Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/B39021B0E1E511EE81317C18C4F9AE02.roa
File: B39021B0E1E511EE81317C18C4F9AE02.roa (raw, json)
Hash identifier: tvEkf89GGKoQmaN20T5ngINYfJsh43d377A2L05NSR4=
Subject key identifier: A0:5B:97:D1:A3:65:44:72:27:3C:F2:42:46:41:CC:D3:56:CA:CA:E2
Certificate issuer: /CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Certificate serial: 210E
Authority key identifier: 13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/B39021B0E1E511EE81317C18C4F9AE02.roa
Signing time: Tue 30 Apr 2024 16:24:01 +0000
ROA not before: Tue 30 Apr 2024 16:24:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18196
IP address blocks: 45.117.128.0/22 maxlen: 22
45.117.128.0/24 maxlen: 24
45.117.129.0/24 maxlen: 24
45.117.130.0/24 maxlen: 24
45.117.131.0/24 maxlen: 24
103.255.112.0/24 maxlen: 24
103.255.113.0/24 maxlen: 24
103.255.114.0/24 maxlen: 24
202.134.151.0/24 maxlen: 24
202.134.154.0/24 maxlen: 24
202.134.155.0/24 maxlen: 24
202.134.156.0/24 maxlen: 24
202.134.157.0/24 maxlen: 24
202.134.160.0/24 maxlen: 24
202.134.161.0/24 maxlen: 24
202.134.162.0/24 maxlen: 24
202.134.163.0/24 maxlen: 24
202.134.164.0/24 maxlen: 24
202.134.165.0/24 maxlen: 24
202.134.166.0/24 maxlen: 24
202.134.167.0/24 maxlen: 24
202.134.168.0/24 maxlen: 24
202.134.169.0/24 maxlen: 24
202.134.170.0/24 maxlen: 24
202.134.171.0/24 maxlen: 24
202.134.172.0/24 maxlen: 24
202.134.173.0/24 maxlen: 24
202.134.174.0/24 maxlen: 24
202.134.175.0/24 maxlen: 24
202.134.176.0/24 maxlen: 24
202.134.177.0/24 maxlen: 24
202.134.178.0/24 maxlen: 24
202.134.179.0/24 maxlen: 24
202.134.180.0/24 maxlen: 24
202.134.181.0/24 maxlen: 24
202.134.182.0/24 maxlen: 24
202.134.183.0/24 maxlen: 24
202.134.184.0/24 maxlen: 24
202.134.185.0/24 maxlen: 24
202.134.186.0/24 maxlen: 24
202.134.187.0/24 maxlen: 24
202.134.189.0/24 maxlen: 24
202.134.190.0/24 maxlen: 24
202.134.191.0/24 maxlen: 24
2402:f200::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 06 May 2024 04:05:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8462 (0x210e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Validity
Not Before: Apr 30 16:24:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66311b21-2017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9f:8c:3f:0d:be:c7:08:a8:a7:f0:cf:9b:1c:
48:3e:f4:9f:25:6d:7c:a9:3b:3c:2b:d5:7f:45:61:
71:11:14:90:3b:54:3c:2c:f9:5e:5f:44:03:fa:a1:
d2:bf:fd:9a:31:24:f9:de:de:1a:6e:bd:6a:90:93:
83:f6:62:da:7e:28:3f:4e:f4:a3:78:ac:39:6e:c9:
f6:94:66:83:ae:1a:47:03:48:53:ca:ce:4f:6f:98:
6a:2f:40:35:3a:9f:d4:cb:f1:ee:e7:73:c2:40:33:
f9:3b:fc:2a:97:8d:3a:30:66:ec:e1:de:13:df:9b:
fc:4c:75:e5:36:20:c3:7a:d8:18:36:3e:ba:6b:2d:
5e:0f:e4:71:85:de:f2:aa:72:57:a1:b0:13:23:6b:
67:0b:4f:ed:73:14:33:0c:95:4d:07:39:bb:e0:ea:
c0:80:76:74:b4:9b:6f:44:e9:09:7a:2a:08:f5:67:
60:4a:1a:0f:87:44:18:50:a3:a1:2a:ff:a5:8d:5d:
c6:6e:b6:c2:ad:6a:6a:91:6b:33:6b:a4:ca:3c:00:
90:88:58:76:9b:08:46:38:62:ec:a3:5a:ec:0d:e9:
37:b8:0d:c0:1e:ea:ac:66:f2:02:85:35:d3:b3:95:
a4:e9:d8:86:91:e6:63:16:69:50:f7:65:aa:d4:6a:
a3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5B:97:D1:A3:65:44:72:27:3C:F2:42:46:41:CC:D3:56:CA:CA:E2
X509v3 Authority Key Identifier:
keyid:13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/B39021B0E1E511EE81317C18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.128.0/22
103.255.112.0-103.255.114.255
202.134.151.0/24
202.134.154.0-202.134.157.255
202.134.160.0-202.134.187.255
202.134.189.0-202.134.191.255
IPv6:
2402:f200::/32
Signature Algorithm: sha256WithRSAEncryption
bc:2d:bb:3e:f6:6e:7f:7a:51:e3:24:10:11:66:e6:4e:be:fd:
91:57:a6:82:ea:c6:5c:fa:ed:7a:e4:79:e9:df:11:6a:ab:ef:
cf:88:42:1c:a2:4b:e8:36:d4:44:80:d8:8a:b7:aa:3b:af:4d:
40:59:fa:2e:5a:c9:03:f1:56:b8:e4:47:f8:e7:78:41:5b:01:
d1:df:ab:89:2b:76:8e:aa:1e:cc:2a:d4:fe:17:4e:b8:6d:6a:
2f:69:36:66:6d:35:ee:64:44:17:21:7a:99:32:cc:63:79:80:
7e:83:92:5b:e3:66:a9:21:cb:e3:3f:83:89:58:23:d9:45:2c:
44:12:1f:79:aa:56:c7:88:79:3c:13:04:eb:f6:f8:c9:51:6b:
65:8c:57:65:ef:a0:2e:45:e1:7e:da:14:8a:f9:42:92:9d:d6:
cd:93:4f:4e:b4:58:34:09:3b:81:b9:a2:22:e7:95:81:6f:8a:
bb:cb:0e:94:7e:1a:2c:87:94:a0:d1:85:42:e4:09:04:e3:fc:
b7:31:85:8e:fb:46:6e:48:3a:bb:c6:65:71:b8:06:bc:cb:0c:
28:a4:33:85:76:42:da:7d:24:54:f6:34:36:60:9f:55:4f:04:
51:6d:9b:90:a2:51:70:1e:d2:37:f5:60:cf:ca:91:e0:16:3b:
23:06:30:92
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgICIQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OURBRjIxMTAvBgNVBAUTKDEzOUNDMURCNkI5RDI0QjkzQjE0OTI4QTc1MThEMDRF
QjNCMjZBM0EwHhcNMjQwNDMwMTYyNDAxWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxMWIyMS0yMDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv5+MPw2+xwiop/DPmxxIPvSfJW18qTs8K9V/RWFxERSQO1Q8LPleX0QD+qHS
v/2aMST53t4abr1qkJOD9mLafig/TvSjeKw5bsn2lGaDrhpHA0hTys5Pb5hqL0A1
Op/Uy/Hu53PCQDP5O/wql406MGbs4d4T35v8THXlNiDDetgYNj66ay1eD+Rxhd7y
qnJXobATI2tnC0/tcxQzDJVNBzm74OrAgHZ0tJtvROkJeioI9WdgShoPh0QYUKOh
Kv+ljV3GbrbCrWpqkWsza6TKPACQiFh2mwhGOGLso1rsDek3uA3AHuqsZvIChTXT
s5Wk6diGkeZjFmlQ92Wq1GqjfQIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFKBbl9Gj
ZURyJzzyQkZBzNNWysriMB8GA1UdIwQYMBaAFBOcwdtrnSS5OxSSinUY0E6zsmo6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REFGMi8yNkVDNkREQUQz
REExMUU1OEM1Q0Q0MEZDNEY5QUUwMi9FNXpCMjJ1ZEpMazdGSktLZFJqUVRyT3lh
am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U1ekIyMnVkSkxrN0ZKS0tkUmpRVHJPeWFqby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OURBRjIvMjZFQzZEREFEM0RBMTFFNThDNUNENDBGQzRGOUFFMDIvQjM5MDIxQjBF
MUU1MTFFRTgxMzE3QzE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E
XTBbMEoEAgABMEQDBAItdYAwDAMEBGf/cAMEAGf/cgMEAMqGlzAMAwQByoaaAwQB
yoacMAwDBAXKhqADBALKhrgwDAMEAMqGvQMEBsqGgDANBAIAAjAHAwUAJALyADAN
BgkqhkiG9w0BAQsFAAOCAQEAvC27PvZuf3pR4yQQEWbmTr79kVemgurGXPrteuR5
6d8Raqvvz4hCHKJL6DbURIDYireqO69NQFn6LlrJA/FWuORH+Od4QVsB0d+riSt2
jqoezCrU/hdOuG1qL2k2Zm017mREFyF6mTLMY3mAfoOSW+NmqSHL4z+DiVgj2UUs
RBIfeapWx4h5PBME6/b4yVFrZYxXZe+gLkXhftoUivlCkp3WzZNPTrRYNAk7gbmi
IueVgW+Ku8sOlH4aLIeUoNGFQuQJBOP8tzGFjvtGbkg6u8ZlcbgGvMsMKKQzhXZC
2n0kVPY0NmCfVU8EUW2bkKJRcB7SN/Vgz8qR4BY7IwYwkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org