Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912F190/57B405943A8411EFA5731584C4F9AE02/D799F8723A8411EF92E17985C4F9AE02.roa
File: D799F8723A8411EF92E17985C4F9AE02.roa (raw, json)
Hash identifier: 6nEBnTs+Ty96mC2cPxjICquZ5bmJGO9bsELZ7BwV5jk=
Subject key identifier: 7C:54:F4:0E:DC:09:B3:33:98:10:8B:58:4B:0B:BE:C7:B7:0D:D3:80
Certificate issuer: /CN=A912F190/serialNumber=D6BF3DE16441ED7D87506DE09E4DD5D638E0BA69
Certificate serial: 18
Authority key identifier: D6:BF:3D:E1:64:41:ED:7D:87:50:6D:E0:9E:4D:D5:D6:38:E0:BA:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1r894WRB7X2HUG3gnk3V1jjgumk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912F190/57B405943A8411EFA5731584C4F9AE02/D799F8723A8411EF92E17985C4F9AE02.roa
Signing time: Wed 17 Jul 2024 00:13:35 +0000
ROA not before: Wed 17 Jul 2024 00:13:35 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 24007
IP address blocks: 180.188.204.0/22 maxlen: 22
180.188.205.0/24 maxlen: 24
180.188.206.0/24 maxlen: 24
180.188.207.0/24 maxlen: 24
203.3.130.0/24 maxlen: 24
203.4.233.0/24 maxlen: 24
203.4.235.0/24 maxlen: 24
203.4.238.0/24 maxlen: 24
203.4.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jul 2024 03:28:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912F190/serialNumber=D6BF3DE16441ED7D87506DE09E4DD5D638E0BA69
Validity
Not Before: Jul 17 00:13:35 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66970cae-2c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a7:3a:ea:94:f2:d9:09:21:b7:12:8f:a8:6c:
94:94:5f:81:34:f6:48:fc:c0:1c:05:6b:58:84:66:
33:ef:51:1f:f2:d9:b0:59:07:0c:1f:0e:bb:c3:01:
ff:d4:7b:d4:db:a2:f8:8d:de:0f:42:0f:11:ec:e3:
56:10:6b:4a:6b:b3:87:43:2f:64:1e:31:79:58:1a:
80:3e:e4:ea:ed:17:e5:e4:ce:5b:5e:02:f0:b0:f0:
e8:16:4b:44:c5:4c:51:e3:ed:db:ab:3d:88:66:05:
f7:5f:5a:53:6d:23:c4:f4:47:fe:df:ef:38:75:76:
ec:3b:cf:b4:c1:df:c9:6f:e8:59:06:30:26:14:f7:
a4:c7:5b:99:ba:da:be:5c:6f:dc:c9:37:0a:28:1a:
ff:8c:32:a5:34:c7:32:00:e3:58:b9:ae:81:0f:57:
5e:5d:6a:14:f1:7a:9c:49:81:b3:cd:63:8a:34:24:
f6:c7:30:f6:bb:e2:bf:45:83:cb:8d:b3:75:9d:0f:
ba:8e:6f:1a:1a:8b:8e:6f:55:50:13:78:1f:80:be:
35:35:42:8b:db:51:8b:c7:9f:02:35:f8:b8:bd:eb:
08:a9:5d:34:94:15:59:c8:5f:ab:95:80:1a:a5:ef:
bc:05:87:63:b4:44:39:02:13:90:fb:68:ff:e7:22:
c5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:54:F4:0E:DC:09:B3:33:98:10:8B:58:4B:0B:BE:C7:B7:0D:D3:80
X509v3 Authority Key Identifier:
keyid:D6:BF:3D:E1:64:41:ED:7D:87:50:6D:E0:9E:4D:D5:D6:38:E0:BA:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912F190/57B405943A8411EFA5731584C4F9AE02/1r894WRB7X2HUG3gnk3V1jjgumk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1r894WRB7X2HUG3gnk3V1jjgumk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F190/57B405943A8411EFA5731584C4F9AE02/D799F8723A8411EF92E17985C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.188.204.0/22
203.3.130.0/24
203.4.233.0/24
203.4.235.0/24
203.4.238.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:f7:b3:21:8b:83:9f:84:0a:2b:03:9a:82:8e:a0:a7:36:af:
d6:b2:6d:c4:e9:37:9e:9e:a3:0a:e1:79:11:0f:9d:7e:f8:c8:
f3:0d:37:6e:c6:44:bf:fa:8a:39:bc:c5:7e:02:f8:60:df:a4:
8b:fb:40:39:3c:44:17:ff:66:ed:25:9f:c0:66:cf:d0:61:75:
c6:9f:d2:dc:54:dd:c4:d4:66:0d:13:7d:23:b8:3e:2f:ee:70:
88:e7:db:40:0b:6a:ed:13:04:ed:a7:c8:e3:46:d0:d7:57:93:
c1:9f:82:f8:c5:e9:9d:df:0c:40:44:ea:a4:e8:01:3b:5e:10:
ad:02:e3:e3:a7:ab:db:45:f1:b9:d2:33:ed:24:b4:cb:93:39:
84:a0:e9:2b:49:3b:1d:77:89:8d:17:bf:e1:d0:8d:17:a9:1b:
1a:7f:5c:80:51:0c:f6:4d:d3:5f:81:1f:04:e6:8c:77:71:40:
78:8a:5b:c2:b9:f7:e3:1a:c5:23:80:4d:2d:7c:ec:eb:cb:10:
07:72:12:d0:17:6d:93:77:4b:cc:e8:6f:08:9d:96:3f:6f:0f:
11:f8:41:e4:ba:d1:78:83:2f:b4:29:6e:ef:0a:19:1b:e0:5b:
2c:2c:ff:7b:0c:81:69:eb:6f:f4:a0:94:0a:ba:2f:65:1e:db:
64:cb:9b:19
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RjE5MDExMC8GA1UEBRMoRDZCRjNERTE2NDQxRUQ3RDg3NTA2REUwOUU0REQ1RDYz
OEUwQkE2OTAeFw0yNDA3MTcwMDEzMzVaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OTcwY2FlLTJjNmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCipzrqlPLZCSG3Eo+obJSUX4E09kj8wBwFa1iEZjPvUR/y2bBZBwwfDrvDAf/U
e9TboviN3g9CDxHs41YQa0prs4dDL2QeMXlYGoA+5OrtF+XkzlteAvCw8OgWS0TF
TFHj7durPYhmBfdfWlNtI8T0R/7f7zh1duw7z7TB38lv6FkGMCYU96THW5m62r5c
b9zJNwooGv+MMqU0xzIA41i5roEPV15dahTxepxJgbPNY4o0JPbHMPa74r9Fg8uN
s3WdD7qObxoai45vVVATeB+AvjU1QovbUYvHnwI1+Li96wipXTSUFVnIX6uVgBql
77wFh2O0RDkCE5D7aP/nIsUtAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUfFT0DtwJ
szOYEItYSwu+x7cN04AwHwYDVR0jBBgwFoAU1r894WRB7X2HUG3gnk3V1jjgumkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJGMTkwLzU3QjQwNTk0M0E4
NDExRUZBNTczMTU4NEM0RjlBRTAyLzFyODk0V1JCN1gySFVHM2duazNWMWpqZ3Vt
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMXI4OTRXUkI3WDJIVUczZ25rM1YxampndW1rLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RjE5MC81N0I0MDU5NDNBODQxMUVGQTU3MzE1ODRDNEY5QUUwMi9ENzk5Rjg3MjNB
ODQxMUVGOTJFMTc5ODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEArS8zAMEAMsDggMEAMsE6QMEAMsE6wMEAcsE7jANBgkqhkiG
9w0BAQsFAAOCAQEAbfezIYuDn4QKKwOago6gpzav1rJtxOk3np6jCuF5EQ+dfvjI
8w03bsZEv/qKObzFfgL4YN+ki/tAOTxEF/9m7SWfwGbP0GF1xp/S3FTdxNRmDRN9
I7g+L+5wiOfbQAtq7RME7afI40bQ11eTwZ+C+MXpnd8MQETqpOgBO14QrQLj46er
20XxudIz7SS0y5M5hKDpK0k7HXeJjRe/4dCNF6kbGn9cgFEM9k3TX4EfBOaMd3FA
eIpbwrn34xrFI4BNLXzs68sQB3IS0Bdtk3dLzOhvCJ2WP28PEfhB5LrReIMvtClu
7woZG+BbLCz/ewyBaetv9KCUCrovZR7bZMubGQ==
Generated at Thu Jul 18 06:00:57 2024 by rpki-client on console-ams.rpki-client.org