Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E5F6/BCA66B7EDA8E11ED835C3925C4F9AE02/9FCE5B86D47711EE98567819C4F9AE02.roa
File: 9FCE5B86D47711EE98567819C4F9AE02.roa (raw, json)
Hash identifier: PjIIAeA+Uer1zLfd7257LD5NyBaMiDE1Ii1xuYEby8A=
Subject key identifier: 2A:27:BC:5F:F1:01:DF:14:5B:EF:D2:18:32:BC:9F:B2:C9:28:3F:82
Certificate issuer: /CN=A914E5F6/serialNumber=AFF85F7EF3DA5887438DD2061F2E9EE0B2DD0A7F
Certificate serial: AC
Authority key identifier: AF:F8:5F:7E:F3:DA:58:87:43:8D:D2:06:1F:2E:9E:E0:B2:DD:0A:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_hffvPaWIdDjdIGHy6e4LLdCn8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914E5F6/BCA66B7EDA8E11ED835C3925C4F9AE02/9FCE5B86D47711EE98567819C4F9AE02.roa
Signing time: Mon 26 Feb 2024 07:21:14 +0000
ROA not before: Mon 26 Feb 2024 07:21:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 152479
IP address blocks: 203.31.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 21:40:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172 (0xac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914E5F6/serialNumber=AFF85F7EF3DA5887438DD2061F2E9EE0B2DD0A7F
Validity
Not Before: Feb 26 07:21:14 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65dc3bea-a3d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:37:ba:22:fa:de:e2:a8:7c:3d:61:d1:58:e9:
bb:61:b8:18:01:2f:98:b1:e9:e2:bc:1d:91:fe:fc:
bc:ba:c2:20:8e:7f:ca:15:a5:a0:83:db:f6:49:71:
bc:53:5b:87:5c:69:2f:cb:91:4b:e0:ac:5b:38:4b:
f6:23:d8:70:ee:35:c6:85:94:91:fe:ac:9b:ba:3b:
39:58:c7:90:ed:c4:80:6e:58:d6:d1:6c:66:2d:77:
e7:6e:13:c1:ed:5e:d1:cf:30:6d:bc:0f:d9:2d:f5:
e2:ab:11:1e:4e:fd:71:76:62:b2:d5:ee:79:39:05:
81:53:3c:cc:fd:a8:da:9d:5b:3b:71:b1:59:2f:b8:
17:79:23:94:ea:69:c6:1f:e3:84:9d:a9:a0:44:d0:
ef:5f:b1:91:a0:f0:bc:56:a7:c9:40:ea:84:24:b6:
1a:08:34:7a:df:de:8e:cf:07:61:2b:62:e2:56:a2:
2f:e0:5d:ac:b7:e1:d7:a3:92:25:89:a7:4f:73:90:
ea:91:95:16:d7:45:23:cd:74:65:bb:28:73:15:13:
fa:17:b5:3b:4b:ee:c3:d7:eb:87:cb:29:9c:9d:40:
5b:99:f8:4c:16:4c:b6:66:ca:79:08:03:2f:12:0f:
77:8b:04:1b:82:4c:df:ca:3b:b0:f7:69:16:05:6b:
e7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:27:BC:5F:F1:01:DF:14:5B:EF:D2:18:32:BC:9F:B2:C9:28:3F:82
X509v3 Authority Key Identifier:
keyid:AF:F8:5F:7E:F3:DA:58:87:43:8D:D2:06:1F:2E:9E:E0:B2:DD:0A:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914E5F6/BCA66B7EDA8E11ED835C3925C4F9AE02/r_hffvPaWIdDjdIGHy6e4LLdCn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_hffvPaWIdDjdIGHy6e4LLdCn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E5F6/BCA66B7EDA8E11ED835C3925C4F9AE02/9FCE5B86D47711EE98567819C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.31.169.0/24
Signature Algorithm: sha256WithRSAEncryption
55:9e:59:30:2f:6c:a3:95:83:21:bd:a5:00:4b:6d:02:16:15:
73:71:42:1f:55:ba:11:fc:c5:54:0e:a1:7e:72:24:e0:c0:6a:
5a:c0:1b:2e:61:1c:d9:13:c4:a4:09:e8:61:ac:21:be:fe:2e:
65:69:84:9f:c7:17:be:7d:6e:e1:a7:ed:f4:07:21:92:67:a9:
88:24:ae:99:f1:b3:fe:39:88:48:8f:68:69:32:6d:c2:0d:4a:
83:f6:ad:74:1b:bc:2d:b2:15:fa:f5:52:e5:96:b3:0e:8f:42:
be:d3:28:00:6a:cf:fc:06:ce:9a:6c:92:bd:30:af:d9:8d:65:
f9:b7:0b:d4:a5:b3:57:19:be:e3:f8:d0:c2:55:ea:47:4e:e6:
e4:89:f4:25:d6:66:f1:0a:8e:71:29:66:ee:9b:cd:85:71:96:
e8:0c:77:a2:7b:c1:54:fa:c6:fe:93:cd:ff:64:8d:90:8c:4e:
e8:c3:90:46:6c:cc:1f:93:22:3d:7a:31:12:38:5a:b6:7c:83:
dc:6d:27:fe:f9:57:af:9c:cb:38:aa:84:10:39:22:05:1c:fa:
1d:d3:8b:c7:82:43:5c:b4:13:df:f5:40:8b:3e:b5:08:ab:42:
b8:8a:e9:20:45:83:06:4b:f6:d5:f5:a6:2f:13:2d:e6:4b:f9:
04:1b:7e:b9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEU1RjYxMTAvBgNVBAUTKEFGRjg1RjdFRjNEQTU4ODc0MzhERDIwNjFGMkU5RUUw
QjJERDBBN0YwHhcNMjQwMjI2MDcyMTE0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRjM2JlYS1hM2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Te6Ivre4qh8PWHRWOm7YbgYAS+YsenivB2R/vy8usIgjn/KFaWgg9v2SXG8
U1uHXGkvy5FL4KxbOEv2I9hw7jXGhZSR/qybujs5WMeQ7cSAbljW0WxmLXfnbhPB
7V7RzzBtvA/ZLfXiqxEeTv1xdmKy1e55OQWBUzzM/ajanVs7cbFZL7gXeSOU6mnG
H+OEnamgRNDvX7GRoPC8VqfJQOqEJLYaCDR6396OzwdhK2LiVqIv4F2st+HXo5Il
iadPc5DqkZUW10UjzXRluyhzFRP6F7U7S+7D1+uHyymcnUBbmfhMFky2Zsp5CAMv
Eg93iwQbgkzfyjuw92kWBWvnOwIDAQABo4IClTCCApEwHQYDVR0OBBYEFConvF/x
Ad8UW+/SGDK8n7LJKD+CMB8GA1UdIwQYMBaAFK/4X37z2liHQ43SBh8unuCy3Qp/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTVGNi9CQ0E2NkI3RURB
OEUxMUVEODM1QzM5MjVDNEY5QUUwMi9yX2hmZnZQYVdJZERqZElHSHk2ZTRMTGRD
bjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JfaGZmdlBhV0lkRGpkSUdIeTZlNExMZENuOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEU1RjYvQkNBNjZCN0VEQThFMTFFRDgzNUMzOTI1QzRGOUFFMDIvOUZDRTVCODZE
NDc3MTFFRTk4NTY3ODE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLH6kwDQYJKoZIhvcNAQELBQADggEBAFWeWTAvbKOVgyG9
pQBLbQIWFXNxQh9VuhH8xVQOoX5yJODAalrAGy5hHNkTxKQJ6GGsIb7+LmVphJ/H
F759buGn7fQHIZJnqYgkrpnxs/45iEiPaGkybcINSoP2rXQbvC2yFfr1UuWWsw6P
Qr7TKABqz/wGzppskr0wr9mNZfm3C9Sls1cZvuP40MJV6kdO5uSJ9CXWZvEKjnEp
Zu6bzYVxlugMd6J7wVT6xv6Tzf9kjZCMTujDkEZszB+TIj16MRI4WrZ8g9xtJ/75
V6+cyziqhBA5IgUc+h3Ti8eCQ1y0E9/1QIs+tQirQriK6SBFgwZL9tX1pi8TLeZL
+QQbfrk=
-----END CERTIFICATE-----
Generated at Wed Mar 20 23:02:14 2024 by rpki-client on console-fra.rpki-client.org