Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9189099/8AEFB1D25F0F11EB8D8B2616C4F9AE02/519750905F1211EB92B3F220C4F9AE02.roa
File: 519750905F1211EB92B3F220C4F9AE02.roa (raw, json)
Hash identifier: L1z1zxopXkqFzx3aLsYYiR/EK6u8saKH4AQUPilMA10=
Subject key identifier: 03:DD:CA:5E:AE:F2:7A:BD:F8:E7:5C:C2:CE:C9:95:9B:92:7E:57:D1
Certificate issuer: /CN=A9189099/serialNumber=6200B157ADBA2569FA7B88B7DA2FB5AE3FF6A3B6
Certificate serial: 065E
Authority key identifier: 62:00:B1:57:AD:BA:25:69:FA:7B:88:B7:DA:2F:B5:AE:3F:F6:A3:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YgCxV626JWn6e4i32i-1rj_2o7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9189099/8AEFB1D25F0F11EB8D8B2616C4F9AE02/519750905F1211EB92B3F220C4F9AE02.roa
Signing time: Thu 26 Sep 2024 22:21:51 +0000
ROA not before: Thu 26 Sep 2024 22:21:51 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 38539
IP address blocks: 121.127.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 10:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1630 (0x65e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9189099/serialNumber=6200B157ADBA2569FA7B88B7DA2FB5AE3FF6A3B6
Validity
Not Before: Sep 26 22:21:51 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f5de7f-5a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c5:b6:47:ae:c8:f2:69:ec:bd:23:0b:02:55:
69:80:37:29:9d:bf:e6:a8:d4:f6:9b:d0:bd:aa:a1:
06:d1:0e:3b:a0:55:5e:0f:68:03:73:e5:e0:62:c9:
21:ee:25:80:5d:4f:d7:36:ac:51:e9:81:bc:84:66:
54:66:93:0c:68:38:7b:3a:72:97:74:68:b4:ca:44:
9a:c2:72:26:b6:e3:0f:b6:36:46:ef:8e:71:6b:cc:
e4:40:b9:ef:2e:28:6d:31:70:08:01:32:96:08:2f:
2e:3f:1e:44:bd:f6:b5:94:76:f2:a2:83:24:47:d1:
3a:7f:8a:f2:9e:94:40:ca:ba:10:61:61:91:fc:7a:
fb:bb:c4:1a:87:a3:64:3b:8e:9a:48:7d:b0:56:d6:
bf:19:83:fc:a1:ea:11:5a:86:dc:32:c8:41:3f:64:
c8:b8:66:44:58:c7:74:3d:78:98:7b:9c:d1:3f:b8:
7a:48:f9:28:ae:5b:ee:ff:e8:72:b9:6d:c2:b3:ee:
10:34:06:98:62:4a:53:7d:22:76:b5:55:c5:a0:59:
5c:30:ad:ce:7c:e8:c7:ba:39:19:f3:4f:1b:63:d7:
66:51:dd:5b:c3:e6:26:b1:c0:f0:32:b6:0f:05:21:
ba:dd:91:e5:a0:c9:94:fe:a6:af:50:38:fa:67:c2:
d9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DD:CA:5E:AE:F2:7A:BD:F8:E7:5C:C2:CE:C9:95:9B:92:7E:57:D1
X509v3 Authority Key Identifier:
keyid:62:00:B1:57:AD:BA:25:69:FA:7B:88:B7:DA:2F:B5:AE:3F:F6:A3:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9189099/8AEFB1D25F0F11EB8D8B2616C4F9AE02/YgCxV626JWn6e4i32i-1rj_2o7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YgCxV626JWn6e4i32i-1rj_2o7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189099/8AEFB1D25F0F11EB8D8B2616C4F9AE02/519750905F1211EB92B3F220C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.127.20.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:27:b1:cc:ee:6a:94:8f:36:eb:6b:20:ff:aa:ac:90:08:0c:
7a:38:8d:9b:7d:d1:4c:3d:43:00:cd:98:c9:5c:93:06:cf:ad:
d3:fe:30:ed:34:95:55:98:81:eb:0c:2e:e1:1d:5e:42:a0:60:
0b:05:5e:f6:f5:22:9d:66:1a:64:49:ce:8b:89:5f:0d:40:f3:
39:2a:96:fb:4c:12:cf:16:95:8c:e6:6c:2e:4e:d7:7e:0e:ff:
d2:7a:7e:6c:99:b7:e9:57:2d:c1:09:75:86:a6:d9:4d:5e:a5:
45:6e:c1:22:c3:d4:b8:ca:d6:25:d8:91:6f:82:55:27:e7:3f:
e9:02:b0:d0:96:0a:05:8a:19:99:52:0a:42:ac:a6:61:56:7c:
c9:eb:0c:db:ff:50:c7:dc:62:6b:27:41:ef:04:ca:8f:5a:07:
c4:ad:41:cf:a1:8a:e3:65:6f:53:09:fa:22:24:90:32:43:af:
04:ab:af:a6:b7:22:bd:06:a1:19:c9:69:7b:ef:4a:d5:4d:03:
3e:85:38:9b:5a:64:b2:2b:81:6a:d0:92:de:09:c9:e9:bd:8b:
c8:9d:2e:0e:47:c6:66:77:48:24:90:e8:f0:ea:05:53:fe:53:
d2:a0:2e:28:12:13:95:9e:6f:da:bb:07:45:a7:e0:34:2d:49:
ca:25:25:ed
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODkwOTkxMTAvBgNVBAUTKDYyMDBCMTU3QURCQTI1NjlGQTdCODhCN0RBMkZCNUFF
M0ZGNkEzQjYwHhcNMjQwOTI2MjIyMTUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY1ZGU3Zi01YTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmMW2R67I8mnsvSMLAlVpgDcpnb/mqNT2m9C9qqEG0Q47oFVeD2gDc+XgYskh
7iWAXU/XNqxR6YG8hGZUZpMMaDh7OnKXdGi0ykSawnImtuMPtjZG745xa8zkQLnv
LihtMXAIATKWCC8uPx5Evfa1lHbyooMkR9E6f4rynpRAyroQYWGR/Hr7u8Qah6Nk
O46aSH2wVta/GYP8oeoRWobcMshBP2TIuGZEWMd0PXiYe5zRP7h6SPkorlvu/+hy
uW3Cs+4QNAaYYkpTfSJ2tVXFoFlcMK3OfOjHujkZ808bY9dmUd1bw+YmscDwMrYP
BSG63ZHloMmU/qavUDj6Z8LZowIDAQABo4IClTCCApEwHQYDVR0OBBYEFAPdyl6u
8nq9+Odcws7JlZuSflfRMB8GA1UdIwQYMBaAFGIAsVetuiVp+nuIt9ovta4/9qO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTA5OS84QUVGQjFEMjVG
MEYxMUVCOEQ4QjI2MTZDNEY5QUUwMi9ZZ0N4VjYyNkpXbjZlNGkzMmktMXJqXzJv
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lnQ3hWNjI2SlduNmU0aTMyaS0xcmpfMm83WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODkwOTkvOEFFRkIxRDI1RjBGMTFFQjhEOEIyNjE2QzRGOUFFMDIvNTE5NzUwOTA1
RjEyMTFFQjkyQjNGMjIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB5fxQwDQYJKoZIhvcNAQELBQADggEBAAsnsczuapSPNutr
IP+qrJAIDHo4jZt90Uw9QwDNmMlckwbPrdP+MO00lVWYgesMLuEdXkKgYAsFXvb1
Ip1mGmRJzouJXw1A8zkqlvtMEs8WlYzmbC5O134O/9J6fmyZt+lXLcEJdYam2U1e
pUVuwSLD1LjK1iXYkW+CVSfnP+kCsNCWCgWKGZlSCkKspmFWfMnrDNv/UMfcYmsn
Qe8Eyo9aB8StQc+hiuNlb1MJ+iIkkDJDrwSrr6a3Ir0GoRnJaXvvStVNAz6FOJta
ZLIrgWrQkt4Jyem9i8idLg5HxmZ3SCSQ6PDqBVP+U9KgLigSE5Web9q7B0Wn4DQt
ScolJe0=
-----END CERTIFICATE-----
Generated at Tue Oct 15 14:42:40 2024 by rpki-client on console-ams.rpki-client.org