Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9142DA4/8AD49F7EBAE811ECA82F141CC4F9AE02/3C78786015CB11EFB201BD22C4F9AE02.roa
File: 3C78786015CB11EFB201BD22C4F9AE02.roa (raw, json)
Hash identifier: kf1Zl6ki8nARCH98rp17YQhXqgXjw9KqHkltkN90/PU=
Subject key identifier: 5F:5D:69:F2:A6:84:27:7D:05:35:B5:02:35:74:6B:AB:F6:97:6F:0B
Certificate issuer: /CN=A9142DA4/serialNumber=BB4C9665E75F9E19DAD46F8B609D3444FB68ED47
Certificate serial: 029C
Authority key identifier: BB:4C:96:65:E7:5F:9E:19:DA:D4:6F:8B:60:9D:34:44:FB:68:ED:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u0yWZedfnhna1G-LYJ00RPto7Uc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9142DA4/8AD49F7EBAE811ECA82F141CC4F9AE02/3C78786015CB11EFB201BD22C4F9AE02.roa
Signing time: Sun 19 May 2024 11:10:47 +0000
ROA not before: Sun 19 May 2024 11:10:47 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 55872
IP address blocks: 115.187.96.0/19 maxlen: 19
115.187.96.0/22 maxlen: 22
115.187.100.0/22 maxlen: 22
115.187.104.0/21 maxlen: 21
115.187.112.0/20 maxlen: 20
118.82.128.0/17 maxlen: 17
118.82.128.0/18 maxlen: 18
118.82.136.0/21 maxlen: 21
118.82.144.0/20 maxlen: 20
118.82.160.0/20 maxlen: 20
118.82.176.0/21 maxlen: 21
118.82.184.0/22 maxlen: 22
118.82.188.0/23 maxlen: 23
118.82.192.0/18 maxlen: 18
118.82.192.0/21 maxlen: 21
118.82.200.0/21 maxlen: 21
118.82.208.0/21 maxlen: 21
118.82.216.0/21 maxlen: 21
118.82.232.0/21 maxlen: 21
118.82.240.0/21 maxlen: 21
118.82.248.0/21 maxlen: 21
119.235.32.0/21 maxlen: 21
202.65.162.0/23 maxlen: 23
202.65.164.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 21 May 2024 02:17:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 668 (0x29c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9142DA4/serialNumber=BB4C9665E75F9E19DAD46F8B609D3444FB68ED47
Validity
Not Before: May 19 11:10:47 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6649de36-208c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ad:73:30:df:f2:84:ac:53:ca:81:30:2e:27:
a2:d2:52:de:73:e4:e5:c3:3e:e7:0b:7c:c4:1c:2f:
11:6b:bd:b4:00:36:b1:51:ca:3b:b3:37:78:4a:42:
b1:93:8c:94:48:ba:cf:c7:48:ea:48:f6:41:3e:4e:
3f:c1:4a:f2:26:0d:88:64:76:27:ba:c8:91:2b:7b:
5e:ee:71:9c:76:66:18:18:2d:55:74:6e:a6:8d:ba:
60:a1:28:7a:c1:ba:f1:2b:5e:00:0d:7b:2c:aa:3a:
42:d9:e4:27:3b:5a:85:0f:3e:1f:32:b1:1f:e6:52:
cb:87:ae:c8:f5:b1:14:ad:ae:ef:80:17:20:f4:0f:
07:4a:13:76:92:07:9f:10:1a:68:c2:f1:35:77:5e:
12:f2:9f:a1:aa:af:9d:16:b6:ad:48:e7:8e:7b:27:
64:4d:c6:ac:2b:86:bd:7e:96:c8:ec:a4:95:61:00:
e3:86:13:d7:28:ad:f1:00:6c:7e:c2:d3:73:6a:ea:
4e:09:4d:1b:15:cb:5b:fe:a7:99:dd:6c:64:ad:70:
4c:e4:a2:9e:ef:c0:ec:eb:1f:70:43:68:f1:d0:35:
7d:ee:40:e0:e9:63:c4:80:ef:35:b6:1e:07:94:a6:
ea:9e:00:46:b0:8e:74:ce:0c:48:43:f0:3c:b7:c8:
6b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:5D:69:F2:A6:84:27:7D:05:35:B5:02:35:74:6B:AB:F6:97:6F:0B
X509v3 Authority Key Identifier:
keyid:BB:4C:96:65:E7:5F:9E:19:DA:D4:6F:8B:60:9D:34:44:FB:68:ED:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9142DA4/8AD49F7EBAE811ECA82F141CC4F9AE02/u0yWZedfnhna1G-LYJ00RPto7Uc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u0yWZedfnhna1G-LYJ00RPto7Uc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142DA4/8AD49F7EBAE811ECA82F141CC4F9AE02/3C78786015CB11EFB201BD22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.187.96.0/19
118.82.128.0/17
119.235.32.0/21
202.65.162.0-202.65.167.255
Signature Algorithm: sha256WithRSAEncryption
10:46:d0:9d:b3:d3:77:11:14:42:8e:4f:78:91:fc:ca:bb:aa:
1a:f1:86:db:5d:92:8a:32:22:e3:3c:1c:9c:e3:df:2e:67:27:
0f:53:ad:5d:be:37:c8:bb:b5:b7:76:19:b8:d8:fb:6b:a5:45:
3b:f6:32:c2:32:60:fe:c6:6b:ea:28:0e:95:83:d1:63:d6:3a:
c1:94:30:5a:7a:c7:b9:b3:ee:33:12:28:2d:24:10:8e:3b:50:
2f:8c:08:a3:cd:a8:a3:c1:33:32:65:2d:82:89:8c:48:48:bb:
d4:b3:c7:fe:3f:f6:31:23:ea:0c:42:d2:5d:11:34:59:28:0a:
99:2c:6d:c3:ad:a0:7f:35:6a:cd:0b:24:dc:bf:ec:ad:75:08:
06:ed:37:01:e5:3f:1a:d7:22:90:6a:9d:96:f4:65:da:da:78:
a2:49:af:0c:76:cd:5e:48:2f:25:b7:6d:c5:24:53:7a:82:a3:
b9:21:79:8f:42:b4:01:f0:a7:82:17:69:c0:e4:9b:c8:12:33:
fa:e7:20:b5:c8:55:45:ce:c1:dd:58:0b:b1:0c:a2:93:7a:08:
4c:47:67:68:3b:4c:5b:46:7c:56:1d:3c:e0:72:0e:fa:a0:ac:
5c:24:16:8b:ff:be:23:a1:73:21:a6:a6:54:29:41:57:70:8a:
f2:b1:ed:4e
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICApwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDJEQTQxMTAvBgNVBAUTKEJCNEM5NjY1RTc1RjlFMTlEQUQ0NkY4QjYwOUQzNDQ0
RkI2OEVENDcwHhcNMjQwNTE5MTExMDQ3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ5ZGUzNi0yMDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3a1zMN/yhKxTyoEwLiei0lLec+Tlwz7nC3zEHC8Ra720ADaxUco7szd4SkKx
k4yUSLrPx0jqSPZBPk4/wUryJg2IZHYnusiRK3te7nGcdmYYGC1VdG6mjbpgoSh6
wbrxK14ADXssqjpC2eQnO1qFDz4fMrEf5lLLh67I9bEUra7vgBcg9A8HShN2kgef
EBpowvE1d14S8p+hqq+dFratSOeOeydkTcasK4a9fpbI7KSVYQDjhhPXKK3xAGx+
wtNzaupOCU0bFctb/qeZ3WxkrXBM5KKe78Ds6x9wQ2jx0DV97kDg6WPEgO81th4H
lKbqngBGsI50zgxIQ/A8t8hr2QIDAQABo4ICrzCCAqswHQYDVR0OBBYEFF9dafKm
hCd9BTW1AjV0a6v2l28LMB8GA1UdIwQYMBaAFLtMlmXnX54Z2tRvi2CdNET7aO1H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MkRBNC84QUQ0OUY3RUJB
RTgxMUVDQTgyRjE0MUNDNEY5QUUwMi91MHlXWmVkZm5obmExRy1MWUowMFJQdG83
VWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UweVdaZWRmbmhuYTFHLUxZSjAwUlB0bzdVYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDJEQTQvOEFENDlGN0VCQUU4MTFFQ0E4MkYxNDFDQzRGOUFFMDIvM0M3ODc4NjAx
NUNCMTFFRkIyMDFCRDIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAVzu2ADBAd2UoADBAN36yAwDAMEAcpBogMEA8pBoDANBgkq
hkiG9w0BAQsFAAOCAQEAEEbQnbPTdxEUQo5PeJH8yruqGvGG212SijIi4zwcnOPf
LmcnD1OtXb43yLu1t3YZuNj7a6VFO/YywjJg/sZr6igOlYPRY9Y6wZQwWnrHubPu
MxIoLSQQjjtQL4wIo82oo8EzMmUtgomMSEi71LPH/j/2MSPqDELSXRE0WSgKmSxt
w62gfzVqzQsk3L/srXUIBu03AeU/GtcikGqdlvRl2tp4okmvDHbNXkgvJbdtxSRT
eoKjuSF5j0K0AfCnghdpwOSbyBIz+ucgtchVRc7B3VgLsQyik3oITEdnaDtMW0Z8
Vh084HIO+qCsXCQWi/++I6FzIaamVClBV3CK8rHtTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org