Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/F2E5239EEF5D11EE84EA6C77C4F9AE02.roa
File: F2E5239EEF5D11EE84EA6C77C4F9AE02.roa (raw, json)
Hash identifier: m/OfYLh3E4TBtxXakhujazsZkDgh8kpPyOXqE0aKz/8=
Subject key identifier: 50:B2:E2:8C:A8:05:8E:A0:D6:45:42:91:66:04:47:98:C9:BD:04:9E
Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Certificate serial: 0981
Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/F2E5239EEF5D11EE84EA6C77C4F9AE02.roa
Signing time: Sun 31 Mar 2024 12:58:21 +0000
ROA not before: Sun 31 Mar 2024 12:58:21 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 152194
IP address blocks: 1.32.192.0/18 maxlen: 24
14.128.32.0/19 maxlen: 24
27.50.48.0/20 maxlen: 24
27.124.0.0/18 maxlen: 24
118.107.0.0/18 maxlen: 24
118.107.176.0/22 maxlen: 24
180.222.204.0/22 maxlen: 24
182.173.68.0/22 maxlen: 24
202.36.48.0/20 maxlen: 24
202.61.128.0/21 maxlen: 24
202.61.136.0/21 maxlen: 24
202.61.144.0/20 maxlen: 24
202.61.160.0/20 maxlen: 24
202.61.176.0/21 maxlen: 24
202.61.184.0/22 maxlen: 24
202.61.188.0/22 maxlen: 24
202.79.160.0/20 maxlen: 24
202.95.0.0/22 maxlen: 24
202.95.4.0/22 maxlen: 24
202.95.8.0/21 maxlen: 24
202.95.16.0/20 maxlen: 24
202.162.96.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 09:13:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2433 (0x981)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Validity
Not Before: Mar 31 12:58:21 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66095ded-4aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6a:21:3e:a4:4e:8b:d0:e5:ce:44:6f:2b:78:
19:74:21:ac:c7:66:ea:64:b0:19:c6:ef:c4:4d:e0:
ba:5d:53:3e:fe:ca:cd:13:f6:26:9d:1c:69:45:82:
b4:61:d8:53:76:04:5b:30:11:f5:12:02:8c:57:9e:
d2:65:7a:a4:6f:58:c4:3c:14:a7:8d:14:b1:10:5b:
6e:36:21:2c:78:0b:1b:6a:26:33:f7:ad:11:81:58:
81:67:30:22:81:36:20:95:b3:57:e8:21:ba:d9:06:
be:e8:18:30:61:95:62:1d:b6:a1:fa:fb:f4:83:31:
2e:9e:ed:d1:c0:34:9c:6c:fc:aa:df:a6:d1:2c:35:
c6:aa:e8:49:b2:1a:21:94:b6:cc:e6:ae:dc:0f:34:
52:a3:90:75:d9:75:34:43:60:4a:a4:90:67:b9:d1:
bc:4b:ba:58:ae:59:ca:b5:03:76:f4:f7:ae:3a:0a:
ba:a4:35:f0:45:75:f6:57:f7:59:2a:36:68:a3:73:
26:cc:5d:24:c0:35:74:49:51:cf:60:91:86:a4:d3:
8d:fc:28:fa:f4:cc:14:da:b9:6b:17:42:d8:49:13:
63:3b:24:31:c8:db:f2:2c:ec:b1:65:71:05:32:c8:
85:da:4b:ef:e4:c0:85:2d:97:d5:1d:99:77:6a:91:
f0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B2:E2:8C:A8:05:8E:A0:D6:45:42:91:66:04:47:98:C9:BD:04:9E
X509v3 Authority Key Identifier:
keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/F2E5239EEF5D11EE84EA6C77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.32.192.0/18
14.128.32.0/19
27.50.48.0/20
27.124.0.0/18
118.107.0.0/18
118.107.176.0/22
180.222.204.0/22
182.173.68.0/22
202.36.48.0/20
202.61.128.0/18
202.79.160.0/20
202.95.0.0/19
202.162.96.0/20
Signature Algorithm: sha256WithRSAEncryption
95:4e:0f:3e:14:d0:14:92:4e:ff:f9:e3:4d:6e:06:5f:65:48:
07:5e:86:4b:ab:9a:bd:4e:b8:b8:9c:41:68:65:9e:07:56:d6:
a9:db:29:14:f2:d7:0e:fa:0a:05:18:1b:d6:6c:dd:34:76:26:
de:90:33:d9:92:d4:b8:b1:74:5c:16:1c:cc:27:63:b7:76:69:
14:2e:c8:9d:4b:cd:5e:61:29:89:7b:3b:6a:06:5c:de:10:45:
b5:8a:b5:1b:ca:5d:f7:81:83:51:e3:8b:e3:76:b1:00:63:73:
49:3f:63:04:cb:f8:82:b3:d0:8c:c8:a8:73:df:16:4e:67:05:
a2:70:1b:85:cd:63:57:7a:c4:af:96:01:0b:2a:57:a7:bf:1e:
11:b8:dc:b6:c8:81:83:48:ba:40:14:4b:ef:60:28:57:4b:ae:
a8:a0:0e:63:4d:0b:86:5d:6b:11:cd:73:41:7a:0b:61:e4:b1:
bc:c8:46:14:4b:f3:2d:fd:bd:a7:ab:d8:20:1a:39:b0:cc:06:
f2:bf:0c:16:ce:64:09:9e:70:61:1a:a3:d9:23:41:af:c4:5c:
86:1c:a0:25:5f:9e:98:28:44:58:c5:dd:d0:aa:f2:d3:d7:3b:
9b:01:09:7d:b8:c6:aa:eb:84:5e:8c:79:b0:b8:38:32:3d:f0:
00:ee:40:8c
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICCYEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG
NEJBNDIzMjkwHhcNMjQwMzMxMTI1ODIxWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA5NWRlZC00YWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqGohPqROi9DlzkRvK3gZdCGsx2bqZLAZxu/ETeC6XVM+/srNE/YmnRxpRYK0
YdhTdgRbMBH1EgKMV57SZXqkb1jEPBSnjRSxEFtuNiEseAsbaiYz960RgViBZzAi
gTYglbNX6CG62Qa+6BgwYZViHbah+vv0gzEunu3RwDScbPyq36bRLDXGquhJshoh
lLbM5q7cDzRSo5B12XU0Q2BKpJBnudG8S7pYrlnKtQN29PeuOgq6pDXwRXX2V/dZ
KjZoo3MmzF0kwDV0SVHPYJGGpNON/Cj69MwU2rlrF0LYSRNjOyQxyNvyLOyxZXEF
MsiF2kvv5MCFLZfVHZl3apHw9wIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFFCy4oyo
BY6g1kVCkWYER5jJvQSeMB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ
eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMEJCRDlFQTI4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvRjJFNTIzOUVF
RjVEMTFFRTg0RUE2Qzc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMFQEAgABME4DBAYBIMADBAUOgCADBAQbMjADBAYbfAADBAZ2awADBAJ2a7AD
BAK03swDBAK2rUQDBATKJDADBAbKPYADBATKT6ADBAXKXwADBATKomAwDQYJKoZI
hvcNAQELBQADggEBAJVODz4U0BSSTv/5401uBl9lSAdehkurmr1OuLicQWhlngdW
1qnbKRTy1w76CgUYG9Zs3TR2Jt6QM9mS1LixdFwWHMwnY7d2aRQuyJ1LzV5hKYl7
O2oGXN4QRbWKtRvKXfeBg1Hji+N2sQBjc0k/YwTL+IKz0IzIqHPfFk5nBaJwG4XN
Y1d6xK+WAQsqV6e/HhG43LbIgYNIukAUS+9gKFdLrqigDmNNC4ZdaxHNc0F6C2Hk
sbzIRhRL8y39vaer2CAaObDMBvK/DBbOZAmecGEao9kjQa/EXIYcoCVfnpgoRFjF
3dCq8tPXO5sBCX24xqrrhF6MebC4ODI98ADuQIw=
-----END CERTIFICATE-----
Generated at Wed Aug 14 10:43:37 2024 by rpki-client on console-fra.rpki-client.org