Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/976F7E467B0811EBA9191185C4F9AE02.roa
File: 976F7E467B0811EBA9191185C4F9AE02.roa (raw, json)
Hash identifier: lhSYxNRJB98ReDLnf0KO64R3bPFnrOUClxbkGErXLI0=
Subject key identifier: 0A:4B:84:AA:06:54:6C:ED:98:E4:57:52:0D:EB:5B:14:FB:EB:1C:FD
Certificate issuer: /CN=A9197227/serialNumber=2659CED1527D2CABD8B2C53075ECCD94ED71FE98
Certificate serial: 0527
Authority key identifier: 26:59:CE:D1:52:7D:2C:AB:D8:B2:C5:30:75:EC:CD:94:ED:71:FE:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JlnO0VJ9LKvYssUwdezNlO1x_pg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/976F7E467B0811EBA9191185C4F9AE02.roa
Signing time: Mon 31 Jul 2023 07:06:47 +0000
ROA not before: Mon 31 Jul 2023 07:06:47 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 17635
IP address blocks: 203.14.105.0/24 maxlen: 24
203.57.128.0/20 maxlen: 20
203.57.128.0/24 maxlen: 24
203.57.129.0/24 maxlen: 24
203.57.130.0/24 maxlen: 24
203.57.131.0/24 maxlen: 24
203.57.132.0/24 maxlen: 24
203.57.133.0/24 maxlen: 24
203.57.134.0/24 maxlen: 24
203.57.135.0/24 maxlen: 24
203.57.136.0/24 maxlen: 24
203.57.137.0/24 maxlen: 24
203.57.138.0/24 maxlen: 24
203.57.139.0/24 maxlen: 24
203.57.140.0/24 maxlen: 24
203.57.141.0/24 maxlen: 24
203.57.142.0/24 maxlen: 24
203.57.143.0/24 maxlen: 24
2406:9680::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1319 (0x527)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197227/serialNumber=2659CED1527D2CABD8B2C53075ECCD94ED71FE98
Validity
Not Before: Jul 31 07:06:47 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64c75d87-9286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c7:f2:1a:c8:a5:b3:40:17:b3:bc:b0:d9:48:
d8:05:a1:ec:3d:4a:85:bc:c0:17:f0:3f:50:9c:88:
74:8a:b3:1b:0c:26:44:a6:c0:fc:71:81:11:88:48:
b8:ed:6d:17:ae:77:6b:c7:49:19:46:27:59:75:4e:
47:ff:62:5a:37:82:9e:b2:62:f7:5d:07:21:7d:71:
8a:ec:8d:2b:e4:b1:3c:ad:4a:30:74:a9:79:ef:34:
81:4e:45:b0:ad:66:53:05:76:e2:14:b7:ec:50:5c:
f6:1c:cd:8e:9c:3e:6f:63:e9:10:71:7a:86:b6:1f:
2e:56:ea:c5:74:83:46:82:05:9f:fb:56:9a:93:63:
5a:61:16:01:75:f4:6f:79:d9:20:94:c9:f4:a2:ce:
53:2e:5e:73:ee:d4:02:4b:eb:29:b5:5b:72:15:63:
07:9a:db:07:e7:a6:e8:78:8a:88:8a:2d:6d:d3:d8:
ec:ac:76:36:92:d3:f1:0a:10:49:b8:9a:99:f8:6f:
1b:30:f9:5b:99:64:68:ae:69:68:a7:7d:1a:b7:48:
cc:55:d7:99:8e:6d:64:e2:41:6e:53:b7:a2:99:10:
41:b9:93:d1:f7:93:f3:61:cb:d8:9d:59:fd:72:2a:
2d:98:c4:d2:9a:bf:bb:53:66:31:d9:b6:e0:84:9f:
da:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4B:84:AA:06:54:6C:ED:98:E4:57:52:0D:EB:5B:14:FB:EB:1C:FD
X509v3 Authority Key Identifier:
keyid:26:59:CE:D1:52:7D:2C:AB:D8:B2:C5:30:75:EC:CD:94:ED:71:FE:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/JlnO0VJ9LKvYssUwdezNlO1x_pg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JlnO0VJ9LKvYssUwdezNlO1x_pg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/976F7E467B0811EBA9191185C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.14.105.0/24
203.57.128.0/20
IPv6:
2406:9680::/32
Signature Algorithm: sha256WithRSAEncryption
71:31:0c:42:dc:08:2d:d9:43:17:51:6f:5f:26:f9:21:22:56:
3e:8d:00:7c:86:f2:c8:b9:05:40:b6:43:1d:ba:6c:47:7c:ff:
0e:21:91:72:3d:20:9d:4b:7c:65:87:71:bf:61:0d:66:b4:42:
54:e1:da:3e:8f:d0:82:47:53:43:d8:34:31:83:cf:be:64:cb:
af:ff:7c:ca:9b:17:cd:cb:c3:57:8f:82:31:27:ec:45:62:08:
89:7e:b1:91:42:a6:0f:a3:fa:34:4d:b0:ae:06:44:a2:32:b8:
df:a1:1c:d0:f1:9b:6c:f6:69:80:b7:f2:d7:91:d1:35:d6:bc:
e7:7d:7e:9d:96:2e:71:0b:38:3a:c8:83:2f:45:06:58:2e:85:
18:b5:72:82:20:b4:08:e3:d4:91:fd:c8:f6:9c:fe:24:ec:9f:
7b:0d:c3:94:ba:7b:6d:03:e6:57:ad:8b:64:04:59:aa:83:27:
50:b2:04:b5:7c:0c:2d:8c:60:0a:1c:11:79:2e:cf:2c:d4:70:
03:c7:8f:f6:71:c8:a4:2e:2f:90:2e:a9:5f:6a:eb:b8:00:29:
74:27:b8:7f:bd:89:5d:05:a1:0d:dd:91:f7:b6:49:b0:a8:6f:
9a:94:a4:47:eb:c0:a9:47:02:2a:84:3c:27:f2:f3:69:9c:ee:
ab:68:e5:80
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTcyMjcxMTAvBgNVBAUTKDI2NTlDRUQxNTI3RDJDQUJEOEIyQzUzMDc1RUNDRDk0
RUQ3MUZFOTgwHhcNMjMwNzMxMDcwNjQ3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM3NWQ4Ny05Mjg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0MfyGsils0AXs7yw2UjYBaHsPUqFvMAX8D9QnIh0irMbDCZEpsD8cYERiEi4
7W0Xrndrx0kZRidZdU5H/2JaN4KesmL3XQchfXGK7I0r5LE8rUowdKl57zSBTkWw
rWZTBXbiFLfsUFz2HM2OnD5vY+kQcXqGth8uVurFdINGggWf+1aak2NaYRYBdfRv
edkglMn0os5TLl5z7tQCS+sptVtyFWMHmtsH56boeIqIii1t09jsrHY2ktPxChBJ
uJqZ+G8bMPlbmWRormlop30at0jMVdeZjm1k4kFuU7eimRBBuZPR95PzYcvYnVn9
ciotmMTSmr+7U2Yx2bbghJ/aVwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFApLhKoG
VGztmORXUg3rWxT76xz9MB8GA1UdIwQYMBaAFCZZztFSfSyr2LLFMHXszZTtcf6Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzIyNy80RkNGNTY4RTdC
MDcxMUVCOUFGODQzODRDNEY5QUUwMi9KbG5PMFZKOUxLdllzc1V3ZGV6TmxPMXhf
cGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0psbk8wVko5TEt2WXNzVXdkZXpObE8xeF9wZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTcyMjcvNEZDRjU2OEU3QjA3MTFFQjlBRjg0Mzg0QzRGOUFFMDIvOTc2RjdFNDY3
QjA4MTFFQkE5MTkxMTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBADLDmkDBATLOYAwDQQCAAIwBwMFACQGloAwDQYJKoZIhvcN
AQELBQADggEBAHExDELcCC3ZQxdRb18m+SEiVj6NAHyG8si5BUC2Qx26bEd8/w4h
kXI9IJ1LfGWHcb9hDWa0QlTh2j6P0IJHU0PYNDGDz75ky6//fMqbF83Lw1ePgjEn
7EViCIl+sZFCpg+j+jRNsK4GRKIyuN+hHNDxm2z2aYC38teR0TXWvOd9fp2WLnEL
ODrIgy9FBlguhRi1coIgtAjj1JH9yPac/iTsn3sNw5S6e20D5leti2QEWaqDJ1Cy
BLV8DC2MYAocEXkuzyzUcAPHj/ZxyKQuL5AuqV9q67gAKXQnuH+9iV0FoQ3dkfe2
SbCob5qUpEfrwKlHAiqEPCfy82mc7qto5YA=
-----END CERTIFICATE-----
Generated at Mon Jul 31 07:51:21 2023 by rpki-client on console-fra.rpki-client.org