Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/A02BB7E079EC11ED9A7DC131C4F9AE02.roa
File: A02BB7E079EC11ED9A7DC131C4F9AE02.roa (raw, json)
Hash identifier: Qg+jdd07/CsaR/Yfo8gm6ozAuQ6FK42oy1TKeEvfP8k=
Subject key identifier: 7E:0E:74:DE:25:6C:57:E0:02:11:0E:55:E6:DE:35:7E:CA:76:64:3F
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 41
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/A02BB7E079EC11ED9A7DC131C4F9AE02.roa
Signing time: Mon 12 Dec 2022 07:14:33 +0000
ROA not before: Mon 12 Dec 2022 07:14:33 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 49999
IP address blocks: 218.33.84.0/22 maxlen: 24
218.33.88.0/22 maxlen: 24
218.33.112.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65 (0x41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Dec 12 07:14:33 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6396d4d8-6804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:18:2d:e3:6f:ed:e4:c0:3c:7b:79:d7:7d:16:
3d:2c:2a:38:15:97:0f:b6:12:43:e0:ca:4b:24:ca:
46:64:79:8d:6b:c1:d6:a1:14:c5:ff:fc:d9:94:28:
56:8d:69:25:51:e0:f0:e2:8e:09:98:36:2d:db:6d:
58:2b:41:ac:44:f1:b2:da:1f:36:8d:0a:9e:5e:08:
58:c2:3c:b3:76:0e:9b:e2:74:3e:2d:b0:3a:80:ab:
30:18:8d:51:d9:86:c1:a1:d1:2a:55:92:ba:d4:48:
b4:d4:72:ee:d4:5c:b0:d0:6e:a3:36:f5:d5:25:bf:
ec:c5:37:e6:e6:de:38:74:cd:ac:75:bc:41:51:f4:
e4:3a:c9:e9:54:e9:df:c8:77:21:17:e7:cf:2f:a6:
8e:35:f6:85:25:dd:83:13:48:66:77:a5:08:93:df:
81:dc:31:45:7c:5d:26:88:4b:76:d1:95:ad:05:dd:
0d:81:c4:36:5f:99:c2:a7:a9:11:f8:95:9b:53:6d:
c9:a1:07:4b:14:d5:9c:3b:ae:55:c0:0e:cf:ed:25:
08:55:b1:9f:33:12:b8:4f:4a:53:f2:27:a5:f6:1c:
67:99:94:fd:64:9a:80:f3:04:78:64:fe:08:10:f9:
bf:c1:5b:73:54:a3:87:b2:dd:3e:88:84:b8:5c:1b:
bc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:0E:74:DE:25:6C:57:E0:02:11:0E:55:E6:DE:35:7E:CA:76:64:3F
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/A02BB7E079EC11ED9A7DC131C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.33.84.0-218.33.91.255
218.33.112.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:9e:5a:d0:ba:cf:65:0c:99:f0:b3:09:83:75:c8:62:a2:52:
17:49:6a:04:f6:9f:f5:f3:41:48:56:51:e7:32:20:02:54:c2:
d1:6f:6a:43:dc:43:2d:d8:ef:b7:35:93:e5:9b:70:5d:c7:a0:
fc:c1:05:d2:00:e0:3b:43:d7:f7:c4:c7:62:42:0f:7a:ae:c2:
cb:ec:6b:db:b6:5f:29:85:9d:f4:e9:ac:bc:18:1d:fc:85:15:
b5:00:97:fb:e4:ab:cc:85:97:0b:f4:1a:3d:27:04:15:4d:6c:
c5:7a:1e:47:22:d0:04:e1:55:41:fd:b3:7f:6e:35:df:f4:f7:
bf:d0:26:78:61:1c:c5:19:ea:a2:bd:7e:c9:b4:ee:76:0c:63:
70:fc:6f:61:41:88:32:6c:11:36:9e:82:81:6e:cf:bd:a5:bd:
dc:27:ae:bc:a8:30:57:f7:3c:dd:4e:83:43:9e:25:b2:af:08:
7b:53:2b:53:9e:0d:43:38:87:c7:c3:88:34:97:fb:2a:8f:2c:
34:ac:a5:99:34:00:21:6b:76:56:2d:12:ef:c9:a1:a4:cc:93:
c8:49:99:3e:26:e8:8b:c2:c9:30:2f:de:83:88:23:f8:67:a8:
ed:69:8c:5f:d5:b3:98:e7:61:9a:ac:fd:8b:9d:01:6f:ba:a2:
d6:04:81:f3
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIBQTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MkMxODExMC8GA1UEBRMoRjFGRTBDMzI3RTc5RTVBRjQzRTE1QjBFNkY4Q0Q2NkMw
MzI5RDEzODAeFw0yMjEyMTIwNzE0MzNaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOTZkNGQ4LTY4MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlGC3jb+3kwDx7edd9Fj0sKjgVlw+2EkPgykskykZkeY1rwdahFMX//NmUKFaN
aSVR4PDijgmYNi3bbVgrQaxE8bLaHzaNCp5eCFjCPLN2DpvidD4tsDqAqzAYjVHZ
hsGh0SpVkrrUSLTUcu7UXLDQbqM29dUlv+zFN+bm3jh0zax1vEFR9OQ6yelU6d/I
dyEX588vpo419oUl3YMTSGZ3pQiT34HcMUV8XSaIS3bRla0F3Q2BxDZfmcKnqRH4
lZtTbcmhB0sU1Zw7rlXADs/tJQhVsZ8zErhPSlPyJ6X2HGeZlP1kmoDzBHhk/ggQ
+b/BW3NUo4ey3T6IhLhcG7wlAgMBAAGjggKjMIICnzAdBgNVHQ4EFgQUfg503iVs
V+ACEQ5V5t41fsp2ZD8wHwYDVR0jBBgwFoAU8f4MMn555a9D4VsOb4zWbAMp0Tgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkyQzE4LzlBNUVFQThDM0RG
NDExRUQ4MDQxRjkzMEM0RjlBRTAyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBU
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOGY0TU1uNTU1YTlENFZzT2I0eldiQU1wMFRnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MkMxOC85QTVFRUE4QzNERjQxMUVEODA0MUY5MzBDNEY5QUUwMi9BMDJCQjdFMDc5
RUMxMUVEOUE3REMxMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcBBwEB/wQe
MBwwGgQCAAEwFDAMAwQC2iFUAwQC2iFYAwQC2iFwMA0GCSqGSIb3DQEBCwUAA4IB
AQDFnlrQus9lDJnwswmDdchiolIXSWoE9p/180FIVlHnMiACVMLRb2pD3EMt2O+3
NZPlm3Bdx6D8wQXSAOA7Q9f3xMdiQg96rsLL7Gvbtl8phZ306ay8GB38hRW1AJf7
5KvMhZcL9Bo9JwQVTWzFeh5HItAE4VVB/bN/bjXf9Pe/0CZ4YRzFGeqivX7JtO52
DGNw/G9hQYgybBE2noKBbs+9pb3cJ668qDBX9zzdToNDniWyrwh7UytTng1DOIfH
w4g0l/sqjyw0rKWZNAAha3ZWLRLvyaGkzJPISZk+JuiLwskwL96DiCP4Z6jtaYxf
1bOY52GarP2LnQFvuqLWBIHz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:59 2023 by rpki-client on console-fra.rpki-client.org