Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/01227634388111EFB5D42F62C4F9AE02.roa
File: 01227634388111EFB5D42F62C4F9AE02.roa (raw, json)
Hash identifier: CLPyz0EnTaIO26qMqOrzy8tnTTkBNnoropX3NVPZiQQ=
Subject key identifier: C3:2C:C3:75:01:50:BF:A1:6D:3A:CD:4F:8B:BD:D5:4D:25:2F:E2:06
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1C10
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/01227634388111EFB5D42F62C4F9AE02.roa
Signing time: Tue 02 Jul 2024 14:40:20 +0000
ROA not before: Tue 02 Jul 2024 14:40:20 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 6762
IP address blocks: 111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
115.42.71.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Aug 2024 18:51:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7184 (0x1c10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Jul 2 14:40:20 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66841153-749c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8d:ed:b2:ae:6f:0e:ce:3d:2a:8b:fd:df:bb:
05:ca:fd:02:10:42:5c:72:b2:00:28:83:7c:60:c9:
9c:14:40:c6:d2:fa:36:5a:ac:77:1c:49:f9:b5:88:
66:92:8d:6a:df:25:0e:e1:a3:79:76:bf:35:2b:ae:
4a:35:b8:19:3b:f6:22:ed:0c:3b:3c:be:0e:6b:d4:
12:5a:78:56:43:c8:e8:da:d0:6b:e9:45:16:17:9a:
e9:63:11:e7:28:9d:a5:20:8e:98:de:c7:b7:1c:d0:
eb:0f:13:3f:44:5f:97:c6:aa:7d:ca:85:87:5b:66:
72:3a:19:81:1a:db:d6:ff:04:a5:5c:97:5a:0b:4d:
17:aa:4b:07:2d:fe:12:42:fc:20:a4:37:c6:94:30:
d6:f1:4c:b5:c7:c4:a0:29:9e:43:5c:b8:cd:ed:8d:
df:fd:ee:70:06:89:61:1d:91:ef:ff:68:45:be:03:
47:86:a1:77:40:2b:13:d5:9c:42:a0:2f:86:da:62:
c7:a0:a6:70:d7:bc:26:6a:98:28:da:dc:ba:1c:1b:
16:1f:20:31:c0:14:66:63:9a:5a:41:fe:05:fe:50:
94:e1:cf:bc:90:f1:8c:ab:c0:dd:48:7d:f6:cd:1c:
2f:7a:f2:e7:33:87:67:5e:7a:75:bd:e7:10:57:d2:
8d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:2C:C3:75:01:50:BF:A1:6D:3A:CD:4F:8B:BD:D5:4D:25:2F:E2:06
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/01227634388111EFB5D42F62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.119.164.0/23
115.42.68.0/22
118.103.226.0/23
Signature Algorithm: sha256WithRSAEncryption
89:4b:0c:58:d0:00:07:43:92:3b:31:2d:3e:42:38:5a:52:8e:
88:78:b4:90:0b:c3:81:cf:bf:1d:db:0b:e5:a3:3d:97:d3:06:
a5:3d:a9:ae:9d:d0:f7:f3:4f:95:0c:a5:b5:26:f5:6b:fd:4c:
d6:a6:4a:f0:e6:6d:d1:85:72:70:ae:09:9c:01:93:84:db:71:
11:72:ca:42:89:e1:28:65:59:90:2d:1d:e7:72:c7:7e:50:c1:
4c:81:b8:5f:cc:3e:a4:78:4e:c0:a1:d8:98:82:9e:9b:35:46:
41:eb:bf:fa:37:31:09:51:71:81:3f:91:36:95:e6:ab:f6:35:
d4:1a:c1:12:f4:e6:12:b2:1e:41:bf:b2:5c:f7:86:1a:b0:90:
38:00:db:75:dc:a5:88:51:88:ab:fc:46:5f:5b:f6:31:4f:e0:
ba:4d:3d:62:28:18:85:de:8e:c9:14:a5:c5:1d:ab:a5:19:18:
5a:2c:9a:2c:ee:73:a4:50:59:63:f0:7c:3f:4d:2a:be:d7:6c:
71:34:21:0c:6b:fc:b3:c7:88:d0:c5:78:33:e9:6d:e2:d8:72:
42:84:e8:a7:17:08:a4:66:88:2c:52:69:d3:e7:6a:50:0b:13:
b7:b5:d8:e0:ef:b1:87:d2:23:4b:08:40:c9:8b:21:a3:2b:4e:
4a:68:12:ac
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICHBAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjQwNzAyMTQ0MDIwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0MTE1My03NDljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvY3tsq5vDs49Kov937sFyv0CEEJccrIAKIN8YMmcFEDG0vo2Wqx3HEn5tYhm
ko1q3yUO4aN5dr81K65KNbgZO/Yi7Qw7PL4Oa9QSWnhWQ8jo2tBr6UUWF5rpYxHn
KJ2lII6Y3se3HNDrDxM/RF+Xxqp9yoWHW2ZyOhmBGtvW/wSlXJdaC00XqksHLf4S
QvwgpDfGlDDW8Uy1x8SgKZ5DXLjN7Y3f/e5wBolhHZHv/2hFvgNHhqF3QCsT1ZxC
oC+G2mLHoKZw17wmapgo2ty6HBsWHyAxwBRmY5paQf4F/lCU4c+8kPGMq8DdSH32
zRwvevLnM4dnXnp1vecQV9KNPQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFMMsw3UB
UL+hbTrNT4u91U0lL+IGMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvMDEyMjc2MzQz
ODgxMTFFRkI1RDQyRjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAFvd6QDBAJzKkQDBAF2Z+IwDQYJKoZIhvcNAQELBQADggEB
AIlLDFjQAAdDkjsxLT5COFpSjoh4tJALw4HPvx3bC+WjPZfTBqU9qa6d0PfzT5UM
pbUm9Wv9TNamSvDmbdGFcnCuCZwBk4TbcRFyykKJ4ShlWZAtHedyx35QwUyBuF/M
PqR4TsCh2JiCnps1RkHrv/o3MQlRcYE/kTaV5qv2NdQawRL05hKyHkG/slz3hhqw
kDgA23XcpYhRiKv8Rl9b9jFP4LpNPWIoGIXejskUpcUdq6UZGFosmizuc6RQWWPw
fD9NKr7XbHE0IQxr/LPHiNDFeDPpbeLYckKE6KcXCKRmiCxSadPnalALE7e12ODv
sYfSI0sIQMmLIaMrTkpoEqw=
-----END CERTIFICATE-----
Generated at Fri Aug 23 23:54:31 2024 by rpki-client on console-ams.rpki-client.org