Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/C30EDD32555511EF86614E81C4F9AE02.roa
File: C30EDD32555511EF86614E81C4F9AE02.roa (raw, json)
Hash identifier: 0SjkjvOcqG9A/UCro9E7015gPKZ7enkSCrswWyZLAnk=
Subject key identifier: 93:54:8F:3B:F1:3D:39:E5:EF:3B:73:D0:BE:D8:91:86:23:FD:82:A2
Certificate issuer: /CN=A9195F7B/serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
Certificate serial: 76
Authority key identifier: 89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/C30EDD32555511EF86614E81C4F9AE02.roa
Signing time: Thu 08 Aug 2024 13:46:18 +0000
ROA not before: Thu 08 Aug 2024 13:46:18 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 38819
IP address blocks: 120.88.192.0/18 maxlen: 18
120.88.192.0/19 maxlen: 19
120.88.224.0/20 maxlen: 20
120.88.224.0/24 maxlen: 24
120.88.225.0/24 maxlen: 24
120.88.226.0/24 maxlen: 24
120.88.227.0/24 maxlen: 24
120.88.230.0/24 maxlen: 24
120.88.232.0/24 maxlen: 24
120.88.236.0/24 maxlen: 24
120.88.237.0/24 maxlen: 24
120.88.240.0/24 maxlen: 24
120.88.241.0/24 maxlen: 24
120.88.242.0/24 maxlen: 24
120.88.243.0/24 maxlen: 24
120.88.245.0/24 maxlen: 24
120.88.246.0/24 maxlen: 24
120.88.252.0/24 maxlen: 24
120.88.253.0/24 maxlen: 24
120.88.254.0/24 maxlen: 24
202.4.192.0/19 maxlen: 19
202.4.196.0/24 maxlen: 24
202.4.208.0/24 maxlen: 24
223.130.32.0/19 maxlen: 19
2405:b200::/32 maxlen: 32
2405:b200:110:2600::/56 maxlen: 56
2405:b200:140:2600::/56 maxlen: 56
2405:b200:150:2600::/56 maxlen: 56
Validation: Failed, certificate revoked on Fri 09 Aug 2024 07:34:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118 (0x76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9195F7B/serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
Validity
Not Before: Aug 8 13:46:18 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66b4cc29-df98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c7:39:16:bd:1d:9d:c2:70:1e:2a:08:5e:4f:
39:26:7c:fa:fc:6b:21:68:a8:6b:3b:d6:60:76:95:
67:41:1c:f7:97:f0:16:06:78:db:20:4b:81:6e:e9:
9b:50:eb:49:b6:3b:8c:67:6c:c7:f2:3c:58:a3:b2:
89:42:46:bd:63:71:7f:1d:24:40:3f:a5:19:44:8a:
6e:36:1d:66:76:53:20:08:15:fd:a7:33:90:3a:e7:
e9:0c:26:84:70:dc:5a:75:82:31:56:fc:08:fb:fc:
c8:60:ba:f4:28:d7:b7:9e:55:0d:b1:25:72:8a:28:
3d:ad:1a:36:4d:2c:2c:f2:90:b5:bd:94:ad:0f:ce:
c6:0a:fd:fd:9f:29:2e:fc:14:28:d0:87:57:31:4b:
df:e0:c4:e9:ae:ba:9b:79:f6:fa:56:c9:8d:9c:09:
8c:30:2c:7f:8d:3d:ea:61:32:03:75:0b:dc:d1:a9:
f5:97:10:8f:d7:69:65:03:4e:e8:5e:42:5c:74:f1:
a7:a8:85:f2:53:b5:35:99:81:1d:9c:f8:2f:6d:2c:
d9:69:f9:85:62:43:e3:9a:46:6d:57:ed:27:15:06:
2c:ef:40:65:4e:ef:fa:ee:db:2e:ed:ec:17:a2:5c:
e1:45:94:24:74:7f:69:f0:aa:95:e9:ee:e0:db:d7:
d8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:54:8F:3B:F1:3D:39:E5:EF:3B:73:D0:BE:D8:91:86:23:FD:82:A2
X509v3 Authority Key Identifier:
keyid:89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/C30EDD32555511EF86614E81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.88.192.0/18
202.4.192.0/19
223.130.32.0/19
IPv6:
2405:b200::/32
Signature Algorithm: sha256WithRSAEncryption
1e:7f:4d:b5:0c:4f:1b:16:4d:86:ad:38:9c:64:09:90:9a:20:
45:04:5b:e7:17:45:fa:4f:52:cc:3d:c2:a3:c2:db:d9:c3:c4:
8f:db:a6:1a:71:ca:33:b1:6a:df:5c:ff:0d:e8:10:1b:7b:83:
cc:67:ff:a5:9a:a3:06:96:90:5e:7b:70:e2:24:2e:9c:ee:82:
64:52:30:41:90:ad:c2:9e:fb:a0:20:4e:8d:9e:1d:3d:39:bc:
25:09:b6:56:a0:f3:3a:38:da:cd:59:91:ad:e3:44:28:8f:b4:
69:b2:f0:08:90:e0:fc:27:77:7c:b5:0c:61:a7:a0:db:02:38:
ad:59:94:b5:ad:b4:6f:cd:37:1b:aa:86:a0:04:99:5c:12:d6:
92:1d:c8:53:dd:5c:55:6c:4c:20:9d:ff:d9:0e:59:0d:8d:af:
93:b0:0a:5f:28:dd:de:48:39:7e:b4:55:d7:fe:33:99:1a:0d:
35:e3:3f:dd:d3:63:03:05:6b:87:ea:8d:b3:e4:83:72:bd:ba:
92:b3:5c:cf:8f:29:9a:1c:57:0d:01:6d:89:db:8b:c3:7a:06:
d5:2d:18:21:54:72:49:c4:77:b9:83:dc:6d:eb:26:9a:74:ee:
45:6c:2f:4f:20:46:e2:cc:db:36:86:75:73:a2:55:01:6f:85:
df:ed:61:36
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIBdjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NUY3QjExMC8GA1UEBRMoODkwQjFERUZFODhENTkxOTZCQ0M3QjY1MjY4QzYyRTg2
RTU0RDQ2RDAeFw0yNDA4MDgxMzQ2MThaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YjRjYzI5LWRmOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAxzkWvR2dwnAeKgheTzkmfPr8ayFoqGs71mB2lWdBHPeX8BYGeNsgS4Fu6ZtQ
60m2O4xnbMfyPFijsolCRr1jcX8dJEA/pRlEim42HWZ2UyAIFf2nM5A65+kMJoRw
3Fp1gjFW/Aj7/MhguvQo17eeVQ2xJXKKKD2tGjZNLCzykLW9lK0PzsYK/f2fKS78
FCjQh1cxS9/gxOmuupt59vpWyY2cCYwwLH+NPephMgN1C9zRqfWXEI/XaWUDTuhe
Qlx08aeohfJTtTWZgR2c+C9tLNlp+YViQ+OaRm1X7ScVBizvQGVO7/ru2y7t7Bei
XOFFlCR0f2nwqpXp7uDb19gTAgMBAAGjggKwMIICrDAdBgNVHQ4EFgQUk1SPO/E9
OeXvO3PQvtiRhiP9gqIwHwYDVR0jBBgwFoAUiQsd7+iNWRlrzHtlJoxi6G5U1G0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1RjdCL0ExMzFCMzk0QkIz
OTExRUVBNjU1NDE3RUM0RjlBRTAyL2lRc2Q3LWlOV1JscnpIdGxKb3hpNkc1VTFH
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaVFzZDctaU5XUmxyekh0bEpveGk2RzVVMUcwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NUY3Qi9BMTMxQjM5NEJCMzkxMUVFQTY1NTQxN0VDNEY5QUUwMi9DMzBFREQzMjU1
NTUxMUVGODY2MTRFODFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEBnhYwAMEBcoEwAMEBd+CIDANBAIAAjAHAwUAJAWyADANBgkq
hkiG9w0BAQsFAAOCAQEAHn9NtQxPGxZNhq04nGQJkJogRQRb5xdF+k9SzD3Co8Lb
2cPEj9umGnHKM7Fq31z/DegQG3uDzGf/pZqjBpaQXntw4iQunO6CZFIwQZCtwp77
oCBOjZ4dPTm8JQm2VqDzOjjazVmRreNEKI+0abLwCJDg/Cd3fLUMYaeg2wI4rVmU
ta20b803G6qGoASZXBLWkh3IU91cVWxMIJ3/2Q5ZDY2vk7AKXyjd3kg5frRV1/4z
mRoNNeM/3dNjAwVrh+qNs+SDcr26krNcz48pmhxXDQFtiduLw3oG1S0YIVRyScR3
uYPcbesmmnTuRWwvTyBG4szbNoZ1c6JVAW+F3+1hNg==
-----END CERTIFICATE-----
Generated at Fri Aug 9 10:08:29 2024 by rpki-client on console-fra.rpki-client.org