Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F50AA/1494547A6C9411EA9B286233C4F9AE02/96344C286C9511EA9D9E0736C4F9AE02.roa
File: 96344C286C9511EA9D9E0736C4F9AE02.roa (raw, json)
Hash identifier: +pq8N7lbiOwNay0yI0H5szzoAjLgVobeoivVnsAX1no=
Subject key identifier: DF:62:04:2D:BE:89:3F:E7:97:D6:15:D4:95:4A:7F:D2:CB:A5:03:F8
Certificate issuer: /CN=A91F50AA/serialNumber=8B195F37810549BB5B77A27ECCA73A2E2FC7A207
Certificate serial: 091A
Authority key identifier: 8B:19:5F:37:81:05:49:BB:5B:77:A2:7E:CC:A7:3A:2E:2F:C7:A2:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ixlfN4EFSbtbd6J-zKc6Li_Hogc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F50AA/1494547A6C9411EA9B286233C4F9AE02/96344C286C9511EA9D9E0736C4F9AE02.roa
Signing time: Thu 02 Nov 2023 21:08:24 +0000
ROA not before: Thu 02 Nov 2023 21:08:24 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 18117
IP address blocks: 118.127.64.0/19 maxlen: 19
118.127.65.0/24 maxlen: 24
118.127.78.0/23 maxlen: 23
118.127.78.0/24 maxlen: 24
118.127.80.0/22 maxlen: 22
118.127.86.0/24 maxlen: 24
118.127.89.0/24 maxlen: 24
118.127.92.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 13 Feb 2024 05:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2330 (0x91a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F50AA/serialNumber=8B195F37810549BB5B77A27ECCA73A2E2FC7A207
Validity
Not Before: Nov 2 21:08:24 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65440fc8-7df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6a:18:4d:f1:87:3f:2e:8a:ba:8d:e3:f5:e9:
94:9c:0e:ea:95:f7:3f:b5:37:27:f1:d3:5a:36:8d:
51:36:10:e6:9c:ac:8d:0f:1f:b2:c8:a0:4a:56:75:
cb:8e:2b:41:7b:5c:de:f4:89:23:a7:71:e5:35:2b:
40:f0:20:93:8f:15:4c:aa:d7:b2:95:1e:9c:a9:37:
38:b6:60:88:76:2b:99:7b:da:86:ef:54:97:6b:0e:
26:3a:9e:6c:eb:f4:84:43:8e:69:af:ae:88:9f:8b:
f3:bf:b3:ea:2e:82:dc:60:b6:33:e9:38:e7:eb:0d:
ad:c2:47:aa:8a:0f:e7:70:1d:44:cb:d5:39:49:a7:
9e:bb:57:b3:fe:85:96:2b:5a:0d:64:cf:de:05:5a:
2c:1a:e6:88:54:71:ce:e6:49:2e:5b:f9:d0:67:66:
28:db:c7:6b:a4:5d:74:5d:65:ca:9d:e3:7c:a5:b5:
12:9a:fd:27:82:50:4e:ef:66:5c:84:95:2d:75:b7:
ae:cf:c5:d7:be:9b:d6:b9:a3:29:4e:a8:e0:3f:f5:
30:3a:d0:2b:f6:ed:27:76:ff:e8:6c:86:79:c9:52:
5f:2e:ac:76:70:51:4f:2d:6e:c2:a6:68:ad:55:08:
78:9e:0a:2e:78:6d:41:9e:24:ec:43:a2:d2:b0:86:
01:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:62:04:2D:BE:89:3F:E7:97:D6:15:D4:95:4A:7F:D2:CB:A5:03:F8
X509v3 Authority Key Identifier:
keyid:8B:19:5F:37:81:05:49:BB:5B:77:A2:7E:CC:A7:3A:2E:2F:C7:A2:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F50AA/1494547A6C9411EA9B286233C4F9AE02/ixlfN4EFSbtbd6J-zKc6Li_Hogc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ixlfN4EFSbtbd6J-zKc6Li_Hogc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F50AA/1494547A6C9411EA9B286233C4F9AE02/96344C286C9511EA9D9E0736C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.127.64.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:ba:21:99:88:bc:b6:92:11:ca:20:f1:a3:e5:12:de:2e:41:
eb:52:3d:da:e0:4b:59:ca:75:14:b8:be:78:1b:a0:24:59:23:
94:bf:cf:c2:e6:24:14:30:f0:ee:46:70:b7:53:7e:3e:58:1f:
94:33:e1:62:9c:5c:25:d0:dc:45:a6:70:9e:47:12:b7:ff:61:
8d:ed:be:16:79:bb:e3:f4:b1:48:1d:9e:f1:a0:50:61:9c:f6:
2f:e3:9e:8e:02:e2:71:5f:74:f2:8e:76:c1:ab:c1:96:cd:54:
eb:98:e1:ab:0a:15:fc:0f:cd:f1:4a:0a:23:7e:de:13:1e:36:
4e:2b:e8:5b:c1:45:c8:2d:a6:e9:95:91:61:58:c2:b1:70:22:
f0:90:5c:6e:9a:a2:11:b6:bf:23:29:75:d6:0e:55:54:c7:38:
7d:3a:de:63:a7:22:9b:0a:ba:0e:a4:f5:1f:35:b7:b1:f5:df:
6f:b0:ee:fc:89:9c:ae:af:51:b1:92:84:1b:4e:57:e2:ba:4e:
de:e6:84:45:62:fe:05:3e:9d:f0:70:e5:44:a8:79:eb:a4:e4:
67:c4:2b:6b:8f:8b:25:a6:f4:ba:f0:a5:58:a9:1b:c6:81:b6:
02:f2:79:db:3e:cd:18:23:2b:34:09:71:3d:91:44:a2:52:61:
87:df:4c:1b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCRowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjUwQUExMTAvBgNVBAUTKDhCMTk1RjM3ODEwNTQ5QkI1Qjc3QTI3RUNDQTczQTJF
MkZDN0EyMDcwHhcNMjMxMTAyMjEwODI0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0MGZjOC03ZGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2WoYTfGHPy6Kuo3j9emUnA7qlfc/tTcn8dNaNo1RNhDmnKyNDx+yyKBKVnXL
jitBe1ze9Ikjp3HlNStA8CCTjxVMqteylR6cqTc4tmCIdiuZe9qG71SXaw4mOp5s
6/SEQ45pr66In4vzv7PqLoLcYLYz6Tjn6w2twkeqig/ncB1Ey9U5Saeeu1ez/oWW
K1oNZM/eBVosGuaIVHHO5kkuW/nQZ2Yo28drpF10XWXKneN8pbUSmv0nglBO72Zc
hJUtdbeuz8XXvpvWuaMpTqjgP/UwOtAr9u0ndv/obIZ5yVJfLqx2cFFPLW7Cpmit
VQh4ngoueG1BniTsQ6LSsIYB+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFN9iBC2+
iT/nl9YV1JVKf9LLpQP4MB8GA1UdIwQYMBaAFIsZXzeBBUm7W3eifsynOi4vx6IH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTBBQS8xNDk0NTQ3QTZD
OTQxMUVBOUIyODYyMzNDNEY5QUUwMi9peGxmTjRFRlNidGJkNkotektjNkxpX0hv
Z2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2l4bGZONEVGU2J0YmQ2Si16S2M2TGlfSG9nYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjUwQUEvMTQ5NDU0N0E2Qzk0MTFFQTlCMjg2MjMzQzRGOUFFMDIvOTYzNDRDMjg2
Qzk1MTFFQTlEOUUwNzM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAV2f0AwDQYJKoZIhvcNAQELBQADggEBADu6IZmIvLaSEcog
8aPlEt4uQetSPdrgS1nKdRS4vngboCRZI5S/z8LmJBQw8O5GcLdTfj5YH5Qz4WKc
XCXQ3EWmcJ5HErf/YY3tvhZ5u+P0sUgdnvGgUGGc9i/jno4C4nFfdPKOdsGrwZbN
VOuY4asKFfwPzfFKCiN+3hMeNk4r6FvBRcgtpumVkWFYwrFwIvCQXG6aohG2vyMp
ddYOVVTHOH063mOnIpsKug6k9R81t7H132+w7vyJnK6vUbGShBtOV+K6Tt7mhEVi
/gU+nfBw5USoeeuk5GfEK2uPiyWm9LrwpVipG8aBtgLyeds+zRgjKzQJcT2RRKJS
YYffTBs=
-----END CERTIFICATE-----
Generated at Tue Feb 13 06:20:05 2024 by rpki-client on console-ams.rpki-client.org