Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/E4A8CE62627B11EEB36A1D0DC4F9AE02.roa
File: E4A8CE62627B11EEB36A1D0DC4F9AE02.roa (raw, json)
Hash identifier: E3a15nh/RR+r2pjkvOyPKujjWxyRh1G22W+0sflmE1w=
Subject key identifier: A3:15:73:A2:16:0B:89:85:D0:68:92:F6:3D:69:02:11:B6:37:3B:86
Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Certificate serial: 08EF
Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/E4A8CE62627B11EEB36A1D0DC4F9AE02.roa
Signing time: Wed 08 Nov 2023 21:08:59 +0000
ROA not before: Wed 08 Nov 2023 21:08:59 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 64050
IP address blocks: 1.32.192.0/18 maxlen: 24
14.128.32.0/19 maxlen: 24
27.50.48.0/20 maxlen: 24
27.124.0.0/18 maxlen: 24
103.200.200.0/22 maxlen: 24
118.107.0.0/18 maxlen: 24
118.107.176.0/22 maxlen: 24
180.215.0.0/16 maxlen: 24
180.222.204.0/22 maxlen: 24
182.173.68.0/22 maxlen: 24
202.36.48.0/20 maxlen: 24
202.61.128.0/18 maxlen: 24
202.79.160.0/20 maxlen: 24
202.95.0.0/22 maxlen: 24
202.95.4.0/22 maxlen: 24
202.95.8.0/21 maxlen: 24
202.95.16.0/20 maxlen: 24
202.162.96.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Dec 2023 09:54:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2287 (0x8ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Validity
Not Before: Nov 8 21:08:59 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=654bf8ea-37fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:dd:c4:0f:99:19:c7:c2:3e:49:a9:4b:57:8f:
64:0a:3c:88:78:75:c8:ad:17:39:97:9f:42:1e:a0:
13:36:85:41:f9:70:7b:42:f1:41:43:eb:41:75:d0:
59:05:ee:0c:01:c9:3b:c5:ad:82:ab:80:16:e9:6f:
5d:8d:f2:a4:41:e4:99:16:0f:ac:f6:70:04:ad:fd:
c7:f2:7b:b2:eb:2c:a3:84:36:f0:5d:27:04:a9:89:
e3:c2:0c:34:3d:2a:32:c4:f3:08:19:2b:e0:4e:e9:
a9:3e:92:9e:5a:ab:7b:32:ef:13:38:79:c6:97:40:
8a:d5:35:16:c2:1c:e1:9c:9b:f1:ee:e2:61:10:9e:
cd:62:54:56:18:fd:c6:c7:e1:ef:be:f5:57:5b:7f:
13:c5:a1:67:99:9f:31:dc:e6:9a:26:8a:8b:1e:60:
e8:85:b6:20:eb:2f:b5:7e:27:6b:bb:1c:1f:b2:fd:
76:77:e2:60:47:c1:ca:56:f8:d9:8a:81:d7:f7:37:
83:94:bb:ef:e5:cc:6f:c9:7c:5d:95:fd:3f:af:df:
b2:cb:60:9a:75:77:f8:0c:86:7c:6d:d7:95:40:58:
3c:52:ed:9d:c9:e7:6c:06:6d:67:37:ae:74:62:bc:
f5:39:df:46:90:04:36:18:25:59:b9:19:b0:47:ac:
c6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:15:73:A2:16:0B:89:85:D0:68:92:F6:3D:69:02:11:B6:37:3B:86
X509v3 Authority Key Identifier:
keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/E4A8CE62627B11EEB36A1D0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.32.192.0/18
14.128.32.0/19
27.50.48.0/20
27.124.0.0/18
103.200.200.0/22
118.107.0.0/18
118.107.176.0/22
180.215.0.0/16
180.222.204.0/22
182.173.68.0/22
202.36.48.0/20
202.61.128.0/18
202.79.160.0/20
202.95.0.0/19
202.162.96.0/20
Signature Algorithm: sha256WithRSAEncryption
3c:c6:a4:dd:95:ef:9d:25:75:1a:5c:35:09:96:e6:10:29:06:
ca:87:56:27:62:9b:43:c7:9b:33:a0:11:b0:0f:f4:0a:fe:16:
90:f7:1e:da:8e:5e:41:22:f7:7c:c7:46:d5:84:7c:5e:00:42:
d7:8e:a1:d7:e8:cd:9b:3c:d1:6c:9d:1b:58:df:7c:03:1d:cc:
47:1e:da:bd:6b:1f:5d:83:d9:ea:86:1b:66:6c:f2:3e:82:e8:
99:66:a0:fc:c5:02:7e:7c:65:f9:a1:f1:c6:30:97:c4:4a:a0:
d3:9b:a8:80:33:69:57:eb:03:c7:08:47:a5:b4:81:66:cc:94:
8d:9a:12:e9:06:ad:d7:bc:cb:a6:dd:be:b7:08:93:47:5d:0a:
ee:48:00:de:df:4a:04:7e:8a:b8:84:3e:c8:73:c1:d6:25:c9:
58:69:b9:9a:5a:8b:85:01:4c:f1:1c:7b:41:b9:13:18:c4:da:
c7:8d:28:4a:e9:b7:f7:7f:75:a8:eb:fd:cd:a8:22:a5:0c:59:
14:d0:43:43:e6:20:82:ce:28:24:04:ba:19:e7:27:97:ba:a8:
21:78:35:e0:f2:76:f7:b8:c1:7d:24:cc:cb:b2:a2:3a:a1:7f:
6a:e2:6c:5f:e7:97:66:7d:40:85:3a:63:4d:bd:26:21:9c:b8:
72:31:e9:5e
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICCO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG
NEJBNDIzMjkwHhcNMjMxMTA4MjEwODU5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRiZjhlYS0zN2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9t3ED5kZx8I+SalLV49kCjyIeHXIrRc5l59CHqATNoVB+XB7QvFBQ+tBddBZ
Be4MAck7xa2Cq4AW6W9djfKkQeSZFg+s9nAErf3H8nuy6yyjhDbwXScEqYnjwgw0
PSoyxPMIGSvgTumpPpKeWqt7Mu8TOHnGl0CK1TUWwhzhnJvx7uJhEJ7NYlRWGP3G
x+HvvvVXW38TxaFnmZ8x3OaaJoqLHmDohbYg6y+1fidruxwfsv12d+JgR8HKVvjZ
ioHX9zeDlLvv5cxvyXxdlf0/r9+yy2CadXf4DIZ8bdeVQFg8Uu2dyedsBm1nN650
Yrz1Od9GkAQ2GCVZuRmwR6zGNwIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFKMVc6IW
C4mF0GiS9j1pAhG2NzuGMB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ
eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMEJCRDlFQTI4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvRTRBOENFNjI2
MjdCMTFFRUIzNkExRDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcgYIKwYBBQUHAQcBAf8E
YzBhMF8EAgABMFkDBAYBIMADBAUOgCADBAQbMjADBAYbfAADBAJnyMgDBAZ2awAD
BAJ2a7ADAwC01wMEArTezAMEAratRAMEBMokMAMEBso9gAMEBMpPoAMEBcpfAAME
BMqiYDANBgkqhkiG9w0BAQsFAAOCAQEAPMak3ZXvnSV1Glw1CZbmECkGyodWJ2Kb
Q8ebM6ARsA/0Cv4WkPce2o5eQSL3fMdG1YR8XgBC146h1+jNmzzRbJ0bWN98Ax3M
Rx7avWsfXYPZ6oYbZmzyPoLomWag/MUCfnxl+aHxxjCXxEqg05uogDNpV+sDxwhH
pbSBZsyUjZoS6Qat17zLpt2+twiTR10K7kgA3t9KBH6KuIQ+yHPB1iXJWGm5mlqL
hQFM8Rx7QbkTGMTax40oSum39391qOv9zagipQxZFNBDQ+Yggs4oJAS6Gecnl7qo
IXg14PJ297jBfSTMy7KiOqF/auJsX+eXZn1AhTpjTb0mIZy4cjHpXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org