Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FC929BC05AEB11EF8B92C770C4F9AE02.roa
File: FC929BC05AEB11EF8B92C770C4F9AE02.roa (raw, json)
Hash identifier: 22M9gWTG98j8u8vXEhXnnXxbVBvYHxfAEHXbfaarbgk=
Subject key identifier: 3B:F0:EA:C9:37:0E:55:DF:E4:35:96:AC:CA:08:E5:AB:B2:98:B5:C4
Certificate issuer: /CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
Certificate serial: 03
Authority key identifier: 21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FC929BC05AEB11EF8B92C770C4F9AE02.roa
Signing time: Thu 15 Aug 2024 09:51:47 +0000
ROA not before: Thu 15 Aug 2024 09:51:47 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 134531
IP address blocks: 202.135.112.0/24 maxlen: 24
202.135.146.0/24 maxlen: 24
203.163.94.0/24 maxlen: 24
203.163.98.0/24 maxlen: 24
203.196.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Aug 2024 11:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
Validity
Not Before: Aug 15 09:51:47 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66bdcfb3-4f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:56:c8:6c:12:c4:4e:69:33:e1:db:82:b2:4a:
bf:43:7c:cb:e9:25:b0:a9:7c:44:04:13:8b:b1:0e:
cf:35:d1:7f:71:aa:d2:46:f5:6b:d2:61:24:e6:4c:
77:b4:6c:9d:96:75:7b:65:80:f4:aa:4d:f6:8f:6e:
81:7d:46:af:df:ab:fb:32:f8:89:dd:a8:a2:21:e1:
97:79:51:bb:54:29:e4:08:62:4a:44:56:c8:96:14:
db:2d:33:20:f6:0d:4a:fa:9c:64:77:d8:db:9b:bf:
c8:f8:5e:3b:53:26:f0:a3:fc:5a:2a:45:2d:14:6c:
dc:1b:a9:07:02:0a:71:a2:a3:e4:0f:a3:44:ba:a1:
a9:b1:1b:ac:9b:12:52:49:04:21:52:0a:8b:5c:33:
5f:95:29:1c:c9:ab:62:b9:79:67:69:86:45:5b:52:
27:14:17:b3:3b:87:dc:8d:45:d0:f8:4f:36:35:05:
e5:a9:66:db:4b:cf:ad:84:f8:1b:2e:db:fa:21:41:
ef:fd:e8:00:6b:fe:0c:ad:7a:09:a1:1e:b2:80:75:
6a:f2:6b:4a:dd:d6:dc:78:8e:af:12:d0:e6:9b:fd:
39:a3:a3:8f:59:ea:b2:f4:2b:44:11:d2:70:ea:83:
9b:22:99:50:ba:4c:c4:f8:79:b2:61:2f:ff:d9:e1:
86:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F0:EA:C9:37:0E:55:DF:E4:35:96:AC:CA:08:E5:AB:B2:98:B5:C4
X509v3 Authority Key Identifier:
keyid:21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/IdPtIffN68fQDxu3oJURuVze_iM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FC929BC05AEB11EF8B92C770C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.135.112.0/24
202.135.146.0/24
203.163.94.0/24
203.163.98.0/24
203.196.119.0/24
Signature Algorithm: sha256WithRSAEncryption
29:16:a6:cd:71:bd:2e:89:03:57:6d:70:de:7b:af:ad:2a:8a:
21:94:e0:4a:4d:77:de:b4:cc:33:e8:96:d4:fd:f5:b2:42:dc:
f0:65:41:07:21:70:ed:3c:dc:1e:17:7b:da:92:b2:90:cf:85:
69:a4:3f:e0:09:0e:f5:46:f9:d5:87:c4:02:40:3c:75:78:b2:
69:28:73:f9:db:a1:b2:c8:e4:48:e2:b6:b0:22:bf:e5:9d:88:
a2:79:e9:51:77:22:ab:2a:6c:e6:66:db:91:5c:ca:74:c8:2b:
19:71:b2:bd:a6:77:49:5c:87:e0:4a:9a:67:af:bc:a7:99:09:
79:36:09:a9:f9:c0:31:4e:72:41:94:13:19:e9:73:ef:cf:ae:
04:60:b3:4a:fd:c8:d5:1f:44:fb:45:a7:4a:cb:b5:9b:be:d4:
f7:b2:72:0b:ff:1e:bc:1c:39:03:f0:a1:bc:29:6c:74:4d:fe:
75:b9:d4:3c:62:41:0c:27:04:f9:6f:76:25:26:9e:78:7b:f1:
23:ec:80:0e:bb:7d:8e:43:50:8c:50:af:84:6a:c6:94:ea:33:
db:2a:31:cf:41:6c:2e:51:fe:8e:76:bf:31:03:99:2d:bb:5a:
da:13:11:eb:c6:b6:35:c0:37:17:01:72:cf:1d:a4:87:f4:29:
59:c6:40:fd
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MzM2QTExMC8GA1UEBRMoMjFEM0VEMjFGN0NERUJDN0QwMEYxQkI3QTA5NTExQjk1
Q0RFRkUyMzAeFw0yNDA4MTUwOTUxNDdaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YmRjZmIzLTRmMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHVshsEsROaTPh24KySr9DfMvpJbCpfEQEE4uxDs810X9xqtJG9WvSYSTmTHe0
bJ2WdXtlgPSqTfaPboF9Rq/fq/sy+IndqKIh4Zd5UbtUKeQIYkpEVsiWFNstMyD2
DUr6nGR32Nubv8j4XjtTJvCj/FoqRS0UbNwbqQcCCnGio+QPo0S6oamxG6ybElJJ
BCFSCotcM1+VKRzJq2K5eWdphkVbUicUF7M7h9yNRdD4TzY1BeWpZttLz62E+Bsu
2/ohQe/96ABr/gytegmhHrKAdWrya0rd1tx4jq8S0Oab/Tmjo49Z6rL0K0QR0nDq
g5simVC6TMT4ebJhL//Z4YbrAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUO/DqyTcO
Vd/kNZasygjlq7KYtcQwHwYDVR0jBBgwFoAUIdPtIffN68fQDxu3oJURuVze/iMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTczMzZBLzhGNUE5MzU2NUFF
QTExRUY5NEU5M0Q2RUM0RjlBRTAyL0lkUHRJZmZONjhmUUR4dTNvSlVSdVZ6ZV9p
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSWRQdElmZk42OGZRRHh1M29KVVJ1VnplX2lNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MzM2QS84RjVBOTM1NjVBRUExMUVGOTRFOTNENkVDNEY5QUUwMi9GQzkyOUJDMDVB
RUIxMUVGOEI5MkM3NzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEAMqHcAMEAMqHkgMEAMujXgMEAMujYgMEAMvEdzANBgkqhkiG
9w0BAQsFAAOCAQEAKRamzXG9LokDV21w3nuvrSqKIZTgSk133rTMM+iW1P31skLc
8GVBByFw7TzcHhd72pKykM+FaaQ/4AkO9Ub51YfEAkA8dXiyaShz+duhssjkSOK2
sCK/5Z2IonnpUXciqyps5mbbkVzKdMgrGXGyvaZ3SVyH4EqaZ6+8p5kJeTYJqfnA
MU5yQZQTGelz78+uBGCzSv3I1R9E+0WnSsu1m77U97JyC/8evBw5A/ChvClsdE3+
dbnUPGJBDCcE+W92JSaeeHvxI+yADrt9jkNQjFCvhGrGlOoz2yoxz0FsLlH+jna/
MQOZLbta2hMR68a2NcA3FwFyzx2kh/QpWcZA/Q==
-----END CERTIFICATE-----
Generated at Thu Aug 15 17:31:36 2024 by rpki-client on console-ams.rpki-client.org