Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/79E7F3D897B311EEBA968042C4F9AE02.roa
File: 79E7F3D897B311EEBA968042C4F9AE02.roa (raw, json)
Hash identifier: 6r9Qw7B+BGL0sjvuDZLqduwJtA9vAS+8wIbgCHY6qH0=
Subject key identifier: 6F:57:55:48:E2:7F:BA:7B:BD:D9:4F:01:E5:66:4B:C7:F7:8D:F5:50
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 030A
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/79E7F3D897B311EEBA968042C4F9AE02.roa
Signing time: Sat 06 Jan 2024 09:25:21 +0000
ROA not before: Sat 06 Jan 2024 09:25:21 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 150110
IP address blocks: 203.32.25.0/24 maxlen: 24
203.32.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 21:27:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 778 (0x30a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Jan 6 09:25:21 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65991c81-c07a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:21:f2:c2:3a:bc:db:d0:4b:73:63:cc:1a:33:
de:30:1d:66:19:fe:9d:a3:ac:10:31:83:fe:4e:62:
77:5d:59:85:3c:c2:f7:15:e6:40:a1:cf:d6:a4:6c:
77:75:f7:96:cf:6f:80:f4:b8:2a:7c:ce:c1:2d:42:
65:ae:b2:4b:6d:27:93:1b:1a:0e:f5:e7:1c:4e:ce:
ae:d3:c1:69:de:18:db:e0:41:96:52:1a:d2:2c:a2:
33:26:31:fe:07:86:37:95:bb:85:a7:4c:7c:60:d9:
42:26:0b:9a:0c:53:7a:9d:56:a2:51:d6:58:0c:11:
90:f5:6d:4b:b6:72:96:e6:52:8a:17:d8:82:6a:80:
55:10:12:c3:52:6e:d3:2c:74:49:c0:7a:cb:7b:8d:
e4:2d:9a:12:2c:7a:ce:ac:e5:97:18:15:a8:a3:d7:
3b:c3:ed:ca:7b:e7:bf:14:2e:27:81:f2:dd:56:a4:
42:f6:1a:c5:d2:8f:a2:f1:b9:fc:1f:4d:7e:1e:04:
33:8b:21:e7:82:30:90:03:86:a5:ca:36:6a:0c:9f:
f0:2d:dd:d0:2a:6c:29:b8:46:a8:00:35:fc:72:41:
c2:aa:a8:30:6c:3f:44:f4:8c:3e:45:4a:77:47:77:
9e:3d:97:e4:7f:4b:d2:f7:6b:4a:c7:65:99:2a:65:
81:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:57:55:48:E2:7F:BA:7B:BD:D9:4F:01:E5:66:4B:C7:F7:8D:F5:50
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/79E7F3D897B311EEBA968042C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.25.0/24
203.32.38.0/24
Signature Algorithm: sha256WithRSAEncryption
51:f7:74:1b:fa:31:ee:bb:59:9e:23:bc:a1:df:9e:b9:52:f0:
cf:eb:40:b5:28:93:de:dc:bd:c8:ad:7f:bd:6b:5a:f8:03:99:
8b:28:27:dc:3e:cf:32:62:19:12:2f:fe:ba:5e:11:07:1e:8d:
45:1c:eb:50:84:b2:d6:0e:31:8f:32:88:98:30:6b:16:c1:e8:
e3:e0:63:1e:c4:0c:9d:bd:72:b3:a4:4c:2c:66:18:29:27:10:
d4:a1:cc:ce:58:b1:cd:3d:6f:8d:2b:99:e8:6e:11:2a:06:04:
93:40:8a:aa:c7:61:57:db:02:e9:56:6e:d7:71:2e:08:de:9c:
0d:c0:6c:f7:a5:69:0e:ea:ee:54:c3:72:73:c3:a9:b9:33:f1:
97:72:da:ff:f9:9f:c0:3d:b7:7c:b9:b5:b6:36:b7:dd:c5:6e:
88:a2:38:cf:f9:89:0c:7d:1b:85:d7:63:1f:cf:24:65:c9:aa:
8d:c4:61:30:05:03:81:8e:c3:de:c7:bf:4e:30:39:58:70:25:
b3:95:d9:ef:eb:0b:d0:a1:78:c7:de:06:56:46:5d:9f:de:47:
cd:a0:1c:9c:eb:68:ed:f9:a8:b8:0c:fb:3e:8c:ed:0c:36:73:
21:1a:1f:99:35:4c:98:e4:ac:fb:8a:65:d7:a5:4e:0f:0b:69:
01:89:ad:34
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAwowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQwMTA2MDkyNTIxWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk5MWM4MS1jMDdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0SHywjq829BLc2PMGjPeMB1mGf6do6wQMYP+TmJ3XVmFPML3FeZAoc/WpGx3
dfeWz2+A9LgqfM7BLUJlrrJLbSeTGxoO9eccTs6u08Fp3hjb4EGWUhrSLKIzJjH+
B4Y3lbuFp0x8YNlCJguaDFN6nVaiUdZYDBGQ9W1LtnKW5lKKF9iCaoBVEBLDUm7T
LHRJwHrLe43kLZoSLHrOrOWXGBWoo9c7w+3Ke+e/FC4ngfLdVqRC9hrF0o+i8bn8
H01+HgQziyHngjCQA4alyjZqDJ/wLd3QKmwpuEaoADX8ckHCqqgwbD9E9Iw+RUp3
R3eePZfkf0vS92tKx2WZKmWBZQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFG9XVUji
f7p7vdlPAeVmS8f3jfVQMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNzlFN0YzRDg5
N0IzMTFFRUJBOTY4MDQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLIBkDBADLICYwDQYJKoZIhvcNAQELBQADggEBAFH3dBv6
Me67WZ4jvKHfnrlS8M/rQLUok97cvcitf71rWvgDmYsoJ9w+zzJiGRIv/rpeEQce
jUUc61CEstYOMY8yiJgwaxbB6OPgYx7EDJ29crOkTCxmGCknENShzM5Ysc09b40r
mehuESoGBJNAiqrHYVfbAulWbtdxLgjenA3AbPelaQ7q7lTDcnPDqbkz8Zdy2v/5
n8A9t3y5tbY2t93FboiiOM/5iQx9G4XXYx/PJGXJqo3EYTAFA4GOw97Hv04wOVhw
JbOV2e/rC9CheMfeBlZGXZ/eR82gHJzraO35qLgM+z6M7Qw2cyEaH5k1TJjkrPuK
ZdelTg8LaQGJrTQ=
-----END CERTIFICATE-----
Generated at Wed Feb 7 00:25:24 2024 by rpki-client on console-fra.rpki-client.org