Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FEDE85925AEB11EF8B92C770C4F9AE02.roa
File: FEDE85925AEB11EF8B92C770C4F9AE02.roa (raw, json)
Hash identifier: NGmOi/S2sCgxC6sh/PSfhaboME+CgCwMfydNqE+mpEE=
Subject key identifier: 1A:BE:A3:5A:58:50:A6:C6:B5:36:B6:49:FF:14:BD:2C:CC:02:A6:DB
Certificate issuer: /CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
Certificate serial: 08
Authority key identifier: 21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FEDE85925AEB11EF8B92C770C4F9AE02.roa
Signing time: Thu 15 Aug 2024 09:51:52 +0000
ROA not before: Thu 15 Aug 2024 09:51:52 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 32787
IP address blocks: 202.2.133.0/24 maxlen: 24
202.2.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Aug 2024 11:27:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
Validity
Not Before: Aug 15 09:51:52 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66bdcfb7-7efe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:26:8e:b8:50:87:d3:60:3c:74:80:a4:ab:74:
f0:c6:5e:e6:cc:b7:91:ba:10:5a:6a:67:45:d3:dd:
fb:1b:e1:a7:05:f8:16:8f:46:0e:d0:13:2e:d5:71:
ec:82:21:31:ab:4f:55:37:72:fb:7b:a7:5f:68:7f:
dd:30:a3:c0:fa:e1:c8:bb:3a:5d:13:05:71:e4:9b:
6b:78:01:b3:70:c1:a3:5d:a9:18:b7:3f:e9:2a:c4:
1c:6a:12:a7:37:19:01:d0:cf:5a:17:3e:07:b2:7c:
4c:47:4a:95:3a:f0:49:2e:52:aa:7a:bd:bc:30:52:
9d:0f:4d:21:60:8a:75:0f:a0:dd:30:00:e9:33:85:
2a:c3:98:c1:fd:90:1e:da:39:f1:95:db:3b:80:b0:
c7:dd:43:a5:90:27:64:86:b3:05:1d:46:70:ba:ba:
38:22:9b:04:1e:0c:ac:da:06:39:5d:30:c7:f7:4f:
16:ed:b1:c9:bf:1e:12:f8:5b:fc:51:4e:26:f8:8c:
f9:3e:0b:2d:73:87:42:f2:0a:3c:ea:fb:f4:e5:7a:
a9:17:ea:7d:30:ce:14:9a:33:52:7c:af:5d:80:ab:
4e:67:17:6b:e6:9d:7b:5f:17:8d:4a:7c:af:52:2a:
06:d4:ea:d3:4e:a9:5c:66:be:5b:dd:19:a3:76:45:
69:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BE:A3:5A:58:50:A6:C6:B5:36:B6:49:FF:14:BD:2C:CC:02:A6:DB
X509v3 Authority Key Identifier:
keyid:21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/IdPtIffN68fQDxu3oJURuVze_iM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FEDE85925AEB11EF8B92C770C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.2.133.0-202.2.134.255
Signature Algorithm: sha256WithRSAEncryption
11:7f:e1:46:56:05:f2:ed:8d:45:15:46:7c:b1:b2:cc:06:76:
fa:56:0b:53:f7:42:e3:19:25:7d:84:c7:29:24:98:29:b3:4e:
3d:59:a0:be:be:61:df:b8:1e:96:e2:49:d7:fd:3e:bd:b0:20:
2c:49:ae:ad:fc:34:fa:4e:b1:16:1e:95:d7:99:4c:d0:1c:f4:
cf:c7:44:06:5b:15:12:63:0c:7d:3c:c5:41:d6:e0:aa:10:4e:
0a:52:10:64:a3:42:58:17:f1:fa:67:2a:bb:68:94:6d:4d:69:
54:db:e8:79:c4:b5:ac:ce:61:5e:f4:36:0f:3f:14:d5:ac:0e:
1f:b0:48:e9:1d:eb:fa:2d:4c:8b:6c:6b:4b:9f:16:22:72:65:
0e:1f:83:1d:ca:8b:4e:c0:0d:9f:5a:2d:84:67:19:91:3b:c5:
ad:8f:b8:c0:37:cf:b5:2b:24:65:45:35:fe:94:1b:69:96:6d:
64:3d:fc:8c:ea:e3:9f:53:41:cb:3d:00:f0:3f:0a:d6:99:9a:
cd:75:a4:52:a5:65:fb:3e:46:4d:44:59:9f:cf:05:b8:0c:c7:
6e:93:34:a5:ca:13:0d:50:13:bb:ea:90:ff:9e:76:7a:c5:20:
29:3e:88:4c:fe:40:36:48:d1:6b:c7:82:6e:c6:50:32:58:7a:
90:3a:79:a6
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MzM2QTExMC8GA1UEBRMoMjFEM0VEMjFGN0NERUJDN0QwMEYxQkI3QTA5NTExQjk1
Q0RFRkUyMzAeFw0yNDA4MTUwOTUxNTJaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YmRjZmI3LTdlZmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwJo64UIfTYDx0gKSrdPDGXubMt5G6EFpqZ0XT3fsb4acF+BaPRg7QEy7VceyC
ITGrT1U3cvt7p19of90wo8D64ci7Ol0TBXHkm2t4AbNwwaNdqRi3P+kqxBxqEqc3
GQHQz1oXPgeyfExHSpU68EkuUqp6vbwwUp0PTSFginUPoN0wAOkzhSrDmMH9kB7a
OfGV2zuAsMfdQ6WQJ2SGswUdRnC6ujgimwQeDKzaBjldMMf3Txbtscm/HhL4W/xR
Tib4jPk+Cy1zh0LyCjzq+/TleqkX6n0wzhSaM1J8r12Aq05nF2vmnXtfF41KfK9S
KgbU6tNOqVxmvlvdGaN2RWnDAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUGr6jWlhQ
psa1NrZJ/xS9LMwCptswHwYDVR0jBBgwFoAUIdPtIffN68fQDxu3oJURuVze/iMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTczMzZBLzhGNUE5MzU2NUFF
QTExRUY5NEU5M0Q2RUM0RjlBRTAyL0lkUHRJZmZONjhmUUR4dTNvSlVSdVZ6ZV9p
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSWRQdElmZk42OGZRRHh1M29KVVJ1VnplX2lNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MzM2QS84RjVBOTM1NjVBRUExMUVGOTRFOTNENkVDNEY5QUUwMi9GRURFODU5MjVB
RUIxMUVGOEI5MkM3NzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAygKFAwQAygKGMA0GCSqGSIb3DQEBCwUAA4IBAQARf+FG
VgXy7Y1FFUZ8sbLMBnb6VgtT90LjGSV9hMcpJJgps049WaC+vmHfuB6W4knX/T69
sCAsSa6t/DT6TrEWHpXXmUzQHPTPx0QGWxUSYwx9PMVB1uCqEE4KUhBko0JYF/H6
Zyq7aJRtTWlU2+h5xLWszmFe9DYPPxTVrA4fsEjpHev6LUyLbGtLnxYicmUOH4Md
yotOwA2fWi2EZxmRO8Wtj7jAN8+1KyRlRTX+lBtplm1kPfyM6uOfU0HLPQDwPwrW
mZrNdaRSpWX7PkZNRFmfzwW4DMdukzSlyhMNUBO76pD/nnZ6xSApPohM/kA2SNFr
x4JuxlAyWHqQOnmm
-----END CERTIFICATE-----
Generated at Thu Aug 15 16:42:32 2024 by rpki-client on console-fra.rpki-client.org