Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/C6D09D889F1C11EEB377E239C4F9AE02.roa
File: C6D09D889F1C11EEB377E239C4F9AE02.roa (raw, json)
Hash identifier: SlXpbG9lWuIPXhQxUrt1JFF2ice08/4LYD7zjDVYn4E=
Subject key identifier: A4:80:B3:D0:55:BE:0F:A0:8D:61:1E:E9:9B:F9:3F:9F:40:98:A8:4F
Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Certificate serial: 0908
Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/C6D09D889F1C11EEB377E239C4F9AE02.roa
Signing time: Wed 20 Dec 2023 09:47:24 +0000
ROA not before: Wed 20 Dec 2023 09:47:24 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 138195
IP address blocks: 27.124.8.0/24 maxlen: 24
118.107.48.0/21 maxlen: 24
202.79.160.0/24 maxlen: 24
202.79.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 03:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2312 (0x908)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Validity
Not Before: Dec 20 09:47:24 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6582b82c-b8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3c:1f:40:2a:84:be:9b:49:5d:f8:12:7f:e7:
09:35:14:2e:c3:82:11:69:1d:59:96:51:e2:ad:12:
b5:a8:57:aa:08:94:c6:4c:0e:61:fb:c4:22:15:ba:
4a:1a:82:02:3a:a7:52:81:c5:94:0d:d3:ad:74:b9:
0f:41:16:e0:6c:e2:9a:fd:8a:a5:3c:2d:33:7f:c9:
84:fc:a1:75:4d:fd:87:a7:ad:e5:df:62:e3:0e:b7:
33:89:ae:cf:38:8f:31:0b:93:bf:29:bf:4c:f1:77:
dc:f2:b0:ce:1e:e1:a9:ce:3a:05:a2:5d:7d:f7:84:
42:35:36:2e:3d:d0:a4:f8:fc:5b:a6:58:d4:0c:a7:
80:a2:ed:a5:ae:ce:e8:20:1c:1a:b8:e1:5a:f3:a4:
42:97:7c:51:0a:4d:c5:f4:22:7a:18:e0:07:b2:fe:
d8:42:ba:84:24:f8:f0:38:13:4e:77:68:49:ce:e3:
a7:02:ba:31:92:90:5d:3f:2f:8a:bc:cc:da:c1:bb:
aa:d7:90:2b:7e:0d:2c:02:53:e0:21:76:e5:23:87:
30:26:c0:2f:f0:10:00:db:ca:fb:70:55:27:02:c3:
56:ed:00:8e:31:a0:2c:dc:b7:02:bb:25:11:1c:39:
61:a5:63:2d:82:9e:f1:6c:22:5b:fe:eb:45:61:d6:
d9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:80:B3:D0:55:BE:0F:A0:8D:61:1E:E9:9B:F9:3F:9F:40:98:A8:4F
X509v3 Authority Key Identifier:
keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/C6D09D889F1C11EEB377E239C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.124.8.0/24
118.107.48.0/21
202.79.160.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:1e:fe:81:93:3a:e1:92:88:4c:48:58:a6:7e:b9:33:b5:46:
b9:46:52:31:6a:0e:f6:53:31:29:b8:b5:ac:60:90:d5:1e:93:
05:e9:bf:5f:51:2c:31:30:65:35:7a:17:6d:21:96:e1:2c:b0:
31:d3:27:b6:be:e6:87:4a:e2:cd:4f:fe:1a:8e:d9:ef:1b:fa:
23:a9:99:f1:ef:72:b9:be:0b:4f:95:13:11:ea:0f:c8:f7:b4:
30:0f:26:d0:07:7d:9a:68:f2:69:eb:5c:50:e6:7f:49:66:ca:
8e:b9:6a:d1:4a:e2:69:d5:d9:4e:b2:21:b5:ac:45:39:71:de:
e3:77:68:87:9b:54:aa:2f:ef:b8:7d:49:e1:5c:7f:3e:bb:b0:
6e:72:d9:85:16:47:9a:77:2d:65:42:88:bb:08:e3:e4:62:b1:
35:89:f6:a6:b5:e4:ae:22:31:5f:51:a1:41:23:f4:0a:7c:72:
f5:34:2c:fe:59:7d:da:1c:a1:44:d1:46:73:eb:74:f3:c5:6a:
a6:10:c9:df:76:7c:a3:8f:54:d0:ec:06:60:6d:46:c3:3f:13:
0b:6b:bd:44:fa:19:fc:96:3e:8a:a8:8b:be:70:c9:12:e2:0a:
81:c0:46:5d:b4:6d:ec:ff:02:35:eb:53:4f:0d:98:49:f4:fa:
a0:67:02:ba
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG
NEJBNDIzMjkwHhcNMjMxMjIwMDk0NzI0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgyYjgyYy1iOGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwzwfQCqEvptJXfgSf+cJNRQuw4IRaR1ZllHirRK1qFeqCJTGTA5h+8QiFbpK
GoICOqdSgcWUDdOtdLkPQRbgbOKa/YqlPC0zf8mE/KF1Tf2Hp63l32LjDrczia7P
OI8xC5O/Kb9M8Xfc8rDOHuGpzjoFol1994RCNTYuPdCk+PxbpljUDKeAou2lrs7o
IBwauOFa86RCl3xRCk3F9CJ6GOAHsv7YQrqEJPjwOBNOd2hJzuOnAroxkpBdPy+K
vMzawbuq15Arfg0sAlPgIXblI4cwJsAv8BAA28r7cFUnAsNW7QCOMaAs3LcCuyUR
HDlhpWMtgp7xbCJb/utFYdbZLwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKSAs9BV
vg+gjWEe6Zv5P59AmKhPMB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ
eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMEJCRDlFQTI4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvQzZEMDlEODg5
RjFDMTFFRUIzNzdFMjM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAbfAgDBAN2azADBAHKT6AwDQYJKoZIhvcNAQELBQADggEB
ACse/oGTOuGSiExIWKZ+uTO1RrlGUjFqDvZTMSm4taxgkNUekwXpv19RLDEwZTV6
F20hluEssDHTJ7a+5odK4s1P/hqO2e8b+iOpmfHvcrm+C0+VExHqD8j3tDAPJtAH
fZpo8mnrXFDmf0lmyo65atFK4mnV2U6yIbWsRTlx3uN3aIebVKov77h9SeFcfz67
sG5y2YUWR5p3LWVCiLsI4+RisTWJ9qa15K4iMV9RoUEj9Ap8cvU0LP5ZfdocoUTR
RnPrdPPFaqYQyd92fKOPVNDsBmBtRsM/EwtrvUT6GfyWPoqoi75wyRLiCoHARl20
bez/AjXrU08NmEn0+qBnAro=
-----END CERTIFICATE-----
Generated at Fri Jul 12 05:10:25 2024 by rpki-client on console-fra.rpki-client.org