Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/FC65D47CF6C011E8B316140AC4F9AE02.roa
File: FC65D47CF6C011E8B316140AC4F9AE02.roa (raw, json)
Hash identifier: +ELv57t6+1HU6rxP7x7wyUdzA0UTlHjNB/MJ0g59PiQ=
Subject key identifier: 46:93:F6:A7:2C:F7:8F:46:44:CA:54:EA:43:D5:A6:BA:0A:E0:AB:EC
Certificate issuer: /CN=A916A983/serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Certificate serial: 11AF
Authority key identifier: 71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/FC65D47CF6C011E8B316140AC4F9AE02.roa
Signing time: Wed 02 Aug 2023 17:35:05 +0000
ROA not before: Wed 02 Aug 2023 17:35:05 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 19905
IP address blocks: 203.36.128.0/24 maxlen: 24
203.38.12.0/24 maxlen: 24
203.38.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 04:25:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4527 (0x11af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A983/serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Validity
Not Before: Aug 2 17:35:05 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64ca93c9-f610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e6:20:ee:dc:0c:f7:b9:7e:59:6e:9a:3c:a6:
f3:f3:4f:3c:78:29:02:40:5a:fc:89:90:b7:3d:00:
27:3b:15:a4:99:06:88:c9:f8:44:8a:d3:0a:68:d8:
fe:c2:b8:b0:14:c4:25:06:fa:01:06:4c:0d:a2:1d:
e7:91:1f:95:51:7a:1e:bc:4c:3e:d2:b8:33:78:58:
29:61:6d:41:2d:e8:c1:32:76:e8:7f:01:90:da:5d:
c7:ca:c7:29:b1:f3:50:96:78:74:f4:4b:63:d1:f4:
bf:24:42:d6:c7:d2:6e:58:d6:73:f8:06:9d:80:93:
92:25:40:11:e8:be:c1:a0:fc:4d:61:24:2d:1d:1d:
ab:1f:e5:c9:bf:72:d4:33:92:86:97:48:62:aa:bb:
63:23:61:b3:d6:c6:f6:1a:f3:59:e6:eb:48:15:15:
5a:a0:9b:e3:db:51:be:bb:15:1e:67:3f:90:05:5e:
5f:05:cd:b6:56:31:59:05:11:cf:cf:28:d4:9c:06:
3b:ff:c3:00:7d:dc:36:95:3f:25:a9:cd:fe:96:3f:
a3:b5:4e:e7:84:e6:c5:5a:4b:59:23:e1:ef:55:a6:
3c:64:ec:bf:aa:95:83:4f:a4:a7:ce:ed:ee:b9:91:
31:c3:6c:7f:cd:49:63:b6:16:ed:32:2e:bb:25:20:
42:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:93:F6:A7:2C:F7:8F:46:44:CA:54:EA:43:D5:A6:BA:0A:E0:AB:EC
X509v3 Authority Key Identifier:
keyid:71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/FC65D47CF6C011E8B316140AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.36.128.0/24
203.38.12.0/24
203.38.183.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:2d:de:0d:8e:73:cf:f7:05:6c:74:65:fc:b5:ad:17:ab:bb:
58:1f:9b:ab:01:5b:b1:97:33:ae:ba:6c:f3:68:b2:1b:8d:e8:
4d:7e:26:d6:4d:28:5c:77:08:f6:ae:7d:7b:d6:63:41:33:a5:
ce:28:83:ef:d2:1d:fc:53:23:92:96:af:78:02:09:b2:92:01:
c3:d7:59:4a:e4:90:d9:50:13:7c:d5:65:fb:25:19:fb:f7:ba:
5f:80:89:71:dc:74:c7:ca:ce:e6:35:68:4e:77:e4:c9:b7:30:
13:9e:6a:f4:04:5f:4e:5f:cd:08:6c:81:03:75:69:6e:ef:c1:
7e:9b:c7:8d:03:ed:4a:dc:b5:69:5f:33:ec:44:f5:52:b2:cb:
86:84:0f:b3:2f:05:29:5a:b1:18:78:75:59:0b:3b:3d:2a:5d:
c2:ec:1a:58:9b:ff:bb:c1:bc:37:6b:81:da:40:da:58:85:b7:
39:5a:4b:95:dc:96:b4:d5:43:dc:32:d5:5f:6c:71:80:53:b1:
11:c4:12:24:f2:38:58:1a:f9:b0:c0:fb:7b:1a:88:83:54:a4:
75:eb:82:0b:82:53:c2:6b:46:f7:91:24:25:a4:7f:31:2f:eb:
9b:fa:25:f3:42:90:f1:70:53:ab:e5:b2:47:8e:c2:2b:be:7a:
8b:c2:54:2d
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICEa8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE5ODMxMTAvBgNVBAUTKDcxNTY1RjJEN0I5MjRDRDcyQjQ1NUI2OEI2NjcxOTQw
MTBCQjFBOUYwHhcNMjMwODAyMTczNTA1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNhOTNjOS1mNjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr+Yg7twM97l+WW6aPKbz8088eCkCQFr8iZC3PQAnOxWkmQaIyfhEitMKaNj+
wriwFMQlBvoBBkwNoh3nkR+VUXoevEw+0rgzeFgpYW1BLejBMnbofwGQ2l3Hyscp
sfNQlnh09Etj0fS/JELWx9JuWNZz+AadgJOSJUAR6L7BoPxNYSQtHR2rH+XJv3LU
M5KGl0hiqrtjI2Gz1sb2GvNZ5utIFRVaoJvj21G+uxUeZz+QBV5fBc22VjFZBRHP
zyjUnAY7/8MAfdw2lT8lqc3+lj+jtU7nhObFWktZI+HvVaY8ZOy/qpWDT6Snzu3u
uZExw2x/zUljthbtMi67JSBCEwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFEaT9qcs
949GRMpU6kPVproK4KvsMB8GA1UdIwQYMBaAFHFWXy17kkzXK0VbaLZnGUAQuxqf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTk4My8xNjczMEQyMENE
MEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9jVlpmTFh1U1ROY3JSVnRvdG1jWlFCQzdH
cDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NWWmZMWHVTVE5jclJWdG90bWNaUUJDN0dwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE5ODMvMTY3MzBEMjBDRDBGMTFFODlEOUZGMTY1QzRGOUFFMDIvRkM2NUQ0N0NG
NkMwMTFFOEIzMTYxNDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADLJIADBADLJgwDBADLJrcwDQYJKoZIhvcNAQELBQADggEB
AKkt3g2Oc8/3BWx0Zfy1rReru1gfm6sBW7GXM666bPNoshuN6E1+JtZNKFx3CPau
fXvWY0Ezpc4og+/SHfxTI5KWr3gCCbKSAcPXWUrkkNlQE3zVZfslGfv3ul+AiXHc
dMfKzuY1aE535Mm3MBOeavQEX05fzQhsgQN1aW7vwX6bx40D7UrctWlfM+xE9VKy
y4aED7MvBSlasRh4dVkLOz0qXcLsGlib/7vBvDdrgdpA2liFtzlaS5XclrTVQ9wy
1V9scYBTsRHEEiTyOFga+bDA+3saiINUpHXrgguCU8JrRveRJCWkfzEv65v6JfNC
kPFwU6vlskeOwiu+eovCVC0=
-----END CERTIFICATE-----
Generated at Thu Apr 18 09:19:25 2024 by rpki-client on console.sobornost.net