Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/2981CBA8ED3011EEA9995C14C4F9AE02.roa
File: 2981CBA8ED3011EEA9995C14C4F9AE02.roa (raw, json)
Hash identifier: uAAv9WJvOyfUOGVdORHVI1GEjUqWBHCTatqkltZeC0c=
Subject key identifier: F0:F8:02:B0:8A:DA:95:D9:62:66:F1:62:38:38:4B:95:C3:65:DC:D1
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1BD8
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/2981CBA8ED3011EEA9995C14C4F9AE02.roa
Signing time: Thu 28 Mar 2024 18:22:40 +0000
ROA not before: Thu 28 Mar 2024 18:22:40 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 133933
IP address blocks: 118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 11:59:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7128 (0x1bd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Mar 28 18:22:40 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6605b570-7901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ed:0d:7f:67:3c:eb:0a:5f:20:a4:c5:9a:7a:
09:bf:50:cb:c9:8b:63:cd:ca:f8:17:eb:69:b0:f7:
df:00:fc:03:02:30:73:83:e4:d9:e6:88:9c:70:c5:
ec:cd:36:d8:1a:21:32:e9:c8:bc:fb:90:b9:1a:a4:
78:95:22:e3:c4:db:46:7f:c5:8a:81:24:76:7a:c3:
48:c2:6e:c0:d7:db:a6:da:b7:6e:46:9e:66:b1:2f:
00:3b:8c:59:ed:c7:58:6f:9f:8d:42:a9:8e:09:19:
27:a9:cc:34:c0:4e:d0:13:17:cc:90:60:18:64:da:
8f:39:fd:8f:05:05:c4:44:b8:e2:56:07:70:c1:c6:
6a:ef:00:7c:ea:ba:eb:18:03:4e:50:5c:67:5e:d4:
69:65:d9:e6:31:85:04:bd:ba:e8:34:5a:f2:d5:43:
3e:c0:11:21:10:bb:4c:51:e1:e8:78:d5:4d:dd:44:
34:e1:7d:b4:ec:f4:3e:39:c1:05:10:51:40:6b:f7:
01:6c:ee:b4:64:e0:6c:55:a5:00:41:37:a2:3e:2d:
20:9f:78:16:57:b9:7e:fa:4c:38:d5:0b:66:82:df:
d9:45:e0:ad:82:fe:89:28:68:b6:8e:b6:88:ec:b6:
2b:11:51:63:96:61:5e:c6:4b:78:7c:b5:29:63:dc:
08:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F8:02:B0:8A:DA:95:D9:62:66:F1:62:38:38:4B:95:C3:65:DC:D1
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/2981CBA8ED3011EEA9995C14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.103.226.0-118.103.231.255
Signature Algorithm: sha256WithRSAEncryption
49:81:6d:17:80:f2:4e:49:74:87:2f:a3:fa:fb:42:28:92:28:
27:45:2e:70:3b:a7:e0:23:ad:65:ad:7d:08:87:ac:8d:68:83:
4f:6e:41:9d:84:59:fc:6e:89:fe:ab:68:51:56:8d:17:19:77:
e9:29:17:07:88:7a:5b:11:7c:3a:65:75:3e:db:fa:45:c9:16:
b8:40:78:51:66:9e:57:43:6f:5d:d0:83:0e:ca:c4:1b:0a:50:
39:ab:01:b3:7e:ab:0c:55:bd:12:a2:36:99:9a:96:ab:df:f9:
82:62:67:80:9c:d6:88:b9:c1:fc:28:60:83:0a:da:1b:29:b1:
34:b3:f8:d7:fc:66:e1:4f:d0:58:52:9b:20:5f:a8:86:d0:7e:
33:f5:a9:08:17:6b:17:2f:81:e3:2c:86:b9:b1:d5:8a:99:d1:
36:03:49:2c:85:b5:64:1f:5d:d1:38:5c:e1:28:4d:55:3a:2d:
af:71:ce:fa:2f:b4:a8:6e:ca:99:33:f1:bb:90:a9:56:ef:33:
2b:c7:e2:cb:82:83:27:a3:c5:24:2c:03:9a:34:ed:bf:4f:72:
5f:0e:8e:19:da:48:89:67:66:66:86:3f:19:13:91:b2:64:ec:
8b:fc:07:7a:b0:b1:2b:e0:e9:1f:92:fa:56:ba:26:34:77:a6:
67:ff:b4:4a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICG9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjQwMzI4MTgyMjQwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA1YjU3MC03OTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu+0Nf2c86wpfIKTFmnoJv1DLyYtjzcr4F+tpsPffAPwDAjBzg+TZ5oiccMXs
zTbYGiEy6ci8+5C5GqR4lSLjxNtGf8WKgSR2esNIwm7A19um2rduRp5msS8AO4xZ
7cdYb5+NQqmOCRknqcw0wE7QExfMkGAYZNqPOf2PBQXERLjiVgdwwcZq7wB86rrr
GANOUFxnXtRpZdnmMYUEvbroNFry1UM+wBEhELtMUeHoeNVN3UQ04X207PQ+OcEF
EFFAa/cBbO60ZOBsVaUAQTeiPi0gn3gWV7l++kw41Qtmgt/ZReCtgv6JKGi2jraI
7LYrEVFjlmFexkt4fLUpY9wI4wIDAQABo4ICnTCCApkwHQYDVR0OBBYEFPD4ArCK
2pXZYmbxYjg4S5XDZdzRMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvMjk4MUNCQThF
RDMwMTFFRUE5OTk1QzE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAXZn4gMEA3Zn4DANBgkqhkiG9w0BAQsFAAOCAQEASYFt
F4DyTkl0hy+j+vtCKJIoJ0UucDun4COtZa19CIesjWiDT25BnYRZ/G6J/qtoUVaN
Fxl36SkXB4h6WxF8OmV1Ptv6RckWuEB4UWaeV0NvXdCDDsrEGwpQOasBs36rDFW9
EqI2mZqWq9/5gmJngJzWiLnB/ChggwraGymxNLP41/xm4U/QWFKbIF+ohtB+M/Wp
CBdrFy+B4yyGubHVipnRNgNJLIW1ZB9d0Thc4ShNVTotr3HO+i+0qG7KmTPxu5Cp
Vu8zK8fiy4KDJ6PFJCwDmjTtv09yXw6OGdpIiWdmZoY/GRORsmTsi/wHerCxK+Dp
H5L6VromNHemZ/+0Sg==
-----END CERTIFICATE-----
Generated at Mon Sep 2 15:35:03 2024 by rpki-client on console-ams.rpki-client.org