Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/CD92D55E1FD911EEB1CFDF56C4F9AE02.roa
File: CD92D55E1FD911EEB1CFDF56C4F9AE02.roa (raw, json)
Hash identifier: l6u5w09A59V2OA5whzSFO4uzN34z0Jl8haaHrEwMX58=
Subject key identifier: 7F:B9:9A:07:3B:B8:13:7F:3C:0E:E6:BA:40:66:5A:66:1F:E1:EF:ED
Certificate issuer: /CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Certificate serial: 0728
Authority key identifier: 6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/CD92D55E1FD911EEB1CFDF56C4F9AE02.roa
Signing time: Thu 02 Nov 2023 06:28:49 +0000
ROA not before: Thu 02 Nov 2023 06:28:49 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 9738
IP address blocks: 61.14.96.0/19 maxlen: 19
61.14.96.0/23 maxlen: 23
61.14.98.0/23 maxlen: 24
61.14.100.0/24 maxlen: 24
61.14.101.0/24 maxlen: 24
61.14.102.0/23 maxlen: 24
61.14.104.0/24 maxlen: 24
61.14.105.0/24 maxlen: 24
61.14.106.0/24 maxlen: 24
61.14.107.0/24 maxlen: 24
61.14.108.0/24 maxlen: 24
61.14.109.0/24 maxlen: 24
61.14.112.0/24 maxlen: 24
61.14.113.0/24 maxlen: 24
61.14.114.0/24 maxlen: 24
61.14.115.0/24 maxlen: 24
61.14.116.0/24 maxlen: 24
61.14.117.0/24 maxlen: 24
61.14.118.0/24 maxlen: 24
61.14.119.0/24 maxlen: 24
61.14.121.0/24 maxlen: 24
61.14.123.0/24 maxlen: 24
61.14.127.0/24 maxlen: 24
103.28.196.0/23 maxlen: 23
103.28.198.0/23 maxlen: 23
202.148.224.0/21 maxlen: 21
202.148.224.0/24 maxlen: 24
202.148.225.0/24 maxlen: 24
202.148.226.0/24 maxlen: 24
202.148.227.0/24 maxlen: 24
202.148.228.0/22 maxlen: 22
202.148.228.0/23 maxlen: 24
202.148.231.0/24 maxlen: 24
202.148.232.0/24 maxlen: 24
202.148.233.0/24 maxlen: 24
202.148.234.0/23 maxlen: 23
202.148.236.0/22 maxlen: 22
202.148.236.0/23 maxlen: 24
202.148.238.0/24 maxlen: 24
202.148.239.0/24 maxlen: 24
203.19.157.0/24 maxlen: 24
210.18.192.0/22 maxlen: 24
210.18.196.0/24 maxlen: 24
210.18.197.0/24 maxlen: 24
210.18.198.0/24 maxlen: 24
210.18.199.0/24 maxlen: 24
210.18.200.0/24 maxlen: 24
210.18.201.0/24 maxlen: 24
210.18.202.0/23 maxlen: 23
210.18.202.0/24 maxlen: 24
210.18.203.0/24 maxlen: 24
210.18.204.0/22 maxlen: 22
210.18.208.0/20 maxlen: 21
210.18.208.0/23 maxlen: 24
210.18.210.0/23 maxlen: 24
210.18.212.0/23 maxlen: 24
210.18.214.0/23 maxlen: 24
210.18.216.0/21 maxlen: 24
210.18.224.0/20 maxlen: 20
210.18.224.0/21 maxlen: 21
210.18.232.0/24 maxlen: 24
210.18.233.0/24 maxlen: 24
210.18.234.0/23 maxlen: 23
210.18.236.0/22 maxlen: 22
210.18.236.0/24 maxlen: 24
210.18.237.0/24 maxlen: 24
210.18.240.0/24 maxlen: 24
210.18.241.0/24 maxlen: 24
210.18.242.0/24 maxlen: 24
210.18.243.0/24 maxlen: 24
210.18.244.0/22 maxlen: 22
210.18.248.0/23 maxlen: 23
210.18.250.0/23 maxlen: 23
210.18.251.0/24 maxlen: 24
210.18.252.0/24 maxlen: 24
210.18.253.0/24 maxlen: 24
210.18.254.0/24 maxlen: 24
210.18.255.0/24 maxlen: 24
2403:c800::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1832 (0x728)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Validity
Not Before: Nov 2 06:28:49 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=654341a0-02d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f7:a7:6a:32:13:d7:df:75:dd:b3:32:1d:4f:
6c:19:da:29:77:0d:1f:04:c0:35:1a:6d:b5:d5:e7:
80:6e:56:c4:7f:a5:53:fd:46:e2:f9:bd:47:dd:a7:
f0:ba:93:34:da:e5:77:ca:2b:49:43:50:76:78:83:
d5:cc:c4:87:2c:da:26:d1:80:8d:4f:a8:ec:81:1d:
6f:f0:53:ba:51:84:6f:89:d2:75:ae:e7:ca:6a:24:
34:71:53:dd:4a:4f:c9:5e:12:96:ab:f9:f1:27:88:
88:df:fa:e1:f1:37:8b:60:f5:7a:cf:b1:79:c2:07:
13:bd:c5:f0:d8:d5:77:13:f9:81:a1:18:75:0f:8f:
fa:99:56:a4:f8:ae:22:18:ce:3b:f5:8f:ce:03:be:
7d:a7:ef:ce:49:c7:d5:8b:e4:84:7a:a4:04:3e:50:
fe:0d:3e:94:7c:eb:75:d0:52:5e:50:ad:ab:2d:dc:
9d:c0:a5:41:06:58:eb:49:7c:0e:61:9b:bb:c7:4a:
1b:e3:cd:64:82:5f:77:c0:db:aa:9e:84:0e:38:cd:
56:28:a3:c2:61:9d:c4:5b:9b:21:47:f8:92:f9:5e:
4d:45:0f:84:b2:47:6a:18:49:ad:6a:70:2f:a1:d9:
60:9d:66:a5:c3:d3:b9:ab:77:08:d1:af:a2:5a:b0:
30:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B9:9A:07:3B:B8:13:7F:3C:0E:E6:BA:40:66:5A:66:1F:E1:EF:ED
X509v3 Authority Key Identifier:
keyid:6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/CD92D55E1FD911EEB1CFDF56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.14.96.0/19
103.28.196.0/22
202.148.224.0/20
203.19.157.0/24
210.18.192.0/18
IPv6:
2403:c800::/32
Signature Algorithm: sha256WithRSAEncryption
29:f3:09:c0:a5:b1:84:31:b7:5b:cf:d7:b3:ab:12:2f:e8:b8:
ed:a3:3e:3e:7f:8e:b6:e5:41:3a:71:b2:37:6a:bf:70:b6:58:
6c:22:c1:16:63:2b:f7:05:39:42:e3:41:ce:56:c0:53:87:bd:
87:e3:42:0f:44:44:d2:1f:3e:b2:d2:4e:49:7c:bc:93:b3:34:
33:2c:74:d1:e0:29:f8:8b:18:9a:eb:6f:07:f6:88:a4:25:e7:
83:44:89:b1:42:41:cd:f7:3e:da:c2:1f:83:54:ab:de:eb:5b:
fd:4c:d7:d0:81:ea:0a:76:d1:69:34:36:09:7e:d0:ad:69:e9:
30:04:ab:8b:97:38:7f:e8:29:b3:ff:37:e0:2f:c7:1c:01:8c:
65:25:a3:fb:76:16:c3:41:e2:7b:74:d6:78:90:fd:1d:bd:03:
ed:dd:06:2e:e7:f0:98:81:19:dd:57:59:3c:12:46:12:a8:e6:
d7:57:34:0b:9e:ec:11:bd:6c:79:ae:05:1b:8c:44:2a:fa:05:
97:84:d7:2b:f5:c7:6e:32:1c:a6:ec:22:30:e0:f0:48:24:4e:
1f:96:21:37:9a:16:34:a3:c7:04:94:e0:2f:b0:43:98:ad:e0:
e3:79:54:07:f6:ca:c3:a3:17:a4:f6:cf:91:1f:17:24:ed:63:
1e:93:9c:47
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBygwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M2MjcxMTAvBgNVBAUTKDZGRkE1REIxNTlENDBBM0ExNzJEQkM3NEY1QzMyQjU1
NTE3OTc5QUYwHhcNMjMxMTAyMDYyODQ5WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQzNDFhMC0wMmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0venajIT19913bMyHU9sGdopdw0fBMA1Gm211eeAblbEf6VT/Ubi+b1H3afw
upM02uV3yitJQ1B2eIPVzMSHLNom0YCNT6jsgR1v8FO6UYRvidJ1rufKaiQ0cVPd
Sk/JXhKWq/nxJ4iI3/rh8TeLYPV6z7F5wgcTvcXw2NV3E/mBoRh1D4/6mVak+K4i
GM479Y/OA759p+/OScfVi+SEeqQEPlD+DT6UfOt10FJeUK2rLdydwKVBBljrSXwO
YZu7x0ob481kgl93wNuqnoQOOM1WKKPCYZ3EW5shR/iS+V5NRQ+EskdqGEmtanAv
odlgnWalw9O5q3cI0a+iWrAwGwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFH+5mgc7
uBN/PA7mukBmWmYf4e/tMB8GA1UdIwQYMBaAFG/6XbFZ1Ao6Fy28dPXDK1VReXmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzYyNy9DMjY1QzFBNEQw
N0QxMUVBODYwMDk4NkRDNEY5QUUwMi9iX3Bkc1ZuVUNqb1hMYngwOWNNclZWRjVl
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JfcGRzVm5VQ2pvWExieDA5Y01yVlZGNWVhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M2MjcvQzI2NUMxQTREMDdEMTFFQTg2MDA5ODZEQzRGOUFFMDIvQ0Q5MkQ1NUUx
RkQ5MTFFRUIxQ0ZERjU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAU9DmADBAJnHMQDBATKlOADBADLE50DBAbSEsAwDQQCAAIw
BwMFACQDyAAwDQYJKoZIhvcNAQELBQADggEBACnzCcClsYQxt1vP17OrEi/ouO2j
Pj5/jrblQTpxsjdqv3C2WGwiwRZjK/cFOULjQc5WwFOHvYfjQg9ERNIfPrLSTkl8
vJOzNDMsdNHgKfiLGJrrbwf2iKQl54NEibFCQc33PtrCH4NUq97rW/1M19CB6gp2
0Wk0Ngl+0K1p6TAEq4uXOH/oKbP/N+AvxxwBjGUlo/t2FsNB4nt01niQ/R29A+3d
Bi7n8JiBGd1XWTwSRhKo5tdXNAue7BG9bHmuBRuMRCr6BZeE1yv1x24yHKbsIjDg
8EgkTh+WITeaFjSjxwSU4C+wQ5it4ON5VAf2ysOjF6T2z5EfFyTtYx6TnEc=
-----END CERTIFICATE-----
Generated at Thu Nov 2 07:25:58 2023 by rpki-client on console-ams.rpki-client.org