Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8C85B0DEDABC11EDBE298B22C4F9AE02.roa
File: 8C85B0DEDABC11EDBE298B22C4F9AE02.roa (raw, json)
Hash identifier: tymJ5+U/Zv/J/1QsX6O1PFwpAEPX+W0kXvGoRM5cU9c=
Subject key identifier: F5:A0:19:33:BE:7D:53:BD:9E:87:6F:77:1A:E2:C8:93:20:20:95:1A
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 0204
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8C85B0DEDABC11EDBE298B22C4F9AE02.roa
Signing time: Thu 01 Jun 2023 06:54:54 +0000
ROA not before: Thu 01 Jun 2023 06:54:54 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 7411
IP address blocks: 203.32.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 516 (0x204)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Jun 1 06:54:54 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=647840be-5049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d8:10:3d:58:4a:da:fd:12:b9:b6:dc:eb:83:
6d:59:1c:4f:ec:86:ac:53:ec:97:e5:c2:e1:53:51:
ef:e1:aa:03:05:e5:d5:7a:7f:f6:f6:f9:bb:08:e1:
38:c0:3f:bb:3b:df:05:18:5e:80:45:e1:10:36:5e:
92:29:c3:9d:31:3f:48:6b:f8:25:33:67:f9:64:1a:
a6:15:11:a4:c3:26:c6:26:4f:b7:c9:7f:4a:87:39:
35:10:80:9d:69:7f:38:af:b2:53:64:1e:53:f3:88:
da:3e:da:d9:e7:f8:ce:6a:d8:c7:b6:93:71:6a:1b:
41:92:e0:7e:7b:46:74:65:b5:6c:d9:bd:08:c0:5d:
a2:f3:8e:1f:68:4a:f9:a2:07:08:39:f7:9a:07:30:
8c:b2:34:79:ad:6b:6b:f8:16:f9:f4:71:75:97:0e:
e3:d2:91:1f:dd:31:9b:b5:3f:b8:68:c9:3b:66:05:
8e:b6:91:13:71:46:94:d4:6a:23:ad:a4:f4:53:12:
6b:99:97:5a:6b:ee:62:9f:c1:1d:53:06:62:94:4a:
58:e1:24:a0:69:77:f3:19:89:8a:03:3c:93:98:de:
30:65:09:25:f8:61:2b:be:9f:0a:4c:95:93:aa:48:
65:3a:18:d2:2a:f2:5e:1a:6a:91:cf:27:37:24:48:
e9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A0:19:33:BE:7D:53:BD:9E:87:6F:77:1A:E2:C8:93:20:20:95:1A
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8C85B0DEDABC11EDBE298B22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.21.0/24
Signature Algorithm: sha256WithRSAEncryption
86:08:a5:be:cb:80:fa:35:79:4f:18:96:13:e7:c0:43:01:87:
00:9d:6d:9e:11:a4:38:7a:ff:2c:0b:5c:bd:37:88:2c:c9:cb:
32:54:ae:42:39:49:d2:df:8a:36:f4:fd:14:f9:fe:7b:31:53:
fa:83:ae:85:25:0b:22:c9:8c:19:09:f9:1b:30:63:11:54:55:
c3:53:a5:5b:ef:70:9b:d6:77:e7:0f:9b:8f:e6:4e:f7:d7:44:
a8:58:5d:fb:ec:e0:0c:06:54:c1:5b:41:ee:3a:8b:a6:48:67:
9f:6f:df:f9:f0:9d:df:42:d4:a2:2a:76:e6:6f:72:8c:7a:b2:
b6:cf:f0:d9:4a:d1:7b:43:aa:02:b6:a6:89:2b:1b:8a:3b:dc:
7d:59:9f:49:62:db:a1:28:3b:d7:4d:89:69:42:f2:49:6e:16:
03:2e:a8:2b:c3:bb:45:39:2a:51:a7:7a:ca:f7:42:60:dd:19:
dd:b8:87:50:2a:e2:5f:66:96:55:ff:b9:5b:41:68:cd:e8:b1:
f0:d0:32:84:09:30:b7:ad:08:b0:2d:45:60:6e:f5:8c:76:c4:
a4:01:2e:ad:aa:94:52:60:f5:e7:c0:ad:b0:ff:ec:a3:90:f0:
1b:ca:1b:6b:1f:3d:75:d6:1e:42:d8:44:82:ef:83:db:17:8b:
7e:3a:a3:52
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwNjAxMDY1NDU0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc4NDBiZS01MDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAudgQPVhK2v0Subbc64NtWRxP7IasU+yX5cLhU1Hv4aoDBeXVen/29vm7COE4
wD+7O98FGF6AReEQNl6SKcOdMT9Ia/glM2f5ZBqmFRGkwybGJk+3yX9Khzk1EICd
aX84r7JTZB5T84jaPtrZ5/jOatjHtpNxahtBkuB+e0Z0ZbVs2b0IwF2i844faEr5
ogcIOfeaBzCMsjR5rWtr+Bb59HF1lw7j0pEf3TGbtT+4aMk7ZgWOtpETcUaU1Goj
raT0UxJrmZdaa+5in8EdUwZilEpY4SSgaXfzGYmKAzyTmN4wZQkl+GErvp8KTJWT
qkhlOhjSKvJeGmqRzyc3JEjpWQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPWgGTO+
fVO9nodvdxriyJMgIJUaMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvOEM4NUIwREVE
QUJDMTFFREJFMjk4QjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBUwDQYJKoZIhvcNAQELBQADggEBAIYIpb7LgPo1eU8Y
lhPnwEMBhwCdbZ4RpDh6/ywLXL03iCzJyzJUrkI5SdLfijb0/RT5/nsxU/qDroUl
CyLJjBkJ+RswYxFUVcNTpVvvcJvWd+cPm4/mTvfXRKhYXfvs4AwGVMFbQe46i6ZI
Z59v3/nwnd9C1KIqduZvcox6srbP8NlK0XtDqgK2pokrG4o73H1Zn0li26EoO9dN
iWlC8kluFgMuqCvDu0U5KlGnesr3QmDdGd24h1Aq4l9mllX/uVtBaM3osfDQMoQJ
MLetCLAtRWBu9Yx2xKQBLq2qlFJg9efArbD/7KOQ8BvKG2sfPXXWHkLYRILvg9sX
i346o1I=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:40 2023 by rpki-client on console.sobornost.net