Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/D15049C2692211EFA79F0810C4F9AE02.roa
File: D15049C2692211EFA79F0810C4F9AE02.roa (raw, json)
Hash identifier: SPtYhzMsOrmtAoMGEnC1ESoUPWJevfmgE+hKN+JVT84=
Subject key identifier: F9:83:47:74:B9:DD:70:D9:8B:0B:6C:83:ED:A6:68:A2:2B:C8:CF:35
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1C3A
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/D15049C2692211EFA79F0810C4F9AE02.roa
Signing time: Mon 02 Sep 2024 12:00:24 +0000
ROA not before: Mon 02 Sep 2024 12:00:24 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 205220
IP address blocks: 111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
115.42.71.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 12:58:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7226 (0x1c3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Sep 2 12:00:24 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66d5a8d7-752b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:91:e2:88:e7:ae:48:f1:5f:50:08:16:bc:c0:
52:0c:78:dd:7d:81:cd:83:a4:25:c4:2e:f1:ba:53:
0a:65:70:2b:d6:aa:a0:a2:91:ba:9c:5a:7e:ee:71:
87:a4:5e:0d:d8:9e:1c:5e:0e:de:74:ba:d5:df:8b:
ce:58:4b:dd:8d:e0:a0:21:d6:41:a5:f3:d8:1a:4e:
32:76:6f:0d:5f:a3:4e:ae:3e:59:a4:0f:46:e1:06:
c7:75:b4:4e:d3:f7:73:a7:52:bc:68:bf:19:8d:ba:
73:fc:90:4a:05:7f:d2:ec:dd:c4:4b:b2:91:5d:a7:
8c:e4:69:72:af:87:93:4a:70:10:b5:45:5c:58:8d:
82:2b:bd:d7:0e:1c:62:bc:0a:8b:54:92:d3:0f:1c:
d5:be:b4:1b:e7:14:9c:54:d7:18:be:c9:1d:e5:37:
d5:10:b8:eb:e1:a7:71:28:11:ff:9f:83:6f:54:68:
a5:5e:8f:b7:0e:6c:35:56:4a:ea:9b:f5:6b:d1:1e:
18:32:29:7f:0b:27:35:29:c9:af:34:aa:97:a5:73:
ed:d8:84:11:51:2f:c3:03:ae:ea:b8:c8:64:3d:cf:
cd:a4:25:ec:e7:f7:c4:22:85:06:a8:15:55:e1:d2:
f9:5f:e4:ae:21:84:61:f4:ab:53:7d:de:12:f2:34:
4e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:83:47:74:B9:DD:70:D9:8B:0B:6C:83:ED:A6:68:A2:2B:C8:CF:35
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/D15049C2692211EFA79F0810C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.119.164.0/23
115.42.68.0/22
118.103.226.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:3b:25:46:1e:9a:0c:60:2e:e0:b1:b8:1e:11:ab:c4:c0:04:
a4:79:69:55:04:96:dd:3a:76:d5:b6:0a:32:3d:22:65:9a:4f:
47:b9:95:65:c0:bf:43:bd:c2:d7:c3:6e:ca:93:31:ac:85:71:
4a:bd:6a:27:42:1c:c2:8c:4b:60:62:68:c7:81:79:69:13:e9:
c3:f0:5f:27:96:cd:ad:df:df:ce:21:ad:4a:c6:22:55:07:ea:
03:ef:1c:95:e6:73:97:1a:e1:24:70:8a:70:0f:bb:3d:dd:4a:
a2:8d:73:b3:13:72:da:8f:59:26:ff:1d:5f:ac:75:6b:98:10:
b1:a1:ff:76:66:b2:bc:eb:77:9e:9c:04:ec:9a:60:97:a5:0f:
56:b0:92:2b:59:04:a5:1b:67:31:c6:aa:66:8c:ca:91:39:83:
56:20:b2:2d:e7:2d:d3:06:59:26:e7:5d:26:3e:ce:c2:76:49:
85:9c:6d:3a:ff:ca:ff:80:3c:39:43:5a:02:43:e2:6d:f1:78:
fc:71:06:8c:6c:53:38:0d:f5:6f:39:9e:2d:c4:66:10:6d:e2:
32:dd:9a:fc:24:5a:32:64:0c:c9:52:9e:d7:76:e3:ac:c5:61:
0f:20:35:c5:8f:1d:c5:95:39:0d:62:9a:7c:fb:65:8d:c0:8b:
b2:75:96:87
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICHDowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjQwOTAyMTIwMDI0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1YThkNy03NTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoJHiiOeuSPFfUAgWvMBSDHjdfYHNg6QlxC7xulMKZXAr1qqgopG6nFp+7nGH
pF4N2J4cXg7edLrV34vOWEvdjeCgIdZBpfPYGk4ydm8NX6NOrj5ZpA9G4QbHdbRO
0/dzp1K8aL8Zjbpz/JBKBX/S7N3ES7KRXaeM5Glyr4eTSnAQtUVcWI2CK73XDhxi
vAqLVJLTDxzVvrQb5xScVNcYvskd5TfVELjr4adxKBH/n4NvVGilXo+3Dmw1Vkrq
m/Vr0R4YMil/Cyc1KcmvNKqXpXPt2IQRUS/DA67quMhkPc/NpCXs5/fEIoUGqBVV
4dL5X+SuIYRh9KtTfd4S8jROAwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPmDR3S5
3XDZiwtsg+2maKIryM81MB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvRDE1MDQ5QzI2
OTIyMTFFRkE3OUYwODEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAFvd6QDBAJzKkQDBAB2Z+IwDQYJKoZIhvcNAQELBQADggEB
AMc7JUYemgxgLuCxuB4Rq8TABKR5aVUElt06dtW2CjI9ImWaT0e5lWXAv0O9wtfD
bsqTMayFcUq9aidCHMKMS2BiaMeBeWkT6cPwXyeWza3f384hrUrGIlUH6gPvHJXm
c5ca4SRwinAPuz3dSqKNc7MTctqPWSb/HV+sdWuYELGh/3Zmsrzrd56cBOyaYJel
D1awkitZBKUbZzHGqmaMypE5g1Ygsi3nLdMGWSbnXSY+zsJ2SYWcbTr/yv+APDlD
WgJD4m3xePxxBoxsUzgN9W85ni3EZhBt4jLdmvwkWjJkDMlSntd246zFYQ8gNcWP
HcWVOQ1imnz7ZY3Ai7J1loc=
-----END CERTIFICATE-----
Generated at Wed Sep 4 15:47:48 2024 by rpki-client on console-fra.rpki-client.org