzWZqDkOI8Qb+TVZUz7u0K21IacfDRKdJUnCBmjUkYmNEYt
KzzF9vVMJEuZxvmhDXTFsxFa7BtrKB449BTBDh+kw76B8X73Ks/3M6uT/WXNj1sN
vrT1GJ2iPREcRSrDmfMRZwTK6eNJy+nHeU4djnpGp59xxS6/hA0rng/yU8z/a9QH
xowAl+pUCefcPSPQN7AI2ow=
-----END CERTIFICATE-----
Generated at Tue Mar 5 17:53:05 2024 by rpki-client on console-ams.rpki-client.org