Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/3593D6D643EB11EFB7E0C84AC4F9AE02.roa
File: 3593D6D643EB11EFB7E0C84AC4F9AE02.roa (raw, json)
Hash identifier: VvQMr+2MPqo8+pNcgFjOA7YJOHbsn+86NYvVp8hhIrU=
Subject key identifier: 10:65:1C:30:7D:31:C1:65:1E:4D:14:C6:60:95:02:B2:37:3A:33:71
Certificate issuer: /CN=A917452D/serialNumber=E4AE80372A867987BB2A0ABBE110AB804370D5E3
Certificate serial: 0213
Authority key identifier: E4:AE:80:37:2A:86:79:87:BB:2A:0A:BB:E1:10:AB:80:43:70:D5:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5K6ANyqGeYe7Kgq74RCrgENw1eM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/3593D6D643EB11EFB7E0C84AC4F9AE02.roa
Signing time: Tue 06 Aug 2024 05:30:20 +0000
ROA not before: Tue 06 Aug 2024 05:30:20 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 9506
IP address blocks: 202.166.0.0/17 maxlen: 24
202.166.128.0/19 maxlen: 19
2400:d800::/30 maxlen: 30
2400:d800::/31 maxlen: 31
2400:d800::/32 maxlen: 32
2400:d800:10::/48 maxlen: 48
2400:d801::/32 maxlen: 32
2400:d801:3f00::/40 maxlen: 40
2400:d801:9000::/36 maxlen: 44
2400:d801:a000::/36 maxlen: 44
2400:d802::/31 maxlen: 31
2400:d802::/32 maxlen: 32
2400:d802:500::/40 maxlen: 44
2400:d802:800::/40 maxlen: 44
2400:d802:1100::/40 maxlen: 44
2400:d802:1310::/44 maxlen: 44
2400:d802:1410::/44 maxlen: 44
2400:d802:1480::/41 maxlen: 44
2400:d802:1800::/40 maxlen: 44
2400:d802:1900::/40 maxlen: 44
2400:d802:1a00::/40 maxlen: 44
2400:d802:1c00::/40 maxlen: 44
2400:d802:1d00::/40 maxlen: 44
2400:d802:1f00::/40 maxlen: 44
2400:d802:2100::/40 maxlen: 44
2400:d802:2300::/40 maxlen: 44
2400:d802:2410::/45 maxlen: 48
2400:d802:2418::/45 maxlen: 48
2400:d802:2480::/42 maxlen: 48
2400:d802:24c0::/42 maxlen: 48
2400:d802:2600::/40 maxlen: 44
2400:d802:2900::/40 maxlen: 44
2400:d802:2a00::/40 maxlen: 44
2400:d802:2d00::/40 maxlen: 44
2400:d802:3200::/40 maxlen: 44
2400:d802:3300::/40 maxlen: 44
2400:d802:3410::/45 maxlen: 48
2400:d802:3418::/45 maxlen: 48
2400:d802:3480::/42 maxlen: 48
2400:d802:34c0::/42 maxlen: 48
2400:d802:3600::/40 maxlen: 44
2400:d802:3a00::/40 maxlen: 44
2400:d802:4110::/44 maxlen: 44
2400:d802:4180::/41 maxlen: 41
2400:d802:4210::/44 maxlen: 44
2400:d802:4280::/41 maxlen: 41
2400:d802:4310::/44 maxlen: 44
2400:d802:4380::/41 maxlen: 41
2400:d802:4410::/44 maxlen: 44
2400:d802:4480::/41 maxlen: 41
2400:d802:4510::/44 maxlen: 44
2400:d802:4610::/44 maxlen: 44
2400:d802:4680::/41 maxlen: 41
2400:d802:4710::/44 maxlen: 44
2400:d802:4780::/41 maxlen: 41
2400:d802:4810::/44 maxlen: 44
2400:d802:4880::/41 maxlen: 41
2400:d802:4910::/44 maxlen: 44
2400:d802:4980::/41 maxlen: 41
2400:d802:4a10::/44 maxlen: 44
2400:d802:4a80::/41 maxlen: 41
2400:d802:4b10::/44 maxlen: 44
2400:d802:4b80::/41 maxlen: 41
2400:d802:4c10::/44 maxlen: 44
2400:d802:4c80::/41 maxlen: 41
2400:d802:4d10::/44 maxlen: 44
2400:d802:4d80::/41 maxlen: 41
2400:d802:4e10::/44 maxlen: 44
2400:d802:4e80::/41 maxlen: 41
2400:d802:4f10::/44 maxlen: 44
2400:d802:4f80::/41 maxlen: 41
2400:d802:9d00::/40 maxlen: 44
2400:d802:9f00::/40 maxlen: 44
2400:d802:a000::/36 maxlen: 44
2400:d803::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 Aug 2024 06:17:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 531 (0x213)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917452D/serialNumber=E4AE80372A867987BB2A0ABBE110AB804370D5E3
Validity
Not Before: Aug 6 05:30:20 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66b1b4ec-075f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:53:09:c7:77:1a:ba:a6:72:78:e1:62:5b:a6:
0b:5d:25:c6:61:b5:90:25:7f:d7:99:4d:3a:40:d5:
60:b9:ef:ed:31:36:d5:0e:3b:2d:6f:30:1a:04:3c:
72:fb:e4:d4:7f:58:16:5e:81:8c:44:a9:fc:a6:57:
84:e7:61:95:b2:cf:1a:a2:37:f7:9f:ad:12:19:f4:
f2:48:a2:e6:05:9c:af:be:5b:75:db:62:3e:06:37:
0d:57:89:2c:c9:14:2f:75:e1:44:ae:8e:85:bd:52:
97:27:34:78:1c:81:1e:8a:bc:39:1d:71:0f:12:e0:
26:1a:be:03:17:cc:6d:22:88:e7:9d:f8:e1:26:29:
7e:f9:74:f8:12:a8:10:dc:d1:71:76:70:9f:45:77:
03:ea:e2:7f:3c:ed:14:ac:28:ba:bd:fd:ee:6b:5c:
33:d0:92:c6:63:b8:85:17:6f:9e:a9:c0:06:89:45:
ec:25:66:d6:b1:b4:20:d8:b3:15:0e:0a:48:54:52:
f8:5d:bb:6a:1e:62:10:a1:90:a5:b6:ca:95:b3:75:
8c:31:f1:95:fc:35:cd:91:3f:cb:9f:86:34:cb:79:
f3:72:50:b6:31:a6:1e:80:a5:32:93:23:af:04:03:
98:af:5e:3c:0a:8a:87:50:c1:9f:42:d8:1d:c8:bd:
d3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:65:1C:30:7D:31:C1:65:1E:4D:14:C6:60:95:02:B2:37:3A:33:71
X509v3 Authority Key Identifier:
keyid:E4:AE:80:37:2A:86:79:87:BB:2A:0A:BB:E1:10:AB:80:43:70:D5:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/5K6ANyqGeYe7Kgq74RCrgENw1eM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5K6ANyqGeYe7Kgq74RCrgENw1eM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/3593D6D643EB11EFB7E0C84AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.166.0.0-202.166.159.255
IPv6:
2400:d800::/30
Signature Algorithm: sha256WithRSAEncryption
25:40:32:b0:67:d2:f6:69:10:a6:c3:7c:e6:7a:dc:0e:07:43:
5e:8e:14:df:24:24:59:ff:a8:c6:da:74:f3:b7:9e:64:bb:35:
85:a5:b0:f3:74:2d:3e:d5:1a:60:59:d7:a2:ee:48:49:e8:fa:
0d:c1:d7:2c:41:d4:b6:b5:5a:40:c6:73:27:02:28:5c:78:bb:
d2:9f:01:b0:b9:7a:c8:36:31:54:5a:79:d4:2f:65:52:84:9e:
15:03:7b:b1:b5:99:5a:88:a0:81:7c:c9:fb:5a:7c:7f:73:14:
ca:02:51:d3:44:db:d4:f8:fc:01:a9:85:86:a2:2b:6c:39:29:
75:d4:ee:61:c4:35:6f:5d:6d:0c:e5:b3:6a:6c:57:11:0f:9c:
89:49:d6:bd:29:2a:a0:b7:81:0e:28:2e:e2:40:bb:c2:cf:2b:
30:05:a7:fc:82:5d:f9:71:0d:1a:26:c0:15:60:e6:66:fb:18:
7a:84:27:cd:26:e1:e7:09:4c:db:48:1c:73:ea:b0:ec:e1:66:
e0:1d:e8:bc:7c:ce:96:15:92:76:05:a0:90:f8:d8:67:de:ff:
1b:7f:79:7d:88:bb:fa:ef:cb:61:8c:b0:e8:a0:81:84:4d:06:
c5:73:1b:8c:d3:7a:d0:76:15:2d:9e:1d:1d:52:f7:8f:4b:4b:
9a:83:37:5d
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICAhMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ1MkQxMTAvBgNVBAUTKEU0QUU4MDM3MkE4Njc5ODdCQjJBMEFCQkUxMTBBQjgw
NDM3MEQ1RTMwHhcNMjQwODA2MDUzMDIwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIxYjRlYy0wNzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3lMJx3cauqZyeOFiW6YLXSXGYbWQJX/XmU06QNVgue/tMTbVDjstbzAaBDxy
++TUf1gWXoGMRKn8pleE52GVss8aojf3n60SGfTySKLmBZyvvlt122I+BjcNV4ks
yRQvdeFEro6FvVKXJzR4HIEeirw5HXEPEuAmGr4DF8xtIojnnfjhJil++XT4EqgQ
3NFxdnCfRXcD6uJ/PO0UrCi6vf3ua1wz0JLGY7iFF2+eqcAGiUXsJWbWsbQg2LMV
DgpIVFL4XbtqHmIQoZCltsqVs3WMMfGV/DXNkT/Ln4Y0y3nzclC2MaYegKUykyOv
BAOYr148CoqHUMGfQtgdyL3TpwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFBBlHDB9
McFlHk0UxmCVArI3OjNxMB8GA1UdIwQYMBaAFOSugDcqhnmHuyoKu+EQq4BDcNXj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDUyRC9BQTQyMTcxRTI3
NjgxMUVEOUEyMjE3MzBDNEY5QUUwMi81SzZBTnlxR2VZZTdLZ3E3NFJDcmdFTncx
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVLNkFOeXFHZVllN0tncTc0UkNyZ0VOdzFlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ1MkQvQUE0MjE3MUUyNzY4MTFFRDlBMjIxNzMwQzRGOUFFMDIvMzU5M0Q2RDY0
M0VCMTFFRkI3RTBDODRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMBMEAgABMA0wCwMDAcqmAwQFyqaAMA0EAgACMAcDBQIkANgAMA0GCSqGSIb3
DQEBCwUAA4IBAQAlQDKwZ9L2aRCmw3zmetwOB0NejhTfJCRZ/6jG2nTzt55kuzWF
pbDzdC0+1RpgWdei7khJ6PoNwdcsQdS2tVpAxnMnAihceLvSnwGwuXrINjFUWnnU
L2VShJ4VA3uxtZlaiKCBfMn7Wnx/cxTKAlHTRNvU+PwBqYWGoitsOSl11O5hxDVv
XW0M5bNqbFcRD5yJSda9KSqgt4EOKC7iQLvCzyswBaf8gl35cQ0aJsAVYOZm+xh6
hCfNJuHnCUzbSBxz6rDs4WbgHei8fM6WFZJ2BaCQ+Nhn3v8bf3l9iLv678thjLDo
oIGETQbFcxuM03rQdhUtnh0dUvePS0uagzdd
-----END CERTIFICATE-----
Generated at Tue Aug 6 09:30:03 2024 by rpki-client on console-ams.rpki-client.org