Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/643AC744588911EF9C48C83CC4F9AE02.roa
File: 643AC744588911EF9C48C83CC4F9AE02.roa (raw, json)
Hash identifier: P8OzoOfL4W+nwm8YN4rbwULjnJFI22zMl/bXp5iqaPA=
Subject key identifier: 30:60:C2:D1:FC:E4:0C:EF:9E:D7:B4:E7:6D:5E:04:72:E1:AC:07:12
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 03AD
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/643AC744588911EF9C48C83CC4F9AE02.roa
Signing time: Mon 12 Aug 2024 09:00:59 +0000
ROA not before: Mon 12 Aug 2024 09:00:59 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 45671
IP address blocks: 203.32.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 09:04:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941 (0x3ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75, serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Aug 12 09:00:59 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66b9cf4a-7c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:56:ea:e8:f7:24:15:ec:53:10:b8:f3:cb:ec:
c4:d4:9a:6b:8e:f7:e0:ef:16:79:e8:e8:ea:7e:39:
e5:0d:30:46:95:95:08:2d:02:94:7a:06:cb:3a:15:
cd:c5:fd:2e:63:8d:52:e6:61:6e:05:99:17:7d:8e:
43:32:cc:dc:01:d6:71:f6:76:36:77:5a:71:a7:d6:
41:79:d2:35:dc:19:d2:b1:28:57:20:1b:40:db:6b:
80:cc:23:9d:75:02:d5:90:3b:2e:d5:3f:a8:5a:98:
00:1a:18:78:19:83:d1:f0:43:bf:b3:e4:d2:98:a0:
a8:5c:84:7a:e7:7c:56:42:d4:d8:af:42:11:54:f2:
e2:7b:41:fb:c1:39:ab:88:00:b6:78:4e:14:63:e8:
06:64:62:89:a0:39:92:bb:ad:a1:04:1c:29:50:88:
27:a8:b7:dc:87:0b:46:23:bb:d9:3e:66:4e:8d:ef:
4e:7d:66:44:21:81:1d:6e:99:ef:8f:bd:39:07:61:
4a:de:09:6f:51:81:ad:2b:22:28:df:88:25:2f:f2:
e0:1f:24:db:ae:92:21:ac:71:41:54:e4:9d:cf:ee:
e8:01:df:37:73:0b:d6:65:ae:c5:cc:1a:04:0c:ca:
c0:bd:3f:85:11:44:7b:a0:84:43:1b:38:42:40:75:
81:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:60:C2:D1:FC:E4:0C:EF:9E:D7:B4:E7:6D:5E:04:72:E1:AC:07:12
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/643AC744588911EF9C48C83CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.23.0/24
Signature Algorithm: sha256WithRSAEncryption
15:c0:1c:a4:8a:d3:bb:ce:52:69:fa:ab:90:25:42:0d:6b:e7:
c3:ce:09:9f:6d:bf:5e:8d:c2:49:fb:42:1e:6f:aa:d5:b5:1d:
d4:cf:e3:53:c3:97:d6:43:34:3c:ff:0a:c4:c7:b8:57:65:bb:
6e:a8:97:89:f7:d5:76:78:ba:86:f4:c5:c7:68:cf:cc:cd:6d:
61:9a:6d:7c:f3:c0:35:10:a2:b2:e5:f8:4b:56:b6:60:fd:a6:
e5:c1:b6:f7:18:f9:6d:06:8d:ab:f3:03:f2:f0:4e:60:e6:6e:
6b:d7:d2:f9:61:6f:53:fc:a0:22:f0:9a:41:5b:b9:f3:d5:0e:
99:ca:b8:64:53:e4:a5:b5:f4:8b:ef:ff:2d:9c:ab:c4:c9:48:
26:f6:d0:e4:cd:36:76:f4:4f:42:6e:22:bf:f9:18:9a:74:d7:
13:8f:78:81:60:f9:36:10:f5:d4:8b:a5:14:15:46:6f:e3:1c:
4a:b5:fb:64:89:c5:2e:81:28:14:ce:ff:55:84:33:a3:10:47:
a5:43:d7:cc:b2:90:0f:58:d2:59:31:2a:c1:de:bc:21:77:5d:
fb:8a:46:09:ab:8d:f3:16:98:c8:2d:4a:a7:3a:19:55:6b:72:
76:0c:e5:fa:a9:d6:78:16:29:7a:7f:25:10:a0:af:5d:c2:f1:
75:6b:0f:ce
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA60wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQwODEyMDkwMDU5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI5Y2Y0YS03YzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA21bq6PckFexTELjzy+zE1Jprjvfg7xZ56OjqfjnlDTBGlZUILQKUegbLOhXN
xf0uY41S5mFuBZkXfY5DMszcAdZx9nY2d1pxp9ZBedI13BnSsShXIBtA22uAzCOd
dQLVkDsu1T+oWpgAGhh4GYPR8EO/s+TSmKCoXIR653xWQtTYr0IRVPLie0H7wTmr
iAC2eE4UY+gGZGKJoDmSu62hBBwpUIgnqLfchwtGI7vZPmZOje9OfWZEIYEdbpnv
j705B2FK3glvUYGtKyIo34glL/LgHyTbrpIhrHFBVOSdz+7oAd83cwvWZa7FzBoE
DMrAvT+FEUR7oIRDGzhCQHWBrQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDBgwtH8
5Azvnte0521eBHLhrAcSMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNjQzQUM3NDQ1
ODg5MTFFRjlDNDhDODNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBcwDQYJKoZIhvcNAQELBQADggEBABXAHKSK07vOUmn6
q5AlQg1r58POCZ9tv16Nwkn7Qh5vqtW1HdTP41PDl9ZDNDz/CsTHuFdlu26ol4n3
1XZ4uob0xcdoz8zNbWGabXzzwDUQorLl+EtWtmD9puXBtvcY+W0GjavzA/LwTmDm
bmvX0vlhb1P8oCLwmkFbufPVDpnKuGRT5KW19Ivv/y2cq8TJSCb20OTNNnb0T0Ju
Ir/5GJp01xOPeIFg+TYQ9dSLpRQVRm/jHEq1+2SJxS6BKBTO/1WEM6MQR6VD18yy
kA9Y0lkxKsHevCF3XfuKRgmrjfMWmMgtSqc6GVVrcnYM5fqp1ngWKXp/JRCgr13C
8XVrD84=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:10:51 2025 by rpki-client