Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/8BAB4516A01B11EC8CC9DE3DC4F9AE02.roa
File: 8BAB4516A01B11EC8CC9DE3DC4F9AE02.roa (raw, json)
Hash identifier: ZiM9IS8FEmVjWbTksJ3RYNP1T0eAMj44nSMWQPXAeHs=
Subject key identifier: E5:B2:B6:E4:F3:5F:B9:13:95:9A:C5:CC:1A:AF:D4:46:28:9E:4E:24
Certificate issuer: /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial: 3210
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/8BAB4516A01B11EC8CC9DE3DC4F9AE02.roa
Signing time: Thu 16 Mar 2023 16:01:09 +0000
ROA not before: Thu 16 Mar 2023 16:01:09 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 56176
IP address blocks: 118.188.0.0/17 maxlen: 17
Validation: Failed, certificate revoked on Tue 16 Jan 2024 09:19:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12816 (0x3210)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Validity
Not Before: Mar 16 16:01:09 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64133d45-7116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bd:3d:b5:0f:7a:d5:f4:8c:6b:eb:7d:a6:7c:
64:12:ec:87:0e:a9:b5:ec:f4:fe:69:aa:02:20:39:
41:58:7c:07:ff:2b:be:81:5d:5a:7b:a9:ce:c2:0a:
71:a6:7f:81:42:90:47:84:aa:7a:f8:38:aa:54:a3:
9f:a3:e6:b4:68:ce:37:9d:e7:d3:a8:0e:a4:db:79:
17:29:ca:51:e0:49:95:22:b2:f3:f8:a5:d4:ae:50:
49:39:0a:3a:95:52:04:74:17:bb:44:eb:ba:dc:01:
ce:0f:ea:2e:77:d6:55:de:39:06:f8:c6:44:72:5a:
b7:ca:c0:5c:56:18:7a:85:db:ff:b6:ca:ad:f8:0a:
de:7a:af:35:03:d4:5c:41:cd:40:ca:a9:a5:7d:19:
8f:05:ec:61:cf:a6:c7:78:58:56:d3:f6:02:a9:c7:
b7:dd:93:3b:18:d2:54:a0:f6:d2:81:83:bc:17:05:
4d:cb:59:db:c8:1b:c6:28:e8:f2:2e:21:f3:64:a3:
02:2d:34:c2:47:a9:9d:19:6f:86:12:98:7b:a9:27:
34:cc:e7:d8:51:dd:70:93:4d:20:57:81:9b:d3:ad:
df:65:73:11:33:1f:19:0f:c5:08:1b:d2:af:f9:dd:
7e:ea:16:c8:93:59:d3:cc:b9:f0:9a:d1:a7:90:7a:
52:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B2:B6:E4:F3:5F:B9:13:95:9A:C5:CC:1A:AF:D4:46:28:9E:4E:24
X509v3 Authority Key Identifier:
keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/8BAB4516A01B11EC8CC9DE3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.188.0.0/17
Signature Algorithm: sha256WithRSAEncryption
1f:d1:ca:d7:1c:9e:43:b2:aa:a0:97:1c:7d:1e:98:3e:8a:84:
1a:92:f9:97:f0:26:20:92:58:b4:0b:1c:ed:07:04:2d:d6:56:
a4:f6:b8:40:5d:c1:e0:8b:ce:1c:75:58:8b:0a:0b:65:75:84:
05:32:fe:ad:60:06:48:2a:dd:84:62:56:45:17:11:79:23:35:
e0:ea:cf:a6:ac:ca:9c:ca:ae:b3:f4:86:4c:09:99:31:47:b3:
4c:86:ab:a2:4d:70:cb:d4:9c:c1:06:8a:13:67:21:e3:50:aa:
3e:b5:19:d6:da:1f:fa:a7:91:26:97:c6:13:0b:b1:bd:a9:f1:
32:3c:ca:19:5e:2b:6b:0f:bf:66:87:9f:00:22:2e:e2:05:d8:
97:86:35:ba:f7:d5:b3:77:6a:e2:8f:4e:e5:9a:34:6d:e3:7c:
61:3d:a5:d9:b8:79:80:82:97:1a:99:f7:f8:cf:3a:71:69:32:
64:46:1e:79:4a:44:27:6c:7f:c1:8a:db:d2:f9:50:c9:ad:af:
d1:3f:69:7c:a8:43:a3:fe:0c:fe:24:7d:17:a8:aa:9a:3d:34:
dd:3e:13:5c:f4:07:3b:e7:9f:40:f4:ae:13:cf:8e:11:e2:c3:
e4:e9:26:c9:fa:d1:50:6e:c2:d9:b7:c9:dc:5e:b2:30:56:18:
03:fc:0a:d0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMhAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjMwMzE2MTYwMTA5WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDEzM2Q0NS03MTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu709tQ961fSMa+t9pnxkEuyHDqm17PT+aaoCIDlBWHwH/yu+gV1ae6nOwgpx
pn+BQpBHhKp6+DiqVKOfo+a0aM43nefTqA6k23kXKcpR4EmVIrLz+KXUrlBJOQo6
lVIEdBe7ROu63AHOD+oud9ZV3jkG+MZEclq3ysBcVhh6hdv/tsqt+Areeq81A9Rc
Qc1AyqmlfRmPBexhz6bHeFhW0/YCqce33ZM7GNJUoPbSgYO8FwVNy1nbyBvGKOjy
LiHzZKMCLTTCR6mdGW+GEph7qSc0zOfYUd1wk00gV4Gb063fZXMRMx8ZD8UIG9Kv
+d1+6hbIk1nTzLnwmtGnkHpS/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFOWytuTz
X7kTlZrFzBqv1EYonk4kMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvOEJBQjQ1MTZB
MDFCMTFFQzhDQzlERTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAd2vAAwDQYJKoZIhvcNAQELBQADggEBAB/RytccnkOyqqCX
HH0emD6KhBqS+ZfwJiCSWLQLHO0HBC3WVqT2uEBdweCLzhx1WIsKC2V1hAUy/q1g
Bkgq3YRiVkUXEXkjNeDqz6asypzKrrP0hkwJmTFHs0yGq6JNcMvUnMEGihNnIeNQ
qj61GdbaH/qnkSaXxhMLsb2p8TI8yhleK2sPv2aHnwAiLuIF2JeGNbr31bN3auKP
TuWaNG3jfGE9pdm4eYCClxqZ9/jPOnFpMmRGHnlKRCdsf8GK29L5UMmtr9E/aXyo
Q6P+DP4kfReoqpo9NN0+E1z0Bzvnn0D0rhPPjhHiw+TpJsn60VBuwtm3ydxesjBW
GAP8CtA=
-----END CERTIFICATE-----
Generated at Tue Jan 16 12:45:15 2024 by rpki-client on console-ams.rpki-client.org