Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/70740E2C772E11EE8C7EA84FC4F9AE02.roa
File: 70740E2C772E11EE8C7EA84FC4F9AE02.roa (raw, json)
Hash identifier: exIMCwJbqae3qd48YFqRHWxAnifBQxL/sRmKmf+X050=
Subject key identifier: EA:7E:6D:8E:6A:46:28:1F:E2:5C:56:74:D9:65:05:5D:D9:39:78:5D
Certificate issuer: /CN=A9148B17/serialNumber=8D923098CD67F6D1BF24CFBE2C3DCA0B665ABB8C
Certificate serial: 14
Authority key identifier: 8D:92:30:98:CD:67:F6:D1:BF:24:CF:BE:2C:3D:CA:0B:66:5A:BB:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jZIwmM1n9tG_JM--LD3KC2Zau4w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/70740E2C772E11EE8C7EA84FC4F9AE02.roa
Signing time: Mon 30 Oct 2023 14:13:03 +0000
ROA not before: Mon 30 Oct 2023 14:13:03 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 140044
IP address blocks: 202.61.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 17:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148B17/serialNumber=8D923098CD67F6D1BF24CFBE2C3DCA0B665ABB8C
Validity
Not Before: Oct 30 14:13:03 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=653fb9ef-5d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7e:8f:38:52:78:26:f4:73:31:09:6e:ce:e6:
e0:44:92:d8:97:6f:36:e7:ea:39:9d:0e:e8:c6:59:
95:35:34:8a:54:27:a3:e5:a4:f8:3f:ae:df:b8:4a:
09:70:41:f3:18:0d:44:77:20:cc:f9:aa:e4:04:ed:
ba:6a:42:d6:df:b6:24:88:d8:f7:fd:3a:48:39:07:
0c:fb:f9:5e:65:9e:f5:55:f3:25:3b:6a:30:76:e9:
8d:1d:20:3f:23:96:0c:b3:65:67:1f:70:88:1d:88:
fd:33:e9:08:f5:a4:61:3d:19:ee:13:44:3a:32:dd:
b5:e1:6f:fc:4c:23:37:34:3d:eb:85:05:09:06:c4:
80:d9:ed:a6:4f:12:4f:1c:7d:29:70:26:13:e2:09:
e9:22:1a:59:a9:fd:7d:16:e2:ea:b9:4d:a4:37:da:
93:38:5b:ba:9c:8e:55:3c:26:59:d6:7c:8a:b2:e6:
0a:15:63:6f:63:f6:a6:6a:fa:a1:eb:16:9f:4b:90:
32:4c:01:67:ca:6f:d7:45:2b:e6:96:a5:9d:74:73:
e8:c9:10:d6:f6:05:f6:d6:60:38:a2:77:3e:87:86:
27:10:c2:0f:97:e8:50:83:1a:7a:ca:6d:87:58:61:
bb:26:e3:1f:1a:b7:d1:43:e2:78:aa:05:2a:07:2f:
a1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:7E:6D:8E:6A:46:28:1F:E2:5C:56:74:D9:65:05:5D:D9:39:78:5D
X509v3 Authority Key Identifier:
keyid:8D:92:30:98:CD:67:F6:D1:BF:24:CF:BE:2C:3D:CA:0B:66:5A:BB:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/jZIwmM1n9tG_JM--LD3KC2Zau4w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jZIwmM1n9tG_JM--LD3KC2Zau4w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/70740E2C772E11EE8C7EA84FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.61.83.0/24
Signature Algorithm: sha256WithRSAEncryption
32:70:8e:71:39:2f:08:bf:84:c5:a9:e0:d1:e9:f5:11:cd:d9:
60:9b:ad:bc:0b:91:75:39:9a:18:7a:43:11:6b:09:03:2a:19:
80:07:ee:10:b1:36:89:86:4f:55:ea:f3:31:9d:b8:76:fb:03:
64:da:45:39:59:71:81:6d:73:83:77:5d:cc:b6:c2:96:db:0d:
a8:3d:53:80:f0:9f:b5:a2:8a:ff:b2:6d:8d:63:49:ea:e7:cd:
4f:41:0e:b8:e4:72:b9:2a:cb:47:e8:e0:54:89:ad:8f:56:9f:
f0:7a:7a:e4:43:e3:40:82:09:41:01:3d:43:02:cf:ad:7a:7d:
bd:9e:6d:95:9a:c0:15:a9:9c:4d:cd:1a:69:e5:fb:5f:88:77:
d2:62:4a:67:4d:6b:d4:40:4b:6a:c4:5b:c2:77:90:bd:01:25:
6d:d8:9e:4f:5a:b5:4d:37:4e:00:62:1f:91:e9:bd:13:c6:30:
b9:1c:72:6f:76:02:ed:b0:cf:16:32:de:d4:c1:e4:c1:f0:d8:
28:54:a7:19:8a:09:3d:72:94:e6:8a:18:39:03:f0:52:fe:58:
6e:63:eb:7a:bb:5f:b0:bc:f0:49:ee:ef:74:07:a6:01:e5:83:
fd:48:74:3c:97:4c:a0:77:1c:af:19:6f:fa:0e:f3:fe:05:b9:
da:5b:86:48
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
OEIxNzExMC8GA1UEBRMoOEQ5MjMwOThDRDY3RjZEMUJGMjRDRkJFMkMzRENBMEI2
NjVBQkI4QzAeFw0yMzEwMzAxNDEzMDNaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1M2ZiOWVmLTVkMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUfo84Ungm9HMxCW7O5uBEktiXbzbn6jmdDujGWZU1NIpUJ6PlpPg/rt+4Sglw
QfMYDUR3IMz5quQE7bpqQtbftiSI2Pf9Okg5Bwz7+V5lnvVV8yU7ajB26Y0dID8j
lgyzZWcfcIgdiP0z6Qj1pGE9Ge4TRDoy3bXhb/xMIzc0PeuFBQkGxIDZ7aZPEk8c
fSlwJhPiCekiGlmp/X0W4uq5TaQ32pM4W7qcjlU8JlnWfIqy5goVY29j9qZq+qHr
Fp9LkDJMAWfKb9dFK+aWpZ10c+jJENb2BfbWYDiidz6HhicQwg+X6FCDGnrKbYdY
Ybsm4x8at9FD4niqBSoHL6FxAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU6n5tjmpG
KB/iXFZ02WUFXdk5eF0wHwYDVR0jBBgwFoAUjZIwmM1n9tG/JM++LD3KC2Zau4ww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ4QjE3L0VBNEIxNjVFNjhF
RDExRUVCNEI1RDM2MkM0RjlBRTAyL2paSXdtTTFuOXRHX0pNLS1MRDNLQzJaYXU0
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvalpJd21NMW45dEdfSk0tLUxEM0tDMlphdTR3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OEIxNy9FQTRCMTY1RTY4RUQxMUVFQjRCNUQzNjJDNEY5QUUwMi83MDc0MEUyQzc3
MkUxMUVFOEM3RUE4NEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMo9UzANBgkqhkiG9w0BAQsFAAOCAQEAMnCOcTkvCL+Exang
0en1Ec3ZYJutvAuRdTmaGHpDEWsJAyoZgAfuELE2iYZPVerzMZ24dvsDZNpFOVlx
gW1zg3ddzLbCltsNqD1TgPCftaKK/7JtjWNJ6ufNT0EOuORyuSrLR+jgVImtj1af
8Hp65EPjQIIJQQE9QwLPrXp9vZ5tlZrAFamcTc0aaeX7X4h30mJKZ01r1EBLasRb
wneQvQElbdieT1q1TTdOAGIfkem9E8YwuRxyb3YC7bDPFjLe1MHkwfDYKFSnGYoJ
PXKU5ooYOQPwUv5YbmPrertfsLzwSe7vdAemAeWD/Uh0PJdMoHccrxlv+g7z/gW5
2luGSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org