Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914254C/5A564D4819E811E8B9650C7EC4F9AE02/C4E99960823E11EF879B0167C4F9AE02.roa
File: C4E99960823E11EF879B0167C4F9AE02.roa (raw, json)
Hash identifier: WtLvILstWOVAfW/4Jx/69//Zt5mguHY5mUpd/vgpvJI=
Subject key identifier: 41:02:FD:35:9A:C8:E6:54:F4:6C:5A:C3:DA:B5:B5:CC:32:5D:2D:29
Certificate issuer: /CN=A914254C/serialNumber=7B3F60D9B1A28002A07875CAB58A21457073E17F
Certificate serial: 1608
Authority key identifier: 7B:3F:60:D9:B1:A2:80:02:A0:78:75:CA:B5:8A:21:45:70:73:E1:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ez9g2bGigAKgeHXKtYohRXBz4X8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914254C/5A564D4819E811E8B9650C7EC4F9AE02/C4E99960823E11EF879B0167C4F9AE02.roa
Signing time: Fri 04 Oct 2024 10:52:37 +0000
ROA not before: Fri 04 Oct 2024 10:52:37 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 9989
IP address blocks: 27.111.220.0/24 maxlen: 24
118.103.183.0/24 maxlen: 24
2403:b100::/32 maxlen: 32
2403:b100::/33 maxlen: 33
2403:b100:7f00::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 05 Nov 2024 07:45:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5640 (0x1608)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914254C/serialNumber=7B3F60D9B1A28002A07875CAB58A21457073E17F
Validity
Not Before: Oct 4 10:52:37 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66ffc8f5-139c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9b:0c:e2:3f:18:24:11:b7:9f:7c:81:3d:fc:
fc:fe:79:cc:9e:34:91:dc:d8:a1:48:7a:90:22:4b:
59:60:de:f2:fd:89:0b:59:0c:24:bd:36:9d:16:21:
bf:2a:3e:ce:4d:eb:97:19:9b:b1:47:99:db:67:b4:
95:76:90:ea:82:b4:6c:20:ea:28:68:48:c4:0d:68:
3f:b8:72:be:4a:b2:61:32:e1:8b:58:19:6b:6b:a8:
9d:53:85:f5:6c:41:ca:39:44:a9:45:2a:b9:e2:23:
03:a6:9a:42:28:d9:1c:a3:c8:65:66:da:58:85:2b:
54:7d:bd:3d:1c:92:ee:4f:71:cb:08:c7:95:1c:02:
75:ff:02:e4:e3:ea:d2:f0:11:b1:bb:5f:ad:c6:19:
97:47:61:94:5b:d3:89:3c:5e:36:be:d5:52:84:4e:
b8:02:e6:f7:ac:bb:dd:e1:7c:78:c3:1d:e2:5d:8c:
57:b0:c9:f4:6d:f1:95:21:9d:b7:b9:9e:a5:17:8d:
31:2c:a9:c0:1d:9c:28:4f:d8:23:08:8b:eb:ee:94:
db:2a:6a:d8:b9:cd:c1:06:63:71:a1:d0:5c:79:a0:
c4:f7:d8:b5:e5:27:ae:3a:bd:13:e5:98:e6:fe:25:
e8:de:91:23:27:0b:02:7c:8a:77:fb:7d:c1:db:1f:
53:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:02:FD:35:9A:C8:E6:54:F4:6C:5A:C3:DA:B5:B5:CC:32:5D:2D:29
X509v3 Authority Key Identifier:
keyid:7B:3F:60:D9:B1:A2:80:02:A0:78:75:CA:B5:8A:21:45:70:73:E1:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914254C/5A564D4819E811E8B9650C7EC4F9AE02/ez9g2bGigAKgeHXKtYohRXBz4X8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ez9g2bGigAKgeHXKtYohRXBz4X8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914254C/5A564D4819E811E8B9650C7EC4F9AE02/C4E99960823E11EF879B0167C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.220.0/24
118.103.183.0/24
IPv6:
2403:b100::/32
Signature Algorithm: sha256WithRSAEncryption
24:17:df:b6:44:fa:2e:00:88:a0:05:a1:2a:11:04:0f:a8:d2:
6c:7b:6c:24:c7:d0:10:d4:d0:98:06:0d:83:93:c0:7a:2b:65:
ba:1d:70:75:96:c5:17:5d:d1:bb:64:bd:b5:f0:b7:eb:28:8e:
7d:7e:81:e2:1f:20:f3:33:8e:3f:7a:c8:e0:d2:f5:98:8f:6f:
c9:f2:cf:21:08:df:be:97:2e:fb:ce:9f:89:04:87:8e:d4:2c:
0b:49:3d:39:2c:87:0d:20:b4:04:79:b8:06:de:65:2a:73:c6:
70:c2:14:01:23:04:78:9e:aa:1d:2e:41:42:0e:a9:6c:3e:52:
e3:c3:42:a6:2b:4e:d9:55:8e:56:99:83:92:72:0e:06:fd:f7:
44:5d:82:36:91:22:0e:fa:84:9d:ca:fc:95:30:35:a3:5c:cf:
bc:fb:1b:ed:0a:0a:e5:a9:58:39:7b:58:bc:91:bd:1b:f7:55:
c0:4e:d2:a6:26:7b:3d:28:33:bb:c0:0e:a8:7a:89:95:e3:70:
1a:fe:3c:51:45:0d:da:c3:fe:33:38:b0:30:a3:44:4c:38:a2:
48:5c:be:2c:37:57:31:16:bc:4c:50:83:24:ee:e0:46:91:76:
d5:02:6f:d7:ea:ce:9d:a3:5d:1a:6a:9e:ec:51:09:c2:3e:b7:
08:09:34:a9
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICFggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI1NEMxMTAvBgNVBAUTKDdCM0Y2MEQ5QjFBMjgwMDJBMDc4NzVDQUI1OEEyMTQ1
NzA3M0UxN0YwHhcNMjQxMDA0MTA1MjM3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZmYzhmNS0xMzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArpsM4j8YJBG3n3yBPfz8/nnMnjSR3NihSHqQIktZYN7y/YkLWQwkvTadFiG/
Kj7OTeuXGZuxR5nbZ7SVdpDqgrRsIOooaEjEDWg/uHK+SrJhMuGLWBlra6idU4X1
bEHKOUSpRSq54iMDpppCKNkco8hlZtpYhStUfb09HJLuT3HLCMeVHAJ1/wLk4+rS
8BGxu1+txhmXR2GUW9OJPF42vtVShE64Aub3rLvd4Xx4wx3iXYxXsMn0bfGVIZ23
uZ6lF40xLKnAHZwoT9gjCIvr7pTbKmrYuc3BBmNxodBceaDE99i15SeuOr0T5Zjm
/iXo3pEjJwsCfIp3+33B2x9TMQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEEC/TWa
yOZU9Gxaw9q1tcwyXS0pMB8GA1UdIwQYMBaAFHs/YNmxooACoHh1yrWKIUVwc+F/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjU0Qy81QTU2NEQ0ODE5
RTgxMUU4Qjk2NTBDN0VDNEY5QUUwMi9lejlnMmJHaWdBS2dlSFhLdFlvaFJYQno0
WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V6OWcyYkdpZ0FLZ2VIWEt0WW9oUlhCejRYOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI1NEMvNUE1NjRENDgxOUU4MTFFOEI5NjUwQzdFQzRGOUFFMDIvQzRFOTk5NjA4
MjNFMTFFRjg3OUIwMTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAAbb9wDBAB2Z7cwDQQCAAIwBwMFACQDsQAwDQYJKoZIhvcN
AQELBQADggEBACQX37ZE+i4AiKAFoSoRBA+o0mx7bCTH0BDU0JgGDYOTwHorZbod
cHWWxRdd0btkvbXwt+sojn1+geIfIPMzjj96yODS9ZiPb8nyzyEI376XLvvOn4kE
h47ULAtJPTkshw0gtAR5uAbeZSpzxnDCFAEjBHieqh0uQUIOqWw+UuPDQqYrTtlV
jlaZg5JyDgb990RdgjaRIg76hJ3K/JUwNaNcz7z7G+0KCuWpWDl7WLyRvRv3VcBO
0qYmez0oM7vADqh6iZXjcBr+PFFFDdrD/jM4sDCjREw4okhcviw3VzEWvExQgyTu
4EaRdtUCb9fqzp2jXRpqnuxRCcI+twgJNKk=
-----END CERTIFICATE-----
Generated at Tue Nov 5 09:40:59 2024 by rpki-client on console-ams.rpki-client.org