Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/6D17E8F029EC11EEA1B59D68C4F9AE02.roa
File: 6D17E8F029EC11EEA1B59D68C4F9AE02.roa (raw, json)
Hash identifier: 4ICeXl3ZLcCkWl3ouYbGadNEzt7xru2JV9tA7674dCU=
Subject key identifier: 4B:65:EA:61:08:F1:32:49:6A:82:78:A0:60:3D:52:80:B1:92:3D:4C
Certificate issuer: /CN=A918A996/serialNumber=8386BE861BDBDB6D0165087DC044A07FA4D4F089
Certificate serial: 18
Authority key identifier: 83:86:BE:86:1B:DB:DB:6D:01:65:08:7D:C0:44:A0:7F:A4:D4:F0:89
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g4a-hhvb220BZQh9wESgf6TU8Ik.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/6D17E8F029EC11EEA1B59D68C4F9AE02.roa
Signing time: Mon 24 Jul 2023 06:36:32 +0000
ROA not before: Mon 24 Jul 2023 06:36:32 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 10118
IP address blocks: 117.103.144.0/20 maxlen: 20
117.103.144.0/20 maxlen: 24
117.103.152.0/23 maxlen: 23
117.103.156.0/24 maxlen: 24
117.103.157.0/24 maxlen: 24
117.103.158.0/24 maxlen: 24
117.103.159.0/24 maxlen: 24
124.217.128.0/18 maxlen: 18
124.217.128.0/24 maxlen: 24
124.217.129.0/24 maxlen: 24
124.217.130.0/24 maxlen: 24
124.217.131.0/24 maxlen: 24
124.217.132.0/23 maxlen: 23
124.217.136.0/23 maxlen: 24
124.217.138.0/24 maxlen: 24
124.217.139.0/24 maxlen: 24
124.217.140.0/24 maxlen: 24
124.217.141.0/24 maxlen: 24
124.217.142.0/24 maxlen: 24
124.217.143.0/24 maxlen: 24
124.217.144.0/20 maxlen: 20
124.217.160.0/20 maxlen: 20
124.217.178.0/24 maxlen: 24
124.217.179.0/24 maxlen: 24
124.217.180.0/22 maxlen: 22
124.217.184.0/24 maxlen: 24
124.217.185.0/24 maxlen: 24
124.217.186.0/24 maxlen: 24
124.217.187.0/24 maxlen: 24
124.217.188.0/22 maxlen: 22
124.217.188.0/23 maxlen: 24
124.217.190.0/24 maxlen: 24
124.217.191.0/24 maxlen: 24
180.188.128.0/18 maxlen: 24
180.188.144.0/20 maxlen: 20
180.188.188.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A996/serialNumber=8386BE861BDBDB6D0165087DC044A07FA4D4F089
Validity
Not Before: Jul 24 06:36:32 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64be1bef-40ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f6:29:4b:5c:dd:02:9d:ca:3d:31:19:bb:a2:
48:50:b6:71:79:a6:07:8e:d0:57:b3:27:18:1c:48:
cd:cf:52:e2:d0:3e:08:19:a9:ff:95:22:c7:41:f7:
9b:0e:85:3d:05:bb:74:15:73:17:44:a1:48:68:d2:
56:96:4c:33:f3:91:65:a4:3b:9f:bd:a7:f8:87:67:
26:de:51:a3:32:29:3c:21:8d:70:c4:4b:6b:92:32:
36:f2:da:b2:01:48:5c:2b:dd:5d:13:31:92:e0:91:
ca:f5:24:92:ca:b2:c6:c1:84:f5:d0:ba:6f:0c:bc:
00:96:19:f9:83:7e:dc:ed:a0:77:93:5a:39:5c:74:
55:89:a7:a2:44:dc:10:fa:ef:b9:19:e0:54:2e:d6:
e4:83:35:50:a8:9a:33:4d:22:c3:36:6f:54:50:b3:
e8:3f:15:86:31:26:d4:ee:67:d2:c0:ab:52:09:b4:
3f:19:99:76:ae:48:bc:07:e5:95:9a:8f:88:d2:9c:
b4:df:5a:83:e9:f5:d9:b9:0f:54:c9:f4:7a:5a:1b:
dd:15:ed:70:0d:d1:48:89:03:4e:85:a8:9c:b0:c7:
22:be:a3:ff:df:5e:6f:4e:13:20:28:46:e8:40:3b:
a4:19:c6:7c:b2:99:eb:ac:11:94:f7:c7:0b:57:6e:
9a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:65:EA:61:08:F1:32:49:6A:82:78:A0:60:3D:52:80:B1:92:3D:4C
X509v3 Authority Key Identifier:
keyid:83:86:BE:86:1B:DB:DB:6D:01:65:08:7D:C0:44:A0:7F:A4:D4:F0:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/g4a-hhvb220BZQh9wESgf6TU8Ik.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g4a-hhvb220BZQh9wESgf6TU8Ik.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/6D17E8F029EC11EEA1B59D68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.103.144.0/20
124.217.128.0/18
180.188.128.0/18
Signature Algorithm: sha256WithRSAEncryption
1f:a0:36:39:48:b4:89:09:c6:55:13:22:f3:f9:82:15:d4:dd:
9b:1e:18:8a:d9:09:67:25:42:53:4e:ca:11:5e:9a:e1:46:ce:
9a:de:96:6d:09:43:15:9e:e5:95:72:41:30:8d:de:d1:27:24:
7e:05:6b:64:2b:a4:6b:fa:4b:7d:1c:34:c1:98:6f:bf:74:71:
43:5a:6b:d7:24:10:a8:a2:84:43:c1:a5:02:51:ee:d2:d3:f2:
c3:20:f8:ad:83:b3:eb:42:56:9d:8c:a2:15:e0:98:e0:c8:67:
25:e0:33:5e:4e:a6:89:1d:cc:76:b3:56:04:68:a9:4b:d0:2a:
eb:4b:23:30:40:d4:c2:ef:ec:fe:35:f1:ac:05:d1:f7:4d:15:
d9:ad:1a:44:fc:fa:cf:27:2a:fa:aa:5c:a1:33:1d:6b:d9:46:
6b:7d:24:43:9f:a2:87:9a:08:f3:a0:fd:90:18:f7:e8:c8:7a:
b1:8a:cf:9c:04:3d:6e:04:0e:3f:27:b2:c2:95:c6:78:a6:14:
4b:9a:6c:e7:74:ab:d2:29:4f:5c:e3:99:84:05:ab:3e:54:3b:
f0:67:f7:2a:9b:42:49:5f:1c:69:40:ea:97:39:5d:ef:14:bb:
be:37:b8:a3:7d:87:b9:bd:f9:69:9b:4f:39:5f:90:3b:66:a5:
53:2f:66:cf
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QTk5NjExMC8GA1UEBRMoODM4NkJFODYxQkRCREI2RDAxNjUwODdEQzA0NEEwN0ZB
NEQ0RjA4OTAeFw0yMzA3MjQwNjM2MzJaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YmUxYmVmLTQwZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCS9ilLXN0Cnco9MRm7okhQtnF5pgeO0FezJxgcSM3PUuLQPggZqf+VIsdB95sO
hT0Fu3QVcxdEoUho0laWTDPzkWWkO5+9p/iHZybeUaMyKTwhjXDES2uSMjby2rIB
SFwr3V0TMZLgkcr1JJLKssbBhPXQum8MvACWGfmDftztoHeTWjlcdFWJp6JE3BD6
77kZ4FQu1uSDNVComjNNIsM2b1RQs+g/FYYxJtTuZ9LAq1IJtD8ZmXauSLwH5ZWa
j4jSnLTfWoPp9dm5D1TJ9HpaG90V7XAN0UiJA06FqJywxyK+o//fXm9OEyAoRuhA
O6QZxnyymeusEZT3xwtXbprLAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUS2XqYQjx
MklqgnigYD1SgLGSPUwwHwYDVR0jBBgwFoAUg4a+hhvb220BZQh9wESgf6TU8Ikw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThBOTk2LzMyQzY4QTVFMjc5
ODExRUVCRDhEQzU1RkM0RjlBRTAyL2c0YS1oaHZiMjIwQlpRaDl3RVNnZjZUVThJ
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZzRhLWhodmIyMjBCWlFoOXdFU2dmNlRVOElrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QTk5Ni8zMkM2OEE1RTI3OTgxMUVFQkQ4REM1NUZDNEY5QUUwMi82RDE3RThGMDI5
RUMxMUVFQTFCNTlENjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEBHVnkAMEBnzZgAMEBrS8gDANBgkqhkiG9w0BAQsFAAOCAQEA
H6A2OUi0iQnGVRMi8/mCFdTdmx4YitkJZyVCU07KEV6a4UbOmt6WbQlDFZ7llXJB
MI3e0SckfgVrZCuka/pLfRw0wZhvv3RxQ1pr1yQQqKKEQ8GlAlHu0tPywyD4rYOz
60JWnYyiFeCY4MhnJeAzXk6miR3MdrNWBGipS9Aq60sjMEDUwu/s/jXxrAXR900V
2a0aRPz6zycq+qpcoTMda9lGa30kQ5+ih5oI86D9kBj36Mh6sYrPnAQ9bgQOPyey
wpXGeKYUS5ps53Sr0ilPXOOZhAWrPlQ78Gf3KptCSV8caUDqlzld7xS7vje4o32H
ub35aZtPOV+QO2alUy9mzw==
-----END CERTIFICATE-----
Generated at Mon Jul 24 07:32:55 2023 by rpki-client on console-fra.rpki-client.org