Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/6995F0ACC60211EEA80FC636C4F9AE02.roa
File: 6995F0ACC60211EEA80FC636C4F9AE02.roa (raw, json)
Hash identifier: N0JW6IwBpuF/eeF3bez8sVsbSSyogzN3Ban/iw4llJY=
Subject key identifier: 21:82:3C:A9:B4:B5:9B:68:E7:8A:A5:D8:F0:83:75:39:0E:FA:7C:C8
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 0324
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/6995F0ACC60211EEA80FC636C4F9AE02.roa
Signing time: Wed 07 Feb 2024 21:46:56 +0000
ROA not before: Wed 07 Feb 2024 21:46:56 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 199956
IP address blocks: 203.32.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 21:10:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 804 (0x324)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Feb 7 21:46:56 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65c3fa50-7823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:32:15:d4:fe:0b:59:96:bf:5c:b6:05:e1:b6:
6f:e3:fe:c1:ea:d8:b1:1d:95:57:25:a2:83:d0:89:
2e:d2:b9:94:a6:79:35:d0:84:eb:27:49:c7:4c:10:
40:3c:94:4e:4b:d9:6c:2c:3f:1b:33:1f:dc:6d:2a:
b6:54:81:af:8a:3f:e1:11:1b:17:61:04:16:13:44:
9c:87:73:0f:75:b5:26:20:1b:a0:f1:65:b3:7a:29:
92:2e:99:b2:20:c3:71:4e:a0:db:76:7a:e5:0b:7d:
35:62:16:2f:e8:21:3f:6c:06:56:3f:ea:ac:9f:11:
6c:74:d3:1b:2b:ae:7b:e1:22:0a:99:55:45:68:6a:
79:79:54:6a:98:80:8e:ff:60:ca:34:95:e1:ef:95:
78:b0:f2:dd:b2:82:19:10:65:2b:c9:17:2a:f7:c6:
06:45:54:50:88:84:52:9a:e1:d5:c2:d8:a1:1a:11:
70:aa:74:95:59:4d:11:3f:e4:ec:c5:35:5a:67:0b:
e7:c0:73:67:cf:c5:1d:f6:1b:09:bb:d0:69:63:9d:
51:b0:51:5e:31:b5:13:94:53:65:af:ba:b6:68:9e:
a5:b5:e2:c0:ff:79:24:e6:da:da:cf:30:03:8f:c1:
a4:3b:11:92:ac:98:b0:71:d3:4c:e5:d4:63:cc:40:
41:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:82:3C:A9:B4:B5:9B:68:E7:8A:A5:D8:F0:83:75:39:0E:FA:7C:C8
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/6995F0ACC60211EEA80FC636C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.38.0/24
Signature Algorithm: sha256WithRSAEncryption
52:bb:9d:c1:c7:4d:21:f1:71:06:48:9d:a4:37:1e:4e:56:db:
e7:ce:e0:61:2b:15:18:fb:8d:1d:00:5f:a8:d0:b3:fc:f5:19:
49:db:75:19:e7:f2:58:1d:4f:eb:1a:a6:ee:f1:b2:07:a3:4a:
6b:99:c9:39:d2:72:e9:41:52:31:33:82:71:1e:52:f2:20:e4:
af:51:d4:05:4e:70:77:f6:cf:ab:d5:76:f1:19:d7:d8:8c:98:
69:56:08:6c:24:5c:f2:14:95:57:5f:d4:90:fe:17:4f:98:9b:
09:b8:0e:14:28:6b:b2:65:90:0f:fb:a0:c9:8b:77:4c:f2:44:
97:a7:93:40:8b:94:08:11:8d:6e:74:6e:84:77:9f:35:57:65:
a6:50:ea:fe:b3:50:4c:9a:3b:75:3c:a8:67:04:50:ed:fb:69:
9e:26:bb:c4:dd:a1:cf:cc:c8:cf:91:e0:57:a6:f8:37:00:95:
75:75:ba:14:e6:22:ec:fa:59:f6:bb:90:59:2e:39:dc:fc:5b:
42:a5:3a:30:9e:7e:78:4a:8d:e8:52:29:88:f9:65:0c:7c:34:
fc:1d:cf:2a:83:21:dc:ac:af:f0:f7:9c:af:cf:06:de:8b:a7:
60:0e:b8:e4:97:85:c1:78:ad:40:2a:95:95:5f:1c:ae:6f:8b:
44:a9:91:04
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAyQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQwMjA3MjE0NjU2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWMzZmE1MC03ODIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsDIV1P4LWZa/XLYF4bZv4/7B6tixHZVXJaKD0Iku0rmUpnk10ITrJ0nHTBBA
PJROS9lsLD8bMx/cbSq2VIGvij/hERsXYQQWE0Sch3MPdbUmIBug8WWzeimSLpmy
IMNxTqDbdnrlC301YhYv6CE/bAZWP+qsnxFsdNMbK6574SIKmVVFaGp5eVRqmICO
/2DKNJXh75V4sPLdsoIZEGUryRcq98YGRVRQiIRSmuHVwtihGhFwqnSVWU0RP+Ts
xTVaZwvnwHNnz8Ud9hsJu9BpY51RsFFeMbUTlFNlr7q2aJ6lteLA/3kk5trazzAD
j8GkOxGSrJiwcdNM5dRjzEBBTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCGCPKm0
tZto54ql2PCDdTkO+nzIMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNjk5NUYwQUND
NjAyMTFFRUE4MEZDNjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLICYwDQYJKoZIhvcNAQELBQADggEBAFK7ncHHTSHxcQZI
naQ3Hk5W2+fO4GErFRj7jR0AX6jQs/z1GUnbdRnn8lgdT+sapu7xsgejSmuZyTnS
culBUjEzgnEeUvIg5K9R1AVOcHf2z6vVdvEZ19iMmGlWCGwkXPIUlVdf1JD+F0+Y
mwm4DhQoa7JlkA/7oMmLd0zyRJenk0CLlAgRjW50boR3nzVXZaZQ6v6zUEyaO3U8
qGcEUO37aZ4mu8Tdoc/MyM+R4Fem+DcAlXV1uhTmIuz6Wfa7kFkuOdz8W0KlOjCe
fnhKjehSKYj5ZQx8NPwdzyqDIdysr/D3nK/PBt6Lp2AOuOSXhcF4rUAqlZVfHK5v
i0SpkQQ=
-----END CERTIFICATE-----
Generated at Sat Mar 16 00:16:31 2024 by rpki-client on console-fra.rpki-client.org