Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/3734A6CC954F11EF891AE235C4F9AE02.roa
File: 3734A6CC954F11EF891AE235C4F9AE02.roa (raw, json)
Hash identifier: gYy9JctUwSPssk3YqhtetURdMphw5MyGt4aXbjtYePs=
Subject key identifier: 8B:DB:0D:D6:CF:EF:C0:AB:25:2F:E8:10:B6:32:46:CB:3E:99:7D:40
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1C9D
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/3734A6CC954F11EF891AE235C4F9AE02.roa
Signing time: Mon 28 Oct 2024 17:09:40 +0000
ROA not before: Mon 28 Oct 2024 17:09:40 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 208485
IP address blocks: 111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 12:09:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7325 (0x1c9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Oct 28 17:09:40 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=671fc554-f78a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9d:16:e2:d1:3d:3c:8d:30:56:45:f8:c6:af:
d8:34:4b:2d:8d:40:c9:8d:c7:a9:ec:e5:25:89:24:
bc:75:76:9a:02:89:6d:fc:85:88:3f:ab:f1:57:e5:
96:15:8d:02:e8:3f:9a:88:8b:d2:ee:6d:ee:ab:69:
c8:e6:65:9b:55:06:fc:52:63:93:02:5f:e5:c4:fd:
6a:a6:4b:10:b0:b2:7b:65:cf:a6:9f:84:ce:ff:74:
b0:59:be:e9:83:5f:10:26:42:f9:ef:d5:92:40:ce:
f7:8c:e3:ab:b2:ab:66:23:d3:05:3f:b5:fc:64:5c:
00:3d:81:21:a9:90:60:c6:3f:eb:74:7d:59:fe:69:
27:4f:03:be:24:14:fa:ae:c5:23:c0:a6:78:fc:22:
1f:4b:9d:dd:fb:7b:cb:60:bc:22:c0:b6:45:ce:68:
f5:d7:db:80:b1:de:7e:26:2b:94:eb:a4:4c:6d:9a:
d7:e4:25:ec:24:ff:f7:10:8a:b3:a5:11:4c:67:1a:
02:8e:31:60:1a:1b:e2:04:34:a7:30:21:3f:6a:24:
b3:90:09:52:d3:65:4a:d3:ca:27:4b:d6:b1:44:25:
14:16:87:8d:0d:66:a9:1f:e9:8e:a1:7c:14:7f:a3:
13:91:c1:43:dc:bf:4b:26:cb:b1:3e:81:57:55:c1:
43:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DB:0D:D6:CF:EF:C0:AB:25:2F:E8:10:B6:32:46:CB:3E:99:7D:40
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/3734A6CC954F11EF891AE235C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.119.164.0/23
118.103.226.0/24
Signature Algorithm: sha256WithRSAEncryption
86:53:ad:52:44:f8:96:75:2e:03:b6:71:42:12:81:cd:6f:9f:
a3:8e:54:7d:2c:aa:d2:f3:31:6a:cd:95:fa:e7:83:f5:35:94:
89:14:32:ac:f2:33:88:12:3a:fb:91:36:8d:22:92:8c:a8:82:
6d:5d:6e:f0:09:f1:6e:2c:0f:44:0a:f7:dd:fa:4a:c9:bc:9a:
fb:63:1d:b7:47:be:51:5d:7a:e3:0b:42:aa:ff:5c:50:10:3d:
d9:2c:52:52:50:ee:33:4e:92:19:e5:38:60:64:cb:70:0f:0c:
38:72:d3:cb:c5:7b:78:a0:fb:bd:07:55:66:18:ef:86:d4:3d:
d8:db:9d:b2:33:8e:d4:81:f3:a2:69:b5:e0:ec:f4:57:28:21:
13:29:d8:43:14:a3:78:dd:c8:7c:80:59:93:ee:42:ea:f7:ed:
1d:a5:ff:fa:54:05:70:ed:43:70:d9:df:6c:7c:d5:82:9f:0e:
08:59:b0:04:42:5e:63:b1:cb:1f:fc:14:5d:d1:da:6b:74:07:
45:f1:88:bb:b5:a6:46:49:cb:f1:f2:17:11:70:38:4a:2b:0f:
79:08:79:11:f1:73:e1:c7:ab:7d:f9:80:e2:6c:c4:5a:0f:c7:
d1:93:bb:2e:e4:bc:e5:b6:13:f9:25:95:31:6f:0e:9d:e4:b2:
2c:df:46:32
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICHJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjQxMDI4MTcwOTQwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFmYzU1NC1mNzhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtZ0W4tE9PI0wVkX4xq/YNEstjUDJjcep7OUliSS8dXaaAolt/IWIP6vxV+WW
FY0C6D+aiIvS7m3uq2nI5mWbVQb8UmOTAl/lxP1qpksQsLJ7Zc+mn4TO/3SwWb7p
g18QJkL579WSQM73jOOrsqtmI9MFP7X8ZFwAPYEhqZBgxj/rdH1Z/mknTwO+JBT6
rsUjwKZ4/CIfS53d+3vLYLwiwLZFzmj119uAsd5+JiuU66RMbZrX5CXsJP/3EIqz
pRFMZxoCjjFgGhviBDSnMCE/aiSzkAlS02VK08onS9axRCUUFoeNDWapH+mOoXwU
f6MTkcFD3L9LJsuxPoFXVcFDbwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIvbDdbP
78CrJS/oELYyRss+mX1AMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvMzczNEE2Q0M5
NTRGMTFFRjg5MUFFMjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFvd6QDBAB2Z+IwDQYJKoZIhvcNAQELBQADggEBAIZTrVJE
+JZ1LgO2cUISgc1vn6OOVH0sqtLzMWrNlfrng/U1lIkUMqzyM4gSOvuRNo0ikoyo
gm1dbvAJ8W4sD0QK9936Ssm8mvtjHbdHvlFdeuMLQqr/XFAQPdksUlJQ7jNOkhnl
OGBky3APDDhy08vFe3ig+70HVWYY74bUPdjbnbIzjtSB86JpteDs9FcoIRMp2EMU
o3jdyHyAWZPuQur37R2l//pUBXDtQ3DZ32x81YKfDghZsARCXmOxyx/8FF3R2mt0
B0XxiLu1pkZJy/HyFxFwOEorD3kIeRHxc+HHq335gOJsxFoPx9GTuy7kvOW2E/kl
lTFvDp3ksizfRjI=
-----END CERTIFICATE-----
Generated at Sat Nov 2 14:42:34 2024 by rpki-client on console-ams.rpki-client.org