Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C31C/F107DA10A6CF11EFB2FBB57DC4F9AE02/9BA40A84A6D011EF9F8EC97EC4F9AE02.roa
File: 9BA40A84A6D011EF9F8EC97EC4F9AE02.roa (raw, json)
Hash identifier: cp6aHCb+H2A7+TOJ5/iKkjltKUo9Kl6fU+j0xVP4h7E=
Subject key identifier: 53:94:75:FE:03:AE:34:56:4A:0B:65:0E:51:ED:AA:8C:73:EB:80:34
Certificate issuer: /CN=A918C31C/serialNumber=40FAA70F8A23A03D16A11086DBE502E862164967
Certificate serial: 02
Authority key identifier: 40:FA:A7:0F:8A:23:A0:3D:16:A1:10:86:DB:E5:02:E8:62:16:49:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QPqnD4ojoD0WoRCG2-UC6GIWSWc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C31C/F107DA10A6CF11EFB2FBB57DC4F9AE02/9BA40A84A6D011EF9F8EC97EC4F9AE02.roa
Signing time: Tue 19 Nov 2024 23:47:17 +0000
ROA not before: Tue 19 Nov 2024 23:47:17 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 45476
IP address blocks: 203.208.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 03:26:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C31C/serialNumber=40FAA70F8A23A03D16A11086DBE502E862164967
Validity
Not Before: Nov 19 23:47:17 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=673d2384-1701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7c:00:ad:73:fe:f7:1d:88:23:ba:f8:f0:fd:
68:5a:2d:6e:bd:ef:1a:d3:72:a9:36:3c:1e:12:81:
26:0b:57:d2:8e:81:22:dd:fd:5e:87:5a:d3:74:61:
c2:a1:14:02:ee:d7:c2:d9:22:3e:b0:0e:17:68:2e:
be:a8:ff:3d:7b:ad:71:f6:61:fe:d1:2b:e4:28:80:
cb:62:73:e7:00:f3:a3:5a:87:4a:c8:d1:a4:97:10:
8c:5a:18:5f:11:31:98:27:91:1c:ff:1f:d9:e0:5f:
f2:e1:9c:84:88:3e:10:b0:4a:69:82:1b:6f:61:32:
59:c0:e2:19:25:99:c8:d7:20:91:cf:fb:09:64:96:
75:72:63:02:89:38:92:04:2b:b5:9f:65:8e:6b:0a:
33:9f:0a:59:50:ff:c2:2a:fc:6e:42:44:53:04:a0:
ee:05:d8:54:b7:c4:a9:ec:b8:6f:89:c0:28:05:17:
27:08:b4:67:72:33:0a:d8:11:d6:99:f8:1b:46:93:
09:1a:a3:cc:ff:34:d6:1b:57:50:dc:58:d3:da:fa:
c5:a4:93:c6:a0:40:8c:8f:ea:03:71:10:05:69:71:
e0:1a:9d:48:ee:64:80:bf:ea:da:f2:32:69:73:0c:
3b:1e:67:36:bb:62:17:fa:06:7c:35:45:fc:6b:23:
32:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:94:75:FE:03:AE:34:56:4A:0B:65:0E:51:ED:AA:8C:73:EB:80:34
X509v3 Authority Key Identifier:
keyid:40:FA:A7:0F:8A:23:A0:3D:16:A1:10:86:DB:E5:02:E8:62:16:49:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C31C/F107DA10A6CF11EFB2FBB57DC4F9AE02/QPqnD4ojoD0WoRCG2-UC6GIWSWc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QPqnD4ojoD0WoRCG2-UC6GIWSWc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C31C/F107DA10A6CF11EFB2FBB57DC4F9AE02/9BA40A84A6D011EF9F8EC97EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.208.21.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:15:2f:19:02:74:a0:db:dc:97:84:ba:b0:71:6e:2f:59:e9:
3c:85:e9:4f:3a:44:fb:ab:5e:a3:a0:14:18:57:56:4d:e3:d8:
e0:8c:9e:f9:55:8c:0d:8c:d4:cc:22:b0:f8:5e:7e:9b:13:63:
22:03:c5:15:3c:fe:75:68:80:9e:38:a1:4a:df:0d:2e:cf:db:
33:f9:2e:46:08:26:b0:ba:af:a9:9c:66:28:b3:96:11:cf:10:
eb:9c:38:a0:c4:89:9b:d2:63:e1:a5:61:35:6a:83:52:ce:74:
59:20:72:95:b6:4a:3f:a1:a8:ba:88:b1:06:c6:ab:8f:35:62:
60:63:20:6c:00:1d:ee:57:58:4a:da:56:3b:8b:d3:97:f8:a7:
ee:11:85:39:c1:58:96:91:52:1a:f0:3f:e4:0f:9b:a2:db:ab:
c2:14:26:3e:85:3a:eb:50:17:e9:eb:43:09:04:2e:a9:5c:a1:
cb:0f:d4:02:c0:93:39:cd:47:fe:3c:b1:aa:d7:03:da:cf:e2:
5a:e9:00:c3:4e:d1:eb:f4:de:1f:c4:5a:b2:10:19:37:43:28:
ec:60:e0:3a:66:4c:c9:87:56:82:f8:3e:d8:41:04:2e:35:f8:
8c:79:5d:7f:5a:9d:83:cd:26:9c:cb:38:b1:be:68:17:37:b5:
6f:52:05:ae
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QzMxQzExMC8GA1UEBRMoNDBGQUE3MEY4QTIzQTAzRDE2QTExMDg2REJFNTAyRTg2
MjE2NDk2NzAeFw0yNDExMTkyMzQ3MTdaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3M2QyMzg0LTE3MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGfACtc/73HYgjuvjw/WhaLW697xrTcqk2PB4SgSYLV9KOgSLd/V6HWtN0YcKh
FALu18LZIj6wDhdoLr6o/z17rXH2Yf7RK+QogMtic+cA86Nah0rI0aSXEIxaGF8R
MZgnkRz/H9ngX/LhnISIPhCwSmmCG29hMlnA4hklmcjXIJHP+wlklnVyYwKJOJIE
K7WfZY5rCjOfCllQ/8Iq/G5CRFMEoO4F2FS3xKnsuG+JwCgFFycItGdyMwrYEdaZ
+BtGkwkao8z/NNYbV1DcWNPa+sWkk8agQIyP6gNxEAVpceAanUjuZIC/6tryMmlz
DDseZza7Yhf6Bnw1RfxrIzKTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUU5R1/gOu
NFZKC2UOUe2qjHPrgDQwHwYDVR0jBBgwFoAUQPqnD4ojoD0WoRCG2+UC6GIWSWcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThDMzFDL0YxMDdEQTEwQTZD
RjExRUZCMkZCQjU3REM0RjlBRTAyL1FQcW5ENG9qb0QwV29SQ0cyLVVDNkdJV1NX
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUVBxbkQ0b2pvRDBXb1JDRzItVUM2R0lXU1djLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QzMxQy9GMTA3REExMEE2Q0YxMUVGQjJGQkI1N0RDNEY5QUUwMi85QkE0MEE4NEE2
RDAxMUVGOUY4RUM5N0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMvQFTANBgkqhkiG9w0BAQsFAAOCAQEA1RUvGQJ0oNvcl4S6
sHFuL1npPIXpTzpE+6teo6AUGFdWTePY4Iye+VWMDYzUzCKw+F5+mxNjIgPFFTz+
dWiAnjihSt8NLs/bM/kuRggmsLqvqZxmKLOWEc8Q65w4oMSJm9Jj4aVhNWqDUs50
WSBylbZKP6GouoixBsarjzViYGMgbAAd7ldYStpWO4vTl/in7hGFOcFYlpFSGvA/
5A+boturwhQmPoU661AX6etDCQQuqVyhyw/UAsCTOc1H/jyxqtcD2s/iWukAw07R
6/TeH8RashAZN0Mo7GDgOmZMyYdWgvg+2EEELjX4jHldf1qdg80mnMs4sb5oFze1
b1IFrg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 07:02:16 2024 by rpki-client on console-ams.rpki-client.org