Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/AEAC5E769C1511EFA6AF4F7BC4F9AE02.roa
File: AEAC5E769C1511EFA6AF4F7BC4F9AE02.roa (raw, json)
Hash identifier: dNod50B3Juol4cjmTOB3cf3HP7TpQu7Zb5U9M3xL8sI=
Subject key identifier: 35:A0:A1:A2:94:14:33:57:BC:71:86:FF:15:F8:0C:B7:29:21:D2:70
Certificate issuer: /CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Certificate serial: 0C02
Authority key identifier: 34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/AEAC5E769C1511EFA6AF4F7BC4F9AE02.roa
Signing time: Wed 06 Nov 2024 08:04:41 +0000
ROA not before: Wed 06 Nov 2024 08:04:41 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 19324
IP address blocks: 101.99.64.0/24 maxlen: 24
101.99.65.0/24 maxlen: 24
101.99.66.0/24 maxlen: 24
101.99.67.0/24 maxlen: 24
101.99.68.0/24 maxlen: 24
101.99.69.0/24 maxlen: 24
101.99.70.0/24 maxlen: 24
101.99.71.0/24 maxlen: 24
101.99.72.0/24 maxlen: 24
101.99.73.0/24 maxlen: 24
101.99.74.0/24 maxlen: 24
101.99.75.0/24 maxlen: 24
101.99.77.0/24 maxlen: 24
101.99.78.0/24 maxlen: 24
101.99.79.0/24 maxlen: 24
101.99.80.0/24 maxlen: 24
101.99.81.0/24 maxlen: 24
101.99.82.0/24 maxlen: 24
101.99.83.0/24 maxlen: 24
101.99.84.0/24 maxlen: 24
101.99.85.0/24 maxlen: 24
101.99.86.0/24 maxlen: 24
101.99.87.0/24 maxlen: 24
101.99.88.0/24 maxlen: 24
101.99.89.0/24 maxlen: 24
101.99.90.0/24 maxlen: 24
101.99.91.0/24 maxlen: 24
101.99.92.0/24 maxlen: 24
111.90.128.0/24 maxlen: 24
111.90.129.0/24 maxlen: 24
111.90.130.0/24 maxlen: 24
111.90.131.0/24 maxlen: 24
111.90.132.0/24 maxlen: 24
111.90.133.0/24 maxlen: 24
111.90.134.0/24 maxlen: 24
111.90.135.0/24 maxlen: 24
111.90.136.0/24 maxlen: 24
111.90.137.0/24 maxlen: 24
111.90.138.0/24 maxlen: 24
111.90.139.0/24 maxlen: 24
111.90.140.0/24 maxlen: 24
111.90.141.0/24 maxlen: 24
111.90.142.0/24 maxlen: 24
111.90.143.0/24 maxlen: 24
111.90.144.0/24 maxlen: 24
111.90.145.0/24 maxlen: 24
111.90.146.0/24 maxlen: 24
111.90.147.0/24 maxlen: 24
111.90.148.0/24 maxlen: 24
111.90.149.0/24 maxlen: 24
111.90.150.0/24 maxlen: 24
111.90.151.0/24 maxlen: 24
111.90.152.0/24 maxlen: 24
111.90.153.0/24 maxlen: 24
111.90.154.0/24 maxlen: 24
111.90.155.0/24 maxlen: 24
111.90.158.0/24 maxlen: 24
111.90.159.0/24 maxlen: 24
124.217.224.0/24 maxlen: 24
124.217.225.0/24 maxlen: 24
124.217.226.0/24 maxlen: 24
124.217.227.0/24 maxlen: 24
124.217.228.0/24 maxlen: 24
124.217.229.0/24 maxlen: 24
124.217.230.0/24 maxlen: 24
124.217.231.0/24 maxlen: 24
124.217.232.0/24 maxlen: 24
124.217.233.0/24 maxlen: 24
124.217.234.0/24 maxlen: 24
124.217.235.0/24 maxlen: 24
124.217.236.0/24 maxlen: 24
124.217.237.0/24 maxlen: 24
124.217.238.0/24 maxlen: 24
124.217.239.0/24 maxlen: 24
124.217.240.0/24 maxlen: 24
124.217.241.0/24 maxlen: 24
124.217.242.0/24 maxlen: 24
124.217.243.0/24 maxlen: 24
124.217.244.0/24 maxlen: 24
124.217.245.0/24 maxlen: 24
124.217.246.0/24 maxlen: 24
124.217.247.0/24 maxlen: 24
124.217.248.0/24 maxlen: 24
124.217.249.0/24 maxlen: 24
124.217.250.0/24 maxlen: 24
124.217.251.0/24 maxlen: 24
124.217.252.0/24 maxlen: 24
124.217.253.0/24 maxlen: 24
124.217.254.0/24 maxlen: 24
124.217.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 14:22:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3074 (0xc02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Validity
Not Before: Nov 6 08:04:41 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=672b2318-fb11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:18:22:09:81:c5:db:ba:a1:1b:65:03:17:85:
fb:20:b3:d5:79:89:3b:a5:5b:d1:d2:56:05:d3:13:
c1:ef:87:cf:ff:43:15:7f:fa:df:74:24:78:00:70:
fa:06:05:99:ff:85:c4:02:f5:5b:a4:54:c9:9b:8e:
15:9a:92:60:d9:71:43:7a:af:96:ff:a5:c6:a8:c6:
03:67:01:93:e4:fc:6e:87:82:2c:fa:2b:e2:84:80:
2e:0d:7f:6d:b7:2d:47:24:d9:2e:53:d8:48:76:25:
8d:83:85:13:97:e1:dd:49:c4:e9:96:ab:ba:a8:1a:
85:6f:aa:35:b3:e6:f9:5e:48:f2:4a:9c:6b:57:b6:
fd:c2:ef:c4:63:cf:51:06:72:66:1a:51:fd:55:a7:
3a:c6:44:4e:c4:69:05:14:8c:79:37:2f:0d:f1:4b:
af:93:3c:eb:1d:36:15:f8:e1:a6:0b:80:4a:67:17:
2e:a9:1b:f8:97:26:eb:af:16:1c:aa:9b:b3:dc:0e:
40:28:49:e2:64:75:e6:6b:67:c5:14:16:b9:be:2d:
db:d1:c0:86:67:e8:6d:61:c2:c5:6f:5f:9f:ff:c2:
42:53:c1:8d:86:51:eb:8c:80:a6:a1:a8:14:05:34:
57:e6:62:78:b9:3e:c0:aa:fa:b6:2e:26:0f:3b:7d:
88:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A0:A1:A2:94:14:33:57:BC:71:86:FF:15:F8:0C:B7:29:21:D2:70
X509v3 Authority Key Identifier:
keyid:34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/AEAC5E769C1511EFA6AF4F7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.99.64.0-101.99.75.255
101.99.77.0-101.99.92.255
111.90.128.0-111.90.155.255
111.90.158.0/23
124.217.224.0/19
Signature Algorithm: sha256WithRSAEncryption
72:55:9c:90:ed:4e:ce:32:48:b2:7e:58:cb:bf:9c:48:bf:ca:
25:1e:a6:60:3c:34:a0:61:54:8e:28:cb:52:1f:65:c4:75:4d:
ed:bb:0b:e1:8b:0a:61:32:c2:f7:43:1c:b0:84:8c:4d:21:82:
bf:55:72:18:44:a0:82:86:da:46:65:9a:90:fd:b9:f4:cc:fd:
13:44:0f:55:21:89:bf:33:c4:3f:37:8b:ac:aa:ba:57:05:c8:
18:d0:ee:5d:a7:b2:a7:76:6a:0b:8f:b7:b4:fb:d9:71:d5:a0:
09:c0:33:73:a2:ed:f4:55:90:e6:6b:f6:27:b4:3b:d0:27:47:
bc:9e:9d:77:3d:2f:24:8a:9a:bb:6c:76:2f:33:be:98:b3:dd:
2b:85:18:17:e7:63:c3:0b:9a:01:93:a4:17:58:c8:32:9b:d8:
1d:fd:f0:97:f6:91:99:d4:ce:2a:ae:d5:da:b3:ec:68:fc:c3:
79:dd:b1:62:2a:28:f1:d3:8b:93:a4:d8:0c:fc:de:80:ca:a5:
1a:98:03:6f:01:50:82:60:49:7b:49:84:fb:7f:c6:23:07:ab:
19:4a:96:af:9e:2d:a4:56:c0:3b:d7:49:be:ec:3f:8e:8f:ac:
20:62:7d:4e:a1:b4:a6:52:16:43:4e:29:92:3c:ea:0e:2b:ca:
6a:f4:3d:a2
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICDAIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJEMDgxMTAvBgNVBAUTKDM0REMyMDEyOUVBRDZGNDFBN0NBMkQ5OUM5QkQzRTdF
NjAzM0NCODgwHhcNMjQxMTA2MDgwNDQxWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiMjMxOC1mYjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyhgiCYHF27qhG2UDF4X7ILPVeYk7pVvR0lYF0xPB74fP/0MVf/rfdCR4AHD6
BgWZ/4XEAvVbpFTJm44VmpJg2XFDeq+W/6XGqMYDZwGT5Pxuh4Is+ivihIAuDX9t
ty1HJNkuU9hIdiWNg4UTl+HdScTplqu6qBqFb6o1s+b5XkjySpxrV7b9wu/EY89R
BnJmGlH9Vac6xkROxGkFFIx5Ny8N8UuvkzzrHTYV+OGmC4BKZxcuqRv4lybrrxYc
qpuz3A5AKEniZHXma2fFFBa5vi3b0cCGZ+htYcLFb1+f/8JCU8GNhlHrjICmoagU
BTRX5mJ4uT7Aqvq2LiYPO32IZwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFDWgoaKU
FDNXvHGG/xX4DLcpIdJwMB8GA1UdIwQYMBaAFDTcIBKerW9Bp8otmcm9Pn5gM8uI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkQwOC9GOUMzMzM5MjFE
ODcxMUVBQTlDNUIxNzBDNEY5QUUwMi9OTndnRXA2dGIwR255aTJaeWIwLWZtQXp5
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Od2dFcDZ0YjBHbnlpMlp5YjAtZm1Benk0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTJEMDgvRjlDMzMzOTIxRDg3MTFFQUE5QzVCMTcwQzRGOUFFMDIvQUVBQzVFNzY5
QzE1MTFFRkE2QUY0RjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYwDAMEBmVjQAMEAmVjSDAMAwQAZWNNAwQAZWNcMAwDBAdvWoAD
BAJvWpgDBAFvWp4DBAV82eAwDQYJKoZIhvcNAQELBQADggEBAHJVnJDtTs4ySLJ+
WMu/nEi/yiUepmA8NKBhVI4oy1IfZcR1Te27C+GLCmEywvdDHLCEjE0hgr9VchhE
oIKG2kZlmpD9ufTM/RNED1Uhib8zxD83i6yqulcFyBjQ7l2nsqd2aguPt7T72XHV
oAnAM3Oi7fRVkOZr9ie0O9AnR7yenXc9LySKmrtsdi8zvpiz3SuFGBfnY8MLmgGT
pBdYyDKb2B398Jf2kZnUziqu1dqz7Gj8w3ndsWIqKPHTi5Ok2Az83oDKpRqYA28B
UIJgSXtJhPt/xiMHqxlKlq+eLaRWwDvXSb7sP46PrCBifU6htKZSFkNOKZI86g4r
ymr0PaI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:15:51 2024 by rpki-client on console-ams.rpki-client.org