Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/61DED236C25611EC94A6D470C4F9AE02.roa
File: 61DED236C25611EC94A6D470C4F9AE02.roa (raw, json)
Hash identifier: rpxTNJiHRwJkZGTFGiPdmYb3qnY+7+oLFqDgeChL/Yk=
Subject key identifier: C7:34:5B:74:A5:89:A7:75:45:71:57:2B:60:C8:B2:5F:31:EC:04:AF
Certificate issuer: /CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Certificate serial: 0A59
Authority key identifier: 7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/61DED236C25611EC94A6D470C4F9AE02.roa
Signing time: Thu 04 Apr 2024 06:19:40 +0000
ROA not before: Thu 04 Apr 2024 06:19:40 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.128.0/22 maxlen: 22
103.8.176.0/21 maxlen: 21
180.189.56.0/21 maxlen: 21
2407:b000::/32 maxlen: 32
2407:b001::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 Apr 2024 08:11:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2649 (0xa59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Validity
Not Before: Apr 4 06:19:40 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=660e467c-b8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c2:60:1a:0b:57:0f:3b:b6:0d:86:2e:b5:a2:
2f:6c:6f:bb:3d:fd:8f:a7:fa:64:f2:30:86:d2:92:
20:92:19:52:1e:b4:46:bc:4b:33:c4:05:8e:08:6b:
ef:ed:30:f4:71:56:16:82:ab:9f:48:d3:3e:bc:9b:
eb:bd:a1:6e:81:cd:81:9c:10:dc:28:ec:91:07:da:
54:7d:99:95:b1:c2:83:43:e8:97:d4:75:f3:8a:f7:
b9:4f:2c:6b:f2:4b:df:00:ad:cc:41:94:bd:ee:e1:
ab:0f:f7:2c:93:66:ca:fa:fa:52:95:d5:e5:50:8f:
ba:4f:6f:2b:2d:aa:cc:c9:35:d5:49:f1:24:c9:38:
f9:8d:01:d8:c0:ee:51:c7:98:bb:88:bc:17:a3:11:
ba:22:0a:04:0f:4b:8e:67:02:d5:31:f6:04:82:68:
07:13:2b:03:a8:84:27:11:11:d4:d6:cc:3d:cc:3b:
da:f1:d2:69:a3:64:0d:36:a9:96:be:cc:2a:2d:3f:
a4:01:c3:13:b3:66:f2:e7:82:93:1e:95:8b:a4:f5:
ec:a0:d5:68:4a:32:a5:2a:ba:ad:19:8f:6c:44:c2:
44:fc:cd:16:bd:b4:7c:1c:b1:36:e1:51:03:2d:69:
76:ca:a9:27:fe:2a:03:44:f4:b7:bc:b2:0e:c1:17:
38:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:34:5B:74:A5:89:A7:75:45:71:57:2B:60:C8:B2:5F:31:EC:04:AF
X509v3 Authority Key Identifier:
keyid:7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/61DED236C25611EC94A6D470C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.128.0/22
103.8.176.0/21
180.189.56.0/21
IPv6:
2407:b000::/31
Signature Algorithm: sha256WithRSAEncryption
82:ce:29:7c:03:23:cd:d4:b3:79:19:4f:9d:fa:23:65:a8:d0:
58:c4:2f:3d:8c:d3:4c:6b:b7:2e:f5:88:34:6e:b1:11:90:86:
d7:15:1f:46:21:43:8c:ec:ac:63:66:26:0e:02:f8:c9:1b:3a:
f1:56:e5:0d:f7:99:f7:ab:5a:08:af:d3:b9:92:47:4a:42:64:
1f:73:f5:85:ed:a3:55:4c:48:f9:2f:01:1b:ba:0a:2c:8d:f5:
a6:04:59:6d:20:c8:9f:bc:51:bd:e1:e5:6d:8b:3a:6f:ae:a3:
47:76:1f:9e:c5:5b:31:83:b9:6e:5b:ed:44:e6:7f:bc:6d:91:
47:56:12:31:75:8c:6a:f3:3a:98:75:83:2a:55:b3:31:73:0c:
ce:8c:6b:29:19:52:82:d9:37:3b:5e:6e:55:52:d6:30:cc:79:
c9:b6:80:ca:cb:36:a9:65:9a:f5:0c:9c:da:23:ef:00:9c:d8:
ed:77:b7:05:1b:e3:75:06:60:8b:20:86:5e:94:b8:b1:38:fc:
9d:4e:41:e0:53:ad:6b:cd:db:68:5b:f4:2b:bb:9e:3d:55:4b:
af:57:a5:9a:bd:7f:fa:ee:cd:3f:62:bd:85:16:e7:c7:70:e4:
08:aa:24:36:86:f0:05:4b:0b:37:93:d3:58:1d:3c:35:95:99:
36:02:05:bd
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICClkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFM0YxMTAvBgNVBAUTKDdFMzEzQUI3RkYyNkU3ODNFMDNDMDc4NTE2MTI3NTE4
ODFBRTQ5MTgwHhcNMjQwNDA0MDYxOTQwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBlNDY3Yy1iOGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxcJgGgtXDzu2DYYutaIvbG+7Pf2Pp/pk8jCG0pIgkhlSHrRGvEszxAWOCGvv
7TD0cVYWgqufSNM+vJvrvaFugc2BnBDcKOyRB9pUfZmVscKDQ+iX1HXzive5Tyxr
8kvfAK3MQZS97uGrD/csk2bK+vpSldXlUI+6T28rLarMyTXVSfEkyTj5jQHYwO5R
x5i7iLwXoxG6IgoED0uOZwLVMfYEgmgHEysDqIQnERHU1sw9zDva8dJpo2QNNqmW
vswqLT+kAcMTs2by54KTHpWLpPXsoNVoSjKlKrqtGY9sRMJE/M0WvbR8HLE24VED
LWl2yqkn/ioDRPS3vLIOwRc41QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFMc0W3Sl
iad1RXFXK2DIsl8x7ASvMB8GA1UdIwQYMBaAFH4xOrf/JueD4DwHhRYSdRiBrkkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEUzRi9DMjQzMjJCQTU0
NDYxMUVBOEMwNTY1MURDNEY5QUUwMi9makU2dF84bTU0UGdQQWVGRmhKMUdJR3VT
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqRTZ0XzhtNTRQZ1BBZUZGaEoxR0lHdVNSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFM0YvQzI0MzIyQkE1NDQ2MTFFQThDMDU2NTFEQzRGOUFFMDIvNjFERUQyMzZD
MjU2MTFFQzk0QTZENDcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIbb4ADBANnCLADBAO0vTgwDQQCAAIwBwMFASQHsAAwDQYJ
KoZIhvcNAQELBQADggEBAILOKXwDI83Us3kZT536I2Wo0FjELz2M00xrty71iDRu
sRGQhtcVH0YhQ4zsrGNmJg4C+MkbOvFW5Q33mferWgiv07mSR0pCZB9z9YXto1VM
SPkvARu6CiyN9aYEWW0gyJ+8Ub3h5W2LOm+uo0d2H57FWzGDuW5b7UTmf7xtkUdW
EjF1jGrzOph1gypVszFzDM6MaykZUoLZNzteblVS1jDMecm2gMrLNqllmvUMnNoj
7wCc2O13twUb43UGYIsghl6UuLE4/J1OQeBTrWvN22hb9Cu7nj1VS69XpZq9f/ru
zT9ivYUW58dw5AiqJDaG8AVLCzeT01gdPDWVmTYCBb0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-ams.rpki-client.org