Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/017F0754588A11EF9FC2E90CC4F9AE02.roa
File: 017F0754588A11EF9FC2E90CC4F9AE02.roa (raw, json)
Hash identifier: KcvMRQ+K6pgu2LE45JchjugublXxyNTBKSvT5BNwrVg=
Subject key identifier: 82:8D:1C:1F:58:02:49:AE:EB:B2:B4:4C:97:79:2B:14:D3:B9:7E:B3
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 03B0
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/017F0754588A11EF9FC2E90CC4F9AE02.roa
Signing time: Mon 12 Aug 2024 09:05:22 +0000
ROA not before: Mon 12 Aug 2024 09:05:22 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 45671
IP address blocks: 203.32.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Dec 2024 11:03:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 944 (0x3b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75
Validity
Not Before: Aug 12 09:05:22 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66b9d052-3b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:54:27:5b:52:7d:47:31:e3:27:8f:ee:8e:d0:
db:62:2e:c2:56:3c:42:f3:0b:20:9d:45:74:20:24:
bf:0b:64:f3:6d:ae:28:22:e7:83:11:55:b7:02:5a:
65:b8:97:05:09:6b:fb:fe:96:d3:ae:cb:63:c5:27:
7d:ea:cd:c4:41:19:cd:c4:fe:19:62:19:04:02:1e:
08:72:e9:83:5f:38:00:3a:ce:fc:91:34:36:b1:6b:
06:d6:2c:4a:7a:2d:4e:62:7a:be:9a:6f:46:26:a8:
cc:f5:c4:a7:3e:72:54:0b:54:06:55:91:80:2c:17:
48:e6:c2:c9:8f:f6:04:b8:f2:a6:6c:78:3d:f5:5b:
22:8b:4d:f5:b5:f3:0b:8d:26:8f:0d:35:bf:d0:71:
4e:54:b1:d2:27:4b:7f:b4:4d:48:75:08:3c:ac:25:
17:6b:ac:11:d5:95:c4:56:de:0c:b5:2d:a4:2c:10:
9a:89:95:a4:2a:a7:4d:7a:8b:a9:41:a7:14:bc:bd:
7f:7a:55:ed:b4:af:34:0b:9a:6d:a7:ff:6b:94:3a:
19:af:fe:c9:1a:aa:73:e7:8f:a6:49:35:82:1d:a2:
03:67:87:b3:2c:93:12:21:d4:5c:a1:54:06:c5:b2:
91:6b:35:6e:3b:25:6f:ad:f2:d2:f6:92:4e:d5:5b:
16:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:8D:1C:1F:58:02:49:AE:EB:B2:B4:4C:97:79:2B:14:D3:B9:7E:B3
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/017F0754588A11EF9FC2E90CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.23.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:59:27:3e:49:06:1c:3f:ee:18:82:c0:31:c3:cc:cc:b4:e4:
c7:ca:fb:ec:3a:20:eb:8c:9a:0c:47:09:4c:aa:fc:67:3f:48:
6a:b3:f3:51:93:bb:f7:a9:86:c4:aa:30:f7:70:53:75:1d:5a:
6d:08:e2:4f:e1:72:c9:54:46:1d:df:cd:ed:4b:69:8b:b7:2f:
ea:f2:06:5d:63:3a:c7:24:10:55:3c:84:5b:1a:3c:b4:c5:55:
48:75:b7:03:8d:c1:b6:00:6c:82:7f:b0:34:0c:80:88:b8:8a:
ca:ff:db:23:35:fa:7f:eb:a6:41:0f:16:58:f8:5b:f5:2e:1b:
40:8f:22:cf:13:5f:0a:7a:dd:f4:57:1b:31:31:7c:d9:ca:16:
63:c5:ed:cf:06:6c:a4:35:76:77:81:18:80:e1:e5:c8:f2:ab:
f4:aa:73:bf:50:7a:d2:88:f1:ad:3b:aa:6b:d5:e2:67:ec:a8:
3b:c4:fc:ad:43:c0:b4:03:38:1d:52:47:00:c6:c6:6f:c8:71:
e6:8a:02:71:1a:78:92:8e:59:6c:ed:1e:51:c8:c5:cd:96:db:
96:78:c8:11:14:67:dc:20:9e:e8:e7:8c:7d:4e:2c:ce:ff:77:
78:ba:61:6c:18:c0:58:4c:a9:a3:b3:25:1c:62:77:28:cc:89:
69:b5:3a:a1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA7AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQwODEyMDkwNTIyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI5ZDA1Mi0zYjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnFQnW1J9RzHjJ4/ujtDbYi7CVjxC8wsgnUV0ICS/C2Tzba4oIueDEVW3Alpl
uJcFCWv7/pbTrstjxSd96s3EQRnNxP4ZYhkEAh4IcumDXzgAOs78kTQ2sWsG1ixK
ei1OYnq+mm9GJqjM9cSnPnJUC1QGVZGALBdI5sLJj/YEuPKmbHg99Vsii031tfML
jSaPDTW/0HFOVLHSJ0t/tE1IdQg8rCUXa6wR1ZXEVt4MtS2kLBCaiZWkKqdNeoup
QacUvL1/elXttK80C5ptp/9rlDoZr/7JGqpz54+mSTWCHaIDZ4ezLJMSIdRcoVQG
xbKRazVuOyVvrfLS9pJO1VsWyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIKNHB9Y
Akmu67K0TJd5KxTTuX6zMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvMDE3RjA3NTQ1
ODhBMTFFRjlGQzJFOTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBcwDQYJKoZIhvcNAQELBQADggEBAK1ZJz5JBhw/7hiC
wDHDzMy05MfK++w6IOuMmgxHCUyq/Gc/SGqz81GTu/ephsSqMPdwU3UdWm0I4k/h
cslURh3fze1LaYu3L+ryBl1jOsckEFU8hFsaPLTFVUh1twONwbYAbIJ/sDQMgIi4
isr/2yM1+n/rpkEPFlj4W/UuG0CPIs8TXwp63fRXGzExfNnKFmPF7c8GbKQ1dneB
GIDh5cjyq/Sqc79QetKI8a07qmvV4mfsqDvE/K1DwLQDOB1SRwDGxm/IceaKAnEa
eJKOWWztHlHIxc2W25Z4yBEUZ9wgnujnjH1OLM7/d3i6YWwYwFhMqaOzJRxidyjM
iWm1OqE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:19:28 2025 by rpki-client