Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/34A3916243EB11EFB7E0C84AC4F9AE02.roa
File: 34A3916243EB11EFB7E0C84AC4F9AE02.roa (raw, json)
Hash identifier: r/JuGGHeyrMpLJRbeUSApx3m39dlnSYVYtl2A2oxeTw=
Subject key identifier: FD:86:B1:2E:9D:82:7A:ED:3D:D2:61:DF:A0:33:E4:9E:AE:7B:D9:BD
Certificate issuer: /CN=A917452D/serialNumber=E4AE80372A867987BB2A0ABBE110AB804370D5E3
Certificate serial: 0212
Authority key identifier: E4:AE:80:37:2A:86:79:87:BB:2A:0A:BB:E1:10:AB:80:43:70:D5:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5K6ANyqGeYe7Kgq74RCrgENw1eM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/34A3916243EB11EFB7E0C84AC4F9AE02.roa
Signing time: Tue 06 Aug 2024 05:30:19 +0000
ROA not before: Tue 06 Aug 2024 05:30:19 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 3758
IP address blocks: 202.166.0.0/17 maxlen: 24
202.166.128.0/19 maxlen: 19
2400:d800::/30 maxlen: 30
2400:d800::/31 maxlen: 31
2400:d800::/32 maxlen: 32
2400:d800:10::/48 maxlen: 48
2400:d801::/32 maxlen: 32
2400:d801:3f00::/40 maxlen: 40
2400:d801:9000::/36 maxlen: 44
2400:d801:a000::/36 maxlen: 44
2400:d802::/31 maxlen: 31
2400:d802::/32 maxlen: 32
2400:d802:500::/40 maxlen: 44
2400:d802:800::/40 maxlen: 44
2400:d802:1100::/40 maxlen: 44
2400:d802:1310::/44 maxlen: 44
2400:d802:1410::/44 maxlen: 44
2400:d802:1480::/41 maxlen: 44
2400:d802:1800::/40 maxlen: 44
2400:d802:1900::/40 maxlen: 44
2400:d802:1a00::/40 maxlen: 44
2400:d802:1c00::/40 maxlen: 44
2400:d802:1d00::/40 maxlen: 44
2400:d802:1f00::/40 maxlen: 44
2400:d802:2100::/40 maxlen: 44
2400:d802:2300::/40 maxlen: 44
2400:d802:2410::/45 maxlen: 48
2400:d802:2418::/45 maxlen: 48
2400:d802:2480::/42 maxlen: 48
2400:d802:24c0::/42 maxlen: 48
2400:d802:2600::/40 maxlen: 44
2400:d802:2900::/40 maxlen: 44
2400:d802:2a00::/40 maxlen: 44
2400:d802:2d00::/40 maxlen: 44
2400:d802:3200::/40 maxlen: 44
2400:d802:3300::/40 maxlen: 44
2400:d802:3410::/45 maxlen: 48
2400:d802:3418::/45 maxlen: 48
2400:d802:3480::/42 maxlen: 48
2400:d802:34c0::/42 maxlen: 48
2400:d802:3600::/40 maxlen: 44
2400:d802:3a00::/40 maxlen: 44
2400:d802:4110::/44 maxlen: 44
2400:d802:4180::/41 maxlen: 41
2400:d802:4210::/44 maxlen: 44
2400:d802:4280::/41 maxlen: 41
2400:d802:4310::/44 maxlen: 44
2400:d802:4380::/41 maxlen: 41
2400:d802:4410::/44 maxlen: 44
2400:d802:4480::/41 maxlen: 41
2400:d802:4510::/44 maxlen: 44
2400:d802:4580::/41 maxlen: 41
2400:d802:4610::/44 maxlen: 44
2400:d802:4680::/41 maxlen: 41
2400:d802:4710::/44 maxlen: 44
2400:d802:4780::/41 maxlen: 41
2400:d802:4810::/44 maxlen: 44
2400:d802:4880::/41 maxlen: 41
2400:d802:4910::/44 maxlen: 44
2400:d802:4980::/41 maxlen: 41
2400:d802:4a10::/44 maxlen: 44
2400:d802:4a80::/41 maxlen: 41
2400:d802:4b10::/44 maxlen: 44
2400:d802:4b80::/41 maxlen: 41
2400:d802:4c10::/44 maxlen: 44
2400:d802:4c80::/41 maxlen: 41
2400:d802:4d10::/44 maxlen: 44
2400:d802:4d80::/41 maxlen: 41
2400:d802:4e10::/44 maxlen: 44
2400:d802:4e80::/41 maxlen: 41
2400:d802:4f10::/44 maxlen: 44
2400:d802:4f80::/41 maxlen: 41
2400:d802:9d00::/40 maxlen: 44
2400:d802:9f00::/40 maxlen: 44
2400:d802:a000::/36 maxlen: 44
2400:d803::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 Aug 2024 06:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 530 (0x212)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917452D/serialNumber=E4AE80372A867987BB2A0ABBE110AB804370D5E3
Validity
Not Before: Aug 6 05:30:19 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66b1b4eb-7d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:21:04:e0:5a:4a:e6:dc:c0:aa:94:77:9f:93:
95:66:e3:d2:f0:73:8f:59:42:06:9e:7b:dc:c2:76:
d5:7d:30:a3:7a:67:07:22:02:a7:b5:a9:b7:5c:47:
7b:9a:43:57:2c:64:ba:58:a9:46:ea:55:87:20:e7:
97:a4:bc:a4:79:25:72:39:f5:2f:67:d2:1d:0c:0a:
36:a6:09:95:9f:c2:9c:e5:d1:ab:b8:29:a8:a0:61:
ca:b1:90:a1:c5:41:57:07:f9:db:d3:2d:45:2d:0a:
5b:85:2e:66:fa:33:9c:1b:f9:f4:60:6d:a7:e9:a9:
bd:29:63:82:cf:e7:a7:1d:2e:98:87:81:29:2f:aa:
4a:ab:1d:3a:8c:54:00:04:e5:83:5f:4b:5f:42:d7:
98:38:ad:d9:d1:1d:0a:ef:82:fe:e8:a8:5d:48:f3:
ab:e4:28:15:5b:28:bf:7f:6f:81:11:d9:2b:17:5f:
f3:bd:08:f1:64:5a:0d:14:e6:52:4e:e6:e0:49:20:
c1:d3:b7:77:2e:bd:1a:fb:4d:0e:3a:4a:bd:75:69:
58:53:2a:d4:50:32:81:34:98:83:57:ab:75:25:13:
07:7f:eb:5f:b2:c2:7b:ae:bc:4e:b8:64:52:4a:5d:
ef:3b:96:bf:97:14:4a:ec:35:b1:dc:96:86:5a:6e:
f2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:86:B1:2E:9D:82:7A:ED:3D:D2:61:DF:A0:33:E4:9E:AE:7B:D9:BD
X509v3 Authority Key Identifier:
keyid:E4:AE:80:37:2A:86:79:87:BB:2A:0A:BB:E1:10:AB:80:43:70:D5:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/5K6ANyqGeYe7Kgq74RCrgENw1eM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5K6ANyqGeYe7Kgq74RCrgENw1eM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/34A3916243EB11EFB7E0C84AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.166.0.0-202.166.159.255
IPv6:
2400:d800::/30
Signature Algorithm: sha256WithRSAEncryption
6e:a8:d3:5f:70:58:9a:8a:64:c2:0f:12:ab:b8:10:e4:4e:a7:
db:aa:e3:e3:2a:9e:ce:48:48:93:20:e5:c3:10:7b:47:e5:37:
7b:27:f4:28:73:f5:a4:34:0f:0b:53:97:37:76:67:5b:4f:cd:
77:71:10:18:fc:50:23:9b:97:20:be:78:47:c5:82:8b:ca:39:
41:c4:1d:06:4b:df:41:5a:b8:8a:01:95:de:bb:48:8b:f0:63:
a7:5e:e2:f6:0f:b1:fb:dd:07:23:84:03:07:ea:13:f3:e9:5f:
47:ec:9d:10:12:27:ee:c0:a6:3e:8b:ad:bd:71:26:51:b6:0f:
ff:45:ae:77:30:a7:e7:02:1e:27:f0:ca:f9:7e:31:ce:bf:50:
53:a5:b2:6e:ca:3a:23:72:67:63:b7:45:60:26:ce:d2:02:81:
e5:f7:27:44:c0:84:6a:cf:f4:f5:fa:7f:66:69:82:d1:f8:fc:
47:a8:be:7d:7a:16:0c:63:8d:9f:2e:47:3c:2a:6e:de:42:de:
9d:b1:a9:c6:a6:15:2f:7f:56:73:8c:a6:a0:86:3f:97:3f:e5:
41:1e:26:ea:8d:c3:b2:2a:16:53:20:5b:43:8c:dd:8c:81:af:
2c:e8:e4:62:89:ce:3d:67:2e:88:c7:2f:f1:ab:7c:71:bc:a1:
44:4d:2c:44
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICAhIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ1MkQxMTAvBgNVBAUTKEU0QUU4MDM3MkE4Njc5ODdCQjJBMEFCQkUxMTBBQjgw
NDM3MEQ1RTMwHhcNMjQwODA2MDUzMDE5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIxYjRlYi03ZDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1SEE4FpK5tzAqpR3n5OVZuPS8HOPWUIGnnvcwnbVfTCjemcHIgKntam3XEd7
mkNXLGS6WKlG6lWHIOeXpLykeSVyOfUvZ9IdDAo2pgmVn8Kc5dGruCmooGHKsZCh
xUFXB/nb0y1FLQpbhS5m+jOcG/n0YG2n6am9KWOCz+enHS6Yh4EpL6pKqx06jFQA
BOWDX0tfQteYOK3Z0R0K74L+6KhdSPOr5CgVWyi/f2+BEdkrF1/zvQjxZFoNFOZS
TubgSSDB07d3Lr0a+00OOkq9dWlYUyrUUDKBNJiDV6t1JRMHf+tfssJ7rrxOuGRS
Sl3vO5a/lxRK7DWx3JaGWm7y8wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFP2GsS6d
gnrtPdJh36Az5J6ue9m9MB8GA1UdIwQYMBaAFOSugDcqhnmHuyoKu+EQq4BDcNXj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDUyRC9BQTQyMTcxRTI3
NjgxMUVEOUEyMjE3MzBDNEY5QUUwMi81SzZBTnlxR2VZZTdLZ3E3NFJDcmdFTncx
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVLNkFOeXFHZVllN0tncTc0UkNyZ0VOdzFlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ1MkQvQUE0MjE3MUUyNzY4MTFFRDlBMjIxNzMwQzRGOUFFMDIvMzRBMzkxNjI0
M0VCMTFFRkI3RTBDODRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMBMEAgABMA0wCwMDAcqmAwQFyqaAMA0EAgACMAcDBQIkANgAMA0GCSqGSIb3
DQEBCwUAA4IBAQBuqNNfcFiaimTCDxKruBDkTqfbquPjKp7OSEiTIOXDEHtH5Td7
J/Qoc/WkNA8LU5c3dmdbT813cRAY/FAjm5cgvnhHxYKLyjlBxB0GS99BWriKAZXe
u0iL8GOnXuL2D7H73QcjhAMH6hPz6V9H7J0QEifuwKY+i629cSZRtg//Ra53MKfn
Ah4n8Mr5fjHOv1BTpbJuyjojcmdjt0VgJs7SAoHl9ydEwIRqz/T1+n9maYLR+PxH
qL59ehYMY42fLkc8Km7eQt6dsanGphUvf1ZzjKaghj+XP+VBHibqjcOyKhZTIFtD
jN2Mga8s6ORiic49Zy6Ixy/xq3xxvKFETSxE
-----END CERTIFICATE-----
Generated at Tue Aug 6 08:09:48 2024 by rpki-client on console-fra.rpki-client.org