Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/87A1CDFEC53611EEBC1FF571C4F9AE02.roa
File: 87A1CDFEC53611EEBC1FF571C4F9AE02.roa (raw, json)
Hash identifier: 2/ccGdXxf/N1bTs8/Krq7RIEc8jLUNJJHZ1RiygyVvY=
Subject key identifier: 44:56:A0:0F:47:60:50:38:87:37:C4:17:C7:D1:5E:2A:21:B1:0F:7F
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 031D
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/87A1CDFEC53611EEBC1FF571C4F9AE02.roa
Signing time: Tue 06 Feb 2024 21:27:29 +0000
ROA not before: Tue 06 Feb 2024 21:27:29 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 150110
IP address blocks: 203.32.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 06:47:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 797 (0x31d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Feb 6 21:27:29 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65c2a441-89a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cd:a7:06:71:c8:77:ad:8a:70:54:fd:cd:aa:
55:c7:c8:e0:9e:01:e0:58:1f:73:a6:72:8f:36:ed:
1d:7a:f3:11:55:ae:bf:13:a8:dd:c1:a7:89:ce:c1:
ac:2d:8e:eb:fd:27:c8:9b:9d:27:f4:24:6f:3a:2b:
96:3c:00:c3:d9:5a:3c:e8:cd:10:e7:2e:f7:3b:96:
3f:78:a1:a4:f9:0d:b1:c4:92:6b:7e:0b:a7:67:2c:
50:7a:5b:a8:c4:b3:64:64:6a:1f:f8:86:cc:b9:e0:
ca:75:ef:d7:79:95:ef:b7:88:9c:72:34:62:27:ed:
c0:6a:e9:57:59:5a:d6:64:74:d9:d6:95:c9:50:a1:
9c:f6:6d:f2:e0:e9:82:06:e6:1a:05:06:bc:6f:85:
c2:f5:a5:a7:4d:36:7b:8f:2d:89:09:d9:85:78:cb:
81:97:43:2f:36:cb:f5:17:95:3d:ff:c8:2b:d8:6f:
7d:16:9e:97:93:da:1f:7b:24:f0:a3:a4:98:8c:3e:
36:5e:52:dc:4b:bb:12:59:11:a4:4b:ef:4f:57:af:
6f:91:4a:3e:b1:bf:54:36:72:88:dc:e1:86:bf:5f:
75:25:27:2b:14:4a:22:71:59:84:01:75:00:17:47:
94:a9:8b:db:45:fa:d6:96:a0:78:61:bb:33:d7:9f:
fb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:56:A0:0F:47:60:50:38:87:37:C4:17:C7:D1:5E:2A:21:B1:0F:7F
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/87A1CDFEC53611EEBC1FF571C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.25.0/24
Signature Algorithm: sha256WithRSAEncryption
38:e0:0f:d1:f8:8b:22:85:cf:e6:1d:05:eb:c5:56:18:2d:e6:
00:7d:9d:74:0b:b3:da:96:d1:b0:a0:c2:3a:97:f5:a2:0e:5b:
98:84:ef:17:69:91:a9:91:02:91:41:cf:30:26:02:9f:61:68:
6f:59:ba:dc:b5:20:9a:52:a2:68:77:42:36:47:c7:f4:8f:8d:
ed:a3:90:03:bf:06:0c:7f:19:ee:fc:53:23:8e:23:27:d1:20:
d5:ce:6f:5e:21:ae:85:06:7f:7f:78:30:f0:c2:98:d6:89:05:
a4:17:fb:c3:55:bd:f5:b2:87:bb:46:75:4f:02:e7:58:e2:a0:
90:57:76:9a:87:25:7c:39:15:8f:da:9e:ab:c1:f9:43:81:48:
4f:db:ff:e6:5e:4f:9d:59:2f:7f:e6:2c:f0:bc:83:69:c1:db:
41:77:4f:4d:fb:69:a5:30:1d:2a:b2:02:c6:5f:20:ab:82:21:
63:f6:f1:b6:6a:36:c3:c6:e3:07:bf:86:ba:02:6c:62:cb:ba:
3a:c7:6f:5f:97:dd:0e:3a:de:d0:f4:dc:18:82:b2:d3:ec:dc:
34:7e:44:2e:01:47:06:d4:55:1a:7f:ac:ab:98:36:0a:3a:6c:
7b:9b:c1:87:36:9c:bd:97:5e:e7:14:d6:d0:b5:46:3a:90:9a:
e1:34:98:2d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAx0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQwMjA2MjEyNzI5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWMyYTQ0MS04OWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoM2nBnHId62KcFT9zapVx8jgngHgWB9zpnKPNu0devMRVa6/E6jdwaeJzsGs
LY7r/SfIm50n9CRvOiuWPADD2Vo86M0Q5y73O5Y/eKGk+Q2xxJJrfgunZyxQeluo
xLNkZGof+IbMueDKde/XeZXvt4iccjRiJ+3AaulXWVrWZHTZ1pXJUKGc9m3y4OmC
BuYaBQa8b4XC9aWnTTZ7jy2JCdmFeMuBl0MvNsv1F5U9/8gr2G99Fp6Xk9ofeyTw
o6SYjD42XlLcS7sSWRGkS+9PV69vkUo+sb9UNnKI3OGGv191JScrFEoicVmEAXUA
F0eUqYvbRfrWlqB4Ybsz15/7pwIDAQABo4IClTCCApEwHQYDVR0OBBYEFERWoA9H
YFA4hzfEF8fRXiohsQ9/MB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvODdBMUNERkVD
NTM2MTFFRUJDMUZGNTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBkwDQYJKoZIhvcNAQELBQADggEBADjgD9H4iyKFz+Yd
BevFVhgt5gB9nXQLs9qW0bCgwjqX9aIOW5iE7xdpkamRApFBzzAmAp9haG9Zuty1
IJpSomh3QjZHx/SPje2jkAO/Bgx/Ge78UyOOIyfRINXOb14hroUGf394MPDCmNaJ
BaQX+8NVvfWyh7tGdU8C51jioJBXdpqHJXw5FY/anqvB+UOBSE/b/+ZeT51ZL3/m
LPC8g2nB20F3T037aaUwHSqyAsZfIKuCIWP28bZqNsPG4we/hroCbGLLujrHb1+X
3Q463tD03BiCstPs3DR+RC4BRwbUVRp/rKuYNgo6bHubwYc2nL2XXucU1tC1RjqQ
muE0mC0=
-----END CERTIFICATE-----
Generated at Tue Feb 13 11:39:47 2024 by rpki-client on console-fra.rpki-client.org