Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/6B19EAD09A5711EAADABEF40C4F9AE02.roa
File: 6B19EAD09A5711EAADABEF40C4F9AE02.roa (raw, json)
Hash identifier: jmCwSd4TLvHl86FFHUS5AEXND8ITqHjF+PjEw0fW6Ys=
Subject key identifier: 66:17:09:F4:F1:1F:63:78:45:43:2D:91:A6:A5:5A:B2:71:8A:A5:47
Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Certificate serial: 08B5
Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/6B19EAD09A5711EAADABEF40C4F9AE02.roa
Signing time: Wed 04 Oct 2023 04:54:16 +0000
ROA not before: Wed 04 Oct 2023 04:54:16 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 64050
IP address blocks: 1.32.192.0/18 maxlen: 24
14.128.32.0/19 maxlen: 24
27.50.54.0/24 maxlen: 24
118.107.0.0/18 maxlen: 24
202.79.160.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2229 (0x8b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Validity
Not Before: Oct 4 04:54:16 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=651ceff8-26fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4a:c8:d3:06:c0:0e:97:7a:84:67:ca:af:76:
84:4f:03:c8:af:bc:53:6f:b7:23:c1:d9:27:a8:1a:
50:35:02:3e:03:7c:5d:86:21:b2:48:dc:8e:7a:d1:
97:a4:eb:59:8b:68:08:90:ee:a1:8d:34:37:52:f7:
bf:ca:8f:05:73:ea:aa:15:01:58:ab:70:91:d7:07:
66:29:7b:7f:cd:af:fc:78:5c:6e:e9:81:3d:6c:53:
6d:89:6b:9c:f9:fd:3d:38:64:3a:7c:61:2d:05:81:
c8:62:84:60:4a:28:dd:64:dc:dd:16:df:3d:18:50:
43:2f:4f:60:a2:c6:6d:b0:b1:c2:e0:26:2d:55:72:
bf:69:b0:28:d2:45:02:b5:10:63:38:e9:26:fc:f6:
22:39:64:25:85:75:b5:3b:61:4d:a0:37:2d:02:fa:
24:c6:ef:e5:a7:38:57:d3:af:be:90:cc:97:74:5a:
45:0a:a2:7a:e9:47:71:82:e2:b9:7e:21:de:eb:93:
35:f0:58:87:6e:c1:ca:dd:8f:eb:90:b8:9e:2d:67:
7d:b8:f1:ae:a1:5e:47:cf:16:d0:db:9d:f1:29:c2:
f6:ee:95:f4:33:49:8e:54:29:84:68:f6:cc:4c:83:
f2:72:46:9b:b3:56:9d:e7:78:88:98:05:15:e4:66:
2d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:17:09:F4:F1:1F:63:78:45:43:2D:91:A6:A5:5A:B2:71:8A:A5:47
X509v3 Authority Key Identifier:
keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/6B19EAD09A5711EAADABEF40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.32.192.0/18
14.128.32.0/19
27.50.54.0/24
118.107.0.0/18
202.79.160.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:42:fa:b7:96:8d:7d:a8:90:33:73:dd:a4:d0:c9:61:a4:a7:
37:a7:47:b5:2f:d1:3f:f2:21:87:39:05:0b:b5:25:ec:2d:70:
42:56:69:7b:54:26:f1:1d:ce:82:30:3c:9c:c2:68:01:d5:ad:
b7:6b:1c:7f:37:8b:e6:34:e8:54:53:17:50:92:0e:9d:c1:ab:
c3:bc:33:26:e8:5e:7c:af:f6:5e:df:fd:cc:9e:f5:9a:1b:1f:
99:cb:e8:26:49:24:75:85:38:13:4f:bd:7e:64:ab:ac:c1:f0:
83:84:18:eb:8b:c1:9a:54:6a:5c:73:00:1f:f2:8e:1a:19:dc:
fb:62:e2:4e:13:2b:c5:70:e8:5d:1e:9f:bf:22:89:58:5e:e5:
40:56:f4:f6:38:d9:e8:3b:a1:38:78:a1:60:a3:41:9b:99:96:
4b:00:af:d5:74:07:69:41:06:41:5a:6a:98:87:af:6e:50:5c:
f1:39:18:74:47:cb:56:e8:3d:ce:f7:83:6d:41:be:bb:df:4a:
31:1e:19:b1:83:74:4d:82:b8:e0:f7:49:63:80:1a:97:3d:85:
29:3f:60:8d:4b:0a:25:a5:ba:51:0f:68:c9:a9:9b:cc:6c:51:
c8:60:f1:bc:c4:c3:01:2e:3c:19:56:c1:10:86:9a:46:d5:f5:
cd:0b:14:ef
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICCLUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG
NEJBNDIzMjkwHhcNMjMxMDA0MDQ1NDE2WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFjZWZmOC0yNmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw0rI0wbADpd6hGfKr3aETwPIr7xTb7cjwdknqBpQNQI+A3xdhiGySNyOetGX
pOtZi2gIkO6hjTQ3Uve/yo8Fc+qqFQFYq3CR1wdmKXt/za/8eFxu6YE9bFNtiWuc
+f09OGQ6fGEtBYHIYoRgSijdZNzdFt89GFBDL09gosZtsLHC4CYtVXK/abAo0kUC
tRBjOOkm/PYiOWQlhXW1O2FNoDctAvokxu/lpzhX06++kMyXdFpFCqJ66UdxguK5
fiHe65M18FiHbsHK3Y/rkLieLWd9uPGuoV5HzxbQ253xKcL27pX0M0mOVCmEaPbM
TIPyckabs1ad53iImAUV5GYtQQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGYXCfTx
H2N4RUMtkaalWrJxiqVHMB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ
eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMEJCRDlFQTI4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvNkIxOUVBRDA5
QTU3MTFFQUFEQUJFRjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAYBIMADBAUOgCADBAAbMjYDBAZ2awADBATKT6AwDQYJKoZI
hvcNAQELBQADggEBAE5C+reWjX2okDNz3aTQyWGkpzenR7Uv0T/yIYc5BQu1Jewt
cEJWaXtUJvEdzoIwPJzCaAHVrbdrHH83i+Y06FRTF1CSDp3Bq8O8MyboXnyv9l7f
/cye9ZobH5nL6CZJJHWFOBNPvX5kq6zB8IOEGOuLwZpUalxzAB/yjhoZ3Pti4k4T
K8Vw6F0en78iiVhe5UBW9PY42eg7oTh4oWCjQZuZlksAr9V0B2lBBkFaapiHr25Q
XPE5GHRHy1boPc73g21BvrvfSjEeGbGDdE2CuOD3SWOAGpc9hSk/YI1LCiWlulEP
aMmpm8xsUchg8bzEwwEuPBlWwRCGmkbV9c0LFO8=
-----END CERTIFICATE-----
Generated at Wed Oct 4 06:43:41 2023 by rpki-client on console-ams.rpki-client.org