Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/24CFEF5A2C1411EEAD0E5C84C4F9AE02.roa
File: 24CFEF5A2C1411EEAD0E5C84C4F9AE02.roa (raw, json)
Hash identifier: ZuG7Pc88w3ZMZdQji9+ja6osxGA8xf2wQKmQ5PvHg94=
Subject key identifier: 1B:FB:EF:DB:87:8F:12:56:23:AE:9D:AD:D8:D2:51:E0:A5:9B:DC:7C
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 022F
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/24CFEF5A2C1411EEAD0E5C84C4F9AE02.roa
Signing time: Thu 27 Jul 2023 00:25:52 +0000
ROA not before: Thu 27 Jul 2023 00:25:52 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 398343
IP address blocks: 203.32.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 559 (0x22f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Jul 27 00:25:52 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64c1b990-dfe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e5:51:f8:c1:3c:56:1f:2c:e5:84:57:29:7a:
27:db:99:0f:e1:a1:4d:16:d7:70:74:51:97:05:86:
30:ac:ee:b5:10:4b:0b:ab:90:46:a7:17:7f:78:cd:
29:9b:c1:40:f6:0e:d6:74:d9:47:87:f5:d7:23:62:
25:fb:3f:80:cc:6f:f8:d8:eb:01:0c:c7:ce:d0:4c:
df:3a:76:08:94:ab:a2:51:44:2f:92:8c:57:28:99:
60:f6:c7:c9:73:42:f5:ca:fe:18:3c:f2:3c:76:19:
ba:b1:3c:6c:27:d0:94:54:fa:e2:d4:56:f8:e2:5b:
df:d9:6b:e2:25:f6:b1:03:80:28:35:14:bb:c9:8d:
75:c1:ba:f1:dd:35:87:a9:07:1b:3e:19:fd:5d:4d:
8c:9f:a7:94:99:e5:5f:41:2b:f2:9a:bf:1f:11:bc:
83:2e:a7:c9:7b:1b:8e:9a:b7:e7:69:95:02:8d:d5:
e3:a3:9e:42:3e:0e:83:4d:ce:9c:6b:3a:77:e2:9b:
98:f9:c9:08:98:51:b2:ad:ae:e9:44:ce:3a:71:4c:
d6:fe:12:87:33:b1:00:55:fb:4e:6d:79:d4:10:00:
a2:b3:5c:14:fd:c2:7d:77:d8:42:8b:89:a3:dd:ca:
90:9f:1b:2a:26:86:32:ee:11:82:c4:40:25:d2:3e:
45:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:FB:EF:DB:87:8F:12:56:23:AE:9D:AD:D8:D2:51:E0:A5:9B:DC:7C
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/24CFEF5A2C1411EEAD0E5C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.21.0/24
Signature Algorithm: sha256WithRSAEncryption
30:7d:61:62:1a:49:48:79:18:8d:35:01:59:fd:c4:2e:77:44:
c0:90:a7:86:99:15:ad:64:00:79:8d:d6:4e:33:5e:f5:cb:72:
88:f7:13:7b:54:c7:e6:a4:bf:ba:9b:4c:d9:d3:9f:68:71:a4:
31:56:a7:b3:8c:85:c0:74:75:2e:16:c8:4f:c1:39:1b:e0:63:
cf:7a:ab:b1:fe:71:cd:03:63:9e:66:6b:04:10:29:d5:af:e9:
a2:70:7e:e7:5d:2b:8e:38:cd:5f:0a:e7:a7:a1:d4:c0:31:2c:
b9:f4:10:42:73:ed:ac:ad:ee:5a:6c:f5:46:0e:bd:19:8a:27:
d1:33:ae:40:99:5e:9e:37:91:f7:7b:eb:86:1c:99:e6:6b:94:
ad:cc:d5:4a:ff:52:98:89:3e:22:6d:99:29:7c:68:a8:ac:fd:
d2:21:31:93:2f:78:27:a6:2e:d9:eb:f6:7c:bd:9a:d3:e9:d8:
7c:24:a7:53:be:a6:40:db:9c:8d:f8:ea:62:de:ac:08:c2:b5:
40:ef:53:7e:66:42:3b:f5:6e:18:cd:5e:c3:74:c6:15:47:6e:
1d:4d:f2:de:cc:bd:f2:d8:59:26:a6:ac:ef:5d:4b:c8:e5:4c:
8a:5d:d8:85:c9:e5:8b:5b:d9:4c:7f:57:5f:c3:65:7c:ce:4d:
ca:4f:1c:64
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwNzI3MDAyNTUyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGMxYjk5MC1kZmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0OVR+ME8Vh8s5YRXKXon25kP4aFNFtdwdFGXBYYwrO61EEsLq5BGpxd/eM0p
m8FA9g7WdNlHh/XXI2Il+z+AzG/42OsBDMfO0EzfOnYIlKuiUUQvkoxXKJlg9sfJ
c0L1yv4YPPI8dhm6sTxsJ9CUVPri1Fb44lvf2WviJfaxA4AoNRS7yY11wbrx3TWH
qQcbPhn9XU2Mn6eUmeVfQSvymr8fEbyDLqfJexuOmrfnaZUCjdXjo55CPg6DTc6c
azp34puY+ckImFGyra7pRM46cUzW/hKHM7EAVftObXnUEACis1wU/cJ9d9hCi4mj
3cqQnxsqJoYy7hGCxEAl0j5FyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBv779uH
jxJWI66drdjSUeClm9x8MB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvMjRDRkVGNUEy
QzE0MTFFRUFEMEU1Qzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBUwDQYJKoZIhvcNAQELBQADggEBADB9YWIaSUh5GI01
AVn9xC53RMCQp4aZFa1kAHmN1k4zXvXLcoj3E3tUx+akv7qbTNnTn2hxpDFWp7OM
hcB0dS4WyE/BORvgY896q7H+cc0DY55mawQQKdWv6aJwfuddK444zV8K56eh1MAx
LLn0EEJz7ayt7lps9UYOvRmKJ9EzrkCZXp43kfd764YcmeZrlK3M1Ur/UpiJPiJt
mSl8aKis/dIhMZMveCemLtnr9ny9mtPp2Hwkp1O+pkDbnI346mLerAjCtUDvU35m
Qjv1bhjNXsN0xhVHbh1N8t7MvfLYWSamrO9dS8jlTIpd2IXJ5Ytb2Ux/V1/DZXzO
TcpPHGQ=
-----END CERTIFICATE-----
Generated at Tue Sep 26 23:30:25 2023 by rpki-client on console-ams.rpki-client.org