Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/E4A8CE62627B11EEB36A1D0DC4F9AE02.roa
File: E4A8CE62627B11EEB36A1D0DC4F9AE02.roa (raw, json)
Hash identifier: jzY8IsLhPXrQCg1PKi/AcbVIRnzekPW9PchPG6ycpzI=
Subject key identifier: 32:76:70:0F:B1:AF:E5:23:D1:EB:8B:DC:88:6A:32:11:05:C2:36:DC
Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Certificate serial: 08DC
Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/E4A8CE62627B11EEB36A1D0DC4F9AE02.roa
Signing time: Thu 12 Oct 2023 04:03:20 +0000
ROA not before: Thu 12 Oct 2023 04:03:20 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 64050
IP address blocks: 1.32.192.0/18 maxlen: 24
14.128.32.0/19 maxlen: 24
27.50.48.0/20 maxlen: 24
27.124.0.0/18 maxlen: 24
103.200.200.0/22 maxlen: 24
118.107.0.0/18 maxlen: 24
118.107.176.0/22 maxlen: 24
180.215.0.0/16 maxlen: 24
180.222.204.0/22 maxlen: 24
182.173.68.0/22 maxlen: 24
202.36.48.0/20 maxlen: 24
202.61.128.0/18 maxlen: 24
202.79.160.0/20 maxlen: 24
202.95.0.0/22 maxlen: 24
202.95.4.0/22 maxlen: 24
202.95.8.0/21 maxlen: 24
202.95.16.0/20 maxlen: 24
202.162.96.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2268 (0x8dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Validity
Not Before: Oct 12 04:03:20 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=65277008-cc9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:68:d3:68:b6:8d:07:fa:d8:a2:75:91:25:03:
8b:4b:10:76:e8:21:b6:2d:ca:15:9e:90:0a:cf:d0:
d4:c6:ed:bc:2a:9e:2d:b0:79:c4:c6:e0:90:0a:38:
51:1c:ca:76:2b:9c:fe:e7:11:e2:ef:cc:df:fa:d9:
b2:e2:b2:61:3e:09:7c:8c:ae:7b:61:64:55:cc:c8:
2c:ea:0a:ae:99:50:40:f9:a7:3d:d4:14:36:48:58:
5d:34:ca:28:3f:04:5b:a3:d5:0e:5d:85:54:32:4e:
dc:e4:29:23:63:24:c1:bd:a8:6f:3c:93:fd:28:8f:
a5:bf:72:9d:6a:54:c6:91:fc:e6:ab:87:70:84:9c:
a9:42:00:0c:b6:bc:d3:d6:76:45:bb:cf:d2:db:58:
42:58:92:45:2f:be:8b:44:a8:6c:86:7b:12:88:a1:
cc:ee:dd:e8:65:c0:3b:a9:09:9e:fb:50:09:4b:0b:
27:a7:53:63:b0:e0:c5:b0:9e:f9:0f:2c:0b:f6:fe:
ac:25:92:1f:a5:05:8e:8f:25:a7:f8:25:9d:10:cb:
86:c8:10:ad:60:15:4e:da:47:1d:a4:57:03:5d:d4:
43:e2:b8:40:ea:21:0c:fe:46:e8:6b:cd:00:c4:9f:
28:6f:04:14:fb:89:43:ae:73:aa:7c:cd:d6:92:21:
86:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:76:70:0F:B1:AF:E5:23:D1:EB:8B:DC:88:6A:32:11:05:C2:36:DC
X509v3 Authority Key Identifier:
keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/E4A8CE62627B11EEB36A1D0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.32.192.0/18
14.128.32.0/19
27.50.48.0/20
27.124.0.0/18
103.200.200.0/22
118.107.0.0/18
118.107.176.0/22
180.215.0.0/16
180.222.204.0/22
182.173.68.0/22
202.36.48.0/20
202.61.128.0/18
202.79.160.0/20
202.95.0.0/19
202.162.96.0/20
Signature Algorithm: sha256WithRSAEncryption
9d:ba:5b:06:e1:84:f8:66:c5:96:cd:0e:b0:06:84:cd:2b:92:
f7:0d:30:fa:41:a2:ba:20:a7:92:a7:94:01:a5:a1:1f:f9:8a:
34:19:30:89:ee:40:cc:35:8b:ba:d3:8f:54:43:b6:a7:2f:44:
96:89:d9:b8:8d:aa:f1:ec:31:35:74:35:b4:f4:70:d4:e4:b2:
cf:58:cc:dd:de:ed:e7:65:cf:b5:1c:ca:bb:97:7c:93:e4:f8:
a9:7d:38:db:dc:8e:38:ab:30:64:c4:f2:c3:32:64:12:f6:a7:
82:6b:38:69:0b:64:dc:ac:a8:e0:7c:b1:f6:90:70:6c:fc:c6:
7a:ac:39:f6:96:c7:8c:fa:57:aa:46:83:9b:60:8b:cd:f6:5b:
dd:83:b4:b9:9e:c0:65:b6:09:d1:c7:92:a3:8a:c1:b2:a0:ba:
0a:81:1e:73:ec:8f:8e:26:09:fd:a7:34:59:1b:8f:1d:cf:28:
35:d8:94:bd:4a:17:1f:60:3c:0e:b0:7f:a6:2c:82:27:d2:6e:
57:f1:44:0e:6b:29:b8:18:65:ed:dc:35:47:97:62:73:a2:8a:
bf:e6:bf:00:12:4e:a9:c5:bb:9f:1c:e8:4a:60:be:f8:c2:18:
ee:4a:0f:6b:a7:9d:3c:6b:29:bd:bc:07:db:b7:bb:ff:6f:bd:
c3:34:50:d1
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICCNwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG
NEJBNDIzMjkwHhcNMjMxMDEyMDQwMzIwWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI3NzAwOC1jYzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwWjTaLaNB/rYonWRJQOLSxB26CG2LcoVnpAKz9DUxu28Kp4tsHnExuCQCjhR
HMp2K5z+5xHi78zf+tmy4rJhPgl8jK57YWRVzMgs6gqumVBA+ac91BQ2SFhdNMoo
PwRbo9UOXYVUMk7c5CkjYyTBvahvPJP9KI+lv3KdalTGkfzmq4dwhJypQgAMtrzT
1nZFu8/S21hCWJJFL76LRKhshnsSiKHM7t3oZcA7qQme+1AJSwsnp1NjsODFsJ75
DywL9v6sJZIfpQWOjyWn+CWdEMuGyBCtYBVO2kcdpFcDXdRD4rhA6iEM/kboa80A
xJ8obwQU+4lDrnOqfM3WkiGGkwIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFDJ2cA+x
r+Uj0euL3IhqMhEFwjbcMB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ
eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMEJCRDlFQTI4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvRTRBOENFNjI2
MjdCMTFFRUIzNkExRDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcgYIKwYBBQUHAQcBAf8E
YzBhMF8EAgABMFkDBAYBIMADBAUOgCADBAQbMjADBAYbfAADBAJnyMgDBAZ2awAD
BAJ2a7ADAwC01wMEArTezAMEAratRAMEBMokMAMEBso9gAMEBMpPoAMEBcpfAAME
BMqiYDANBgkqhkiG9w0BAQsFAAOCAQEAnbpbBuGE+GbFls0OsAaEzSuS9w0w+kGi
uiCnkqeUAaWhH/mKNBkwie5AzDWLutOPVEO2py9ElonZuI2q8ewxNXQ1tPRw1OSy
z1jM3d7t52XPtRzKu5d8k+T4qX0429yOOKswZMTywzJkEvangms4aQtk3Kyo4Hyx
9pBwbPzGeqw59pbHjPpXqkaDm2CLzfZb3YO0uZ7AZbYJ0ceSo4rBsqC6CoEec+yP
jiYJ/ac0WRuPHc8oNdiUvUoXH2A8DrB/piyCJ9JuV/FEDmspuBhl7dw1R5dic6KK
v+a/ABJOqcW7nxzoSmC++MIY7koPa6edPGspvbwH27e7/2+9wzRQ0Q==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:36:02 2023 by rpki-client on console.sobornost.net