Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/044881C09C5411ED89D51672C4F9AE02.roa
File: 044881C09C5411ED89D51672C4F9AE02.roa (raw, json)
Hash identifier: xjEMTLfKKQP2bWNACGZ0+bFGreakI1yvIG4VZmOX/0k=
Subject key identifier: D6:AA:27:78:CF:0C:D5:AB:15:49:0F:81:18:53:3F:7E:DD:1A:DE:75
Certificate issuer: /CN=A915F89C/serialNumber=AF8F0CFB47FBFCC7C4933C473CDB36442B5051CE
Certificate serial: 338C
Authority key identifier: AF:8F:0C:FB:47:FB:FC:C7:C4:93:3C:47:3C:DB:36:44:2B:50:51:CE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r48M-0f7_MfEkzxHPNs2RCtQUc4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/044881C09C5411ED89D51672C4F9AE02.roa
Signing time: Wed 25 Jan 2023 02:00:18 +0000
ROA not before: Wed 25 Jan 2023 02:00:18 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 9506
IP address blocks: 14.100.0.0/17 maxlen: 17
42.60.0.0/16 maxlen: 17
42.61.128.0/17 maxlen: 17
42.61.129.0/24 maxlen: 24
42.61.130.0/23 maxlen: 23
42.61.132.0/22 maxlen: 22
42.61.136.0/21 maxlen: 21
42.61.144.0/20 maxlen: 20
42.61.160.0/21 maxlen: 21
42.61.168.0/21 maxlen: 21
42.61.176.0/21 maxlen: 21
42.61.176.0/23 maxlen: 23
42.61.176.0/24 maxlen: 24
42.61.184.0/22 maxlen: 22
42.61.188.0/22 maxlen: 22
42.61.192.0/20 maxlen: 20
42.61.208.0/22 maxlen: 22
42.61.212.0/22 maxlen: 22
42.61.216.0/21 maxlen: 21
42.61.224.0/20 maxlen: 20
42.61.228.0/23 maxlen: 23
42.61.240.0/22 maxlen: 22
42.61.244.0/22 maxlen: 22
42.61.248.0/22 maxlen: 22
42.61.252.0/22 maxlen: 22
101.78.64.0/18 maxlen: 18
115.66.0.0/16 maxlen: 17
115.66.33.0/24 maxlen: 24
116.14.0.0/15 maxlen: 15
116.14.0.0/16 maxlen: 16
116.14.0.0/17 maxlen: 17
116.14.128.0/17 maxlen: 17
116.15.0.0/16 maxlen: 24
118.200.0.0/16 maxlen: 16
118.201.192.0/18 maxlen: 18
118.201.224.0/19 maxlen: 19
119.74.0.0/16 maxlen: 16
119.74.226.0/24 maxlen: 24
119.74.232.0/22 maxlen: 22
121.6.0.0/16 maxlen: 16
121.6.0.0/17 maxlen: 17
121.6.128.0/17 maxlen: 17
121.7.0.0/16 maxlen: 16
121.7.0.0/17 maxlen: 17
121.7.128.0/17 maxlen: 17
180.255.64.0/18 maxlen: 18
219.74.0.0/16 maxlen: 16
219.74.0.0/17 maxlen: 17
219.74.128.0/17 maxlen: 17
219.74.211.0/24 maxlen: 24
219.75.0.0/17 maxlen: 17
220.255.0.0/22 maxlen: 22
220.255.0.0/24 maxlen: 24
220.255.1.0/24 maxlen: 24
220.255.2.0/24 maxlen: 24
220.255.3.0/24 maxlen: 24
220.255.4.0/22 maxlen: 22
220.255.4.0/24 maxlen: 24
220.255.5.0/24 maxlen: 24
220.255.6.0/24 maxlen: 24
220.255.7.0/24 maxlen: 24
220.255.16.0/20 maxlen: 20
220.255.32.0/19 maxlen: 19
220.255.64.0/18 maxlen: 18
220.255.128.0/17 maxlen: 17
220.255.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13196 (0x338c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F89C/serialNumber=AF8F0CFB47FBFCC7C4933C473CDB36442B5051CE
Validity
Not Before: Jan 25 02:00:18 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63d08d32-f7e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:78:19:3e:5b:1e:6b:d6:ea:6b:21:c7:64:20:
76:96:dd:32:0d:61:dc:c3:da:0f:8c:41:75:d1:0a:
11:9f:98:27:7f:8a:e3:9a:69:bb:8a:68:32:b2:24:
0a:c5:7a:c5:12:9f:7c:fe:d6:52:bc:11:e8:58:ab:
d1:dc:58:4a:ce:a4:c7:92:2c:e1:75:ad:72:bb:d3:
6d:07:98:53:47:ed:4e:ef:26:89:42:cc:b8:30:e5:
46:1c:49:94:26:d2:79:0e:d5:ca:40:0e:3c:29:9c:
cc:4b:c9:30:9b:71:54:ed:c9:d1:40:89:41:09:78:
6b:06:73:cc:fd:11:f7:6a:8f:55:4b:c3:44:6f:c2:
53:17:60:b0:a2:ce:a5:33:04:5a:4e:73:52:d9:d5:
4c:b7:1f:0c:d2:b5:f7:7b:0b:f9:ff:e9:0f:69:34:
f5:d1:e4:a8:f3:e0:5a:04:fc:86:c7:77:32:8b:77:
d1:5b:d2:eb:41:98:63:d4:28:77:b7:a8:45:5d:1a:
6b:a4:09:c4:1c:cb:e1:75:d4:64:99:10:1d:38:68:
9c:26:29:b6:9d:ba:90:87:66:82:3b:a2:49:65:21:
58:ec:0a:ed:0e:b5:e3:d1:81:98:3c:3a:b2:31:83:
ab:32:d8:1b:ed:85:21:73:dd:d5:60:30:ae:5d:b5:
9d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AA:27:78:CF:0C:D5:AB:15:49:0F:81:18:53:3F:7E:DD:1A:DE:75
X509v3 Authority Key Identifier:
keyid:AF:8F:0C:FB:47:FB:FC:C7:C4:93:3C:47:3C:DB:36:44:2B:50:51:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/r48M-0f7_MfEkzxHPNs2RCtQUc4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r48M-0f7_MfEkzxHPNs2RCtQUc4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/044881C09C5411ED89D51672C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.100.0.0/17
42.60.0.0/16
42.61.128.0/17
101.78.64.0/18
115.66.0.0/16
116.14.0.0/15
118.200.0.0/16
118.201.192.0/18
119.74.0.0/16
121.6.0.0/15
180.255.64.0/18
219.74.0.0-219.75.127.255
220.255.0.0/21
220.255.16.0-220.255.255.255
Signature Algorithm: sha256WithRSAEncryption
a5:a3:6e:21:5c:a5:cf:03:73:8c:7f:23:26:af:6f:63:e5:ee:
72:26:89:a7:52:b8:bc:2e:a5:12:ef:88:3c:fd:dc:6e:63:20:
bf:78:f6:69:5d:0b:3e:ac:83:1a:09:c7:da:d0:9d:fb:66:43:
27:bb:7a:a3:a3:61:bf:22:fd:05:c7:97:19:aa:93:e5:ba:f1:
84:49:c0:0a:00:4f:98:32:dc:74:69:1e:80:be:09:51:fb:7c:
64:b1:9c:49:0e:9a:c3:8a:1c:9a:7d:81:4b:d0:76:bf:56:2c:
fc:f2:80:ca:52:d2:1d:73:e5:fc:01:9f:f5:37:a6:f0:3c:07:
9a:f2:a4:bf:0b:6d:cf:7d:d9:74:6a:11:49:b1:7d:ce:7b:39:
98:a3:08:10:96:a9:d8:f7:d6:a8:c2:1e:6b:2c:19:3c:64:38:
b0:91:77:61:1b:67:61:3a:6e:33:54:70:ba:8f:f8:5f:1e:7f:
33:f2:f6:4e:a1:c8:2d:7f:08:4a:e0:4e:91:b2:6a:82:f6:bc:
31:6e:53:b8:28:48:4c:9b:47:fd:79:1c:ec:c3:ce:3b:33:e0:
a4:bb:01:81:28:9f:f4:4e:33:de:12:08:a0:d6:d1:0b:e1:70:
f8:a2:53:75:ed:75:4d:e2:02:33:11:75:49:0b:3e:03:83:57:
72:24:d8:9c
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgICM4wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUY4OUMxMTAvBgNVBAUTKEFGOEYwQ0ZCNDdGQkZDQzdDNDkzM0M0NzNDREIzNjQ0
MkI1MDUxQ0UwHhcNMjMwMTI1MDIwMDE4WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2QwOGQzMi1mN2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA33gZPlsea9bqayHHZCB2lt0yDWHcw9oPjEF10QoRn5gnf4rjmmm7imgysiQK
xXrFEp98/tZSvBHoWKvR3FhKzqTHkizhda1yu9NtB5hTR+1O7yaJQsy4MOVGHEmU
JtJ5DtXKQA48KZzMS8kwm3FU7cnRQIlBCXhrBnPM/RH3ao9VS8NEb8JTF2Cwos6l
MwRaTnNS2dVMtx8M0rX3ewv5/+kPaTT10eSo8+BaBPyGx3cyi3fRW9LrQZhj1Ch3
t6hFXRprpAnEHMvhddRkmRAdOGicJim2nbqQh2aCO6JJZSFY7ArtDrXj0YGYPDqy
MYOrMtgb7YUhc93VYDCuXbWdZwIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFNaqJ3jP
DNWrFUkPgRhTP37dGt51MB8GA1UdIwQYMBaAFK+PDPtH+/zHxJM8RzzbNkQrUFHO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy82OTA3QzNFMjFE
ODMxMUUyOUIzNUE1RDgwOEIwMkNEMi9yNDhNLTBmN19NZkVrenhIUE5zMlJDdFFV
YzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I0OE0tMGY3X01mRWt6eEhQTnMyUkN0UVVjNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUY4OUMvNjkwN0MzRTIxRDgzMTFFMjlCMzVBNUQ4MDhCMDJDRDIvMDQ0ODgxQzA5
QzU0MTFFRDg5RDUxNjcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdAYIKwYBBQUHAQcBAf8E
ZTBjMGEEAgABMFsDBAcOZAADAwAqPAMEByo9gAMEBmVOQAMDAHNCAwMBdA4DAwB2
yAMEBnbJwAMDAHdKAwMBeQYDBAa0/0AwCwMDAdtKAwQH20sAAwQD3P8AMAoDBATc
/xADAgDcMA0GCSqGSIb3DQEBCwUAA4IBAQClo24hXKXPA3OMfyMmr29j5e5yJomn
Uri8LqUS74g8/dxuYyC/ePZpXQs+rIMaCcfa0J37ZkMnu3qjo2G/Iv0Fx5cZqpPl
uvGEScAKAE+YMtx0aR6AvglR+3xksZxJDprDihyafYFL0Ha/Viz88oDKUtIdc+X8
AZ/1N6bwPAea8qS/C23Pfdl0ahFJsX3OezmYowgQlqnY99aowh5rLBk8ZDiwkXdh
G2dhOm4zVHC6j/hfHn8z8vZOocgtfwhK4E6RsmqC9rwxblO4KEhMm0f9eRzsw847
M+CkuwGBKJ/0TjPeEgig1tEL4XD4olN17XVN4gIzEXVJCz4Dg1dyJNic
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:44 2023 by rpki-client on console-fra.rpki-client.org