Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/3141010402D211EE88E55B80C4F9AE02.roa
File: 3141010402D211EE88E55B80C4F9AE02.roa (raw, json)
Hash identifier: ZrQWuOZ3pyO4lfuQHeGyRhfGEx4j2AciNRFQjsH8LEw=
Subject key identifier: 28:F7:04:33:C5:77:F1:E6:EF:D8:D6:BC:BF:C1:C5:0B:38:3A:C1:85
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 348A
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/3141010402D211EE88E55B80C4F9AE02.roa
Signing time: Wed 30 Aug 2023 04:22:24 +0000
ROA not before: Wed 30 Aug 2023 04:22:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150750
IP address blocks: 111.88.76.0/24 maxlen: 24
111.88.77.0/24 maxlen: 24
111.88.147.0/24 maxlen: 24
111.88.148.0/24 maxlen: 24
111.88.149.0/24 maxlen: 24
111.88.154.0/24 maxlen: 24
111.88.155.0/24 maxlen: 24
111.88.233.0/24 maxlen: 24
111.88.234.0/24 maxlen: 24
111.88.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 11:20:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13450 (0x348a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Aug 30 04:22:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64eec400-1e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:84:6d:8d:f9:cc:7b:1f:30:ff:24:7a:c9:41:
e7:c8:d3:b9:25:ff:d5:5e:5d:af:91:78:34:3f:68:
22:15:d4:ca:9d:47:41:e4:25:80:67:16:b2:b6:32:
c1:ca:ba:74:7d:d4:32:b2:74:9d:2a:e5:63:c0:70:
2e:ab:e8:59:cf:f9:2d:3e:75:ea:6c:a0:45:60:fc:
47:2a:7f:55:3b:84:ed:3e:58:c7:c0:46:45:8d:03:
45:cd:5a:02:34:13:ef:5e:f4:17:e4:a5:d1:4d:b4:
d1:d2:86:6b:17:1c:04:a3:05:63:44:2c:d3:03:e9:
bd:f8:fb:90:09:90:a0:76:ff:88:98:4e:9b:49:87:
1c:de:c1:68:3c:f5:0f:cc:cc:08:1e:a3:89:73:99:
57:29:41:f1:8a:82:86:2e:b0:1e:0e:9a:00:f2:a6:
d6:86:40:c6:7d:7b:78:d2:fc:43:05:3c:65:f3:d7:
70:71:dd:1b:f0:6c:f2:e2:93:a7:d5:e3:f5:85:5c:
26:4d:cb:06:9c:f8:0f:eb:3e:36:c7:83:48:39:16:
57:ce:57:5f:cf:f8:42:14:6e:37:7f:26:a8:a5:cb:
df:dd:02:88:85:69:b0:4b:30:69:f6:02:d8:20:56:
a4:c4:30:5c:72:e8:f5:07:6d:90:3d:e5:04:8e:14:
bc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F7:04:33:C5:77:F1:E6:EF:D8:D6:BC:BF:C1:C5:0B:38:3A:C1:85
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/3141010402D211EE88E55B80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.76.0/23
111.88.147.0-111.88.149.255
111.88.154.0/23
111.88.233.0-111.88.234.255
111.88.240.0/24
Signature Algorithm: sha256WithRSAEncryption
91:6c:29:a2:81:f5:17:ea:87:be:09:cf:46:c6:20:e6:2d:83:
6e:9a:db:43:e7:ce:38:00:a4:87:d9:c9:5f:7e:5c:e2:6f:9a:
8c:3f:43:3c:d6:66:40:3a:b0:4c:91:3f:0e:16:bc:23:00:ae:
ee:a7:ac:4b:fd:40:42:76:2b:24:87:1f:b8:a3:a6:0a:f0:a5:
3e:dd:05:5e:59:27:e8:7f:cb:98:ef:9a:bd:d3:04:6c:88:d6:
75:ae:46:c9:52:64:74:b5:90:aa:e4:47:d7:5e:4e:e8:ac:4b:
6c:b2:a7:70:a8:92:81:0b:39:79:d3:22:35:08:79:e4:9b:55:
a5:5f:7b:5a:6f:b6:f4:f9:45:b9:fb:be:96:78:9b:77:e3:52:
75:88:2a:dd:e8:8e:8f:7c:06:3b:e2:dd:42:11:d3:29:bc:6b:
e7:f7:15:99:a3:96:8d:25:7e:da:07:1a:2b:3a:a8:93:b1:ae:
01:3b:45:e6:67:37:c1:c3:b1:ff:8e:d3:3e:ed:6b:2a:74:fb:
71:d9:77:9d:8c:cc:52:1e:cc:e5:b0:4b:d6:50:d2:c8:48:33:
b5:d8:8e:6e:f5:9a:73:1c:41:09:9c:e2:2a:9a:c6:13:93:a0:
5e:53:66:c9:62:9b:65:b8:1c:d8:88:5b:fc:75:bf:01:e0:ab:
8a:b3:02:8b
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICNIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMwODMwMDQyMjI0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVlYzQwMC0xZTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy4RtjfnMex8w/yR6yUHnyNO5Jf/VXl2vkXg0P2giFdTKnUdB5CWAZxaytjLB
yrp0fdQysnSdKuVjwHAuq+hZz/ktPnXqbKBFYPxHKn9VO4TtPljHwEZFjQNFzVoC
NBPvXvQX5KXRTbTR0oZrFxwEowVjRCzTA+m9+PuQCZCgdv+ImE6bSYcc3sFoPPUP
zMwIHqOJc5lXKUHxioKGLrAeDpoA8qbWhkDGfXt40vxDBTxl89dwcd0b8Gzy4pOn
1eP1hVwmTcsGnPgP6z42x4NIORZXzldfz/hCFG43fyaopcvf3QKIhWmwSzBp9gLY
IFakxDBccuj1B22QPeUEjhS8rwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFCj3BDPF
d/Hm79jWvL/BxQs4OsGFMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvMzE0MTAxMDQw
MkQyMTFFRTg4RTU1QjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4DBAFvWEwwDAMEAG9YkwMEAW9YlAMEAW9YmjAMAwQAb1jpAwQA
b1jqAwQAb1jwMA0GCSqGSIb3DQEBCwUAA4IBAQCRbCmigfUX6oe+Cc9GxiDmLYNu
mttD5844AKSH2clfflzib5qMP0M81mZAOrBMkT8OFrwjAK7up6xL/UBCdiskhx+4
o6YK8KU+3QVeWSfof8uY75q90wRsiNZ1rkbJUmR0tZCq5EfXXk7orEtssqdwqJKB
Czl50yI1CHnkm1WlX3tab7b0+UW5+76WeJt341J1iCrd6I6PfAY74t1CEdMpvGvn
9xWZo5aNJX7aBxorOqiTsa4BO0XmZzfBw7H/jtM+7WsqdPtx2XedjMxSHszlsEvW
UNLISDO12I5u9ZpzHEEJnOIqmsYTk6BeU2bJYptluBzYiFv8db8B4KuKswKL
-----END CERTIFICATE-----
Generated at Wed Mar 13 17:00:27 2024 by rpki-client on console-ams.rpki-client.org