Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/C35D8C8A5B9E11EFBFF99A5BC4F9AE02.roa
File: C35D8C8A5B9E11EFBFF99A5BC4F9AE02.roa (raw, json)
Hash identifier: 0hVYkG5Z3cFmxlZv8G7+bbgGpk25YBaCZIPw3ocH7Sc=
Subject key identifier: 41:BD:54:47:B2:C9:7D:C2:25:81:81:69:67:01:52:5A:D0:C5:F3:79
Certificate issuer: /CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Certificate serial: 0AFF
Authority key identifier: 7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/C35D8C8A5B9E11EFBFF99A5BC4F9AE02.roa
Signing time: Fri 16 Aug 2024 20:28:24 +0000
ROA not before: Fri 16 Aug 2024 20:28:24 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.128.0/22 maxlen: 22
103.8.176.0/22 maxlen: 22
103.8.180.0/22 maxlen: 22
119.27.0.0/19 maxlen: 19
119.27.32.0/20 maxlen: 20
119.27.52.0/22 maxlen: 22
119.27.56.0/22 maxlen: 22
119.27.60.0/23 maxlen: 23
122.50.64.0/19 maxlen: 19
122.50.104.0/21 maxlen: 21
122.50.112.0/22 maxlen: 22
122.50.120.0/22 maxlen: 22
122.50.124.0/22 maxlen: 22
180.189.0.0/21 maxlen: 21
180.189.8.0/21 maxlen: 21
180.189.32.0/20 maxlen: 20
180.189.48.0/22 maxlen: 22
180.189.56.0/21 maxlen: 21
183.177.0.0/20 maxlen: 20
183.177.16.0/20 maxlen: 20
183.177.32.0/20 maxlen: 20
202.167.224.0/23 maxlen: 23
202.167.232.0/24 maxlen: 24
202.167.234.0/23 maxlen: 23
202.167.236.0/22 maxlen: 22
202.167.240.0/22 maxlen: 22
202.167.248.0/23 maxlen: 23
202.167.255.0/24 maxlen: 24
202.177.192.0/24 maxlen: 24
202.177.193.0/24 maxlen: 24
202.177.195.0/24 maxlen: 24
202.177.198.0/24 maxlen: 24
202.177.199.0/24 maxlen: 24
202.177.200.0/23 maxlen: 23
202.177.201.0/24 maxlen: 24
202.177.202.0/23 maxlen: 23
202.177.204.0/23 maxlen: 23
203.190.224.0/23 maxlen: 23
203.190.236.0/22 maxlen: 22
2407:b000::/32 maxlen: 32
2407:b001::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 21 Aug 2024 07:44:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2815 (0xaff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Validity
Not Before: Aug 16 20:28:24 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66bfb668-456a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e6:12:5e:d1:8e:7b:e1:e6:7f:f3:a8:dc:67:
68:0d:6f:60:ac:8a:04:e3:b2:99:28:2b:5c:77:35:
b5:14:f2:98:d3:db:c1:96:b5:3d:71:84:c2:16:98:
ae:62:f4:6b:f9:6d:0b:cd:97:94:4d:19:a5:67:06:
a4:3c:17:d0:59:36:bd:87:14:bf:2b:34:52:a7:25:
78:2c:5c:23:88:18:15:04:9d:8a:19:c7:ff:87:7b:
ad:3a:69:ba:02:2e:ef:00:e7:76:ba:8c:63:c4:36:
5e:1b:0c:32:b6:b3:93:d9:82:98:7e:29:cb:ad:bd:
a3:54:1d:d5:4e:5a:6c:db:3b:0b:60:b1:ed:9f:43:
fa:7f:6d:5f:8f:69:9a:92:36:a2:d8:3d:c5:ec:40:
f8:6b:ba:a8:df:63:19:df:16:40:6d:ff:d9:f1:76:
62:d3:33:1d:fc:cf:13:ac:f8:a2:8f:32:ac:11:59:
c7:c5:44:c2:1a:04:93:33:a0:3e:d4:bd:d6:b6:d1:
2d:1d:18:22:00:86:42:fe:39:36:a7:64:1c:fc:06:
c6:08:47:54:72:43:c6:45:a4:16:44:4e:b9:46:43:
cf:0b:f5:18:8b:f0:77:26:9a:da:88:dc:5c:ae:a0:
63:44:08:9e:fb:c6:09:c1:1a:9f:be:3b:37:0d:d1:
ba:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BD:54:47:B2:C9:7D:C2:25:81:81:69:67:01:52:5A:D0:C5:F3:79
X509v3 Authority Key Identifier:
keyid:7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/C35D8C8A5B9E11EFBFF99A5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.128.0/22
103.8.176.0/21
119.27.0.0-119.27.47.255
119.27.52.0-119.27.61.255
122.50.64.0/19
122.50.104.0-122.50.115.255
122.50.120.0/21
180.189.0.0/20
180.189.32.0-180.189.51.255
180.189.56.0/21
183.177.0.0-183.177.47.255
202.167.224.0/23
202.167.232.0/24
202.167.234.0-202.167.243.255
202.167.248.0/23
202.167.255.0/24
202.177.192.0/23
202.177.195.0/24
202.177.198.0-202.177.205.255
203.190.224.0/23
203.190.236.0/22
IPv6:
2407:b000::/31
Signature Algorithm: sha256WithRSAEncryption
2a:1d:69:0f:d4:19:7b:19:9a:d0:b6:10:fc:89:b0:24:84:5f:
4e:db:65:ff:bf:e0:77:d2:19:09:8b:20:ea:2c:2c:ac:c2:91:
cf:fb:ad:e7:a3:30:a3:85:c6:a0:47:17:a1:8b:14:a3:3d:42:
aa:3c:08:50:3a:b9:04:71:cf:20:7f:3b:48:0d:bd:3e:96:05:
3b:a0:29:ec:c8:87:f7:20:40:dc:d0:de:4f:be:3f:08:2d:3a:
6e:56:d1:8f:14:af:ad:6b:a0:4a:ca:ec:09:82:10:ee:36:7a:
80:37:29:b4:ba:6d:1c:cb:df:53:c0:ba:8d:fe:61:2b:9e:e5:
ff:8c:a2:38:46:d1:78:b6:1e:7f:31:7d:cc:17:07:d3:a7:87:
65:74:6d:35:b6:4e:7d:d7:a5:c0:95:07:fc:6a:ad:35:28:e7:
c9:4f:84:11:c9:6f:29:0b:de:ea:72:1c:35:31:55:55:7d:11:
3a:e3:b8:08:53:dc:3f:e2:8e:f5:59:a7:9c:52:f8:38:1d:ff:
4f:6d:a0:37:1f:ec:0e:20:e3:a9:99:f6:97:78:fd:29:22:d6:
fd:69:db:52:37:71:09:67:89:57:a0:fd:68:a0:a5:79:9e:31:
ba:ef:2d:51:5a:d6:0a:96:3c:35:54:19:bf:9d:6f:85:49:4a:
13:22:f6:1a
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgICCv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFM0YxMTAvBgNVBAUTKDdFMzEzQUI3RkYyNkU3ODNFMDNDMDc4NTE2MTI3NTE4
ODFBRTQ5MTgwHhcNMjQwODE2MjAyODI0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJmYjY2OC00NTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2+YSXtGOe+Hmf/Oo3GdoDW9grIoE47KZKCtcdzW1FPKY09vBlrU9cYTCFpiu
YvRr+W0LzZeUTRmlZwakPBfQWTa9hxS/KzRSpyV4LFwjiBgVBJ2KGcf/h3utOmm6
Ai7vAOd2uoxjxDZeGwwytrOT2YKYfinLrb2jVB3VTlps2zsLYLHtn0P6f21fj2ma
kjai2D3F7ED4a7qo32MZ3xZAbf/Z8XZi0zMd/M8TrPiijzKsEVnHxUTCGgSTM6A+
1L3WttEtHRgiAIZC/jk2p2Qc/AbGCEdUckPGRaQWRE65RkPPC/UYi/B3JpraiNxc
rqBjRAie+8YJwRqfvjs3DdG6lwIDAQABo4IDVzCCA1MwHQYDVR0OBBYEFEG9VEey
yX3CJYGBaWcBUlrQxfN5MB8GA1UdIwQYMBaAFH4xOrf/JueD4DwHhRYSdRiBrkkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEUzRi9DMjQzMjJCQTU0
NDYxMUVBOEMwNTY1MURDNEY5QUUwMi9makU2dF84bTU0UGdQQWVGRmhKMUdJR3VT
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqRTZ0XzhtNTRQZ1BBZUZGaEoxR0lHdVNSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFM0YvQzI0MzIyQkE1NDQ2MTFFQThDMDU2NTFEQzRGOUFFMDIvQzM1RDhDOEE1
QjlFMTFFRkJGRjk5QTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeAGCCsGAQUFBwEHAQH/
BIHQMIHNMIG7BAIAATCBtAMEAhtvgAMEA2cIsDALAwMAdxsDBAR3GyAwDAMEAncb
NAMEAXcbPAMEBXoyQDAMAwQDejJoAwQCejJwAwQDejJ4AwQEtL0AMAwDBAW0vSAD
BAK0vTADBAO0vTgwCwMDALexAwQEt7EgAwQByqfgAwQAyqfoMAwDBAHKp+oDBALK
p/ADBAHKp/gDBADKp/8DBAHKscADBADKscMwDAMEAcqxxgMEAcqxzAMEAcu+4AME
Asu+7DANBAIAAjAHAwUBJAewADANBgkqhkiG9w0BAQsFAAOCAQEAKh1pD9QZexma
0LYQ/ImwJIRfTttl/7/gd9IZCYsg6iwsrMKRz/ut56Mwo4XGoEcXoYsUoz1CqjwI
UDq5BHHPIH87SA29PpYFO6Ap7MiH9yBA3NDeT74/CC06blbRjxSvrWugSsrsCYIQ
7jZ6gDcptLptHMvfU8C6jf5hK57l/4yiOEbReLYefzF9zBcH06eHZXRtNbZOfdel
wJUH/GqtNSjnyU+EEclvKQve6nIcNTFVVX0ROuO4CFPcP+KO9VmnnFL4OB3/T22g
Nx/sDiDjqZn2l3j9KSLW/WnbUjdxCWeJV6D9aKCleZ4xuu8tUVrWCpY8NVQZv51v
hUlKEyL2Gg==
-----END CERTIFICATE-----
Generated at Wed Aug 21 09:58:20 2024 by rpki-client on console-fra.rpki-client.org