Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/B9FED170BBFD11EF8FF46384C4F9AE02.roa
File: B9FED170BBFD11EF8FF46384C4F9AE02.roa (raw, json)
Hash identifier: ZrQUY/aKsqrSCcDFofASS2oJVWcIAJeeBE80vy+qlpg=
Subject key identifier: 82:D2:D4:08:0B:B1:65:B3:DD:8D:8F:51:3F:41:11:EF:D5:DD:EB:C3
Certificate issuer: /CN=A918C287/serialNumber=D8B1E2389BA591FD79B9A504AF5A44DAE0A6E828
Certificate serial: 14
Authority key identifier: D8:B1:E2:38:9B:A5:91:FD:79:B9:A5:04:AF:5A:44:DA:E0:A6:E8:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2LHiOJulkf15uaUEr1pE2uCm6Cg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/B9FED170BBFD11EF8FF46384C4F9AE02.roa
Signing time: Mon 16 Dec 2024 22:33:09 +0000
ROA not before: Mon 16 Dec 2024 22:33:09 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 55471
IP address blocks: 203.176.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 22:27:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287/serialNumber=D8B1E2389BA591FD79B9A504AF5A44DAE0A6E828
Validity
Not Before: Dec 16 22:33:09 2024 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=6760aaa5-eb84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b9:b0:6e:45:bd:34:e8:04:ed:e2:03:66:2e:
46:9e:3e:30:17:5e:6b:9b:f8:f8:c4:35:5f:68:9d:
ff:f8:6e:c7:f5:ac:f1:ab:36:1c:e4:56:11:13:a0:
74:b9:5b:e4:9b:f3:6a:4d:37:81:37:f1:31:53:36:
56:9c:f6:19:22:6e:25:3e:fa:9d:99:2a:08:08:cf:
b4:db:c3:3c:c4:e3:00:07:02:7c:a6:00:53:2c:58:
f5:c4:88:87:e1:b1:51:6f:75:a7:4e:1d:37:26:cd:
2a:36:5a:9f:00:1a:f3:67:31:1f:66:de:e8:74:f6:
0d:86:e7:ae:8f:4b:ff:e4:13:c6:a1:00:7c:9a:ed:
e7:0a:83:39:60:98:b7:35:91:7c:06:69:c6:88:ff:
3c:38:13:13:f8:69:48:b0:a8:05:96:98:5e:25:92:
b8:a5:10:21:be:fe:bf:6a:fc:72:3a:1f:23:76:79:
94:90:54:bc:44:35:d3:99:cf:c9:6c:d2:cd:c7:ed:
b9:b0:92:21:c3:50:b9:70:47:88:09:b4:20:c1:d0:
3d:9d:21:ba:7e:2f:c7:74:27:a6:c3:a8:24:fc:19:
dd:62:27:6a:5f:2d:29:d9:1d:1f:a8:b3:41:c7:71:
ad:04:f7:ae:2e:cd:e5:4f:fd:2b:65:6d:af:35:f6:
ef:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D2:D4:08:0B:B1:65:B3:DD:8D:8F:51:3F:41:11:EF:D5:DD:EB:C3
X509v3 Authority Key Identifier:
keyid:D8:B1:E2:38:9B:A5:91:FD:79:B9:A5:04:AF:5A:44:DA:E0:A6:E8:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/2LHiOJulkf15uaUEr1pE2uCm6Cg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2LHiOJulkf15uaUEr1pE2uCm6Cg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/B9FED170BBFD11EF8FF46384C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.176.189.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:4a:0e:2e:46:2d:a4:4e:2f:c7:3a:38:1f:a7:a2:fc:c8:f5:
fe:89:40:84:2c:d9:93:6d:d0:d1:43:23:7b:30:ba:52:a5:13:
7f:77:fd:b2:7b:30:03:79:1e:7e:eb:ae:de:2c:9b:f2:ec:10:
43:39:df:93:f8:f2:70:b3:75:d7:4a:8a:7b:b4:9f:ed:27:59:
90:16:da:e9:35:85:34:3c:23:de:46:2a:8d:ec:a2:44:f5:92:
9a:dd:4d:de:d6:56:61:7f:9e:fb:c2:88:d7:60:46:5d:db:f0:
c1:be:0a:67:75:b1:7f:d6:73:51:62:22:46:43:ac:74:17:ad:
1d:58:41:11:b3:72:64:ce:27:0e:65:31:6b:ba:04:07:f7:2c:
48:2f:f8:e7:b5:db:1e:e6:a4:d0:ce:af:03:0e:85:e1:fd:ba:
98:99:23:4d:99:00:fb:c3:07:8b:9b:ec:b3:a9:1d:41:bf:07:
a0:92:73:ef:60:5a:b9:6c:a8:38:e0:a7:d5:6d:64:7a:11:df:
dc:f8:82:af:e5:60:46:1c:96:f7:64:0e:04:a0:f7:34:03:d7:
5b:7b:67:15:37:11:ab:bb:94:3f:68:fe:4c:8d:90:a3:1e:e1:
24:9d:7a:ec:87:5c:4d:41:4a:4e:78:74:03:b9:bb:91:ca:af:
d3:47:7b:00
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QzI4NzExMC8GA1UEBRMoRDhCMUUyMzg5QkE1OTFGRDc5QjlBNTA0QUY1QTQ0REFF
MEE2RTgyODAeFw0yNDEyMTYyMjMzMDlaFw0zODA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NjBhYWE1LWViODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDiubBuRb006ATt4gNmLkaePjAXXmub+PjENV9onf/4bsf1rPGrNhzkVhEToHS5
W+Sb82pNN4E38TFTNlac9hkibiU++p2ZKggIz7TbwzzE4wAHAnymAFMsWPXEiIfh
sVFvdadOHTcmzSo2Wp8AGvNnMR9m3uh09g2G566PS//kE8ahAHya7ecKgzlgmLc1
kXwGacaI/zw4ExP4aUiwqAWWmF4lkrilECG+/r9q/HI6HyN2eZSQVLxENdOZz8ls
0s3H7bmwkiHDULlwR4gJtCDB0D2dIbp+L8d0J6bDqCT8Gd1iJ2pfLSnZHR+os0HH
ca0E964uzeVP/Stlba819u8nAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUgtLUCAux
ZbPdjY9RP0ER79Xd68MwHwYDVR0jBBgwFoAU2LHiOJulkf15uaUEr1pE2uCm6Cgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThDMjg3LzMwN0NGRjFFQjM3
NzExRUZCOTE4NEQ3QUM0RjlBRTAyLzJMSGlPSnVsa2YxNXVhVUVyMXBFMnVDbTZD
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMkxIaU9KdWxrZjE1dWFVRXIxcEUydUNtNkNnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QzI4Ny8zMDdDRkYxRUIzNzcxMUVGQjkxODREN0FDNEY5QUUwMi9COUZFRDE3MEJC
RkQxMUVGOEZGNDYzODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMuwvTANBgkqhkiG9w0BAQsFAAOCAQEAnUoOLkYtpE4vxzo4
H6ei/Mj1/olAhCzZk23Q0UMjezC6UqUTf3f9snswA3kefuuu3iyb8uwQQznfk/jy
cLN110qKe7Sf7SdZkBba6TWFNDwj3kYqjeyiRPWSmt1N3tZWYX+e+8KI12BGXdvw
wb4KZ3Wxf9ZzUWIiRkOsdBetHVhBEbNyZM4nDmUxa7oEB/csSC/457XbHuak0M6v
Aw6F4f26mJkjTZkA+8MHi5vss6kdQb8HoJJz72BauWyoOOCn1W1kehHf3PiCr+Vg
RhyW92QOBKD3NAPXW3tnFTcRq7uUP2j+TI2Qox7hJJ167IdcTUFKTnh0A7m7kcqv
00d7AA==
-----END CERTIFICATE-----
Generated at Tue Dec 17 23:48:51 2024 by rpki-client on console-fra.rpki-client.org