Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/E23BB7D0ED3011EEB06B3716C4F9AE02.roa
File: E23BB7D0ED3011EEB06B3716C4F9AE02.roa (raw, json)
Hash identifier: EmwHuguXgTeY94E1MXb0NA1pFQTAwNRO8iH8oEY/30A=
Subject key identifier: 94:37:D8:B9:72:D6:FC:CC:CA:CB:1C:12:E3:1E:AD:9B:9B:A9:DE:30
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1BDC
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/E23BB7D0ED3011EEB06B3716C4F9AE02.roa
Signing time: Thu 28 Mar 2024 18:34:31 +0000
ROA not before: Thu 28 Mar 2024 18:34:31 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 55154
IP address blocks: 111.119.164.0/22 maxlen: 22
111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
111.119.166.0/24 maxlen: 24
111.119.167.0/24 maxlen: 24
115.42.67.0/24 maxlen: 24
115.42.68.0/22 maxlen: 22
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
115.42.71.0/24 maxlen: 24
118.103.226.0/23 maxlen: 24
118.103.228.0/22 maxlen: 22
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 11:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7132 (0x1bdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Mar 28 18:34:31 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6605b837-20fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6e:87:01:5d:66:52:dd:2e:4b:d3:de:47:2c:
db:04:f2:39:e2:27:9d:33:37:be:f4:eb:67:2b:9f:
3a:6d:40:0f:4d:0e:72:f9:7d:02:8e:81:7d:56:57:
34:0e:48:42:de:cf:16:9c:1b:f6:7d:90:ca:2f:8a:
31:ec:db:ec:c6:28:ab:0b:1f:5b:d3:44:57:a3:df:
11:ed:6d:69:53:c2:86:21:75:88:03:4f:85:33:c6:
0a:26:2a:cf:53:e2:2c:38:f5:a3:cc:8b:b8:1a:e1:
ad:e3:48:03:32:49:64:13:1b:70:56:21:01:ef:05:
e4:13:db:77:ed:8d:d3:e3:57:bf:89:0f:10:9b:ad:
43:38:18:e7:50:00:86:c8:05:c3:c8:39:24:a6:f1:
b7:78:e0:64:85:78:79:a9:09:96:da:5b:cb:b0:9f:
cb:a4:47:ce:4d:51:fc:6a:16:85:ae:50:bd:1d:5f:
3b:6c:3d:c6:25:8a:70:48:52:06:83:31:af:74:ec:
cf:50:51:a6:1e:17:e1:37:0c:41:84:24:9b:0b:a8:
3f:f9:73:4e:59:43:44:d6:4b:b7:6d:f8:5f:15:ce:
18:3e:ab:10:8c:e4:ea:83:ce:73:4e:4c:10:5b:4c:
19:e3:da:f4:60:ec:47:99:74:c5:e6:37:31:21:07:
a8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:37:D8:B9:72:D6:FC:CC:CA:CB:1C:12:E3:1E:AD:9B:9B:A9:DE:30
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/E23BB7D0ED3011EEB06B3716C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.119.164.0/22
115.42.67.0-115.42.71.255
118.103.226.0-118.103.232.255
Signature Algorithm: sha256WithRSAEncryption
8e:01:8b:ac:41:de:7a:aa:0e:59:d5:9b:66:0a:fe:97:97:f8:
d7:ff:3d:65:1f:93:72:4e:f6:05:91:b0:fa:8e:32:f4:c4:21:
aa:39:99:b8:a7:e3:c1:03:06:f6:65:24:3d:bd:91:3f:4e:d5:
cb:3a:c6:81:f2:5e:9c:9c:d1:86:60:f9:8a:40:32:ad:61:6d:
03:ef:09:a5:18:13:1c:13:c6:9c:8d:2f:5e:46:61:10:b4:8b:
01:9d:2b:30:c8:a2:15:3d:4d:48:d8:12:85:06:c8:4d:13:80:
fb:9d:4f:a0:29:c4:da:68:f6:71:9d:ee:c3:ac:00:5e:b9:39:
9c:36:d5:6e:b8:9c:d2:bd:73:a5:cc:4c:3d:ef:b7:48:3a:09:
15:2c:43:35:13:d6:df:b9:d8:11:6d:68:63:90:2d:21:34:21:
30:1b:57:aa:16:da:77:68:83:39:b3:0c:35:2c:6a:08:5b:f8:
7b:42:07:3c:a2:30:f0:27:b6:45:96:78:11:7b:7a:99:ee:ad:
dd:b0:cb:54:5b:a3:9b:b9:d2:aa:be:bc:51:76:74:33:a4:d9:
b7:10:48:53:d0:0d:10:5d:9a:8c:38:84:87:7b:e0:56:22:ee:
f4:f1:68:95:a7:0d:57:a3:34:b9:ec:38:6b:7d:e3:19:e7:7c:
14:ef:fe:ee
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICG9wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjQwMzI4MTgzNDMxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA1YjgzNy0yMGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA126HAV1mUt0uS9PeRyzbBPI54iedMze+9OtnK586bUAPTQ5y+X0CjoF9Vlc0
DkhC3s8WnBv2fZDKL4ox7NvsxiirCx9b00RXo98R7W1pU8KGIXWIA0+FM8YKJirP
U+IsOPWjzIu4GuGt40gDMklkExtwViEB7wXkE9t37Y3T41e/iQ8Qm61DOBjnUACG
yAXDyDkkpvG3eOBkhXh5qQmW2lvLsJ/LpEfOTVH8ahaFrlC9HV87bD3GJYpwSFIG
gzGvdOzPUFGmHhfhNwxBhCSbC6g/+XNOWUNE1ku3bfhfFc4YPqsQjOTqg85zTkwQ
W0wZ49r0YOxHmXTF5jcxIQeo0wIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFJQ32Lly
1vzMysscEuMerZubqd4wMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvRTIzQkI3RDBF
RDMwMTFFRUIwNkIzNzE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIDBAJvd6QwDAMEAHMqQwMEA3MqQDAMAwQBdmfiAwQAdmfoMA0G
CSqGSIb3DQEBCwUAA4IBAQCOAYusQd56qg5Z1ZtmCv6Xl/jX/z1lH5NyTvYFkbD6
jjL0xCGqOZm4p+PBAwb2ZSQ9vZE/TtXLOsaB8l6cnNGGYPmKQDKtYW0D7wmlGBMc
E8acjS9eRmEQtIsBnSswyKIVPU1I2BKFBshNE4D7nU+gKcTaaPZxne7DrABeuTmc
NtVuuJzSvXOlzEw977dIOgkVLEM1E9bfudgRbWhjkC0hNCEwG1eqFtp3aIM5sww1
LGoIW/h7Qgc8ojDwJ7ZFlngRe3qZ7q3dsMtUW6ObudKqvrxRdnQzpNm3EEhT0A0Q
XZqMOISHe+BWIu708WiVpw1XozS57DhrfeMZ53wU7/7u
-----END CERTIFICATE-----
Generated at Tue Jul 2 12:56:00 2024 by rpki-client on console-ams.rpki-client.org