Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/562449FE6BD611EF9150BB0FC4F9AE02.roa
File: 562449FE6BD611EF9150BB0FC4F9AE02.roa (raw, json)
Hash identifier: +RsnNfi6IVCPiMYJsMZxCr0Ph+ZDDr5OX8+BrLZ2FOw=
Subject key identifier: 43:50:4C:42:35:18:B8:B2:0D:1F:9D:24:84:47:16:2A:DD:7D:3D:91
Certificate issuer: /CN=A918C287/serialNumber=4239117A25582D0067DE4D0CEDA5ABA5CC7E3569
Certificate serial: 52
Authority key identifier: 42:39:11:7A:25:58:2D:00:67:DE:4D:0C:ED:A5:AB:A5:CC:7E:35:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QjkReiVYLQBn3k0M7aWrpcx-NWk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/562449FE6BD611EF9150BB0FC4F9AE02.roa
Signing time: Thu 05 Sep 2024 22:29:38 +0000
ROA not before: Thu 05 Sep 2024 22:29:38 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 1197574
IP address blocks: 203.176.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 23:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82 (0x52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287/serialNumber=4239117A25582D0067DE4D0CEDA5ABA5CC7E3569
Validity
Not Before: Sep 5 22:29:38 2024 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=66da30d2-cde4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d6:83:5b:ef:1c:de:60:de:00:cd:a5:26:d7:
40:dc:b0:80:24:2a:4a:c4:df:8f:f7:bd:52:ee:f2:
4f:b3:be:da:04:3d:4c:3a:3e:d1:83:56:97:1c:06:
2c:a6:27:b9:61:00:b8:e1:26:8e:dc:b1:dc:ff:34:
f6:97:63:9b:f5:69:c6:f1:10:8a:f2:db:ab:63:a3:
bf:3c:93:7c:f8:31:a4:b1:23:bc:91:d5:83:da:7c:
57:11:6c:81:72:69:50:ee:fb:f8:28:b5:aa:1e:97:
ee:42:b1:17:7f:2a:15:af:42:9b:51:c7:95:d8:d9:
f5:be:ed:c0:31:e9:ab:52:fc:61:a0:c3:6b:a1:5c:
d0:fb:58:39:b1:04:ec:c4:ca:6f:b5:70:b9:95:1b:
89:56:e9:02:57:48:4f:d8:dd:16:03:e3:85:3a:92:
4e:d9:b2:a8:70:61:2f:ea:08:4a:90:49:4a:07:15:
83:1d:2b:43:fd:01:18:60:d6:49:d0:98:99:96:6c:
35:e0:8c:38:ba:ba:b9:8e:f3:1a:ca:81:19:f8:35:
56:d4:44:c5:a7:75:ab:df:0f:b0:6a:64:76:93:37:
85:dd:da:e9:0f:0a:d4:f2:73:7c:45:9b:b5:d5:7a:
01:0b:84:db:03:f9:e6:97:1b:43:48:7b:dc:a7:c5:
29:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:50:4C:42:35:18:B8:B2:0D:1F:9D:24:84:47:16:2A:DD:7D:3D:91
X509v3 Authority Key Identifier:
keyid:42:39:11:7A:25:58:2D:00:67:DE:4D:0C:ED:A5:AB:A5:CC:7E:35:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/QjkReiVYLQBn3k0M7aWrpcx-NWk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QjkReiVYLQBn3k0M7aWrpcx-NWk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/562449FE6BD611EF9150BB0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.176.189.0/24
Signature Algorithm: sha256WithRSAEncryption
78:c0:80:04:0e:26:b6:5f:91:7b:35:83:e4:b5:70:5c:09:f9:
6d:03:d9:b6:48:c7:fb:99:2d:28:ca:8f:fd:93:2e:78:fd:d8:
2d:e1:6f:32:2f:9f:b5:0a:be:e2:11:9b:c3:ea:0f:38:7b:00:
59:37:8b:af:71:29:6f:e4:34:e4:e5:b4:25:b1:f2:57:4e:da:
7e:b4:87:88:f1:68:bd:07:cd:63:c4:87:04:7c:8a:97:d0:c2:
dd:19:43:20:3f:f0:2e:34:a8:a2:d3:d4:78:cc:98:19:32:22:
63:7d:5f:a3:92:0d:70:c8:ee:3c:e5:4d:77:b4:bc:6a:92:d9:
9f:1c:72:66:ec:87:c7:7e:61:a4:bd:07:1f:f4:d6:02:ba:bb:
dd:37:48:e1:08:40:5b:2c:6c:74:ee:15:9f:74:05:c8:18:0b:
da:ea:00:d4:7d:43:0b:46:cd:04:f3:c5:27:dd:60:bd:a6:48:
08:5b:43:07:9b:8b:a1:00:f8:f7:00:1c:d3:bf:3b:72:a7:73:
43:44:ad:99:26:ac:8a:cd:78:d8:22:cd:ba:4f:37:5f:86:bd:
3a:71:f1:a1:eb:9c:18:ed:f2:86:1a:8b:2e:6d:83:b7:62:4c:
c8:5b:cf:9d:27:e5:d1:42:4b:b3:9b:26:9f:87:2e:7d:42:6c:
93:ff:97:d1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBUjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QzI4NzExMC8GA1UEBRMoNDIzOTExN0EyNTU4MkQwMDY3REU0RDBDRURBNUFCQTVD
QzdFMzU2OTAeFw0yNDA5MDUyMjI5MzhaFw0zODA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZGEzMGQyLWNkZTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC01oNb7xzeYN4AzaUm10DcsIAkKkrE34/3vVLu8k+zvtoEPUw6PtGDVpccBiym
J7lhALjhJo7csdz/NPaXY5v1acbxEIry26tjo788k3z4MaSxI7yR1YPafFcRbIFy
aVDu+/gotaoel+5CsRd/KhWvQptRx5XY2fW+7cAx6atS/GGgw2uhXND7WDmxBOzE
ym+1cLmVG4lW6QJXSE/Y3RYD44U6kk7ZsqhwYS/qCEqQSUoHFYMdK0P9ARhg1knQ
mJmWbDXgjDi6urmO8xrKgRn4NVbURMWndavfD7BqZHaTN4Xd2ukPCtTyc3xFm7XV
egELhNsD+eaXG0NIe9ynxSl7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUQ1BMQjUY
uLINH50khEcWKt19PZEwHwYDVR0jBBgwFoAUQjkReiVYLQBn3k0M7aWrpcx+NWkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThDMjg3LzY4RDg4MTg0MjQ4
NTExRUY5NDIzNjU3MkM0RjlBRTAyL1Fqa1JlaVZZTFFCbjNrME03YVdycGN4LU5X
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUWprUmVpVllMUUJuM2swTTdhV3JwY3gtTldrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QzI4Ny82OEQ4ODE4NDI0ODUxMUVGOTQyMzY1NzJDNEY5QUUwMi81NjI0NDlGRTZC
RDYxMUVGOTE1MEJCMEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMuwvTANBgkqhkiG9w0BAQsFAAOCAQEAeMCABA4mtl+RezWD
5LVwXAn5bQPZtkjH+5ktKMqP/ZMueP3YLeFvMi+ftQq+4hGbw+oPOHsAWTeLr3Ep
b+Q05OW0JbHyV07afrSHiPFovQfNY8SHBHyKl9DC3RlDID/wLjSootPUeMyYGTIi
Y31fo5INcMjuPOVNd7S8apLZnxxyZuyHx35hpL0HH/TWArq73TdI4QhAWyxsdO4V
n3QFyBgL2uoA1H1DC0bNBPPFJ91gvaZICFtDB5uLoQD49wAc0787cqdzQ0StmSas
is142CLNuk83X4a9OnHxoeucGO3yhhqLLm2Dt2JMyFvPnSfl0UJLs5smn4cufUJs
k/+X0Q==
-----END CERTIFICATE-----
Generated at Fri Sep 6 01:30:16 2024 by rpki-client on console-fra.rpki-client.org