Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/5288878A173C11EB971AAD84C4F9AE02.roa
File: 5288878A173C11EB971AAD84C4F9AE02.roa (raw, json)
Hash identifier: PSzP+FJ83b6uFhcl7VUG9HLPytv+3mhJSGLBTWN1ueU=
Subject key identifier: B5:C5:7C:81:A2:90:F9:DF:9E:E7:A2:EE:F8:86:27:50:06:C5:EB:86
Certificate issuer: /CN=A913D1EA/serialNumber=E692C5B60B3EF1C2044439FC390AD56DC3CBCD63
Certificate serial: 064F
Authority key identifier: E6:92:C5:B6:0B:3E:F1:C2:04:44:39:FC:39:0A:D5:6D:C3:CB:CD:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5pLFtgs-8cIERDn8OQrVbcPLzWM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/5288878A173C11EB971AAD84C4F9AE02.roa
Signing time: Fri 20 Oct 2023 22:31:00 +0000
ROA not before: Fri 20 Oct 2023 22:31:00 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 135607
IP address blocks: 61.245.4.0/24 maxlen: 24
61.245.5.0/24 maxlen: 24
61.245.6.0/24 maxlen: 24
61.245.7.0/24 maxlen: 24
61.245.8.0/24 maxlen: 24
61.245.9.0/24 maxlen: 24
61.245.10.0/24 maxlen: 24
61.245.11.0/24 maxlen: 24
61.245.12.0/24 maxlen: 24
61.245.13.0/24 maxlen: 24
61.245.14.0/24 maxlen: 24
61.245.15.0/24 maxlen: 24
61.245.16.0/24 maxlen: 24
61.245.17.0/24 maxlen: 24
61.245.18.0/24 maxlen: 24
61.245.19.0/24 maxlen: 24
61.245.20.0/24 maxlen: 24
61.245.21.0/24 maxlen: 24
61.245.22.0/24 maxlen: 24
61.245.23.0/24 maxlen: 24
61.245.24.0/24 maxlen: 24
61.245.25.0/24 maxlen: 24
61.245.26.0/24 maxlen: 24
61.245.27.0/24 maxlen: 24
61.245.28.0/24 maxlen: 24
61.245.29.0/24 maxlen: 24
61.245.30.0/24 maxlen: 24
61.245.31.0/24 maxlen: 24
103.76.160.0/23 maxlen: 23
103.76.160.0/24 maxlen: 24
103.76.161.0/24 maxlen: 24
103.100.100.0/23 maxlen: 23
103.100.100.0/24 maxlen: 24
103.100.101.0/24 maxlen: 24
2401:e740::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1615 (0x64f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913D1EA/serialNumber=E692C5B60B3EF1C2044439FC390AD56DC3CBCD63
Validity
Not Before: Oct 20 22:31:00 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6532ffa4-7caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e0:9d:31:cd:54:1b:a5:2b:f0:1d:cf:ea:5e:
ba:07:a9:0e:87:93:2f:3d:ca:d4:62:84:6c:7d:e3:
b2:48:93:37:13:ff:4a:51:e1:dc:0d:5a:07:a2:36:
54:22:1d:e9:2e:67:ab:c1:b2:64:93:ab:94:17:42:
7d:96:2d:42:cd:a8:11:91:05:1a:99:09:d2:9d:c7:
50:c0:3b:d9:34:4f:56:06:e4:dd:d1:7e:91:f5:01:
25:39:db:d0:9f:f0:33:5d:25:00:8a:69:81:b8:87:
f7:37:0c:a4:4f:c4:a5:9c:7a:77:60:21:cc:ce:47:
ab:23:6e:d3:0b:08:9e:96:eb:0a:96:5b:75:72:ed:
21:ad:87:00:3a:ad:cd:85:47:fd:c6:85:76:35:11:
de:01:c6:11:3b:37:1b:0c:f8:aa:37:f4:6f:2a:a1:
36:10:85:d4:e0:4d:fe:5a:00:76:90:53:b1:89:f6:
9d:cf:0c:cf:62:3a:d5:f2:04:91:d0:0d:ab:b7:a5:
ca:16:42:1d:84:30:e8:ee:2c:f6:cf:12:18:4a:4d:
25:15:43:15:c7:40:08:d4:b0:59:af:6a:3f:be:02:
9c:96:88:ae:ed:b3:f2:2a:6a:6c:03:75:e6:06:35:
20:5f:b9:2a:51:de:26:7f:74:59:1b:54:7f:52:30:
93:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C5:7C:81:A2:90:F9:DF:9E:E7:A2:EE:F8:86:27:50:06:C5:EB:86
X509v3 Authority Key Identifier:
keyid:E6:92:C5:B6:0B:3E:F1:C2:04:44:39:FC:39:0A:D5:6D:C3:CB:CD:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/5pLFtgs-8cIERDn8OQrVbcPLzWM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5pLFtgs-8cIERDn8OQrVbcPLzWM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/5288878A173C11EB971AAD84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.245.4.0-61.245.31.255
103.76.160.0/23
103.100.100.0/23
IPv6:
2401:e740::/32
Signature Algorithm: sha256WithRSAEncryption
8b:96:5e:ea:12:c2:8f:16:06:e4:3b:a0:fc:23:8e:d1:aa:49:
61:fa:f4:04:f3:e4:04:47:f7:1d:a0:1b:5b:a3:78:12:0c:94:
9f:cd:60:02:29:87:fd:49:b1:eb:38:7d:52:72:6f:85:0c:f1:
36:ea:6b:c2:24:49:46:ec:9a:c6:eb:99:de:1b:fc:a1:ed:0b:
1e:86:6a:26:4c:84:51:56:11:ff:42:15:3f:ad:69:17:72:cd:
e2:15:ad:96:f2:fe:1f:76:4e:54:72:7f:4c:8d:2c:64:46:0c:
66:58:a7:8d:b0:bb:7f:c3:4c:07:d2:1f:32:5b:5f:a8:c6:2b:
64:88:64:f0:3a:10:b0:14:5f:fa:ff:18:19:23:88:50:0b:06:
14:d9:8b:88:c5:ab:8c:a2:49:8f:2e:b7:c8:13:cb:1b:f1:d8:
08:1d:b5:52:b0:c2:ef:7a:5b:46:8e:bb:f1:68:ea:17:c2:79:
c7:c7:59:d9:05:4b:b2:da:e9:64:99:b5:f7:fd:49:f6:16:dd:
65:d3:d6:13:a4:71:d6:f9:bf:c9:d7:61:ba:f1:b2:23:4f:7f:
fe:79:22:99:b6:ab:1a:70:90:8a:3d:98:79:41:ee:f5:3f:cd:
6f:3c:a1:bb:e0:9f:c3:2b:77:92:cc:bc:9e:ee:ac:ab:0e:61:
cd:76:f5:aa
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICBk8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0QxRUExMTAvBgNVBAUTKEU2OTJDNUI2MEIzRUYxQzIwNDQ0MzlGQzM5MEFENTZE
QzNDQkNENjMwHhcNMjMxMDIwMjIzMTAwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTMyZmZhNC03Y2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApeCdMc1UG6Ur8B3P6l66B6kOh5MvPcrUYoRsfeOySJM3E/9KUeHcDVoHojZU
Ih3pLmerwbJkk6uUF0J9li1CzagRkQUamQnSncdQwDvZNE9WBuTd0X6R9QElOdvQ
n/AzXSUAimmBuIf3NwykT8SlnHp3YCHMzkerI27TCwielusKllt1cu0hrYcAOq3N
hUf9xoV2NRHeAcYROzcbDPiqN/RvKqE2EIXU4E3+WgB2kFOxifadzwzPYjrV8gSR
0A2rt6XKFkIdhDDo7iz2zxIYSk0lFUMVx0AI1LBZr2o/vgKcloiu7bPyKmpsA3Xm
BjUgX7kqUd4mf3RZG1R/UjCT8QIDAQABo4ICuDCCArQwHQYDVR0OBBYEFLXFfIGi
kPnfnuei7viGJ1AGxeuGMB8GA1UdIwQYMBaAFOaSxbYLPvHCBEQ5/DkK1W3Dy81j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRDFFQS85QzkzMkI0ODE3
M0ExMUVCQTNCOTdFN0ZDNEY5QUUwMi81cExGdGdzLThjSUVSRG44T1FyVmJjUEx6
V00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVwTEZ0Z3MtOGNJRVJEbjhPUXJWYmNQTHpXTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0QxRUEvOUM5MzJCNDgxNzNBMTFFQkEzQjk3RTdGQzRGOUFFMDIvNTI4ODg3OEEx
NzNDMTFFQjk3MUFBRDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMCAEAgABMBowDAMEAj31BAMEBT31AAMEAWdMoAMEAWdkZDANBAIAAjAHAwUA
JAHnQDANBgkqhkiG9w0BAQsFAAOCAQEAi5Ze6hLCjxYG5Dug/COO0apJYfr0BPPk
BEf3HaAbW6N4EgyUn81gAimH/Umx6zh9UnJvhQzxNuprwiRJRuyaxuuZ3hv8oe0L
HoZqJkyEUVYR/0IVP61pF3LN4hWtlvL+H3ZOVHJ/TI0sZEYMZlinjbC7f8NMB9If
MltfqMYrZIhk8DoQsBRf+v8YGSOIUAsGFNmLiMWrjKJJjy63yBPLG/HYCB21UrDC
73pbRo678WjqF8J5x8dZ2QVLstrpZJm19/1J9hbdZdPWE6Rx1vm/yddhuvGyI09/
/nkimbarGnCQij2YeUHu9T/Nbzyhu+Cfwyt3ksy8nu6sqw5hzXb1qg==
-----END CERTIFICATE-----
Generated at Fri Oct 27 13:51:30 2023 by rpki-client on console-ams.rpki-client.org