Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/661FA214FA3711EFAA9ED940C4F9AE02.roa
File: 661FA214FA3711EFAA9ED940C4F9AE02.roa (raw, json)
Hash identifier: YC9x6uCDkAVngzPYWjpjM5PQ9mjCow3twBNSG8rPgsQ=
Subject key identifier: B3:B0:7D:B4:E1:A2:08:96:A6:B3:8C:B4:AD:38:69:85:32:22:F0:99
Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Certificate serial: 09F8
Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/661FA214FA3711EFAA9ED940C4F9AE02.roa
Signing time: Thu 06 Mar 2025 03:02:11 +0000
ROA not before: Thu 06 Mar 2025 03:02:11 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9908
IP address blocks: 61.10.0.0/16 maxlen: 16
61.10.0.0/17 maxlen: 17
61.10.0.0/18 maxlen: 20
61.10.64.0/18 maxlen: 18
61.10.64.0/19 maxlen: 20
61.10.96.0/19 maxlen: 20
61.10.128.0/17 maxlen: 20
61.15.0.0/16 maxlen: 16
61.15.0.0/17 maxlen: 20
61.15.128.0/17 maxlen: 20
61.18.0.0/16 maxlen: 20
125.59.0.0/16 maxlen: 20
203.83.64.0/18 maxlen: 18
203.168.192.0/20 maxlen: 20
203.168.222.0/23 maxlen: 24
203.168.224.0/19 maxlen: 20
218.252.0.0/16 maxlen: 16
218.252.0.0/17 maxlen: 20
218.252.128.0/17 maxlen: 20
218.253.0.0/18 maxlen: 20
222.166.0.0/16 maxlen: 20
222.167.0.0/18 maxlen: 20
222.167.64.0/19 maxlen: 20
222.167.128.0/17 maxlen: 20
Validation: Failed, certificate revoked on Tue 11 Mar 2025 03:53:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2552 (0x9f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134172
Validity
Not Before: Mar 6 03:02:11 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67c91033-c0d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9a:15:ab:61:51:ee:8c:54:94:f1:04:f1:82:
bb:81:ec:f3:48:d5:b2:8f:ea:3b:f0:e3:86:d2:fc:
be:b9:bc:5e:5b:07:30:78:8d:dd:00:5c:da:9e:59:
55:b3:46:4c:b9:3e:df:07:66:1e:e0:3e:59:a8:7c:
ea:87:f1:f3:32:58:7d:06:e7:96:a8:4d:9c:97:48:
55:e2:0c:ff:5c:b4:de:3d:d5:b8:00:32:d1:df:66:
6d:22:00:fd:c0:78:7e:e8:4e:a4:88:ff:98:ef:c6:
9f:3e:e7:be:b5:20:f0:7b:2c:cf:80:79:6d:fb:d5:
8d:2e:7f:65:4a:18:3e:42:fa:2b:42:fa:15:ca:24:
e4:2d:d5:ab:9e:18:a6:49:80:f0:34:fd:b4:c1:5a:
27:11:11:22:93:20:d2:aa:fe:ae:88:00:41:37:92:
3c:95:8e:53:5f:a4:03:1f:03:10:64:d2:e2:cd:a6:
12:22:2b:39:bd:99:fa:83:5a:13:08:5b:25:82:20:
f7:ff:10:8b:69:12:9b:91:69:f9:3e:6e:59:8d:85:
2e:87:2d:95:96:60:e0:ed:55:78:61:83:0a:96:90:
16:83:9f:8d:c1:fc:ce:f9:38:c0:77:d0:94:14:7e:
ee:1a:55:cd:cc:66:af:5f:2f:cc:d3:91:99:ef:28:
17:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B0:7D:B4:E1:A2:08:96:A6:B3:8C:B4:AD:38:69:85:32:22:F0:99
X509v3 Authority Key Identifier:
keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/661FA214FA3711EFAA9ED940C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.10.0.0/16
61.15.0.0/16
61.18.0.0/16
125.59.0.0/16
203.83.64.0/18
203.168.192.0/20
203.168.222.0-203.168.255.255
218.252.0.0-218.253.63.255
222.166.0.0-222.167.95.255
222.167.128.0/17
Signature Algorithm: sha256WithRSAEncryption
06:5a:59:6d:77:86:38:16:2b:2a:ac:5a:61:4a:77:07:c5:7c:
f6:27:57:a0:63:ea:fe:bb:a7:ac:de:38:b6:28:a3:f2:da:f0:
da:46:f4:ba:d0:ab:2b:cc:78:9b:27:ac:e6:d4:99:79:3a:19:
33:2f:da:2b:f0:d0:15:99:5f:29:e2:31:15:79:94:71:14:0e:
dd:95:9c:24:29:2c:1a:e7:3a:31:1f:2d:ca:06:e5:c6:6b:a7:
9d:e7:04:6a:62:16:6d:f8:a3:07:d8:52:5f:d1:5f:d0:e3:f3:
a0:69:c4:d4:d5:da:a7:e5:70:0f:45:95:a1:4e:9b:d5:7f:98:
6d:99:93:3e:29:de:7f:57:91:17:75:e7:58:c3:39:2c:3c:b2:
d7:56:8f:dc:1e:10:39:1f:a8:4a:9e:43:24:05:66:60:14:4a:
fd:2d:e2:ce:00:e9:b5:71:bf:6e:40:49:97:51:49:56:18:d6:
86:e0:2f:e4:77:d6:5a:40:17:5c:a2:d1:17:f1:d0:6e:73:2e:
32:55:ed:a8:95:79:d6:d4:87:31:9e:4e:5d:c1:bc:89:d7:f1:
4c:df:44:bf:8f:0a:0f:2d:9b:af:f2:81:b9:b4:a8:c7:c5:cb:
31:b6:e2:54:1a:f9:18:47:0b:03:26:e1:f4:81:a2:5b:71:0c:
9b:03:63:be
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICCfgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw
MzQ4QzQ2QTcwHhcNMjUwMzA2MDMwMjExWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M5MTAzMy1jMGQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs5oVq2FR7oxUlPEE8YK7gezzSNWyj+o78OOG0vy+ubxeWwcweI3dAFzanllV
s0ZMuT7fB2Ye4D5ZqHzqh/HzMlh9BueWqE2cl0hV4gz/XLTePdW4ADLR32ZtIgD9
wHh+6E6kiP+Y78afPue+tSDweyzPgHlt+9WNLn9lShg+QvorQvoVyiTkLdWrnhim
SYDwNP20wVonEREikyDSqv6uiABBN5I8lY5TX6QDHwMQZNLizaYSIis5vZn6g1oT
CFslgiD3/xCLaRKbkWn5Pm5ZjYUuhy2VlmDg7VV4YYMKlpAWg5+NwfzO+TjAd9CU
FH7uGlXNzGavXy/M05GZ7ygX0wIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFLOwfbTh
ogiWprOMtK04aYUyIvCZMB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF
NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvNjYxRkEyMTRG
QTM3MTFFRkFBOUVEOTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E
VzBVMFMEAgABME0DAwA9CgMDAD0PAwMAPRIDAwB9OwMEBstTQAMEBMuowDALAwQB
y6jeAwMAy6gwCwMDAtr8AwQG2v0AMAsDAwHepgMEBd6nQAMEB96ngDANBgkqhkiG
9w0BAQsFAAOCAQEABlpZbXeGOBYrKqxaYUp3B8V89idXoGPq/runrN44tiij8trw
2kb0utCrK8x4myes5tSZeToZMy/aK/DQFZlfKeIxFXmUcRQO3ZWcJCksGuc6MR8t
ygblxmunnecEamIWbfijB9hSX9Ff0OPzoGnE1NXap+VwD0WVoU6b1X+YbZmTPine
f1eRF3XnWMM5LDyy11aP3B4QOR+oSp5DJAVmYBRK/S3izgDptXG/bkBJl1FJVhjW
huAv5HfWWkAXXKLRF/HQbnMuMlXtqJV51tSHMZ5OXcG8idfxTN9Ev48KDy2br/KB
ubSox8XLMbbiVBr5GEcLAybh9IGiW3EMmwNjvg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:53:13 2025 by rpki-client