Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A1AA7CE4906311EEB41CB54BC4F9AE02.roa
File: A1AA7CE4906311EEB41CB54BC4F9AE02.roa (raw, json)
Hash identifier: HyzOLdDom8pVLqlb2K+ld1TlgSmWIsJAojcij6iDfLk=
Subject key identifier: 0A:05:AC:72:FD:79:58:ED:0D:DC:25:2D:78:2A:1B:E0:89:1B:05:99
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 40DC
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A1AA7CE4906311EEB41CB54BC4F9AE02.roa
Signing time: Fri 01 Dec 2023 16:13:34 +0000
ROA not before: Fri 01 Dec 2023 16:13:34 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 24173
IP address blocks: 101.96.64.0/18 maxlen: 24
119.15.160.0/20 maxlen: 24
119.15.189.0/24 maxlen: 24
119.17.192.0/19 maxlen: 24
202.151.160.0/21 maxlen: 24
210.86.224.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 15:54:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16604 (0x40dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Dec 1 16:13:34 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=656a062e-cc29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7f:a3:99:b1:fd:1b:1d:1b:8b:fd:53:e3:98:
ce:08:c4:a7:77:39:00:83:09:b0:6f:8d:a2:d1:20:
f3:36:f5:ca:03:6e:12:05:e2:0f:0b:9d:15:f4:64:
7c:73:45:c3:73:08:5e:f0:c5:da:e0:4a:6d:93:d8:
1e:30:90:c6:0a:88:85:f5:8c:79:82:1d:e9:a1:21:
c2:74:e5:e3:f0:d5:00:db:14:fe:85:09:0b:56:fe:
53:63:3d:49:49:db:f0:00:8e:82:83:47:0c:df:d7:
50:5d:e6:9c:5c:2e:1f:98:a9:13:eb:14:0c:68:a2:
81:b6:95:1e:41:97:32:02:82:b4:53:07:74:44:af:
34:be:49:c3:62:7c:ff:7d:dc:5c:16:f9:5d:27:85:
e7:f7:7d:dc:55:a7:28:8a:27:7d:22:c1:69:83:e1:
e3:0b:42:25:98:ef:3d:6f:d4:67:35:52:3d:6c:94:
09:c8:1e:22:3f:26:e6:b3:9f:17:79:9a:a5:0f:32:
c7:cc:86:c8:63:5b:8d:5e:0a:38:b5:95:a1:6c:60:
5e:f0:d9:ba:eb:0a:a3:12:b5:45:1d:b2:de:80:da:
02:fd:e9:1d:df:f4:44:86:31:6e:2b:d2:62:e2:06:
5f:42:ac:56:90:52:6a:ac:f0:d2:e7:a6:d9:54:5e:
b7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:05:AC:72:FD:79:58:ED:0D:DC:25:2D:78:2A:1B:E0:89:1B:05:99
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A1AA7CE4906311EEB41CB54BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.96.64.0/18
119.15.160.0/20
119.15.189.0/24
119.17.192.0/19
202.151.160.0/21
210.86.224.0/21
Signature Algorithm: sha256WithRSAEncryption
bd:19:a6:d3:2a:7a:86:6d:c7:9b:05:cf:15:bf:49:b8:8e:b5:
7a:85:e7:f7:e1:87:57:1d:c5:ed:37:20:0e:31:d1:68:b3:c7:
fb:97:aa:57:06:24:01:68:63:77:94:d8:3f:d6:7e:34:1f:bd:
16:69:90:08:05:83:9c:b4:28:9d:ef:d6:e8:87:00:d0:93:e4:
18:52:56:39:23:58:c4:19:b4:27:9a:fb:aa:5b:4a:e3:e3:7b:
56:75:35:fe:a5:cc:7c:ad:7a:b1:04:eb:f0:c4:a5:b0:b0:e7:
b4:fd:9c:8e:8e:e3:6f:93:d9:e6:ba:b2:cf:c9:e6:b9:69:2d:
b3:e0:40:64:9d:68:43:a9:85:45:81:8f:e5:07:9a:3f:96:db:
79:a5:f4:3d:21:00:7d:ce:a0:4c:54:6e:eb:64:8b:e7:47:30:
06:e8:04:d0:c6:d1:33:c2:95:16:6e:35:a3:7b:dc:d5:2e:02:
0a:66:17:5f:af:8f:36:fe:82:87:c3:cc:1d:47:a5:84:01:50:
b1:b7:7b:bc:31:79:30:5a:90:44:97:4b:0b:a0:f1:cb:f1:d3:
b0:29:b1:fd:00:fc:e5:aa:c6:33:01:b2:10:75:ed:2f:b5:b3:
b3:ea:cc:43:70:9c:f3:eb:59:1e:14:e6:7b:44:b5:70:0a:f7:
0a:6b:91:18
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICQNwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMxMjAxMTYxMzM0WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZhMDYyZS1jYzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxH+jmbH9Gx0bi/1T45jOCMSndzkAgwmwb42i0SDzNvXKA24SBeIPC50V9GR8
c0XDcwhe8MXa4Eptk9geMJDGCoiF9Yx5gh3poSHCdOXj8NUA2xT+hQkLVv5TYz1J
SdvwAI6Cg0cM39dQXeacXC4fmKkT6xQMaKKBtpUeQZcyAoK0Uwd0RK80vknDYnz/
fdxcFvldJ4Xn933cVacoiid9IsFpg+HjC0IlmO89b9RnNVI9bJQJyB4iPybms58X
eZqlDzLHzIbIY1uNXgo4tZWhbGBe8Nm66wqjErVFHbLegNoC/ekd3/REhjFuK9Ji
4gZfQqxWkFJqrPDS56bZVF63YwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFAoFrHL9
eVjtDdwlLXgqG+CJGwWZMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQTFBQTdDRTQ5
MDYzMTFFRUI0MUNCNTRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAZlYEADBAR3D6ADBAB3D70DBAV3EcADBAPKl6ADBAPSVuAw
DQYJKoZIhvcNAQELBQADggEBAL0ZptMqeoZtx5sFzxW/SbiOtXqF5/fhh1cdxe03
IA4x0Wizx/uXqlcGJAFoY3eU2D/WfjQfvRZpkAgFg5y0KJ3v1uiHANCT5BhSVjkj
WMQZtCea+6pbSuPje1Z1Nf6lzHyterEE6/DEpbCw57T9nI6O42+T2ea6ss/J5rlp
LbPgQGSdaEOphUWBj+UHmj+W23ml9D0hAH3OoExUbutki+dHMAboBNDG0TPClRZu
NaN73NUuAgpmF1+vjzb+gofDzB1HpYQBULG3e7wxeTBakESXSwug8cvx07Apsf0A
/OWqxjMBshB17S+1s7PqzENwnPPrWR4U5ntEtXAK9wprkRg=
-----END CERTIFICATE-----
Generated at Fri Apr 19 18:38:46 2024 by rpki-client on console-fra.rpki-client.org