Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/B3DE67AEDC8511EEA99D7154C4F9AE02.roa
File: B3DE67AEDC8511EEA99D7154C4F9AE02.roa (raw, json)
Hash identifier: R9n+SlHnVTsxLVRbD24c5GhPDkNrhmu7jCG66n/oaX8=
Subject key identifier: 85:22:0A:74:11:0D:CC:04:64:0B:5C:BC:8F:36:13:32:A5:8A:B3:2A
Certificate issuer: /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial: 17AC
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/B3DE67AEDC8511EEA99D7154C4F9AE02.roa
Signing time: Fri 27 Sep 2024 11:38:01 +0000
ROA not before: Fri 27 Sep 2024 11:38:01 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 17911
IP address blocks: 122.129.64.0/24 maxlen: 24
122.129.65.0/24 maxlen: 24
122.129.66.0/24 maxlen: 24
122.129.67.0/24 maxlen: 24
122.129.68.0/24 maxlen: 24
122.129.69.0/24 maxlen: 24
122.129.70.0/24 maxlen: 24
122.129.71.0/24 maxlen: 24
122.129.72.0/24 maxlen: 24
122.129.73.0/24 maxlen: 24
122.129.74.0/24 maxlen: 24
122.129.75.0/24 maxlen: 24
122.129.76.0/24 maxlen: 24
122.129.77.0/24 maxlen: 24
122.129.78.0/24 maxlen: 24
122.129.79.0/24 maxlen: 24
122.129.80.0/24 maxlen: 24
122.129.81.0/24 maxlen: 24
122.129.82.0/24 maxlen: 24
122.129.83.0/24 maxlen: 24
122.129.84.0/24 maxlen: 24
122.129.85.0/24 maxlen: 24
122.129.86.0/24 maxlen: 24
122.129.87.0/24 maxlen: 24
122.129.88.0/24 maxlen: 24
122.129.89.0/24 maxlen: 24
122.129.90.0/24 maxlen: 24
122.129.91.0/24 maxlen: 24
122.129.92.0/24 maxlen: 24
122.129.93.0/24 maxlen: 24
122.129.94.0/24 maxlen: 24
122.129.95.0/24 maxlen: 24
203.128.0.0/24 maxlen: 24
203.128.1.0/24 maxlen: 24
203.128.2.0/24 maxlen: 24
203.128.3.0/24 maxlen: 24
203.128.4.0/24 maxlen: 24
203.128.5.0/24 maxlen: 24
203.128.6.0/24 maxlen: 24
203.128.7.0/24 maxlen: 24
203.128.8.0/24 maxlen: 24
203.128.9.0/24 maxlen: 24
203.128.10.0/24 maxlen: 24
203.128.11.0/24 maxlen: 24
203.128.12.0/24 maxlen: 24
203.128.13.0/24 maxlen: 24
203.128.14.0/24 maxlen: 24
203.128.15.0/24 maxlen: 24
203.128.16.0/24 maxlen: 24
203.128.17.0/24 maxlen: 24
203.128.18.0/24 maxlen: 24
203.128.19.0/24 maxlen: 24
203.128.20.0/24 maxlen: 24
203.128.21.0/24 maxlen: 24
203.128.22.0/24 maxlen: 24
203.128.24.0/24 maxlen: 24
203.128.25.0/24 maxlen: 24
203.128.26.0/24 maxlen: 24
203.128.27.0/24 maxlen: 24
203.128.28.0/24 maxlen: 24
203.128.29.0/24 maxlen: 24
203.128.30.0/24 maxlen: 24
203.128.31.0/24 maxlen: 24
2400:4f00::/36 maxlen: 36
Validation: Failed, certificate revoked on Sat 28 Sep 2024 06:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6060 (0x17ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Validity
Not Before: Sep 27 11:38:01 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66f69919-507a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:59:bc:99:fe:65:a3:4f:ef:c6:e7:fc:b0:90:
26:b2:0b:d9:1f:e6:37:db:bc:f7:4e:77:d6:4a:55:
9a:24:90:67:84:fd:06:c3:fa:96:e8:cf:23:80:77:
e6:b7:d2:ae:df:5f:58:a5:07:0f:04:16:4d:8a:44:
ed:c1:17:a3:b0:78:13:65:e5:db:53:39:c9:d3:e1:
5c:60:1d:2b:57:93:5d:e4:2f:a4:78:a2:4c:1c:9a:
3b:a5:88:4d:13:e2:78:23:f1:8d:db:ae:73:69:84:
9e:b2:4d:49:a5:f8:68:0d:c0:d0:96:86:13:93:4d:
15:9e:61:6f:f2:af:57:44:87:22:ac:71:b1:ad:f6:
50:e8:96:4b:1c:9b:f8:c0:81:8f:9f:dd:3f:2b:05:
2d:a7:d2:c7:e4:c4:49:0d:fb:ed:bf:6d:37:38:cc:
60:de:bd:ac:f6:c0:a4:19:6a:62:01:94:95:3c:65:
fc:8d:db:53:fa:00:2a:c6:2d:5b:9b:99:88:1f:22:
be:b4:d1:cc:8b:95:53:37:28:92:2a:08:eb:98:60:
c0:bf:81:4f:fe:43:f0:ef:11:b0:93:7c:65:f2:4a:
8c:39:1c:53:4b:ff:7f:1a:3e:63:32:61:ec:69:8b:
4e:69:6f:86:97:aa:57:49:bd:9d:27:fd:05:4c:07:
a8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:22:0A:74:11:0D:CC:04:64:0B:5C:BC:8F:36:13:32:A5:8A:B3:2A
X509v3 Authority Key Identifier:
keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/B3DE67AEDC8511EEA99D7154C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.129.64.0/19
203.128.0.0-203.128.22.255
203.128.24.0/21
IPv6:
2400:4f00::/36
Signature Algorithm: sha256WithRSAEncryption
2f:2f:c6:84:f5:69:75:db:ee:6b:a2:01:d2:57:36:0b:f0:2e:
24:a4:14:f2:d1:61:a9:24:da:d3:44:1e:ce:1e:99:09:5f:27:
18:c5:21:ed:ad:d1:87:63:a3:31:12:7b:0a:f4:39:91:56:a9:
c3:49:3b:af:6d:82:84:21:c3:5f:d0:43:0e:cf:70:e0:4a:46:
33:65:3b:07:c1:8c:d2:e0:80:dc:90:46:ed:25:f5:13:70:3e:
e8:c4:d7:c2:e7:23:90:c9:37:50:f9:e5:fa:9d:9c:9f:5a:02:
7b:3e:c3:8d:fd:8d:50:7c:b7:90:15:2f:1c:3a:71:f2:33:68:
34:ce:83:8e:5c:35:01:da:c6:a0:e1:b9:d5:5f:34:64:74:ca:
7d:9b:6c:65:43:a3:65:4b:df:d7:e6:6b:75:be:de:bc:b3:ca:
98:8b:a5:3b:18:ed:39:66:c1:3f:cd:67:33:22:aa:b7:3c:62:
2e:5f:de:c3:7d:4a:8b:e6:c6:3d:5a:75:57:31:aa:55:04:b6:
85:9a:db:3c:3c:07:48:6f:7c:88:72:33:ca:1f:81:17:0b:b1:
9c:5e:29:5a:36:c7:70:48:63:a3:0c:2d:6d:a7:7b:bc:bf:90:
91:db:bc:ce:ef:d9:fe:fc:ff:4f:c5:b6:1b:0c:f4:a1:c7:0c:
03:7e:4a:a8
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICF6wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjQwOTI3MTEzODAxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2OTkxOS01MDdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5lm8mf5lo0/vxuf8sJAmsgvZH+Y327z3TnfWSlWaJJBnhP0Gw/qW6M8jgHfm
t9Ku319YpQcPBBZNikTtwRejsHgTZeXbUznJ0+FcYB0rV5Nd5C+keKJMHJo7pYhN
E+J4I/GN265zaYSesk1JpfhoDcDQloYTk00VnmFv8q9XRIcirHGxrfZQ6JZLHJv4
wIGPn90/KwUtp9LH5MRJDfvtv203OMxg3r2s9sCkGWpiAZSVPGX8jdtT+gAqxi1b
m5mIHyK+tNHMi5VTNyiSKgjrmGDAv4FP/kPw7xGwk3xl8kqMORxTS/9/Gj5jMmHs
aYtOaW+Gl6pXSb2dJ/0FTAeoFQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFIUiCnQR
DcwEZAtcvI82EzKlirMqMB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvQjNERTY3QUVE
Qzg1MTFFRUE5OUQ3MTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMB8EAgABMBkDBAV6gUAwCwMDB8uAAwQAy4AWAwQDy4AYMA4EAgACMAgDBgQk
AE8AADANBgkqhkiG9w0BAQsFAAOCAQEALy/GhPVpddvua6IB0lc2C/AuJKQU8tFh
qSTa00Qezh6ZCV8nGMUh7a3Rh2OjMRJ7CvQ5kVapw0k7r22ChCHDX9BDDs9w4EpG
M2U7B8GM0uCA3JBG7SX1E3A+6MTXwucjkMk3UPnl+p2cn1oCez7Djf2NUHy3kBUv
HDpx8jNoNM6Djlw1AdrGoOG51V80ZHTKfZtsZUOjZUvf1+Zrdb7evLPKmIulOxjt
OWbBP81nMyKqtzxiLl/ew31Ki+bGPVp1VzGqVQS2hZrbPDwHSG98iHIzyh+BFwux
nF4pWjbHcEhjowwtbad7vL+Qkdu8zu/Z/vz/T8W2Gwz0occMA35KqA==
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:27:45 2024 by rpki-client on console-fra.rpki-client.org