Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/03F2F4BC5EC711EF83A3B263C4F9AE02.roa
File: 03F2F4BC5EC711EF83A3B263C4F9AE02.roa (raw, json)
Hash identifier: +QOLNwPYoxfjjHbYCtjWYI2zUo+Sua6OeFGIK31S38Y=
Subject key identifier: 50:67:B8:13:FE:6B:D9:D5:C1:0A:B5:85:CF:38:22:12:1A:B8:31:BB
Certificate issuer: /CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897
Certificate serial: 15C8
Authority key identifier: E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/03F2F4BC5EC711EF83A3B263C4F9AE02.roa
Signing time: Tue 20 Aug 2024 07:37:13 +0000
ROA not before: Tue 20 Aug 2024 07:37:13 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.160.0/19 maxlen: 19
27.111.192.0/20 maxlen: 20
45.126.14.0/23 maxlen: 23
103.14.116.0/22 maxlen: 22
113.59.240.0/20 maxlen: 20
113.59.240.0/23 maxlen: 24
113.59.243.0/24 maxlen: 24
113.59.248.0/21 maxlen: 21
113.59.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 07:08:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5576 (0x15c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897
Validity
Not Before: Aug 20 07:37:13 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c447a9-1bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b6:fd:05:aa:03:e1:55:05:c8:35:28:3d:f2:
93:0b:6c:38:64:f7:a2:c3:cf:89:65:d6:cf:35:2e:
0f:56:14:e2:46:e2:53:97:1a:b4:0e:73:63:3a:d1:
a4:a0:08:2e:13:c8:4b:01:4e:ab:f5:9a:ab:31:02:
bd:b6:74:dd:e6:0c:b3:c5:9e:fc:03:02:95:36:22:
97:bb:34:46:94:21:c0:83:3f:eb:86:ca:dd:34:f8:
d0:60:41:3e:b6:cf:f4:9c:02:d4:0d:1f:f4:70:1b:
14:56:26:a8:5d:8c:b3:2f:f2:8b:ae:53:a9:ec:b9:
a0:9a:e2:aa:6d:c7:8c:d1:2d:86:e7:89:a4:7f:a2:
02:58:cd:dd:49:69:72:07:7d:e4:68:13:9d:68:a6:
3a:aa:a9:47:71:56:b0:89:45:0e:6c:a3:fe:c0:19:
0a:15:c5:33:26:64:43:a0:70:0f:6b:35:e6:9f:da:
13:7e:38:80:f6:b5:f2:27:80:39:49:ae:a9:bf:d8:
1e:04:35:d2:05:10:e8:eb:23:05:27:af:8e:57:0f:
d1:50:ba:cf:00:47:0b:dc:f0:8a:d8:72:62:59:85:
1d:41:6f:b7:5b:f6:78:92:36:54:80:1a:59:5f:3f:
e4:62:b3:5b:17:5b:71:88:bc:45:4a:f3:90:00:11:
eb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:67:B8:13:FE:6B:D9:D5:C1:0A:B5:85:CF:38:22:12:1A:B8:31:BB
X509v3 Authority Key Identifier:
keyid:E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/03F2F4BC5EC711EF83A3B263C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.160.0-27.111.207.255
45.126.14.0/23
103.14.116.0/22
113.59.240.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:d7:c3:cc:82:ff:33:9d:10:83:e0:40:1b:5d:5b:71:6b:62:
47:64:d1:aa:5d:9a:93:4e:f0:a6:2e:ea:1d:87:d4:50:cf:6f:
de:a2:38:25:09:d5:f2:69:75:45:4b:2e:5a:d4:fc:2c:80:fb:
46:f5:99:76:28:04:25:0c:eb:b6:b6:87:0e:e0:d0:3b:c5:5f:
ce:46:9a:9c:6c:ce:6a:62:21:90:0d:dd:65:4f:af:f3:5f:ff:
36:e5:d2:2d:ea:7b:1a:dd:81:aa:18:dc:87:0c:c8:44:9f:c7:
2a:3b:48:bd:a3:d1:f8:c5:f1:eb:5e:6b:90:d8:47:ac:10:0d:
b8:8d:f9:60:2a:e0:83:c9:06:a7:20:b8:31:1e:a5:76:eb:9e:
50:1e:a1:bf:71:59:d2:b0:f1:95:f6:92:11:a6:2b:c5:49:bc:
2a:4a:8a:5b:1f:57:3a:01:c4:7a:ac:7f:21:0d:17:30:65:2f:
c3:e9:7f:a8:4a:e6:cd:1c:71:14:e1:f1:95:23:1d:02:49:81:
36:a5:7e:f3:77:7c:82:6c:f1:8d:38:d5:84:5e:f0:d3:85:ac:
85:c1:2c:a3:36:37:84:1c:15:49:2a:f7:b9:92:a2:8c:b5:51:
58:13:ce:2a:f9:07:40:7b:f5:ab:24:dc:66:1c:4d:4c:70:88:
92:68:58:95
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICFcgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzJEOTExMTAvBgNVBAUTKEUyRURFNEE3RUE5NzI2NjhBNzk1QjI3QkE5REM4N0Y0
QjkwREE4OTcwHhcNMjQwODIwMDczNzEzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0NDdhOS0xYmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsbb9BaoD4VUFyDUoPfKTC2w4ZPeiw8+JZdbPNS4PVhTiRuJTlxq0DnNjOtGk
oAguE8hLAU6r9ZqrMQK9tnTd5gyzxZ78AwKVNiKXuzRGlCHAgz/rhsrdNPjQYEE+
ts/0nALUDR/0cBsUViaoXYyzL/KLrlOp7LmgmuKqbceM0S2G54mkf6ICWM3dSWly
B33kaBOdaKY6qqlHcVawiUUObKP+wBkKFcUzJmRDoHAPazXmn9oTfjiA9rXyJ4A5
Sa6pv9geBDXSBRDo6yMFJ6+OVw/RULrPAEcL3PCK2HJiWYUdQW+3W/Z4kjZUgBpZ
Xz/kYrNbF1txiLxFSvOQABHrqwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFFBnuBP+
a9nVwQq1hc84IhIauDG7MB8GA1UdIwQYMBaAFOLt5KfqlyZop5Wye6nch/S5DaiX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkQ5MS9FQTY3MkE1QzE5
RTcxMUU4QjI0M0Q1N0NDNEY5QUUwMi80dTNrcC1xWEptaW5sYko3cWR5SDlMa05x
SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzR1M2twLXFYSm1pbmxiSjdxZHlIOUxrTnFKYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJEOTEvRUE2NzJBNUMxOUU3MTFFOEIyNDNENTdDQzRGOUFFMDIvMDNGMkY0QkM1
RUM3MTFFRjgzQTNCMjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCAwDAMEBRtvoAMEBBtvwAMEAS1+DgMEAmcOdAMEBHE78DANBgkq
hkiG9w0BAQsFAAOCAQEAGtfDzIL/M50Qg+BAG11bcWtiR2TRql2ak07wpi7qHYfU
UM9v3qI4JQnV8ml1RUsuWtT8LID7RvWZdigEJQzrtraHDuDQO8VfzkaanGzOamIh
kA3dZU+v81//NuXSLep7Gt2BqhjchwzIRJ/HKjtIvaPR+MXx615rkNhHrBANuI35
YCrgg8kGpyC4MR6lduueUB6hv3FZ0rDxlfaSEaYrxUm8KkqKWx9XOgHEeqx/IQ0X
MGUvw+l/qErmzRxxFOHxlSMdAkmBNqV+83d8gmzxjTjVhF7w04WshcEsozY3hBwV
SSr3uZKijLVRWBPOKvkHQHv1qyTcZhxNTHCIkmhYlQ==
-----END CERTIFICATE-----
Generated at Wed Aug 21 09:45:54 2024 by rpki-client on console-ams.rpki-client.org