Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/B98FDC9C012D11EA99FBD824C4F9AE02.roa
File: B98FDC9C012D11EA99FBD824C4F9AE02.roa (raw, json)
Hash identifier: ML3lM0JLGVekcoC0ibsfLPU7PB4vkeC1g/oDuXABfAI=
Subject key identifier: 7F:35:4B:53:5C:03:61:EB:6B:4C:CE:73:7C:63:B0:AB:49:19:A7:E1
Certificate issuer: /CN=A9127523/serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2
Certificate serial: 2CF1
Authority key identifier: 8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/B98FDC9C012D11EA99FBD824C4F9AE02.roa
Signing time: Sat 24 Aug 2024 15:52:00 +0000
ROA not before: Sat 24 Aug 2024 15:52:00 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 63965
IP address blocks: 118.179.10.0/24 maxlen: 24
118.179.11.0/24 maxlen: 24
118.179.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Nov 2024 09:16:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11505 (0x2cf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127523/serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2
Validity
Not Before: Aug 24 15:52:00 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66ca019f-27f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8e:49:86:a7:6a:b5:fd:80:86:ce:7a:74:be:
dc:3d:38:ec:71:2c:eb:08:41:13:97:c7:58:13:bf:
6d:5c:9f:ad:e8:b9:10:ed:83:25:b9:a5:a1:a4:f3:
1b:28:52:3f:95:f9:61:18:75:ba:48:3b:28:0b:a0:
38:23:33:fa:2d:be:83:be:6c:bd:0b:e0:0b:04:2f:
87:3b:05:49:69:a0:b0:3c:48:2a:3e:ed:9c:6f:5e:
8a:e6:f4:2f:77:12:63:ac:85:66:71:29:09:40:b3:
86:41:2f:81:95:56:ac:61:d5:39:9a:ba:61:0c:c9:
9a:da:11:b7:00:f7:00:9c:ef:86:59:93:13:b7:50:
11:7e:10:1d:67:d2:33:5f:b7:ae:8d:3d:e4:d5:98:
e6:b2:c5:ec:68:06:0e:12:a5:86:e7:c6:92:0e:d0:
a8:59:8c:a2:3e:3d:cf:c1:8b:0a:44:90:a2:43:3a:
ba:76:4c:68:a9:4b:d0:f2:ef:ee:f6:d6:c5:4d:96:
72:50:9a:5a:76:dd:21:9b:72:ea:3b:88:aa:e3:87:
1e:60:7a:97:1f:fc:33:0f:36:65:4e:66:94:f4:fd:
03:a7:9a:ae:f0:13:42:11:bc:ab:3d:28:6d:88:d0:
9c:2d:43:0d:37:e5:51:a0:db:f7:35:d0:28:70:b9:
4c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:35:4B:53:5C:03:61:EB:6B:4C:CE:73:7C:63:B0:AB:49:19:A7:E1
X509v3 Authority Key Identifier:
keyid:8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/B98FDC9C012D11EA99FBD824C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.179.10.0/23
118.179.13.0/24
Signature Algorithm: sha256WithRSAEncryption
84:cf:74:df:c1:07:e8:15:06:9c:aa:46:5a:b0:4c:a6:10:77:
fc:4e:3d:35:44:37:5e:83:9a:c1:82:3c:24:c9:c4:08:34:6b:
83:cf:e9:02:ee:f6:6a:46:e9:d4:ff:a7:00:2b:8d:d3:d4:78:
be:63:65:8f:a9:42:b0:49:50:74:f8:78:e4:a1:df:70:89:36:
b9:1b:46:bd:ea:0e:2e:c8:17:d0:7c:13:72:54:61:a7:5e:c1:
9e:dc:30:30:b4:20:5d:13:79:ea:c2:91:b9:6d:b2:c2:e9:ff:
3c:6a:49:43:6b:48:5f:4e:66:55:95:b5:bc:96:a9:b9:1b:fa:
1f:28:84:72:c6:fd:e0:ef:50:c7:7c:ea:0b:3c:4f:2f:54:d6:
f9:6f:8a:2a:a3:c1:51:25:31:3e:55:4c:dd:55:d2:07:22:e8:
85:78:b8:15:16:71:aa:a0:b9:6d:cd:ea:c8:d0:35:0c:61:92:
ac:f1:52:55:dc:6e:20:fb:a6:02:91:61:a7:6b:7e:11:1c:63:
4f:68:9c:b8:92:50:df:99:69:6c:a9:b2:9b:66:70:ab:31:4f:
cb:a3:21:b9:ad:6c:af:e3:6d:a3:48:75:8c:ad:29:b1:2a:0e:
f5:90:23:34:f8:a3:52:c2:91:af:04:78:76:05:e3:59:eb:d9:
0a:99:32:7f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICLPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc1MjMxMTAvBgNVBAUTKDhBNjgxREQwQzQzNzMxRDBGNDc2M0E0REJERDVENEND
MDFGRDY0QzIwHhcNMjQwODI0MTU1MjAwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNhMDE5Zi0yN2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA445Jhqdqtf2Ahs56dL7cPTjscSzrCEETl8dYE79tXJ+t6LkQ7YMluaWhpPMb
KFI/lflhGHW6SDsoC6A4IzP6Lb6Dvmy9C+ALBC+HOwVJaaCwPEgqPu2cb16K5vQv
dxJjrIVmcSkJQLOGQS+BlVasYdU5mrphDMma2hG3APcAnO+GWZMTt1ARfhAdZ9Iz
X7eujT3k1ZjmssXsaAYOEqWG58aSDtCoWYyiPj3PwYsKRJCiQzq6dkxoqUvQ8u/u
9tbFTZZyUJpadt0hm3LqO4iq44ceYHqXH/wzDzZlTmaU9P0Dp5qu8BNCEbyrPSht
iNCcLUMNN+VRoNv3NdAocLlM4wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFH81S1Nc
A2Hra0zOc3xjsKtJGafhMB8GA1UdIwQYMBaAFIpoHdDENzHQ9HY6Tb3V1MwB/WTC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzUyMy8xMkI5OTdFODlB
RTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01kRDBkanBOdmRYVXpBSDla
TUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ltZ2QwTVEzTWREMGRqcE52ZFhVekFIOVpNSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc1MjMvMTJCOTk3RTg5QUUzMTFFM0E1QTI1N0E3NTkxMUVBMzIvQjk4RkRDOUMw
MTJEMTFFQTk5RkJEODI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAF2swoDBAB2sw0wDQYJKoZIhvcNAQELBQADggEBAITPdN/B
B+gVBpyqRlqwTKYQd/xOPTVEN16DmsGCPCTJxAg0a4PP6QLu9mpG6dT/pwArjdPU
eL5jZY+pQrBJUHT4eOSh33CJNrkbRr3qDi7IF9B8E3JUYadewZ7cMDC0IF0TeerC
kbltssLp/zxqSUNrSF9OZlWVtbyWqbkb+h8ohHLG/eDvUMd86gs8Ty9U1vlviiqj
wVElMT5VTN1V0gci6IV4uBUWcaqguW3N6sjQNQxhkqzxUlXcbiD7pgKRYadrfhEc
Y09onLiSUN+ZaWypsptmcKsxT8ujIbmtbK/jbaNIdYytKbEqDvWQIzT4o1LCka8E
eHYF41nr2QqZMn8=
-----END CERTIFICATE-----
Generated at Sat Nov 9 10:49:44 2024 by rpki-client on console-fra.rpki-client.org