Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/D5E5A72C9F1D11EEA964993BC4F9AE02.roa
File: D5E5A72C9F1D11EEA964993BC4F9AE02.roa (raw, json)
Hash identifier: hnyC9aBgVpgOAsuxosYFrdy03PNqsGSI3aiz9EYos6c=
Subject key identifier: 5C:82:B1:13:38:28:E2:A4:8E:B4:45:81:58:1A:B2:A0:13:E1:23:EE
Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Certificate serial: 090A
Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/D5E5A72C9F1D11EEA964993BC4F9AE02.roa
Signing time: Wed 20 Dec 2023 09:54:59 +0000
ROA not before: Wed 20 Dec 2023 09:54:59 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 64050
IP address blocks: 1.32.192.0/18 maxlen: 24
14.128.32.0/19 maxlen: 24
27.50.48.0/20 maxlen: 24
27.124.0.0/18 maxlen: 24
103.200.200.0/22 maxlen: 24
118.107.0.0/18 maxlen: 19
118.107.0.0/19 maxlen: 23
118.107.0.0/22 maxlen: 24
118.107.4.0/24 maxlen: 24
118.107.6.0/23 maxlen: 24
118.107.8.0/21 maxlen: 24
118.107.16.0/20 maxlen: 24
118.107.32.0/20 maxlen: 24
118.107.56.0/21 maxlen: 24
118.107.176.0/22 maxlen: 24
180.215.0.0/16 maxlen: 24
180.222.204.0/22 maxlen: 24
182.173.68.0/22 maxlen: 24
202.36.48.0/20 maxlen: 24
202.61.128.0/18 maxlen: 24
202.79.160.0/20 maxlen: 24
202.95.0.0/22 maxlen: 24
202.95.4.0/22 maxlen: 24
202.95.8.0/21 maxlen: 24
202.95.16.0/20 maxlen: 24
202.162.96.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 05:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2314 (0x90a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Validity
Not Before: Dec 20 09:54:59 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6582b9f2-d4e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:34:d3:20:8c:80:87:27:d9:5f:92:e9:91:93:
29:e3:34:17:7c:80:bc:4d:38:ec:76:70:5c:02:99:
c1:39:d6:d5:9e:e7:48:c9:3b:a1:39:cf:6f:a5:ac:
92:de:bd:86:71:36:fa:34:c5:54:72:6b:45:f0:4a:
e3:ce:ac:9c:82:22:dc:f1:1e:52:81:4e:42:1c:73:
a7:92:8d:cb:c9:cb:82:05:ee:cc:46:27:ee:c0:af:
fd:eb:e0:71:5c:22:d5:de:51:57:e5:94:bd:9a:9e:
2d:81:91:29:03:d5:74:12:6b:b4:c3:88:ad:09:07:
08:c0:e3:bb:67:ea:19:1a:81:46:f3:3d:0b:5b:58:
10:48:80:7e:da:16:e7:73:70:97:9c:ba:73:01:71:
40:13:e6:f5:8e:4d:f9:5d:06:d5:8d:75:bb:32:7b:
66:63:40:da:88:ef:96:f2:b2:17:fd:d6:15:fe:c4:
df:2c:93:c7:0d:8e:4a:c2:d0:98:1c:0c:58:35:c5:
c4:31:6a:3c:46:0c:2e:7e:9b:04:02:ff:aa:d7:d1:
a4:08:89:fa:7f:78:0e:a9:37:8c:a1:ee:d8:bc:45:
ff:87:a1:08:67:ac:c3:50:28:f7:7e:5b:03:63:9c:
f7:f2:b8:03:3f:d9:c6:81:e3:53:18:19:b6:97:8a:
b8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:82:B1:13:38:28:E2:A4:8E:B4:45:81:58:1A:B2:A0:13:E1:23:EE
X509v3 Authority Key Identifier:
keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/D5E5A72C9F1D11EEA964993BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.32.192.0/18
14.128.32.0/19
27.50.48.0/20
27.124.0.0/18
103.200.200.0/22
118.107.0.0/18
118.107.176.0/22
180.215.0.0/16
180.222.204.0/22
182.173.68.0/22
202.36.48.0/20
202.61.128.0/18
202.79.160.0/20
202.95.0.0/19
202.162.96.0/20
Signature Algorithm: sha256WithRSAEncryption
bf:fe:9c:36:ec:41:5d:fd:b1:fa:29:8b:84:8a:be:0e:56:3d:
30:c3:c3:a8:68:4a:16:06:af:ab:e9:0a:a5:5e:70:c6:1a:1c:
56:8f:f0:b2:ee:41:3f:2a:51:78:bd:a2:38:4f:c3:29:04:5d:
a8:ba:bd:dd:a9:23:f9:95:27:41:55:c9:e1:d9:36:9e:61:4c:
7c:09:61:33:13:dd:a1:ed:7f:b9:a2:a3:55:02:b4:7b:9a:1e:
b3:ae:af:d6:d5:da:46:9e:41:e7:15:48:2a:fd:2b:16:72:3b:
1e:48:9c:f7:11:bd:71:e7:35:d1:2e:33:4b:32:94:b9:f8:2a:
04:c7:a4:8f:87:58:5f:e1:91:bd:ac:d7:40:25:4f:de:63:9a:
98:3b:a4:c7:8d:1d:08:f1:d8:6f:7a:c7:71:e0:83:27:10:73:
25:3d:9c:1d:47:fb:15:bd:5e:2f:62:e0:a5:cd:ae:74:f9:3b:
f2:fa:0f:8e:63:59:c5:aa:79:ba:c7:23:1e:40:91:ed:b3:6b:
d9:58:b0:b6:32:ef:af:1a:49:d1:2b:d2:85:73:a7:89:70:5c:
30:1d:ff:80:23:c9:32:7a:e7:b1:a0:2d:82:b8:91:7c:4b:ce:
77:39:f4:f1:13:1f:b1:0f:b6:e2:68:69:9a:49:2e:9b:f5:96:
f5:02:5d:cb
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICCQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG
NEJBNDIzMjkwHhcNMjMxMjIwMDk1NDU5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgyYjlmMi1kNGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4zTTIIyAhyfZX5LpkZMp4zQXfIC8TTjsdnBcApnBOdbVnudIyTuhOc9vpayS
3r2GcTb6NMVUcmtF8ErjzqycgiLc8R5SgU5CHHOnko3LycuCBe7MRifuwK/96+Bx
XCLV3lFX5ZS9mp4tgZEpA9V0Emu0w4itCQcIwOO7Z+oZGoFG8z0LW1gQSIB+2hbn
c3CXnLpzAXFAE+b1jk35XQbVjXW7MntmY0DaiO+W8rIX/dYV/sTfLJPHDY5KwtCY
HAxYNcXEMWo8RgwufpsEAv+q19GkCIn6f3gOqTeMoe7YvEX/h6EIZ6zDUCj3flsD
Y5z38rgDP9nGgeNTGBm2l4q4EwIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFFyCsRM4
KOKkjrRFgVgasqAT4SPuMB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ
eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMEJCRDlFQTI4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvRDVFNUE3MkM5
RjFEMTFFRUE5NjQ5OTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcgYIKwYBBQUHAQcBAf8E
YzBhMF8EAgABMFkDBAYBIMADBAUOgCADBAQbMjADBAYbfAADBAJnyMgDBAZ2awAD
BAJ2a7ADAwC01wMEArTezAMEAratRAMEBMokMAMEBso9gAMEBMpPoAMEBcpfAAME
BMqiYDANBgkqhkiG9w0BAQsFAAOCAQEAv/6cNuxBXf2x+imLhIq+DlY9MMPDqGhK
Fgavq+kKpV5wxhocVo/wsu5BPypReL2iOE/DKQRdqLq93akj+ZUnQVXJ4dk2nmFM
fAlhMxPdoe1/uaKjVQK0e5oes66v1tXaRp5B5xVIKv0rFnI7Hkic9xG9cec10S4z
SzKUufgqBMekj4dYX+GRvazXQCVP3mOamDukx40dCPHYb3rHceCDJxBzJT2cHUf7
Fb1eL2Lgpc2udPk78voPjmNZxap5uscjHkCR7bNr2ViwtjLvrxpJ0SvShXOniXBc
MB3/gCPJMnrnsaAtgriRfEvOdzn08RMfsQ+24mhpmkkum/WW9QJdyw==
-----END CERTIFICATE-----
Generated at Thu Jan 18 07:23:21 2024 by rpki-client on console-ams.rpki-client.org