Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/5B9651D45F3811EF9098512AC4F9AE02.roa
File: 5B9651D45F3811EF9098512AC4F9AE02.roa (raw, json)
Hash identifier: LdgzyUG2NH4TwafLLK5HUS/gqEciiCwUFWYkrFZAvvI=
Subject key identifier: 92:82:D0:F4:9E:DE:68:DE:EF:EA:D0:B3:FF:B6:96:2E:CA:49:5B:FD
Certificate issuer: /CN=A9117394/serialNumber=AAFAAE3C5703B39337FD3D7A9666C58CB8C3B509
Certificate serial: 34B8
Authority key identifier: AA:FA:AE:3C:57:03:B3:93:37:FD:3D:7A:96:66:C5:8C:B8:C3:B5:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qvquPFcDs5M3_T16lmbFjLjDtQk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/5B9651D45F3811EF9098512AC4F9AE02.roa
Signing time: Tue 20 Aug 2024 21:08:33 +0000
ROA not before: Tue 20 Aug 2024 21:08:33 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 37997
IP address blocks: 103.224.196.0/22 maxlen: 22
103.224.196.0/24 maxlen: 24
103.224.197.0/24 maxlen: 24
103.224.198.0/24 maxlen: 24
103.224.199.0/24 maxlen: 24
124.195.128.0/20 maxlen: 20
124.195.128.0/22 maxlen: 22
124.195.128.0/24 maxlen: 24
124.195.129.0/24 maxlen: 24
124.195.130.0/24 maxlen: 24
124.195.131.0/24 maxlen: 24
124.195.132.0/22 maxlen: 22
124.195.132.0/24 maxlen: 24
124.195.133.0/24 maxlen: 24
124.195.134.0/24 maxlen: 24
124.195.135.0/24 maxlen: 24
124.195.136.0/22 maxlen: 22
124.195.136.0/24 maxlen: 24
124.195.137.0/24 maxlen: 24
124.195.138.0/24 maxlen: 24
124.195.139.0/24 maxlen: 24
124.195.140.0/22 maxlen: 22
124.195.140.0/24 maxlen: 24
124.195.141.0/24 maxlen: 24
124.195.142.0/24 maxlen: 24
124.195.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 02:17:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13496 (0x34b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117394/serialNumber=AAFAAE3C5703B39337FD3D7A9666C58CB8C3B509
Validity
Not Before: Aug 20 21:08:33 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66c505d1-d2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:25:75:28:43:64:f7:ba:c2:df:5f:4d:f4:03:
5d:74:d1:7e:5e:bf:66:9c:c7:40:02:e2:9b:82:ae:
b7:10:f4:d8:ef:18:12:b6:6a:63:c5:0e:4e:a7:dd:
d5:07:a5:75:ff:0a:94:ab:fe:bc:6d:6b:96:b0:43:
41:16:46:ca:44:eb:ff:b4:8c:17:de:e1:c6:86:27:
4c:00:57:cc:d9:8f:18:b8:2f:7f:64:09:ab:1c:28:
44:d4:69:bc:b5:2f:7f:fa:05:3d:1a:e1:99:2a:9e:
5c:5f:63:46:c2:e9:4f:35:db:71:21:00:7f:29:8d:
79:ec:ce:8d:d0:aa:c2:43:df:d3:90:5a:3e:9d:2c:
82:0a:45:d7:63:1f:a5:f2:28:58:dc:1d:5d:53:69:
c6:73:09:64:29:fc:30:43:99:1b:54:35:29:70:08:
54:9d:47:13:c3:9b:4a:36:72:dc:db:fa:f2:91:af:
85:97:75:e3:9f:85:06:80:c4:bd:1a:3f:e6:46:b9:
07:f2:ba:4e:cf:53:42:3f:d3:ba:80:ef:8f:6d:38:
c2:0e:c4:8f:46:04:ad:3f:f3:a9:13:6a:f7:a1:b5:
d2:dc:8a:50:84:ef:33:5f:20:cb:39:62:26:df:87:
02:2c:e8:d3:3b:aa:b4:d4:4a:f2:0c:49:22:6b:8a:
39:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:82:D0:F4:9E:DE:68:DE:EF:EA:D0:B3:FF:B6:96:2E:CA:49:5B:FD
X509v3 Authority Key Identifier:
keyid:AA:FA:AE:3C:57:03:B3:93:37:FD:3D:7A:96:66:C5:8C:B8:C3:B5:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/qvquPFcDs5M3_T16lmbFjLjDtQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qvquPFcDs5M3_T16lmbFjLjDtQk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/5B9651D45F3811EF9098512AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.224.196.0/22
124.195.128.0/20
Signature Algorithm: sha256WithRSAEncryption
0a:cc:ea:bf:3d:3b:34:c0:1d:f3:8f:6e:5c:5a:0c:dc:9e:30:
1a:76:00:36:03:7e:ff:05:07:14:01:71:ca:7b:45:53:10:37:
a2:8f:12:3e:15:05:38:db:1a:48:b1:78:ea:2f:75:48:c8:c3:
f1:99:9f:6a:51:0c:21:9f:01:3b:17:98:61:68:f4:f0:48:5f:
f4:3c:fb:ad:b9:d7:e6:9a:1d:93:21:43:b6:71:70:99:e6:07:
09:d7:ac:c9:31:d2:ba:2f:a0:3a:05:fa:8e:0d:30:45:80:87:
ce:54:f4:2f:7b:3a:80:a9:d8:70:c5:4e:93:d3:a1:ad:41:ba:
89:e0:6f:a6:7d:5e:66:c7:e5:5b:b2:11:06:c0:41:78:6f:1a:
1d:21:b3:15:8c:4e:13:6d:b6:09:7e:5a:a1:43:98:ce:ab:a4:
f6:50:4b:6a:4c:83:e4:e8:77:38:82:4d:b6:73:54:4e:c6:6d:
0e:f9:ad:33:f3:7f:af:ef:94:f8:61:91:ac:9d:c3:c6:63:41:
f5:52:bf:e9:25:6d:bb:46:cd:76:62:64:08:ab:55:16:8f:90:
85:2e:a1:68:cf:d7:c9:51:7c:58:a2:85:39:9b:e4:03:d6:f0:
d7:e4:1f:42:c0:50:7f:76:dc:72:52:99:e8:f4:c2:69:b8:20:
87:6c:d0:b7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczOTQxMTAvBgNVBAUTKEFBRkFBRTNDNTcwM0IzOTMzN0ZEM0Q3QTk2NjZDNThD
QjhDM0I1MDkwHhcNMjQwODIwMjEwODMzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM1MDVkMS1kMmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxiV1KENk97rC319N9ANddNF+Xr9mnMdAAuKbgq63EPTY7xgStmpjxQ5Op93V
B6V1/wqUq/68bWuWsENBFkbKROv/tIwX3uHGhidMAFfM2Y8YuC9/ZAmrHChE1Gm8
tS9/+gU9GuGZKp5cX2NGwulPNdtxIQB/KY157M6N0KrCQ9/TkFo+nSyCCkXXYx+l
8ihY3B1dU2nGcwlkKfwwQ5kbVDUpcAhUnUcTw5tKNnLc2/ryka+Fl3Xjn4UGgMS9
Gj/mRrkH8rpOz1NCP9O6gO+PbTjCDsSPRgStP/OpE2r3obXS3IpQhO8zXyDLOWIm
34cCLOjTO6q01EryDEkia4o5QwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJKC0PSe
3mje7+rQs/+2li7KSVv9MB8GA1UdIwQYMBaAFKr6rjxXA7OTN/09epZmxYy4w7UJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM5NC80RjU5MTg2QTFE
NkYxMUUyOUI1NDQ2QjEwOEIwMkNEMi9xdnF1UEZjRHM1TTNfVDE2bG1iRmpMakR0
UWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3F2cXVQRmNEczVNM19UMTZsbWJGakxqRHRRay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczOTQvNEY1OTE4NkExRDZGMTFFMjlCNTQ0NkIxMDhCMDJDRDIvNUI5NjUxRDQ1
RjM4MTFFRjkwOTg1MTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn4MQDBAR8w4AwDQYJKoZIhvcNAQELBQADggEBAArM6r89
OzTAHfOPblxaDNyeMBp2ADYDfv8FBxQBccp7RVMQN6KPEj4VBTjbGkixeOovdUjI
w/GZn2pRDCGfATsXmGFo9PBIX/Q8+6251+aaHZMhQ7ZxcJnmBwnXrMkx0rovoDoF
+o4NMEWAh85U9C97OoCp2HDFTpPToa1Buongb6Z9XmbH5VuyEQbAQXhvGh0hsxWM
ThNttgl+WqFDmM6rpPZQS2pMg+TodziCTbZzVE7GbQ75rTPzf6/vlPhhkaydw8Zj
QfVSv+klbbtGzXZiZAirVRaPkIUuoWjP18lRfFiihTmb5APW8NfkH0LAUH923HJS
mej0wmm4IIds0Lc=
-----END CERTIFICATE-----
Generated at Wed Sep 4 03:24:24 2024 by rpki-client on console-fra.rpki-client.org