Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/1C6978FC21AC11EF9EB0425EC4F9AE02.roa
File: 1C6978FC21AC11EF9EB0425EC4F9AE02.roa (raw, json)
Hash identifier: W7BPzkNy6os2afStnK34RFZQSsHE8f6hWkchgljKRa4=
Subject key identifier: B0:ED:EC:15:BF:B9:3F:C8:C0:9F:B0:76:0E:1E:CA:68:12:A7:26:62
Certificate issuer: /CN=A919E9A5/serialNumber=7AAC67DBC1EB928E2951362E0BC6AC7677E2DC7B
Certificate serial: 340F
Authority key identifier: 7A:AC:67:DB:C1:EB:92:8E:29:51:36:2E:0B:C6:AC:76:77:E2:DC:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eqxn28Hrko4pUTYuC8asdnfi3Hs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/1C6978FC21AC11EF9EB0425EC4F9AE02.roa
Signing time: Mon 03 Jun 2024 13:20:57 +0000
ROA not before: Mon 03 Jun 2024 13:20:57 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 23923
IP address blocks: 116.68.192.0/20 maxlen: 24
119.148.0.0/18 maxlen: 23
119.148.0.0/20 maxlen: 24
119.148.16.0/22 maxlen: 24
119.148.20.0/24 maxlen: 24
119.148.23.0/24 maxlen: 24
119.148.24.0/21 maxlen: 24
119.148.32.0/19 maxlen: 24
182.252.64.0/20 maxlen: 24
182.252.80.0/21 maxlen: 24
182.252.88.0/22 maxlen: 24
202.53.160.0/20 maxlen: 24
2401:9c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 20 Aug 2024 07:17:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13327 (0x340f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919E9A5/serialNumber=7AAC67DBC1EB928E2951362E0BC6AC7677E2DC7B
Validity
Not Before: Jun 3 13:20:57 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=665dc338-78c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:8b:da:bd:76:8b:9b:b7:d3:0e:0d:89:0d:bc:
e4:46:6d:6a:07:a8:15:c6:25:75:9b:37:3f:d8:7b:
ef:cc:41:9a:06:f8:7e:cb:8f:1f:af:a7:d1:78:7c:
e1:de:ca:62:d9:a3:ad:2d:de:73:33:5e:8b:a1:4a:
fe:b8:4d:5b:a5:76:e8:58:a5:04:9c:a9:d8:ad:83:
c4:1a:71:86:33:86:d3:e6:3d:39:d9:84:37:23:47:
62:6d:c0:06:17:9d:13:57:17:d6:bc:72:88:a1:ce:
74:db:ad:e4:d6:44:e5:3d:eb:64:85:ff:58:96:a7:
a4:d7:9e:f9:27:2d:0f:34:14:68:98:60:43:cb:f7:
72:c7:cd:b5:7e:d6:fb:c9:39:6a:a5:00:c7:0e:d0:
18:d4:69:27:0f:20:aa:14:e3:7a:0e:f9:34:96:9c:
d7:05:82:18:8e:c7:cb:82:41:d0:07:6f:de:81:b7:
52:9b:dd:66:65:d7:c6:1c:10:85:44:e4:3d:5a:ac:
65:66:5b:42:9a:83:e4:1c:68:b5:65:d6:a8:39:e6:
fc:59:ba:58:0f:8d:65:76:dd:09:7d:b3:c3:a4:87:
59:53:97:27:4a:0d:d4:54:e0:e4:38:93:f3:0f:84:
7f:21:db:08:e6:75:85:d8:db:96:78:dc:f1:83:b8:
31:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:ED:EC:15:BF:B9:3F:C8:C0:9F:B0:76:0E:1E:CA:68:12:A7:26:62
X509v3 Authority Key Identifier:
keyid:7A:AC:67:DB:C1:EB:92:8E:29:51:36:2E:0B:C6:AC:76:77:E2:DC:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/eqxn28Hrko4pUTYuC8asdnfi3Hs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eqxn28Hrko4pUTYuC8asdnfi3Hs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/1C6978FC21AC11EF9EB0425EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.68.192.0/20
119.148.0.0/18
182.252.64.0-182.252.91.255
202.53.160.0/20
IPv6:
2401:9c00::/32
Signature Algorithm: sha256WithRSAEncryption
37:bc:10:63:b6:94:1e:9b:2b:5d:c4:d9:be:06:e4:ab:3c:62:
ec:16:c9:69:45:95:63:71:8b:5d:b6:93:f8:8a:99:ac:e3:bc:
54:7e:5a:8c:7b:5f:02:b5:66:4c:68:25:2d:a8:01:8d:d2:2f:
cb:78:c4:df:fb:db:09:93:0c:a6:20:d4:8b:63:f9:72:53:8f:
38:cf:24:b1:d4:19:91:6b:f2:b7:66:fe:1d:27:ab:e0:34:50:
d2:cc:a4:89:02:96:44:73:3a:f1:de:19:f2:b8:5a:5e:fc:c8:
09:75:fb:0f:14:29:6f:57:f9:47:f4:72:ff:a8:fe:43:5d:de:
0a:f6:d0:a6:83:46:f5:d3:68:26:e8:6f:79:c7:4d:67:90:f0:
22:a9:04:d3:47:ac:5e:c1:36:eb:7f:02:c5:4c:67:8d:ae:a5:
ec:16:ba:e3:5b:a8:cf:cf:67:34:af:8a:db:f7:59:b4:52:93:
11:43:d1:10:d8:9a:e6:b6:3a:55:49:e0:1e:26:e4:e3:b5:2f:
03:ab:2e:06:ff:b4:e6:1d:ac:20:80:b8:ab:b6:e5:41:c3:81:
2c:2e:f0:41:08:08:3b:51:30:55:0c:d6:6d:3c:57:53:dd:8e:
8f:34:22:c3:30:e8:53:3f:ff:6f:13:2d:ca:e6:50:40:02:53:
2d:f0:69:12
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICNA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUU5QTUxMTAvBgNVBAUTKDdBQUM2N0RCQzFFQjkyOEUyOTUxMzYyRTBCQzZBQzc2
NzdFMkRDN0IwHhcNMjQwNjAzMTMyMDU3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkYzMzOC03OGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8ovavXaLm7fTDg2JDbzkRm1qB6gVxiV1mzc/2HvvzEGaBvh+y48fr6fReHzh
3spi2aOtLd5zM16LoUr+uE1bpXboWKUEnKnYrYPEGnGGM4bT5j052YQ3I0dibcAG
F50TVxfWvHKIoc50263k1kTlPetkhf9Ylqek1575Jy0PNBRomGBDy/dyx821ftb7
yTlqpQDHDtAY1GknDyCqFON6Dvk0lpzXBYIYjsfLgkHQB2/egbdSm91mZdfGHBCF
ROQ9WqxlZltCmoPkHGi1ZdaoOeb8WbpYD41ldt0JfbPDpIdZU5cnSg3UVODkOJPz
D4R/IdsI5nWF2NuWeNzxg7gxnQIDAQABo4ICvjCCArowHQYDVR0OBBYEFLDt7BW/
uT/IwJ+wdg4eymgSpyZiMB8GA1UdIwQYMBaAFHqsZ9vB65KOKVE2LgvGrHZ34tx7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTlBNS9BMzJFRkVCODFE
ODkxMUUyOTJFNEZERTIwOEIwMkNEMi9lcXhuMjhIcmtvNHBVVFl1Qzhhc2RuZmkz
SHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VxeG4yOEhya280cFVUWXVDOGFzZG5maTNIcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUU5QTUvQTMyRUZFQjgxRDg5MTFFMjkyRTRGREUyMDhCMDJDRDIvMUM2OTc4RkMy
MUFDMTFFRjlFQjA0MjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MCYEAgABMCADBAR0RMADBAZ3lAAwDAMEBrb8QAMEArb8WAMEBMo1oDANBAIA
AjAHAwUAJAGcADANBgkqhkiG9w0BAQsFAAOCAQEAN7wQY7aUHpsrXcTZvgbkqzxi
7BbJaUWVY3GLXbaT+IqZrOO8VH5ajHtfArVmTGglLagBjdIvy3jE3/vbCZMMpiDU
i2P5clOPOM8ksdQZkWvyt2b+HSer4DRQ0sykiQKWRHM68d4Z8rhaXvzICXX7DxQp
b1f5R/Ry/6j+Q13eCvbQpoNG9dNoJuhvecdNZ5DwIqkE00esXsE2638CxUxnja6l
7Ba641uoz89nNK+K2/dZtFKTEUPRENia5rY6VUngHibk47UvA6suBv+05h2sIIC4
q7blQcOBLC7wQQgIO1EwVQzWbTxXU92OjzQiwzDoUz//bxMtyuZQQAJTLfBpEg==
-----END CERTIFICATE-----
Generated at Tue Aug 20 10:01:35 2024 by rpki-client on console-ams.rpki-client.org