Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914254C/5A564D4819E811E8B9650C7EC4F9AE02/DF5F00FA807C11EFBFABEB1AC4F9AE02.roa
File: DF5F00FA807C11EFBFABEB1AC4F9AE02.roa (raw, json)
Hash identifier: OuHsOXD4sAyG3abxa4d8vcBnjB7ELR2wsAmfXfKxJSQ=
Subject key identifier: BD:C7:E7:25:BF:3B:B5:44:CC:AF:54:54:A6:34:A5:8A:6D:B5:79:77
Certificate issuer: /CN=A914254C/serialNumber=7B3F60D9B1A28002A07875CAB58A21457073E17F
Certificate serial: 15E9
Authority key identifier: 7B:3F:60:D9:B1:A2:80:02:A0:78:75:CA:B5:8A:21:45:70:73:E1:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ez9g2bGigAKgeHXKtYohRXBz4X8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914254C/5A564D4819E811E8B9650C7EC4F9AE02/DF5F00FA807C11EFBFABEB1AC4F9AE02.roa
Signing time: Wed 02 Oct 2024 05:12:08 +0000
ROA not before: Wed 02 Oct 2024 05:12:08 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.208.0/20 maxlen: 20
27.111.224.0/22 maxlen: 22
27.111.232.0/21 maxlen: 21
27.111.232.0/22 maxlen: 22
27.111.236.0/23 maxlen: 23
27.111.238.0/23 maxlen: 23
101.97.64.0/22 maxlen: 22
101.97.72.0/21 maxlen: 21
101.97.80.0/21 maxlen: 21
118.103.180.0/22 maxlen: 22
202.79.192.0/22 maxlen: 22
202.79.196.0/23 maxlen: 23
202.79.200.0/21 maxlen: 21
202.79.208.0/20 maxlen: 20
2403:b100::/32 maxlen: 32
2403:b101::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 02 Oct 2024 08:04:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5609 (0x15e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914254C/serialNumber=7B3F60D9B1A28002A07875CAB58A21457073E17F
Validity
Not Before: Oct 2 05:12:08 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66fcd628-3ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0a:89:5f:63:57:b5:c2:fd:c3:7b:92:ba:8f:
fc:fd:1f:70:2e:ea:00:10:9e:a2:6d:4e:b5:a2:a3:
d9:77:40:04:ee:06:83:6d:80:19:7e:ca:2d:68:8f:
aa:97:65:74:d6:28:8e:e3:f7:94:ba:5a:29:9c:03:
c1:27:99:a4:5c:36:42:fc:f7:42:2c:9d:b2:4e:55:
c9:bf:da:86:e8:b5:40:ac:b1:a5:97:88:55:0f:2a:
b1:bf:1c:91:a6:7d:1d:e2:d8:6a:db:78:7e:8e:ce:
9e:12:ec:d6:d5:d9:05:d7:03:39:f9:9a:6d:b0:f7:
61:f5:2d:56:7f:c2:51:c2:b1:cd:92:ad:6e:bc:62:
a9:64:ad:d1:d1:84:03:fd:08:1a:d3:99:01:40:51:
20:52:71:18:27:60:91:28:b7:33:31:ec:d8:5e:e6:
33:0f:52:f7:94:98:79:b3:f4:f9:44:03:68:22:95:
16:4b:ff:42:3e:02:42:0a:f8:47:2c:02:13:99:92:
66:78:3d:24:99:23:aa:f1:01:68:7a:37:27:49:92:
57:4d:35:46:ba:c0:4f:9c:e8:15:92:3c:7d:92:19:
11:00:85:1c:b5:93:ea:75:f2:4b:73:34:59:a2:16:
2d:0f:a9:66:55:82:87:9d:96:f3:d2:0c:76:8d:2c:
91:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C7:E7:25:BF:3B:B5:44:CC:AF:54:54:A6:34:A5:8A:6D:B5:79:77
X509v3 Authority Key Identifier:
keyid:7B:3F:60:D9:B1:A2:80:02:A0:78:75:CA:B5:8A:21:45:70:73:E1:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914254C/5A564D4819E811E8B9650C7EC4F9AE02/ez9g2bGigAKgeHXKtYohRXBz4X8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ez9g2bGigAKgeHXKtYohRXBz4X8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914254C/5A564D4819E811E8B9650C7EC4F9AE02/DF5F00FA807C11EFBFABEB1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.208.0-27.111.227.255
27.111.232.0/21
101.97.64.0/22
101.97.72.0-101.97.87.255
118.103.180.0/22
202.79.192.0-202.79.197.255
202.79.200.0-202.79.223.255
IPv6:
2403:b100::-2403:b101:ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:e4:e0:92:a4:b6:1f:17:40:65:cf:bb:28:b2:d7:6c:80:55:
c0:e0:d6:1a:5e:1d:d4:df:88:42:0f:9e:a2:b4:d2:e6:65:ab:
44:e8:3a:0c:90:f7:bb:e1:ff:c7:6e:35:73:a3:29:16:83:d6:
fe:05:08:5a:77:3d:81:42:32:22:80:d2:95:58:18:e2:3c:55:
a5:67:6a:33:2e:ad:7b:21:0a:89:f7:0d:69:c0:81:f2:64:e8:
e9:ee:e5:eb:3f:3b:c8:af:b1:8c:fc:bf:ab:4e:9a:44:dc:8d:
c7:f4:4b:a0:c7:bd:90:b3:1e:94:93:8c:df:f3:7e:ca:b9:21:
0a:15:a4:c3:28:be:6b:7d:ce:bf:78:3e:93:5e:91:54:9c:33:
fa:ac:6b:50:65:d6:a5:95:37:7f:97:b3:ae:f0:e1:4b:55:4f:
95:0d:23:7f:5e:80:4f:83:86:d1:bb:66:c7:9e:e0:fc:64:70:
68:af:13:73:2b:13:3a:6d:74:82:95:72:5c:f5:ad:c2:22:11:
8d:a0:34:fa:13:d6:8f:45:05:ea:36:4f:35:97:f2:13:d9:61:
d0:c5:60:87:a7:61:ed:83:e5:16:b0:ab:f5:75:d4:fa:9e:3e:
e0:35:e0:4f:f9:35:a6:0c:07:f2:51:f5:61:76:28:06:20:9d:
f9:55:c6:76
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICFekwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI1NEMxMTAvBgNVBAUTKDdCM0Y2MEQ5QjFBMjgwMDJBMDc4NzVDQUI1OEEyMTQ1
NzA3M0UxN0YwHhcNMjQxMDAyMDUxMjA4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZjZDYyOC0zYWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArgqJX2NXtcL9w3uSuo/8/R9wLuoAEJ6ibU61oqPZd0AE7gaDbYAZfsotaI+q
l2V01iiO4/eUulopnAPBJ5mkXDZC/PdCLJ2yTlXJv9qG6LVArLGll4hVDyqxvxyR
pn0d4thq23h+js6eEuzW1dkF1wM5+ZptsPdh9S1Wf8JRwrHNkq1uvGKpZK3R0YQD
/Qga05kBQFEgUnEYJ2CRKLczMezYXuYzD1L3lJh5s/T5RANoIpUWS/9CPgJCCvhH
LAITmZJmeD0kmSOq8QFoejcnSZJXTTVGusBPnOgVkjx9khkRAIUctZPqdfJLczRZ
ohYtD6lmVYKHnZbz0gx2jSyR5wIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFL3H5yW/
O7VEzK9UVKY0pYpttXl3MB8GA1UdIwQYMBaAFHs/YNmxooACoHh1yrWKIUVwc+F/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjU0Qy81QTU2NEQ0ODE5
RTgxMUU4Qjk2NTBDN0VDNEY5QUUwMi9lejlnMmJHaWdBS2dlSFhLdFlvaFJYQno0
WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V6OWcyYkdpZ0FLZ2VIWEt0WW9oUlhCejRYOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI1NEMvNUE1NjRENDgxOUU4MTFFOEI5NjUwQzdFQzRGOUFFMDIvREY1RjAwRkE4
MDdDMTFFRkJGQUJFQjFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E
bDBqMFAEAgABMEowDAMEBBtv0AMEAhtv4AMEAxtv6AMEAmVhQDAMAwQDZWFIAwQD
ZWFQAwQCdme0MAwDBAbKT8ADBAHKT8QwDAMEA8pPyAMEBcpPwDAWBAIAAjAQMA4D
BAAkA7EDBgAkA7EBADANBgkqhkiG9w0BAQsFAAOCAQEAYuTgkqS2HxdAZc+7KLLX
bIBVwODWGl4d1N+IQg+eorTS5mWrROg6DJD3u+H/x241c6MpFoPW/gUIWnc9gUIy
IoDSlVgY4jxVpWdqMy6teyEKifcNacCB8mTo6e7l6z87yK+xjPy/q06aRNyNx/RL
oMe9kLMelJOM3/N+yrkhChWkwyi+a33Ov3g+k16RVJwz+qxrUGXWpZU3f5ezrvDh
S1VPlQ0jf16AT4OG0btmx57g/GRwaK8TcysTOm10gpVyXPWtwiIRjaA0+hPWj0UF
6jZPNZfyE9lh0MVgh6dh7YPlFrCr9XXU+p4+4DXgT/k1pgwH8lH1YXYoBiCd+VXG
dg==
-----END CERTIFICATE-----
Generated at Wed Oct 2 10:29:21 2024 by rpki-client on console-fra.rpki-client.org