Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/452872981E0111E9A590C837C4F9AE02.roa
File: 452872981E0111E9A590C837C4F9AE02.roa (raw, json)
Hash identifier: jrIBWX/Uewm0HK1RqMYx92gppVbuUiS8Mft/T5YvkGE=
Subject key identifier: 2C:74:FF:21:FA:5D:79:12:6F:17:1D:91:30:1E:B5:73:2F:0E:9C:09
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 36AA
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/452872981E0111E9A590C837C4F9AE02.roa
Signing time: Sat 08 Jul 2023 14:30:55 +0000
ROA not before: Sat 08 Jul 2023 14:30:55 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 24128
IP address blocks: 202.71.112.0/22 maxlen: 22
202.71.116.0/24 maxlen: 24
202.71.120.0/24 maxlen: 24
202.71.123.0/24 maxlen: 24
202.71.124.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13994 (0x36aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 8 14:30:55 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64a9731f-0085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:43:a5:d4:32:c6:e8:e2:f5:f5:ea:f4:9f:e1:
37:a0:9f:20:c3:9f:4e:40:21:de:0a:5e:35:12:ba:
71:83:b8:d0:53:9b:73:82:79:37:34:f6:39:85:21:
e2:3d:5e:c4:c0:9e:3d:f2:52:9b:f0:8d:24:19:01:
a8:4c:71:c6:3d:8a:e2:a6:be:0d:2b:0d:84:69:91:
d9:0a:9c:c2:76:50:a7:25:46:6c:93:46:26:00:dd:
81:5e:b6:ac:64:d7:a8:00:fe:e6:6b:d8:c1:9e:fc:
15:d3:69:0a:6c:0f:8a:69:64:8e:aa:3c:3a:73:d2:
41:e7:63:9f:14:02:6c:4e:bf:3b:39:3f:a8:68:1d:
dd:b1:8c:2c:40:c7:a1:f6:35:dd:5c:23:e4:51:da:
ab:26:11:b4:93:61:a5:cf:3c:db:03:9e:9d:40:7e:
30:ad:59:04:46:f5:11:5d:f7:97:ca:7a:a2:11:78:
7c:90:13:9c:8d:28:d0:6e:8e:a3:39:26:07:1d:16:
70:fe:2f:c7:ea:41:a3:e8:e9:27:98:bb:bb:2b:46:
98:31:79:f4:7a:8b:0f:6c:f1:f9:01:a4:b0:1a:c7:
af:6a:11:9b:31:3c:a2:44:1a:be:c7:14:84:55:ae:
39:59:db:3d:e2:94:a5:f0:82:28:2c:f0:0b:d7:bc:
48:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:74:FF:21:FA:5D:79:12:6F:17:1D:91:30:1E:B5:73:2F:0E:9C:09
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/452872981E0111E9A590C837C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.71.112.0-202.71.116.255
202.71.120.0/24
202.71.123.0-202.71.124.255
Signature Algorithm: sha256WithRSAEncryption
30:e2:57:cb:24:7e:04:4f:84:14:f2:38:9c:60:4b:0a:50:aa:
06:ad:44:93:7d:6e:69:78:10:29:7a:f5:08:68:09:82:6d:c8:
36:d2:67:51:d8:05:fd:3a:e1:c3:ab:83:cd:37:8d:f6:90:1a:
ec:0b:c5:5c:cc:28:8a:af:a7:4a:f9:f0:58:06:2e:e1:11:e8:
3b:ea:5e:5a:04:ba:18:0f:90:e2:8d:df:bc:c7:69:95:1a:e0:
f3:95:6b:2d:84:b3:fe:d4:d6:cf:1d:2f:67:ae:b4:3f:b9:38:
de:fa:37:c4:60:9a:7a:53:ed:5e:93:20:69:16:6e:0e:2e:85:
84:c2:60:88:99:b6:fa:b6:27:54:4b:fe:30:82:2e:e8:8e:90:
01:00:99:5f:d1:fe:a2:20:79:ea:b6:82:38:f4:cf:f5:db:18:
97:3e:8d:d2:86:cb:dc:34:7c:c5:4d:27:58:89:2b:42:70:9b:
52:9a:14:9c:95:cc:c3:cf:e1:30:a0:44:7a:e1:46:30:cf:b9:
21:e0:f4:5c:ca:a3:f6:07:82:c0:5e:bf:c6:90:c0:1f:31:5c:
26:40:4c:ee:d0:9d:e2:53:9a:21:18:0e:8a:a5:c3:b8:82:f6:
6d:4c:b7:c4:c7:f3:b2:c6:f5:18:28:28:3b:54:fa:1f:fa:8f:
93:93:c1:49
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICNqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjMwNzA4MTQzMDU1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE5NzMxZi0wMDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw0Ol1DLG6OL19er0n+E3oJ8gw59OQCHeCl41Erpxg7jQU5tzgnk3NPY5hSHi
PV7EwJ498lKb8I0kGQGoTHHGPYripr4NKw2EaZHZCpzCdlCnJUZsk0YmAN2BXras
ZNeoAP7ma9jBnvwV02kKbA+KaWSOqjw6c9JB52OfFAJsTr87OT+oaB3dsYwsQMeh
9jXdXCPkUdqrJhG0k2GlzzzbA56dQH4wrVkERvURXfeXynqiEXh8kBOcjSjQbo6j
OSYHHRZw/i/H6kGj6OknmLu7K0aYMXn0eosPbPH5AaSwGsevahGbMTyiRBq+xxSE
Va45Wds94pSl8IIoLPAL17xIBQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFCx0/yH6
XXkSbxcdkTAetXMvDpwJMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNDUyODcyOTgx
RTAxMTFFOUE1OTBDODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEBMpHcAMEAMpHdAMEAMpHeDAMAwQAykd7AwQAykd8MA0G
CSqGSIb3DQEBCwUAA4IBAQAw4lfLJH4ET4QU8jicYEsKUKoGrUSTfW5peBApevUI
aAmCbcg20mdR2AX9OuHDq4PNN432kBrsC8VczCiKr6dK+fBYBi7hEeg76l5aBLoY
D5Dijd+8x2mVGuDzlWsthLP+1NbPHS9nrrQ/uTje+jfEYJp6U+1ekyBpFm4OLoWE
wmCImbb6tidUS/4wgi7ojpABAJlf0f6iIHnqtoI49M/12xiXPo3ShsvcNHzFTSdY
iStCcJtSmhSclczDz+EwoER64UYwz7kh4PRcyqP2B4LAXr/GkMAfMVwmQEzu0J3i
U5ohGA6KpcO4gvZtTLfEx/OyxvUYKCg7VPof+o+Tk8FJ
-----END CERTIFICATE-----
Generated at Fri Aug 11 09:40:27 2023 by rpki-client on console-fra.rpki-client.org