Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/318E7E18301611EEB779DB7CC4F9AE02.roa
File: 318E7E18301611EEB779DB7CC4F9AE02.roa (raw, json)
Hash identifier: xW0N71uyn4JHjEGpydAseZJKeac8QsTS2YRdGASTkyI=
Subject key identifier: 53:5D:A6:AE:32:65:9D:E7:7F:3E:B3:27:54:FF:35:EB:CE:38:C2:D2
Certificate issuer: /CN=A9197227/serialNumber=2659CED1527D2CABD8B2C53075ECCD94ED71FE98
Certificate serial: 0547
Authority key identifier: 26:59:CE:D1:52:7D:2C:AB:D8:B2:C5:30:75:EC:CD:94:ED:71:FE:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JlnO0VJ9LKvYssUwdezNlO1x_pg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/318E7E18301611EEB779DB7CC4F9AE02.roa
Signing time: Tue 01 Aug 2023 02:50:38 +0000
ROA not before: Tue 01 Aug 2023 02:50:38 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 17635
IP address blocks: 203.14.105.0/24 maxlen: 24
203.57.128.0/20 maxlen: 20
2406:9680::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1351 (0x547)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197227/serialNumber=2659CED1527D2CABD8B2C53075ECCD94ED71FE98
Validity
Not Before: Aug 1 02:50:38 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64c872fd-ac20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2b:4f:6d:c9:05:83:6b:4e:70:24:68:6c:e9:
be:c3:d0:30:e0:f6:bf:2c:ba:df:66:2a:03:09:ee:
5e:e6:5d:27:c2:a3:d9:e6:01:19:39:e1:05:c1:4d:
c1:0e:64:23:25:4f:c6:f8:4c:09:61:6e:ac:43:4b:
c2:91:d1:90:c1:07:5e:9a:dd:2f:f0:78:a3:87:61:
59:e4:28:1d:fa:8a:70:40:a5:b5:3e:3d:33:3c:10:
28:7e:5a:93:53:2c:1d:d5:d0:36:3c:36:14:44:4a:
46:02:8f:9e:44:81:cd:78:91:a4:87:02:36:af:a6:
ac:20:8c:38:0f:e3:06:1c:e9:6d:01:79:49:bc:a9:
b2:85:1f:ea:35:f8:f2:74:f6:f9:56:44:be:b7:14:
66:20:40:63:67:1f:fa:88:6c:21:8e:8c:d6:b1:32:
03:4d:76:52:fb:ec:a5:c0:10:7a:c3:f2:ae:37:71:
ba:a6:17:9d:29:68:58:fc:6f:ba:43:8b:cb:83:88:
3b:94:18:13:9b:87:99:84:87:f5:ac:bc:72:24:80:
d6:ef:2f:38:68:db:9d:ab:ac:19:0c:09:64:3d:67:
98:d2:bc:2a:dd:a7:dc:35:3f:94:4a:fb:ab:05:98:
8f:18:a4:e8:36:60:9a:26:81:49:16:06:64:3e:72:
7c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:5D:A6:AE:32:65:9D:E7:7F:3E:B3:27:54:FF:35:EB:CE:38:C2:D2
X509v3 Authority Key Identifier:
keyid:26:59:CE:D1:52:7D:2C:AB:D8:B2:C5:30:75:EC:CD:94:ED:71:FE:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/JlnO0VJ9LKvYssUwdezNlO1x_pg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JlnO0VJ9LKvYssUwdezNlO1x_pg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/318E7E18301611EEB779DB7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.14.105.0/24
203.57.128.0/20
IPv6:
2406:9680::/32
Signature Algorithm: sha256WithRSAEncryption
0c:d0:b7:59:f3:0f:d1:54:0f:31:ba:44:70:fa:de:27:04:40:
49:c9:dc:90:eb:e8:f5:49:32:7a:c0:3d:3f:7b:73:eb:ed:12:
b5:d0:96:be:64:09:70:72:2e:4e:04:86:40:48:fa:0d:43:64:
1c:ae:a5:83:74:bc:72:d0:e0:d2:d6:dc:21:21:87:c0:4c:f0:
c6:31:b0:7c:c8:c1:ed:9c:51:67:21:13:26:da:12:43:94:2d:
62:45:b9:65:02:4f:ea:61:45:28:cd:e0:00:8a:48:8e:15:e6:
86:70:88:33:4b:66:2d:1a:62:c3:ff:c7:aa:11:c0:4c:2d:4c:
87:28:b1:e5:0a:ae:ae:45:34:cc:7b:03:49:82:e0:f6:3f:d0:
d6:86:f1:c8:1f:80:13:27:69:52:8b:9e:e9:26:19:49:da:82:
f9:c1:a1:3f:de:a6:97:f4:87:70:56:23:90:89:b0:45:0c:a9:
13:99:9c:c8:0f:1c:76:2e:e7:f3:70:0a:bf:03:60:57:4d:c4:
22:d0:ca:ff:6f:d7:6c:1f:4d:89:de:1c:11:fa:63:cf:56:f5:
26:be:13:a7:da:cd:86:19:cc:7a:9d:e8:ad:c5:37:ab:fc:f7:
01:d3:a4:7b:d7:d1:bf:60:99:03:fa:19:4c:b2:d9:47:e4:66:
5c:5b:00:17
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTcyMjcxMTAvBgNVBAUTKDI2NTlDRUQxNTI3RDJDQUJEOEIyQzUzMDc1RUNDRDk0
RUQ3MUZFOTgwHhcNMjMwODAxMDI1MDM4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM4NzJmZC1hYzIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5ytPbckFg2tOcCRobOm+w9Aw4Pa/LLrfZioDCe5e5l0nwqPZ5gEZOeEFwU3B
DmQjJU/G+EwJYW6sQ0vCkdGQwQdemt0v8Hijh2FZ5Cgd+opwQKW1Pj0zPBAoflqT
Uywd1dA2PDYUREpGAo+eRIHNeJGkhwI2r6asIIw4D+MGHOltAXlJvKmyhR/qNfjy
dPb5VkS+txRmIEBjZx/6iGwhjozWsTIDTXZS++ylwBB6w/KuN3G6phedKWhY/G+6
Q4vLg4g7lBgTm4eZhIf1rLxyJIDW7y84aNudq6wZDAlkPWeY0rwq3afcNT+USvur
BZiPGKToNmCaJoFJFgZkPnJ8sQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFNdpq4y
ZZ3nfz6zJ1T/NevOOMLSMB8GA1UdIwQYMBaAFCZZztFSfSyr2LLFMHXszZTtcf6Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzIyNy80RkNGNTY4RTdC
MDcxMUVCOUFGODQzODRDNEY5QUUwMi9KbG5PMFZKOUxLdllzc1V3ZGV6TmxPMXhf
cGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0psbk8wVko5TEt2WXNzVXdkZXpObE8xeF9wZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTcyMjcvNEZDRjU2OEU3QjA3MTFFQjlBRjg0Mzg0QzRGOUFFMDIvMzE4RTdFMTgz
MDE2MTFFRUI3NzlEQjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBADLDmkDBATLOYAwDQQCAAIwBwMFACQGloAwDQYJKoZIhvcN
AQELBQADggEBAAzQt1nzD9FUDzG6RHD63icEQEnJ3JDr6PVJMnrAPT97c+vtErXQ
lr5kCXByLk4EhkBI+g1DZByupYN0vHLQ4NLW3CEhh8BM8MYxsHzIwe2cUWchEyba
EkOULWJFuWUCT+phRSjN4ACKSI4V5oZwiDNLZi0aYsP/x6oRwEwtTIcoseUKrq5F
NMx7A0mC4PY/0NaG8cgfgBMnaVKLnukmGUnagvnBoT/eppf0h3BWI5CJsEUMqROZ
nMgPHHYu5/NwCr8DYFdNxCLQyv9v12wfTYneHBH6Y89W9Sa+E6fazYYZzHqd6K3F
N6v89wHTpHvX0b9gmQP6GUyy2UfkZlxbABc=
-----END CERTIFICATE-----
Generated at Wed Oct 25 04:22:35 2023 by rpki-client on console-ams.rpki-client.org