Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/DEC1406EDFB811EEB1F8173DC4F9AE02.roa
File: DEC1406EDFB811EEB1F8173DC4F9AE02.roa (raw, json)
Hash identifier: T7vJQYY+FYT3XJgQnxpQqyebI7bZ+1bsj/MVdVZQMiE=
Subject key identifier: 63:38:8B:3C:F6:82:A9:95:B7:A5:97:5E:30:7C:4F:AB:DA:E8:86:97
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1BC5
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/DEC1406EDFB811EEB1F8173DC4F9AE02.roa
Signing time: Mon 11 Mar 2024 15:08:12 +0000
ROA not before: Mon 11 Mar 2024 15:08:12 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 133933
IP address blocks: 111.119.164.0/22 maxlen: 22
111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
111.119.166.0/24 maxlen: 24
111.119.167.0/24 maxlen: 24
115.42.67.0/24 maxlen: 24
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
115.42.71.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 18:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7109 (0x1bc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Mar 11 15:08:12 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65ef1e5c-f636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:34:18:7a:2e:77:08:1e:5d:a1:34:f5:ea:66:
68:7f:d4:27:c1:c1:b0:71:76:d5:17:f0:fa:2b:37:
b6:ee:75:fd:e0:17:18:9a:e8:57:03:4a:eb:a0:c7:
04:68:03:5c:e1:9e:34:7a:36:9e:57:23:cf:bc:79:
5f:22:3d:18:43:d7:72:e2:08:b2:d8:bc:03:14:a5:
56:6c:12:80:34:31:bd:c2:35:11:c4:3c:1b:4d:af:
e5:83:da:e1:0f:aa:82:0d:4a:71:af:b7:3b:b4:ef:
51:dd:2a:63:31:d4:b5:36:dd:27:24:06:a1:08:bc:
48:a8:19:02:15:22:1b:bc:8d:e5:53:e3:a6:62:53:
85:1e:08:89:0e:80:06:4a:bc:03:c2:cf:23:e9:cc:
2d:71:ae:5f:5b:31:37:e6:ec:14:68:88:b7:ac:52:
04:96:2b:74:d8:a6:6a:36:38:f5:d6:d9:e2:a6:00:
7f:53:c4:b0:4a:4f:8a:3b:6a:34:6e:f6:4c:f1:6e:
0c:5e:0d:af:0d:83:b4:b7:63:bf:2d:14:27:07:b5:
ee:7d:db:ae:3d:c1:bc:5e:a2:0d:0d:54:f1:e4:b1:
58:f0:84:a6:a8:e0:de:5d:bb:00:72:7d:16:69:95:
09:d8:fe:17:5d:2f:71:b5:2d:a3:39:fd:91:c5:ad:
60:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:38:8B:3C:F6:82:A9:95:B7:A5:97:5E:30:7C:4F:AB:DA:E8:86:97
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/DEC1406EDFB811EEB1F8173DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.119.164.0/22
115.42.67.0-115.42.71.255
118.103.226.0-118.103.232.255
Signature Algorithm: sha256WithRSAEncryption
18:d0:17:a1:53:ad:23:60:f7:71:3a:5f:87:d9:52:eb:90:8c:
98:6b:74:31:8d:df:d8:54:ad:70:6f:b7:0d:e8:89:38:01:9d:
9c:dd:96:43:7a:e3:52:ab:1b:d3:6b:56:f0:05:9a:2d:28:7d:
f7:dd:a9:e5:85:9d:5a:4f:1c:c6:73:b1:e1:11:a0:0f:93:46:
7d:69:ee:2a:01:32:b8:77:e1:fc:53:08:e0:65:9c:22:db:c2:
42:89:2f:a3:35:7e:24:b8:ee:90:35:2a:fc:c3:32:8d:38:89:
ea:76:b2:a7:ff:c7:0c:07:52:52:9e:7e:d1:e6:f5:04:96:73:
c8:9c:65:5e:2f:ca:6e:ea:87:a3:26:ad:85:06:07:52:f3:44:
04:98:42:ec:20:74:33:67:a8:8c:40:22:9e:13:a9:72:92:97:
b0:20:ff:02:d1:a6:59:f2:e9:2f:42:15:c0:01:58:df:d3:ff:
82:3d:e6:83:33:31:5d:1f:05:5c:64:1f:10:f4:d9:b9:07:c9:
bc:d4:80:07:15:b9:3c:4d:a5:81:aa:a8:72:71:f6:c6:a0:fd:
31:35:1e:5f:98:00:2b:61:0f:39:5c:50:40:15:18:76:b9:9d:
0c:7c:64:72:9c:c3:04:82:d0:34:e9:fa:f3:81:f3:45:50:9b:
e2:dc:af:09
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICG8UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjQwMzExMTUwODEyWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWVmMWU1Yy1mNjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0jQYei53CB5doTT16mZof9QnwcGwcXbVF/D6Kze27nX94BcYmuhXA0rroMcE
aANc4Z40ejaeVyPPvHlfIj0YQ9dy4giy2LwDFKVWbBKANDG9wjURxDwbTa/lg9rh
D6qCDUpxr7c7tO9R3SpjMdS1Nt0nJAahCLxIqBkCFSIbvI3lU+OmYlOFHgiJDoAG
SrwDws8j6cwtca5fWzE35uwUaIi3rFIElit02KZqNjj11tnipgB/U8SwSk+KO2o0
bvZM8W4MXg2vDYO0t2O/LRQnB7XufduuPcG8XqINDVTx5LFY8ISmqODeXbsAcn0W
aZUJ2P4XXS9xtS2jOf2Rxa1gRwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFGM4izz2
gqmVt6WXXjB8T6va6IaXMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvREVDMTQwNkVE
RkI4MTFFRUIxRjgxNzNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIDBAJvd6QwDAMEAHMqQwMEA3MqQDAMAwQBdmfiAwQAdmfoMA0G
CSqGSIb3DQEBCwUAA4IBAQAY0BehU60jYPdxOl+H2VLrkIyYa3Qxjd/YVK1wb7cN
6Ik4AZ2c3ZZDeuNSqxvTa1bwBZotKH333anlhZ1aTxzGc7HhEaAPk0Z9ae4qATK4
d+H8UwjgZZwi28JCiS+jNX4kuO6QNSr8wzKNOInqdrKn/8cMB1JSnn7R5vUElnPI
nGVeL8pu6oejJq2FBgdS80QEmELsIHQzZ6iMQCKeE6lykpewIP8C0aZZ8ukvQhXA
AVjf0/+CPeaDMzFdHwVcZB8Q9Nm5B8m81IAHFbk8TaWBqqhycfbGoP0xNR5fmAAr
YQ85XFBAFRh2uZ0MfGRynMMEgtA06frzgfNFUJvi3K8J
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:42:03 2024 by rpki-client on console-fra.rpki-client.org