Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/BB7A5DE0E65F11EE8DFD2F57C4F9AE02.roa
File: BB7A5DE0E65F11EE8DFD2F57C4F9AE02.roa (raw, json)
Hash identifier: +/KWMqP4aftnux2Zybnm18OGx6ltYWzXTCUlH+UByFQ=
Subject key identifier: 82:A5:CC:57:0C:BF:17:F5:F7:F6:B1:D4:A4:B4:DC:43:6D:68:CF:C8
Certificate issuer: /CN=A9111318/serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
Certificate serial: 3471
Authority key identifier: 80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/BB7A5DE0E65F11EE8DFD2F57C4F9AE02.roa
Signing time: Wed 20 Mar 2024 02:15:34 +0000
ROA not before: Wed 20 Mar 2024 02:15:34 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 38022
IP address blocks: 163.7.128.0/18 maxlen: 18
163.7.128.0/24 maxlen: 24
163.7.129.0/24 maxlen: 24
163.7.134.0/24 maxlen: 24
163.7.135.0/24 maxlen: 24
163.7.137.0/24 maxlen: 24
163.7.138.0/24 maxlen: 24
163.7.139.0/24 maxlen: 24
163.7.144.0/21 maxlen: 21
163.7.176.0/22 maxlen: 22
163.7.176.0/24 maxlen: 24
163.7.177.0/24 maxlen: 24
163.7.178.0/24 maxlen: 24
163.7.179.0/24 maxlen: 24
163.7.190.0/24 maxlen: 24
163.7.191.0/24 maxlen: 24
210.7.32.0/20 maxlen: 20
2404:138::/32 maxlen: 32
2404:138:204::/48 maxlen: 48
2404:138:205::/48 maxlen: 48
2404:138:206::/48 maxlen: 48
2404:138:207::/48 maxlen: 48
2404:138:1306::/48 maxlen: 48
2404:139::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Mar 2024 03:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13425 (0x3471)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9111318/serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
Validity
Not Before: Mar 20 02:15:34 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65fa46c5-0f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:19:55:7d:ca:03:20:41:b2:0c:67:2b:ca:25:
76:c5:36:ea:2f:fa:95:f0:8d:6e:ae:de:5f:94:72:
ba:dc:e8:9a:39:97:9c:ff:0c:ea:81:aa:19:78:6e:
fd:1c:8b:bb:f9:f6:28:5a:54:a1:91:c3:fa:d6:24:
e1:2f:4d:d5:f9:21:67:b6:b2:1b:e3:1f:cf:57:a6:
c1:cb:69:f7:57:d2:bc:84:f0:d4:03:15:94:c6:8a:
55:c2:b8:8c:ca:db:7f:33:57:f5:9b:20:0e:6b:54:
7e:d8:a7:c0:fb:f9:c5:07:d7:5c:f5:8c:d0:9a:d3:
ad:36:68:72:8d:17:75:c6:98:c2:89:59:80:67:3a:
e2:82:30:77:f1:d3:35:81:55:f2:59:f2:47:a1:06:
80:b4:f6:50:65:30:93:d3:62:18:14:6a:23:bb:f5:
22:2a:22:e6:17:dc:f0:39:70:f0:cf:ab:c9:26:3e:
ae:7e:ec:54:16:6b:a6:f4:82:52:8a:aa:4c:7f:0b:
f5:d0:f9:3e:a3:cf:b2:4c:ec:ea:b0:87:f1:ae:00:
33:0d:86:cc:c6:06:76:6d:49:d8:62:c1:ac:b7:ea:
99:fd:fd:ba:d1:b9:80:b5:a3:43:de:3e:62:c0:eb:
5d:e7:5b:8c:5b:08:c1:e5:41:2d:33:42:ee:a6:ca:
95:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A5:CC:57:0C:BF:17:F5:F7:F6:B1:D4:A4:B4:DC:43:6D:68:CF:C8
X509v3 Authority Key Identifier:
keyid:80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/BB7A5DE0E65F11EE8DFD2F57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.7.128.0/18
210.7.32.0/20
IPv6:
2404:138::/31
Signature Algorithm: sha256WithRSAEncryption
72:a2:cb:4b:f9:c2:14:c2:a5:97:86:42:6d:27:2f:75:63:0f:
1f:be:fe:cd:ee:63:39:d7:94:44:4f:b6:2d:3f:e3:96:18:01:
27:bb:48:d2:44:6a:71:62:1b:1a:4d:b0:0d:5f:2d:df:9d:fd:
44:7f:4c:63:5b:1a:93:1c:4c:c8:fa:8a:96:43:7e:ea:cb:73:
29:11:5b:90:14:61:92:9d:50:42:ee:9f:45:32:32:62:67:f6:
56:59:13:6e:f1:f8:6e:d3:0b:44:3c:0f:09:fe:ae:5e:4b:85:
96:d0:e9:11:65:a2:48:6b:02:d2:4a:3e:f0:28:93:0b:f7:dc:
e3:44:3c:d7:6d:97:b6:77:0b:9e:8e:bc:01:00:dd:0a:51:a1:
d8:2d:99:1d:cd:e5:8b:4f:28:42:68:bd:50:bb:7b:7c:1c:7d:
45:fd:b2:59:2a:e7:eb:5c:b1:f4:46:5c:98:e1:75:73:22:7f:
7e:cd:d7:5f:66:58:8c:34:68:61:28:94:e3:8b:2f:36:3b:e9:
13:27:ec:05:40:88:02:b4:e0:e2:8c:49:69:a9:fa:f3:54:65:
b6:e0:b5:e2:c2:94:97:03:c2:df:dd:fe:ee:37:44:9b:2a:35:
a2:6b:f0:39:61:32:8d:87:6b:2c:41:67:d6:0f:b3:5f:e1:f8:
3d:dd:74:98
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICNHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTEzMTgxMTAvBgNVBAUTKDgwNkFCRkY0NjM1OTRDQUEzMERFNzBBMzExQUUyRjg0
OTE4OUJDNjQwHhcNMjQwMzIwMDIxNTM0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWZhNDZjNS0wZjRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBlVfcoDIEGyDGcryiV2xTbqL/qV8I1urt5flHK63OiaOZec/wzqgaoZeG79
HIu7+fYoWlShkcP61iThL03V+SFntrIb4x/PV6bBy2n3V9K8hPDUAxWUxopVwriM
ytt/M1f1myAOa1R+2KfA+/nFB9dc9YzQmtOtNmhyjRd1xpjCiVmAZzrigjB38dM1
gVXyWfJHoQaAtPZQZTCT02IYFGoju/UiKiLmF9zwOXDwz6vJJj6ufuxUFmum9IJS
iqpMfwv10Pk+o8+yTOzqsIfxrgAzDYbMxgZ2bUnYYsGst+qZ/f260bmAtaND3j5i
wOtd51uMWwjB5UEtM0LupsqV2wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIKlzFcM
vxf19/ax1KS03ENtaM/IMB8GA1UdIwQYMBaAFIBqv/RjWUyqMN5woxGuL4SRibxk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTMxOC9EQzc0NTFGMjFE
OTExMUUyOThFNzQ2RjQwOEIwMkNEMi9nR3FfOUdOWlRLb3czbkNqRWE0dmhKR0p2
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dHcV85R05aVEtvdzNuQ2pFYTR2aEpHSnZHUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTEzMTgvREM3NDUxRjIxRDkxMTFFMjk4RTc0NkY0MDhCMDJDRDIvQkI3QTVERTBF
NjVGMTFFRThERkQyRjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAajB4ADBATSByAwDQQCAAIwBwMFASQEATgwDQYJKoZIhvcN
AQELBQADggEBAHKiy0v5whTCpZeGQm0nL3VjDx++/s3uYznXlERPti0/45YYASe7
SNJEanFiGxpNsA1fLd+d/UR/TGNbGpMcTMj6ipZDfurLcykRW5AUYZKdUELun0Uy
MmJn9lZZE27x+G7TC0Q8Dwn+rl5LhZbQ6RFlokhrAtJKPvAokwv33ONEPNdtl7Z3
C56OvAEA3QpRodgtmR3N5YtPKEJovVC7e3wcfUX9slkq5+tcsfRGXJjhdXMif37N
119mWIw0aGEolOOLLzY76RMn7AVAiAK04OKMSWmp+vNUZbbgteLClJcDwt/d/u43
RJsqNaJr8DlhMo2HayxBZ9YPs1/h+D3ddJg=
-----END CERTIFICATE-----
Generated at Thu Mar 21 06:38:16 2024 by rpki-client on console-fra.rpki-client.org