Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185D79/BF194D80283D11EDA944733DC4F9AE02/DC62D82A599811EDB1F4F56CC4F9AE02.roa
File: DC62D82A599811EDB1F4F56CC4F9AE02.roa (raw, json)
Hash identifier: v2KDRIN8gNQYe3I1lYow/rjFdaGXgEVjgO9dKBaGKOQ=
Subject key identifier: 22:8D:26:D0:BF:00:BC:58:03:41:DE:BD:F8:7F:46:FA:91:C1:40:B3
Certificate issuer: /CN=A9185D79/serialNumber=7A3D7D3748C78986C2C5E50B5013BEB60AB47ADC
Certificate serial: 0120
Authority key identifier: 7A:3D:7D:37:48:C7:89:86:C2:C5:E5:0B:50:13:BE:B6:0A:B4:7A:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ej19N0jHiYbCxeULUBO-tgq0etw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9185D79/BF194D80283D11EDA944733DC4F9AE02/DC62D82A599811EDB1F4F56CC4F9AE02.roa
Signing time: Sun 03 Dec 2023 04:14:48 +0000
ROA not before: Sun 03 Dec 2023 04:14:48 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 134428
IP address blocks: 202.179.153.0/24 maxlen: 24
202.179.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 11:18:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 288 (0x120)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9185D79/serialNumber=7A3D7D3748C78986C2C5E50B5013BEB60AB47ADC
Validity
Not Before: Dec 3 04:14:48 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=656c00b7-b755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ec:cd:b4:16:95:fd:7f:d5:5f:68:34:93:40:
b2:2d:00:a5:5f:c6:d4:b0:06:e1:c9:4a:33:e2:1a:
f8:e6:f8:ae:07:c9:55:b9:f9:05:3c:53:6c:77:3c:
6a:31:57:a1:dc:ed:60:83:41:d0:ed:24:29:47:d1:
79:6f:9d:2d:6b:60:60:5f:9b:61:0e:91:a1:f5:ab:
09:22:6e:c8:0c:1d:11:69:d8:46:72:b2:10:73:a4:
38:43:92:89:13:80:2d:40:e2:4c:96:1a:a0:0b:dc:
bc:d6:28:e1:1c:c6:10:fa:1d:ce:c8:bd:0d:95:b2:
40:b7:91:b9:4b:d1:bb:fc:07:48:a7:e4:15:09:13:
2e:f0:95:68:0c:5d:d3:d4:2c:c2:36:ee:c8:3a:76:
b1:7f:c5:92:fe:16:5a:a6:70:a1:11:30:14:3f:71:
82:c3:d3:80:01:60:0a:b7:53:8a:37:00:e2:d5:a6:
b3:05:37:a6:78:9a:7a:ac:35:90:b6:48:40:27:6b:
6a:89:69:b1:1a:8c:30:d6:08:8e:16:63:a3:71:35:
ff:0b:4a:18:36:39:b9:d6:dd:5a:8f:13:d9:f5:74:
5e:f4:b7:44:14:c2:64:b2:19:32:84:d7:0b:4f:3e:
11:eb:25:67:97:13:15:d6:61:71:fb:2d:19:a8:05:
8c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8D:26:D0:BF:00:BC:58:03:41:DE:BD:F8:7F:46:FA:91:C1:40:B3
X509v3 Authority Key Identifier:
keyid:7A:3D:7D:37:48:C7:89:86:C2:C5:E5:0B:50:13:BE:B6:0A:B4:7A:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9185D79/BF194D80283D11EDA944733DC4F9AE02/ej19N0jHiYbCxeULUBO-tgq0etw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ej19N0jHiYbCxeULUBO-tgq0etw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185D79/BF194D80283D11EDA944733DC4F9AE02/DC62D82A599811EDB1F4F56CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.179.153.0-202.179.154.255
Signature Algorithm: sha256WithRSAEncryption
99:2d:5a:35:97:cb:23:8e:59:6e:7f:db:22:a8:21:55:e8:56:
99:dd:1c:6d:f4:98:e4:9d:1b:f7:3a:b8:1c:45:6b:2f:4a:0a:
6d:89:0b:4f:05:85:3e:d3:0f:21:e5:6b:59:d6:cf:0e:fb:64:
5d:f4:2b:5e:e8:2b:75:73:6b:8c:9d:e1:dd:0e:36:c9:fd:ec:
43:35:7c:9e:ad:31:55:ec:57:d1:75:c7:41:ef:26:b8:d4:3b:
12:d3:33:5e:8c:85:4e:02:b0:7a:1f:24:fa:ee:90:ad:e6:c9:
67:46:7a:4b:9b:20:d0:5b:4c:e8:78:e9:9b:41:45:82:b5:b8:
ba:be:ca:ec:31:50:1a:db:2f:12:fb:84:fd:54:24:c4:79:83:
f0:94:c5:95:ce:bf:6d:73:cb:ab:58:79:ac:e3:08:aa:3c:57:
f5:ef:26:70:6a:f1:44:68:b2:d4:ed:91:90:26:73:87:08:71:
0d:21:32:3a:da:e0:10:6d:0c:4b:2c:4b:a4:92:a7:bb:71:f5:
ce:0e:2e:54:0d:1f:18:b2:dd:d4:5d:b7:8c:90:83:16:fd:83:
18:18:86:4d:f1:15:35:bb:10:00:70:b8:5e:32:a1:19:cf:26:
91:26:cc:f0:22:47:7e:18:7b:f2:4e:50:7c:b9:8c:a8:6a:2f:
3c:1d:02:bf
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICASAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODVENzkxMTAvBgNVBAUTKDdBM0Q3RDM3NDhDNzg5ODZDMkM1RTUwQjUwMTNCRUI2
MEFCNDdBREMwHhcNMjMxMjAzMDQxNDQ4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZjMDBiNy1iNzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0uzNtBaV/X/VX2g0k0CyLQClX8bUsAbhyUoz4hr45viuB8lVufkFPFNsdzxq
MVeh3O1gg0HQ7SQpR9F5b50ta2BgX5thDpGh9asJIm7IDB0RadhGcrIQc6Q4Q5KJ
E4AtQOJMlhqgC9y81ijhHMYQ+h3OyL0NlbJAt5G5S9G7/AdIp+QVCRMu8JVoDF3T
1CzCNu7IOnaxf8WS/hZapnChETAUP3GCw9OAAWAKt1OKNwDi1aazBTemeJp6rDWQ
tkhAJ2tqiWmxGoww1giOFmOjcTX/C0oYNjm51t1ajxPZ9XRe9LdEFMJkshkyhNcL
Tz4R6yVnlxMV1mFx+y0ZqAWMqwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFCKNJtC/
ALxYA0Hevfh/RvqRwUCzMB8GA1UdIwQYMBaAFHo9fTdIx4mGwsXlC1ATvrYKtHrc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUQ3OS9CRjE5NEQ4MDI4
M0QxMUVEQTk0NDczM0RDNEY5QUUwMi9lajE5TjBqSGlZYkN4ZVVMVUJPLXRncTBl
dHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VqMTlOMGpIaVliQ3hlVUxVQk8tdGdxMGV0dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODVENzkvQkYxOTREODAyODNEMTFFREE5NDQ3MzNEQzRGOUFFMDIvREM2MkQ4MkE1
OTk4MTFFREIxRjRGNTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAMqzmQMEAMqzmjANBgkqhkiG9w0BAQsFAAOCAQEAmS1a
NZfLI45Zbn/bIqghVehWmd0cbfSY5J0b9zq4HEVrL0oKbYkLTwWFPtMPIeVrWdbP
DvtkXfQrXugrdXNrjJ3h3Q42yf3sQzV8nq0xVexX0XXHQe8muNQ7EtMzXoyFTgKw
eh8k+u6QrebJZ0Z6S5sg0FtM6Hjpm0FFgrW4ur7K7DFQGtsvEvuE/VQkxHmD8JTF
lc6/bXPLq1h5rOMIqjxX9e8mcGrxRGiy1O2RkCZzhwhxDSEyOtrgEG0MSyxLpJKn
u3H1zg4uVA0fGLLd1F23jJCDFv2DGBiGTfEVNbsQAHC4XjKhGc8mkSbM8CJHfhh7
8k5QfLmMqGovPB0Cvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org