Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/81D7D8347B1511EEB176AE35C4F9AE02.roa
File: 81D7D8347B1511EEB176AE35C4F9AE02.roa (raw, json)
Hash identifier: aT3ZlQ6YXQq7qDpchmMLHdtXwAdtBWNCSM1Tv3GWcGY=
Subject key identifier: AD:DC:D4:00:B9:2F:39:40:76:ED:F1:CE:52:2F:AC:EF:91:EE:70:7E
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1B75
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/81D7D8347B1511EEB176AE35C4F9AE02.roa
Signing time: Sat 04 Nov 2023 13:24:40 +0000
ROA not before: Sat 04 Nov 2023 13:24:40 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 141342
IP address blocks: 113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 13:14:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7029 (0x1b75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Nov 4 13:24:40 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65464618-4175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2a:72:53:6e:0a:30:e7:3f:16:ff:97:01:6b:
44:5c:58:be:be:a4:4b:6c:80:d8:65:e5:ff:b3:41:
ad:0d:c3:12:11:8d:48:57:16:c8:f5:cc:ca:e1:6f:
31:a7:8e:d4:b7:85:38:3a:ca:89:58:d9:ba:f4:05:
4c:f8:b0:25:8c:4c:44:e6:9a:b2:46:9b:59:c8:62:
b4:9c:9e:2e:20:98:39:7e:6a:93:c5:df:44:49:86:
df:72:47:b1:56:1a:38:94:fc:9f:09:91:3a:58:ef:
99:d6:39:e9:9b:69:a1:ac:ba:d5:ab:f3:dc:fd:40:
cd:77:f1:ff:e3:76:ef:d6:41:07:4e:e5:d1:e8:08:
66:a3:58:fa:09:96:a5:5d:ef:bc:6e:71:81:28:12:
8c:17:75:03:b2:a5:b6:90:fc:5e:c9:2a:cc:b7:0f:
55:7f:43:c5:80:5e:e7:b2:21:8f:48:56:60:6a:59:
c7:8b:28:45:e9:60:a3:f0:5c:f6:22:8e:c2:81:3c:
9a:e4:fa:20:0d:af:f9:03:17:db:e3:47:10:7a:14:
65:bf:ef:63:89:cd:28:40:e2:ba:42:a7:ad:9c:52:
ac:00:7d:a2:65:11:60:5f:e7:25:f9:b3:23:48:64:
db:cc:e0:78:f0:1d:c2:28:04:51:ee:61:7b:34:16:
b7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:DC:D4:00:B9:2F:39:40:76:ED:F1:CE:52:2F:AC:EF:91:EE:70:7E
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/81D7D8347B1511EEB176AE35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.200.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:c7:ac:43:32:56:36:b3:55:23:3a:92:7f:70:09:1b:eb:ad:
0e:d8:53:eb:58:34:4d:49:dc:13:e3:ea:dc:dc:56:46:e0:30:
8d:8c:64:51:f2:81:41:4b:9b:0e:a8:d8:c1:81:52:10:e4:90:
18:ec:4b:bb:4e:e8:0b:85:cd:b1:04:bc:1f:fa:d3:0c:a4:a9:
1b:d0:21:8f:49:e9:99:57:3e:44:21:e1:09:56:c9:1c:ea:a0:
d4:cc:e2:fe:bc:c6:10:13:62:43:20:f9:4e:4b:65:09:28:20:
f0:cb:08:ae:7f:e7:65:a0:04:fc:99:03:92:de:30:1c:68:a1:
d7:91:dd:78:81:7f:be:94:ba:c8:55:71:01:3e:ff:b8:67:b1:
c3:4e:ad:5f:86:42:85:a4:25:55:ab:04:7d:73:ce:75:5a:a7:
e9:25:d2:74:0b:dc:07:2c:a5:48:c6:a6:b9:17:0d:1a:b4:10:
6e:4c:2d:92:15:5a:a6:2d:65:73:cd:e3:76:9c:d1:28:25:f3:
1a:72:65:fc:49:ac:47:96:b7:c7:1e:08:6d:83:84:89:43:73:
ad:7b:41:f6:d3:6d:3d:57:e3:b8:6e:23:f4:bf:bc:90:d3:22:
66:de:71:58:12:62:ab:77:62:a4:16:a3:2e:6f:1b:b1:19:36:
19:b4:e6:89
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICG3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjMxMTA0MTMyNDQwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ2NDYxOC00MTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1CpyU24KMOc/Fv+XAWtEXFi+vqRLbIDYZeX/s0GtDcMSEY1IVxbI9czK4W8x
p47Ut4U4OsqJWNm69AVM+LAljExE5pqyRptZyGK0nJ4uIJg5fmqTxd9ESYbfckex
Vho4lPyfCZE6WO+Z1jnpm2mhrLrVq/Pc/UDNd/H/43bv1kEHTuXR6Ahmo1j6CZal
Xe+8bnGBKBKMF3UDsqW2kPxeySrMtw9Vf0PFgF7nsiGPSFZgalnHiyhF6WCj8Fz2
Io7CgTya5PogDa/5Axfb40cQehRlv+9jic0oQOK6QqetnFKsAH2iZRFgX+cl+bMj
SGTbzOB48B3CKARR7mF7NBa3yQIDAQABo4IClTCCApEwHQYDVR0OBBYEFK3c1AC5
LzlAdu3xzlIvrO+R7nB+MB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvODFEN0Q4MzQ3
QjE1MTFFRUIxNzZBRTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJxy8gwDQYJKoZIhvcNAQELBQADggEBAE/HrEMyVjazVSM6
kn9wCRvrrQ7YU+tYNE1J3BPj6tzcVkbgMI2MZFHygUFLmw6o2MGBUhDkkBjsS7tO
6AuFzbEEvB/60wykqRvQIY9J6ZlXPkQh4QlWyRzqoNTM4v68xhATYkMg+U5LZQko
IPDLCK5/52WgBPyZA5LeMBxoodeR3XiBf76UushVcQE+/7hnscNOrV+GQoWkJVWr
BH1zznVap+kl0nQL3AcspUjGprkXDRq0EG5MLZIVWqYtZXPN43ac0Sgl8xpyZfxJ
rEeWt8ceCG2DhIlDc617QfbTbT1X47huI/S/vJDTImbecVgSYqt3YqQWoy5vG7EZ
Nhm05ok=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org