Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917FA93/E9013B76840711E592E9472DC4F9AE02/FA85DA268CED11EE88EB1976C4F9AE02.roa
File: FA85DA268CED11EE88EB1976C4F9AE02.roa (raw, json)
Hash identifier: po1CZ13eJVZwV8GCGVoSKcZKTM6tjS26tkvuKm01GtQ=
Subject key identifier: 72:64:B7:58:1F:6A:62:87:DE:A1:65:1F:9A:C9:4C:85:EB:A4:91:34
Certificate issuer: /CN=A917FA93/serialNumber=325B2A6FD4B7BD40895562719FFD8D9AA1A8766D
Certificate serial: 2253
Authority key identifier: 32:5B:2A:6F:D4:B7:BD:40:89:55:62:71:9F:FD:8D:9A:A1:A8:76:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mlsqb9S3vUCJVWJxn_2NmqGodm0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917FA93/E9013B76840711E592E9472DC4F9AE02/FA85DA268CED11EE88EB1976C4F9AE02.roa
Signing time: Tue 12 Dec 2023 06:02:06 +0000
ROA not before: Tue 12 Dec 2023 06:02:06 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 202595
IP address blocks: 203.82.24.0/23 maxlen: 23
203.82.26.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 25 Mar 2024 03:16:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8787 (0x2253)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917FA93/serialNumber=325B2A6FD4B7BD40895562719FFD8D9AA1A8766D
Validity
Not Before: Dec 12 06:02:06 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6577f75e-7ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d1:78:db:1e:2e:be:33:28:a2:42:48:98:83:
c8:b7:12:92:53:57:8f:0b:df:69:1f:88:e8:42:97:
00:d7:46:34:e2:6c:ad:3f:ec:b4:84:be:a2:85:6e:
9d:9c:f8:94:96:ed:06:8b:d5:49:28:d6:8d:b7:9e:
8d:55:f1:cc:29:3c:ac:1b:65:8e:e0:76:87:da:76:
c7:13:01:93:d2:4b:73:17:33:08:f4:fe:ea:cc:23:
cb:98:fc:6b:13:a6:73:05:b5:a9:75:b5:ad:60:02:
ad:04:42:12:7c:92:f9:73:36:34:ab:0d:4c:c9:2c:
61:a5:bf:2e:27:91:6d:3e:08:f4:b4:87:0e:af:e3:
12:b5:6a:c0:79:ea:97:a0:d3:3d:90:dd:4d:9a:90:
1c:6e:d4:b8:c7:49:f1:c7:ae:a8:43:1d:64:82:b3:
32:6d:ed:9c:33:23:ff:67:5b:61:72:de:b7:d5:67:
e9:60:04:7e:33:de:36:a7:b8:8a:5e:9e:c8:3e:99:
00:7d:83:b0:c3:bc:fc:47:64:76:db:5c:f2:3f:57:
fd:95:ba:8b:fd:4e:80:78:9e:93:b3:79:c1:bf:30:
6b:43:c4:d2:55:98:90:a4:70:3a:bc:ad:3c:51:55:
2e:6a:0d:1c:4e:ac:da:0d:88:40:f9:06:12:d5:3f:
6e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:64:B7:58:1F:6A:62:87:DE:A1:65:1F:9A:C9:4C:85:EB:A4:91:34
X509v3 Authority Key Identifier:
keyid:32:5B:2A:6F:D4:B7:BD:40:89:55:62:71:9F:FD:8D:9A:A1:A8:76:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917FA93/E9013B76840711E592E9472DC4F9AE02/Mlsqb9S3vUCJVWJxn_2NmqGodm0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mlsqb9S3vUCJVWJxn_2NmqGodm0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917FA93/E9013B76840711E592E9472DC4F9AE02/FA85DA268CED11EE88EB1976C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.82.24.0/22
Signature Algorithm: sha256WithRSAEncryption
39:26:5f:79:70:5a:11:4c:7b:71:0c:2f:e7:11:dd:12:99:da:
f9:b5:86:66:46:b3:42:c2:99:0e:ae:7f:c3:b9:05:96:fc:22:
76:18:39:03:90:36:91:91:f3:c6:d4:a8:6e:1d:ef:ba:fb:49:
53:50:73:78:00:31:34:20:36:d1:e1:9b:b9:27:70:48:84:1f:
34:16:95:f7:0d:0c:7c:09:38:41:ed:67:bc:16:de:35:34:87:
a2:39:3b:68:e7:e5:21:6e:b9:39:4b:c4:30:8e:c1:0a:5b:14:
38:5d:c5:a5:67:3f:1c:bc:f6:b2:83:92:cb:18:41:ff:5d:bf:
8b:45:b1:53:7b:6d:8c:51:73:3d:d4:54:ec:13:16:6e:1f:e5:
8a:4d:a8:7b:9c:59:f7:ae:1b:0b:9e:8f:25:29:9f:57:7b:1c:
d7:a9:94:6b:4a:4d:e4:0a:dc:68:eb:90:51:62:82:7d:2c:c1:
98:80:af:ed:b9:52:85:af:fe:4b:72:cb:38:0c:ef:cf:a3:34:
f1:cb:c7:d1:e4:fb:3a:f4:fb:36:a0:62:c0:65:e5:9d:ae:73:
7d:29:50:2b:6e:86:97:da:df:4d:c2:1d:51:84:f7:22:51:b7:
ba:eb:bb:08:7c:bf:51:ec:e2:b6:8f:8c:a7:ae:5a:e1:45:c2:
f3:6a:ab:86
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICIlMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0ZBOTMxMTAvBgNVBAUTKDMyNUIyQTZGRDRCN0JENDA4OTU1NjI3MTlGRkQ4RDlB
QTFBODc2NkQwHhcNMjMxMjEyMDYwMjA2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTc3Zjc1ZS03ZWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAptF42x4uvjMookJImIPItxKSU1ePC99pH4joQpcA10Y04mytP+y0hL6ihW6d
nPiUlu0Gi9VJKNaNt56NVfHMKTysG2WO4HaH2nbHEwGT0ktzFzMI9P7qzCPLmPxr
E6ZzBbWpdbWtYAKtBEISfJL5czY0qw1MySxhpb8uJ5FtPgj0tIcOr+MStWrAeeqX
oNM9kN1NmpAcbtS4x0nxx66oQx1kgrMybe2cMyP/Z1thct631WfpYAR+M942p7iK
Xp7IPpkAfYOww7z8R2R221zyP1f9lbqL/U6AeJ6Ts3nBvzBrQ8TSVZiQpHA6vK08
UVUuag0cTqzaDYhA+QYS1T9uqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHJkt1gf
amKH3qFlH5rJTIXrpJE0MB8GA1UdIwQYMBaAFDJbKm/Ut71AiVVicZ/9jZqhqHZt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RkE5My9FOTAxM0I3Njg0
MDcxMUU1OTJFOTQ3MkRDNEY5QUUwMi9NbHNxYjlTM3ZVQ0pWV0p4bl8yTm1xR29k
bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01sc3FiOVMzdlVDSlZXSnhuXzJObXFHb2RtMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0ZBOTMvRTkwMTNCNzY4NDA3MTFFNTkyRTk0NzJEQzRGOUFFMDIvRkE4NURBMjY4
Q0VEMTFFRTg4RUIxOTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALLUhgwDQYJKoZIhvcNAQELBQADggEBADkmX3lwWhFMe3EM
L+cR3RKZ2vm1hmZGs0LCmQ6uf8O5BZb8InYYOQOQNpGR88bUqG4d77r7SVNQc3gA
MTQgNtHhm7kncEiEHzQWlfcNDHwJOEHtZ7wW3jU0h6I5O2jn5SFuuTlLxDCOwQpb
FDhdxaVnPxy89rKDkssYQf9dv4tFsVN7bYxRcz3UVOwTFm4f5YpNqHucWfeuGwue
jyUpn1d7HNeplGtKTeQK3GjrkFFign0swZiAr+25UoWv/ktyyzgM78+jNPHLx9Hk
+zr0+zagYsBl5Z2uc30pUCtuhpfa303CHVGE9yJRt7rruwh8v1Hs4raPjKeuWuFF
wvNqq4Y=
-----END CERTIFICATE-----
Generated at Mon Mar 25 04:58:24 2024 by rpki-client on console-fra.rpki-client.org