Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/1652E752593B11EFA87F0A46C4F9AE02.roa
File: 1652E752593B11EFA87F0A46C4F9AE02.roa (raw, json)
Hash identifier: lXW5GVbtQ1PxFsptNYZND07/cCUl1jLTrkco93LIcMc=
Subject key identifier: 48:17:F6:89:86:03:E8:EA:FA:E9:D4:73:98:63:95:5C:0A:4C:B1:97
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 0974
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/1652E752593B11EFA87F0A46C4F9AE02.roa
Signing time: Tue 13 Aug 2024 06:12:58 +0000
ROA not before: Tue 13 Aug 2024 06:12:58 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 24233
IP address blocks: 103.1.52.0/22 maxlen: 22
116.255.42.0/24 maxlen: 24
123.176.118.0/24 maxlen: 24
125.253.9.0/24 maxlen: 24
125.253.19.0/24 maxlen: 24
125.253.58.0/24 maxlen: 24
125.253.59.0/24 maxlen: 24
202.144.160.0/20 maxlen: 20
203.132.68.0/23 maxlen: 23
203.132.74.0/23 maxlen: 23
203.132.76.0/22 maxlen: 22
203.132.80.0/21 maxlen: 21
203.132.82.0/24 maxlen: 24
203.212.16.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 02:52:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2420 (0x974)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: Aug 13 06:12:58 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66baf96a-038c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:78:3c:3b:82:37:09:50:24:79:99:87:d0:1b:
59:e0:ec:0a:bb:3c:d3:4a:30:81:7e:33:b2:6b:93:
b2:4f:5c:af:49:c9:43:ad:97:a9:3c:4a:fe:62:d5:
b2:b5:04:bb:d2:7d:2e:b7:2a:04:0c:bc:6b:a1:6f:
55:98:f5:ca:41:74:f4:69:45:95:f5:06:5c:a8:ec:
ef:69:92:00:a6:a8:b9:34:86:58:11:51:59:e0:b6:
2e:2d:b4:32:4e:58:d0:05:d6:55:cc:06:01:04:d5:
f1:19:83:b8:d2:a3:78:d8:39:8b:28:00:ac:b2:82:
c9:ac:2e:b5:f3:34:7c:d4:a4:5a:46:f4:dd:f6:2f:
cc:95:3f:f9:9c:37:56:23:27:86:a1:b9:b0:65:29:
de:98:64:6e:ac:33:e3:8d:b7:2f:eb:7e:20:38:23:
f8:e8:75:e2:13:b9:3a:c9:3e:fd:20:90:dd:be:fb:
91:c2:ff:1c:9d:c3:68:4b:b1:b2:2d:49:07:20:82:
c9:c3:2d:4f:42:63:87:c1:8d:40:c8:b2:10:17:6e:
13:b3:33:1d:6c:95:76:3d:47:5f:78:9c:89:f5:c6:
81:ea:c6:8c:f0:40:f1:c7:63:c7:9d:fe:d2:4c:7f:
72:58:b0:49:4a:90:92:9f:2e:ba:06:e5:d6:37:8f:
be:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:17:F6:89:86:03:E8:EA:FA:E9:D4:73:98:63:95:5C:0A:4C:B1:97
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/1652E752593B11EFA87F0A46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.1.52.0/22
116.255.42.0/24
123.176.118.0/24
125.253.9.0/24
125.253.19.0/24
125.253.58.0/23
202.144.160.0/20
203.132.68.0/23
203.132.74.0-203.132.87.255
203.212.16.0/21
Signature Algorithm: sha256WithRSAEncryption
d1:95:24:19:5f:93:ed:2e:74:32:a1:09:f1:c8:ef:d9:6d:e2:
c5:97:ab:a5:3e:f1:02:cc:cc:9f:d3:74:ca:6a:72:d2:ed:b3:
72:32:cf:47:71:2f:ea:97:14:97:df:45:56:4c:9c:7c:ee:9f:
e7:93:c9:07:6d:e7:7d:d1:60:6b:bf:c7:3d:d7:41:e3:fe:cd:
79:8d:48:82:a6:88:ce:23:4e:a8:33:3b:e8:4b:51:94:ab:9c:
4a:62:64:9f:cb:79:01:04:5c:4a:f3:e2:42:97:9b:31:d6:09:
09:b7:2b:b3:80:2a:02:c6:7a:70:30:80:6b:20:f6:ec:2c:bb:
80:f4:e0:7b:08:dc:aa:55:3a:bb:59:90:fb:a4:fe:0d:3b:19:
52:ed:c5:aa:ea:aa:f4:3b:33:25:5d:01:da:a2:2b:9c:04:77:
2c:1c:be:e4:d9:fa:13:12:1a:bb:43:65:a9:b0:12:df:1b:95:
b4:1e:c4:71:0a:e9:7a:c7:b2:82:87:34:d1:69:40:1b:94:53:
63:e8:0e:97:9e:19:77:f2:20:d7:ac:23:7e:2d:06:25:b4:92:
45:75:4d:a0:4a:99:ba:8f:8f:e5:cb:d4:b8:f8:b6:a4:19:6d:
cc:54:0a:f7:10:ab:60:21:3a:44:0c:b8:a2:e1:a8:64:fa:cf:
0f:a8:f6:41
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICCXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjQwODEzMDYxMjU4WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJhZjk2YS0wMzhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ng8O4I3CVAkeZmH0BtZ4OwKuzzTSjCBfjOya5OyT1yvSclDrZepPEr+YtWy
tQS70n0utyoEDLxroW9VmPXKQXT0aUWV9QZcqOzvaZIApqi5NIZYEVFZ4LYuLbQy
TljQBdZVzAYBBNXxGYO40qN42DmLKACssoLJrC618zR81KRaRvTd9i/MlT/5nDdW
IyeGobmwZSnemGRurDPjjbcv634gOCP46HXiE7k6yT79IJDdvvuRwv8cncNoS7Gy
LUkHIILJwy1PQmOHwY1AyLIQF24TszMdbJV2PUdfeJyJ9caB6saM8EDxx2PHnf7S
TH9yWLBJSpCSny66BuXWN4++aQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFEgX9omG
A+jq+unUc5hjlVwKTLGXMB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvMTY1MkU3NTI1
OTNCMTFFRkE4N0YwQTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMEoEAgABMEQDBAJnATQDBAB0/yoDBAB7sHYDBAB9/QkDBAB9/RMDBAF9/ToD
BATKkKADBAHLhEQwDAMEAcuESgMEA8uEUAMEA8vUEDANBgkqhkiG9w0BAQsFAAOC
AQEA0ZUkGV+T7S50MqEJ8cjv2W3ixZerpT7xAszMn9N0ympy0u2zcjLPR3Ev6pcU
l99FVkycfO6f55PJB23nfdFga7/HPddB4/7NeY1IgqaIziNOqDM76EtRlKucSmJk
n8t5AQRcSvPiQpebMdYJCbcrs4AqAsZ6cDCAayD27Cy7gPTgewjcqlU6u1mQ+6T+
DTsZUu3Fquqq9DszJV0B2qIrnAR3LBy+5Nn6ExIau0NlqbAS3xuVtB7EcQrpesey
goc00WlAG5RTY+gOl54Zd/Ig16wjfi0GJbSSRXVNoEqZuo+P5cvUuPi2pBltzFQK
9xCrYCE6RAy4ouGoZPrPD6j2QQ==
-----END CERTIFICATE-----
Generated at Tue Oct 1 04:45:09 2024 by rpki-client on console-ams.rpki-client.org