Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/1A95C634602D11EEB0893624C4F9AE02.roa
File: 1A95C634602D11EEB0893624C4F9AE02.roa (raw, json)
Hash identifier: h15GMm0A3ms8LmJrrXVqe4SJ20gd9Xv5egYkE0zvW8w=
Subject key identifier: 47:49:58:F1:EC:9E:D6:15:48:9B:CC:1B:4F:F8:B5:43:2F:F5:22:AB
Certificate issuer: /CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Certificate serial: 20A5
Authority key identifier: 53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/1A95C634602D11EEB0893624C4F9AE02.roa
Signing time: Sun 01 Oct 2023 07:38:09 +0000
ROA not before: Sun 01 Oct 2023 07:38:09 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 180.210.221.0/24 maxlen: 24
180.210.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8357 (0x20a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B
Validity
Not Before: Oct 1 07:38:09 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=651921e0-efb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:33:dc:4c:7e:74:59:73:a4:df:f3:b9:91:8d:
ed:69:52:a5:cc:b0:47:2e:09:59:a4:fa:d0:57:d2:
0d:e6:46:d6:47:5d:a6:d3:60:9c:68:0e:e2:d7:cb:
7e:54:6a:fc:4a:26:57:13:1c:cf:27:06:31:c9:55:
24:98:16:aa:4b:f9:ae:8d:23:18:09:a6:90:23:ed:
c1:79:bc:7f:49:24:01:d8:b5:f1:17:d9:19:e9:63:
d9:08:c9:2f:5c:ec:aa:9c:46:19:c1:74:14:e2:93:
54:8e:38:f6:2c:a0:da:20:9b:ee:80:05:ef:df:84:
a7:ec:4c:70:ed:d0:85:21:0c:d7:69:e2:a0:ba:52:
5d:a5:0f:a0:6c:44:d0:07:9a:87:5a:8b:0b:11:c4:
19:3b:29:61:63:ed:f4:13:f9:36:42:cf:9e:bb:f3:
2d:21:90:62:1d:02:0e:04:2c:95:52:d2:7f:6b:cb:
78:5a:0e:3c:67:ad:20:91:17:70:72:77:54:17:6f:
9d:c1:81:22:53:90:2c:5c:6a:ee:f8:e1:c9:76:88:
21:08:7b:bd:f2:d7:b5:39:9c:d1:f2:9b:94:f7:4a:
66:dd:63:b3:06:9a:c0:19:a4:bd:d0:7b:f4:e1:d5:
20:0d:86:a2:e4:e9:2b:0f:50:bb:d2:b4:2f:13:f4:
5a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:49:58:F1:EC:9E:D6:15:48:9B:CC:1B:4F:F8:B5:43:2F:F5:22:AB
X509v3 Authority Key Identifier:
keyid:53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/U78N14DbA47OFNQEWbq5xo9phTs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/1A95C634602D11EEB0893624C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.210.221.0/24
180.210.223.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:18:44:e2:df:92:9c:7a:13:03:84:55:85:34:8f:a3:c1:8e:
2d:a0:84:18:6c:42:e0:dc:a4:81:24:27:37:6a:e3:c6:51:d9:
74:30:7f:32:fe:20:19:aa:aa:00:86:4b:d3:27:bb:b2:81:dd:
9b:26:03:8b:20:21:e7:4e:73:74:ae:2d:0b:86:c8:6e:81:26:
f1:48:2d:7c:9f:9e:85:21:5e:5f:da:78:e3:c2:56:38:8e:c2:
bd:59:76:17:d6:2b:29:32:45:63:13:d1:90:04:ad:06:0d:d5:
fc:58:34:54:f0:41:59:53:43:d0:0d:62:fc:05:1e:f7:9b:8c:
e8:4a:9e:cf:5e:4e:ac:db:b6:fd:c1:b2:08:82:2d:ca:1f:cc:
26:2c:cf:87:3c:ab:d1:73:3b:61:fd:e3:a2:4c:a1:a7:8f:f1:
24:95:d4:13:67:f4:3b:12:41:78:0b:45:8a:a3:05:e8:ad:cf:
c2:42:f8:cd:3a:27:64:ec:bd:ff:07:76:c0:25:0b:12:8a:c5:
24:c7:9c:70:a1:06:63:65:0b:2c:81:ec:f4:6f:d9:ec:9e:49:
7b:00:13:b8:73:67:89:fd:53:49:81:83:14:a2:82:53:3b:f0:
49:14:89:ed:7f:cb:c1:90:65:45:39:df:03:7a:bb:5f:4c:a5:
be:c1:a2:48
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICIKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDRDYxMTAvBgNVBAUTKDUzQkYwREQ3ODBEQjAzOEVDRTE0RDQwNDU5QkFCOUM2
OEY2OTg1M0IwHhcNMjMxMDAxMDczODA5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE5MjFlMC1lZmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApDPcTH50WXOk3/O5kY3taVKlzLBHLglZpPrQV9IN5kbWR12m02CcaA7i18t+
VGr8SiZXExzPJwYxyVUkmBaqS/mujSMYCaaQI+3Bebx/SSQB2LXxF9kZ6WPZCMkv
XOyqnEYZwXQU4pNUjjj2LKDaIJvugAXv34Sn7Exw7dCFIQzXaeKgulJdpQ+gbETQ
B5qHWosLEcQZOylhY+30E/k2Qs+eu/MtIZBiHQIOBCyVUtJ/a8t4Wg48Z60gkRdw
cndUF2+dwYEiU5AsXGru+OHJdoghCHu98te1OZzR8puU90pm3WOzBprAGaS90Hv0
4dUgDYai5OkrD1C70rQvE/RaOwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEdJWPHs
ntYVSJvMG0/4tUMv9SKrMB8GA1UdIwQYMBaAFFO/DdeA2wOOzhTUBFm6ucaPaYU7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkNENi8xRTlFMUFBQ0Qy
RUExMUU1QUZCMUUyNENDNEY5QUUwMi9VNzhOMTREYkE0N09GTlFFV2JxNXhvOXBo
VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3OE4xNERiQTQ3T0ZOUUVXYnE1eG85cGhUcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDRDYvMUU5RTFBQUNEMkVBMTFFNUFGQjFFMjRDQzRGOUFFMDIvMUE5NUM2MzQ2
MDJEMTFFRUIwODkzNjI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAC00t0DBAC00t8wDQYJKoZIhvcNAQELBQADggEBAHwYROLf
kpx6EwOEVYU0j6PBji2ghBhsQuDcpIEkJzdq48ZR2XQwfzL+IBmqqgCGS9Mnu7KB
3ZsmA4sgIedOc3SuLQuGyG6BJvFILXyfnoUhXl/aeOPCVjiOwr1ZdhfWKykyRWMT
0ZAErQYN1fxYNFTwQVlTQ9ANYvwFHvebjOhKns9eTqzbtv3BsgiCLcofzCYsz4c8
q9FzO2H946JMoaeP8SSV1BNn9DsSQXgLRYqjBeitz8JC+M06J2Tsvf8HdsAlCxKK
xSTHnHChBmNlCyyB7PRv2eyeSXsAE7hzZ4n9U0mBgxSiglM78EkUie1/y8GQZUU5
3wN6u19Mpb7Bokg=
-----END CERTIFICATE-----
Generated at Fri Nov 17 15:31:35 2023 by rpki-client on console-ams.rpki-client.org