Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/E25BB5E89AC411EF806CD518C4F9AE02.roa
File: E25BB5E89AC411EF806CD518C4F9AE02.roa (raw, json)
Hash identifier: gdi1GmFVfNDfE2RjV1poUe1wNnqVtnWpbAtxZHRZf5g=
Subject key identifier: 98:05:80:42:40:A1:0C:C3:45:70:93:7F:90:18:15:DC:EB:D7:14:98
Certificate issuer: /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial: 17DD
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/E25BB5E89AC411EF806CD518C4F9AE02.roa
Signing time: Mon 04 Nov 2024 16:02:01 +0000
ROA not before: Mon 04 Nov 2024 16:02:01 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 17911
IP address blocks: 103.224.14.0/24 maxlen: 24
103.224.15.0/24 maxlen: 24
122.129.64.0/24 maxlen: 24
122.129.65.0/24 maxlen: 24
122.129.66.0/24 maxlen: 24
122.129.67.0/24 maxlen: 24
122.129.68.0/24 maxlen: 24
122.129.69.0/24 maxlen: 24
122.129.70.0/24 maxlen: 24
122.129.71.0/24 maxlen: 24
122.129.72.0/24 maxlen: 24
122.129.73.0/24 maxlen: 24
122.129.74.0/24 maxlen: 24
122.129.75.0/24 maxlen: 24
122.129.76.0/24 maxlen: 24
122.129.77.0/24 maxlen: 24
122.129.78.0/24 maxlen: 24
122.129.79.0/24 maxlen: 24
122.129.80.0/24 maxlen: 24
122.129.81.0/24 maxlen: 24
122.129.82.0/24 maxlen: 24
122.129.83.0/24 maxlen: 24
122.129.84.0/24 maxlen: 24
122.129.85.0/24 maxlen: 24
122.129.86.0/24 maxlen: 24
122.129.87.0/24 maxlen: 24
122.129.88.0/24 maxlen: 24
122.129.89.0/24 maxlen: 24
122.129.90.0/24 maxlen: 24
122.129.91.0/24 maxlen: 24
122.129.92.0/24 maxlen: 24
122.129.93.0/24 maxlen: 24
122.129.94.0/24 maxlen: 24
122.129.95.0/24 maxlen: 24
203.128.0.0/24 maxlen: 24
203.128.1.0/24 maxlen: 24
203.128.2.0/24 maxlen: 24
203.128.3.0/24 maxlen: 24
203.128.4.0/24 maxlen: 24
203.128.5.0/24 maxlen: 24
203.128.6.0/24 maxlen: 24
203.128.7.0/24 maxlen: 24
203.128.8.0/24 maxlen: 24
203.128.9.0/24 maxlen: 24
203.128.10.0/24 maxlen: 24
203.128.11.0/24 maxlen: 24
203.128.12.0/24 maxlen: 24
203.128.13.0/24 maxlen: 24
203.128.14.0/24 maxlen: 24
203.128.15.0/24 maxlen: 24
203.128.16.0/24 maxlen: 24
203.128.17.0/24 maxlen: 24
203.128.18.0/24 maxlen: 24
203.128.19.0/24 maxlen: 24
203.128.20.0/24 maxlen: 24
203.128.21.0/24 maxlen: 24
203.128.22.0/24 maxlen: 24
203.128.24.0/24 maxlen: 24
203.128.25.0/24 maxlen: 24
203.128.26.0/24 maxlen: 24
203.128.27.0/24 maxlen: 24
203.128.28.0/24 maxlen: 24
203.128.29.0/24 maxlen: 24
203.128.30.0/24 maxlen: 24
203.128.31.0/24 maxlen: 24
2400:4f00::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 06 Nov 2024 08:40:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6109 (0x17dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Validity
Not Before: Nov 4 16:02:01 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6728eff8-1ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a3:4c:9a:f7:bf:bb:38:45:e6:cb:61:e2:cd:
28:19:90:71:3c:0f:f8:ef:89:ae:a0:c9:ac:4c:40:
b3:c1:f5:43:4b:9a:da:28:3a:92:5b:e2:d8:28:c9:
a6:27:ba:91:61:96:1a:62:65:a1:cd:02:92:46:0f:
4c:7a:d8:a3:cc:99:16:dd:91:71:72:15:b3:5f:42:
b2:73:cc:05:71:8a:85:7b:86:9d:c5:17:7f:e8:e4:
d5:6b:66:e3:44:27:21:f9:d3:8f:09:5f:04:32:fd:
58:b0:c5:35:cd:2b:3c:86:39:f9:28:bd:aa:cf:44:
c4:a2:79:de:e6:bf:4d:72:6a:22:6e:52:32:f8:76:
de:f0:17:96:18:1f:73:96:c5:d0:34:05:db:aa:20:
82:4d:86:45:be:22:3f:40:a3:46:18:5b:4d:8d:73:
2a:e3:96:f4:4f:0a:d3:13:39:f6:9f:d8:55:18:5a:
2a:d5:d1:be:12:3b:4d:68:63:a0:3c:ef:20:de:e4:
6f:45:54:f2:51:fc:65:04:85:92:bd:c3:d3:a0:9e:
db:8e:aa:1c:0f:43:40:cf:30:26:a2:0f:40:96:b0:
3e:be:61:a0:a0:ad:ca:db:ac:fb:bb:c2:89:94:25:
f0:e8:9c:34:2b:79:c3:d4:a2:99:1f:33:99:da:c0:
b0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:05:80:42:40:A1:0C:C3:45:70:93:7F:90:18:15:DC:EB:D7:14:98
X509v3 Authority Key Identifier:
keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/E25BB5E89AC411EF806CD518C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.224.14.0/23
122.129.64.0/19
203.128.0.0-203.128.22.255
203.128.24.0/21
IPv6:
2400:4f00::/36
Signature Algorithm: sha256WithRSAEncryption
62:31:54:c8:a2:d7:04:9a:6f:f8:2e:ca:45:d5:67:8e:48:ba:
54:26:77:87:6a:31:0c:7b:8d:ed:9a:ba:2f:51:92:80:d7:8f:
99:48:59:66:81:2e:54:00:d8:80:d0:74:f2:60:77:65:49:6a:
16:04:9b:0e:bf:f9:dc:80:c2:98:0e:94:bf:42:98:29:8f:3a:
f7:61:7e:cf:08:c3:d3:af:56:69:ba:f7:83:08:db:86:7b:c3:
db:e6:79:ad:6b:69:df:af:2d:af:28:1b:b3:9b:fe:20:cf:85:
09:70:c6:2b:01:3b:35:ac:8a:b7:a9:a1:83:95:71:1c:a2:5d:
99:ca:c9:41:21:5a:90:46:42:e5:dd:50:3f:3f:f6:8b:06:74:
78:7a:71:43:0e:48:d2:a4:93:be:20:24:60:c9:45:20:eb:3d:
c8:5a:50:65:52:49:c8:5d:70:76:58:2b:46:93:f0:40:df:b4:
13:66:b3:43:2f:40:13:5f:44:69:10:85:0d:d0:d5:c7:eb:74:
77:76:81:3e:d3:16:54:17:f5:5a:1b:b0:5b:6c:19:5a:e1:4b:
55:cb:b2:ec:eb:3b:3c:40:ee:09:f6:a2:3f:8b:15:f9:fe:30:
55:b6:03:c8:91:7e:a0:fb:fb:b1:37:42:ca:29:bb:10:7f:c4:
ac:bf:4d:03
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICF90wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjQxMTA0MTYwMjAxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI4ZWZmOC0xZWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnaNMmve/uzhF5sth4s0oGZBxPA/474muoMmsTECzwfVDS5raKDqSW+LYKMmm
J7qRYZYaYmWhzQKSRg9MetijzJkW3ZFxchWzX0Kyc8wFcYqFe4adxRd/6OTVa2bj
RCch+dOPCV8EMv1YsMU1zSs8hjn5KL2qz0TEonne5r9NcmoiblIy+Hbe8BeWGB9z
lsXQNAXbqiCCTYZFviI/QKNGGFtNjXMq45b0TwrTEzn2n9hVGFoq1dG+EjtNaGOg
PO8g3uRvRVTyUfxlBIWSvcPToJ7bjqocD0NAzzAmog9AlrA+vmGgoK3K26z7u8KJ
lCXw6Jw0K3nD1KKZHzOZ2sCw0wIDAQABo4ICvjCCArowHQYDVR0OBBYEFJgFgEJA
oQzDRXCTf5AYFdzr1xSYMB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvRTI1QkI1RTg5
QUM0MTFFRjgwNkNENTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MCUEAgABMB8DBAFn4A4DBAV6gUAwCwMDB8uAAwQAy4AWAwQDy4AYMA4EAgAC
MAgDBgQkAE8AADANBgkqhkiG9w0BAQsFAAOCAQEAYjFUyKLXBJpv+C7KRdVnjki6
VCZ3h2oxDHuN7Zq6L1GSgNePmUhZZoEuVADYgNB08mB3ZUlqFgSbDr/53IDCmA6U
v0KYKY8692F+zwjD069Wabr3gwjbhnvD2+Z5rWtp368trygbs5v+IM+FCXDGKwE7
NayKt6mhg5VxHKJdmcrJQSFakEZC5d1QPz/2iwZ0eHpxQw5I0qSTviAkYMlFIOs9
yFpQZVJJyF1wdlgrRpPwQN+0E2azQy9AE19EaRCFDdDVx+t0d3aBPtMWVBf1Whuw
W2wZWuFLVcuy7Os7PEDuCfaiP4sV+f4wVbYDyJF+oPv7sTdCyim7EH/ErL9NAw==
-----END CERTIFICATE-----
Generated at Wed Nov 6 10:44:27 2024 by rpki-client on console-ams.rpki-client.org