Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/64B17220535F11EE9BC85F83C4F9AE02.roa
File: 64B17220535F11EE9BC85F83C4F9AE02.roa (raw, json)
Hash identifier: +umKDDU7Uxp9fQfEl9HtG/ALcCtYb9DvzrpLKeQEKWU=
Subject key identifier: 7F:93:34:A8:1A:78:85:E2:9A:5C:AF:04:2F:60:55:9C:58:71:1A:15
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0B38
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/64B17220535F11EE9BC85F83C4F9AE02.roa
Signing time: Wed 03 Apr 2024 02:01:04 +0000
ROA not before: Wed 03 Apr 2024 02:01:04 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 18206
IP address blocks: 49.236.192.0/24 maxlen: 24
49.236.193.0/24 maxlen: 24
49.236.194.0/24 maxlen: 24
49.236.195.0/24 maxlen: 24
49.236.197.0/24 maxlen: 24
49.236.199.0/24 maxlen: 24
49.236.203.0/24 maxlen: 24
49.236.204.0/24 maxlen: 24
112.137.160.0/24 maxlen: 24
112.137.161.0/24 maxlen: 24
112.137.162.0/24 maxlen: 24
112.137.169.0/24 maxlen: 24
112.137.170.0/24 maxlen: 24
112.137.172.0/24 maxlen: 24
112.137.173.0/24 maxlen: 24
112.137.175.0/24 maxlen: 24
119.110.102.0/24 maxlen: 24
124.197.224.0/20 maxlen: 20
124.197.225.0/24 maxlen: 24
124.197.233.0/24 maxlen: 24
124.197.238.0/24 maxlen: 24
202.75.45.0/24 maxlen: 24
202.162.0.0/19 maxlen: 24
202.165.0.0/19 maxlen: 24
203.153.80.0/20 maxlen: 24
210.48.146.0/24 maxlen: 24
210.48.151.0/24 maxlen: 24
2404:b8::/32 maxlen: 32
2404:b8::/48 maxlen: 48
2404:b8:1::/48 maxlen: 48
2404:b8:3::/48 maxlen: 48
2404:b8:20::/43 maxlen: 43
2404:b8:2000::/44 maxlen: 44
2404:b8:2020::/43 maxlen: 43
Validation: Failed, certificate revoked on Tue 16 Apr 2024 06:58:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2872 (0xb38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Apr 3 02:01:04 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=660cb860-c494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:57:28:bf:e8:96:b8:41:30:87:7c:82:2d:ce:
b3:86:bb:a2:61:a0:1e:81:33:05:9a:1c:e8:9e:b4:
bc:fd:05:7f:b7:4f:26:2d:85:e0:f8:3b:b6:c4:91:
d8:9c:0d:7a:16:47:32:fb:4c:1f:75:71:14:a5:76:
9a:f6:61:bb:1e:a7:5a:0d:d2:14:dd:bf:c7:d3:2f:
2f:76:7d:5f:6a:f7:54:b4:47:8e:d3:c1:ed:14:c9:
6e:cd:09:ce:db:ac:f0:4a:a6:09:6f:7e:01:f2:e1:
e0:24:36:7d:11:35:99:b3:0e:66:67:f4:cc:e1:83:
ec:4e:0d:b0:50:bd:df:fa:e2:23:b7:c3:9a:30:93:
4d:e7:2f:db:fe:00:ac:51:f1:21:a4:e3:23:53:62:
7c:99:4b:f8:16:2c:92:9a:25:19:de:ee:08:5f:0d:
84:16:8c:af:fd:ac:75:10:b7:48:30:74:73:b0:b6:
bf:93:1f:92:c4:7e:7b:26:fe:96:60:bf:ab:a3:48:
7e:91:98:d2:f2:7a:62:9f:eb:29:27:ba:39:88:b5:
5a:94:dd:a7:31:37:12:5c:8e:02:d9:af:ea:d6:da:
ea:db:a9:ca:32:ab:84:bd:d9:6e:d9:50:ec:45:c4:
79:4b:ea:54:d8:00:41:8f:e3:f1:04:88:e4:02:c2:
13:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:93:34:A8:1A:78:85:E2:9A:5C:AF:04:2F:60:55:9C:58:71:1A:15
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/64B17220535F11EE9BC85F83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/22
49.236.197.0/24
49.236.199.0/24
49.236.203.0-49.236.204.255
112.137.160.0-112.137.162.255
112.137.169.0-112.137.170.255
112.137.172.0/23
112.137.175.0/24
119.110.102.0/24
124.197.224.0/20
202.75.45.0/24
202.162.0.0/19
202.165.0.0/19
203.153.80.0/20
210.48.146.0/24
210.48.151.0/24
IPv6:
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
8d:ed:92:78:88:ab:65:9f:23:73:07:90:1c:97:82:b2:7e:27:
54:df:98:84:0a:29:9e:00:63:80:de:73:94:f2:dc:44:11:d5:
eb:6e:12:27:53:af:12:9b:8c:4c:53:26:37:61:90:17:24:92:
41:9e:7a:a0:2a:d6:7c:77:7c:5c:30:27:9c:9c:4a:9f:42:71:
17:76:df:53:d3:a7:92:ca:1c:8f:f9:2b:d7:21:58:c3:48:6e:
d2:73:d7:e2:62:9c:ba:fa:02:95:15:e2:03:1f:89:7b:73:6a:
9d:4b:d0:c2:18:7c:36:4f:6e:36:94:91:c3:3a:07:96:40:52:
3b:4d:c8:f4:c0:a4:2d:a2:a6:e9:24:1f:84:75:6c:bb:50:df:
98:65:ec:e7:51:0b:66:1a:f4:17:46:fc:43:f6:9a:d6:c7:19:
bf:48:e3:b2:96:59:b3:16:eb:e8:3d:00:be:4b:25:80:4d:60:
9b:81:df:51:c1:92:2f:96:eb:af:49:98:5d:93:24:55:37:59:
5a:c7:35:ad:7f:26:df:04:25:b2:27:ce:ee:25:0d:7d:15:11:
08:1c:8d:10:e5:4a:6e:1c:5d:c4:e0:95:38:d6:bc:47:c9:bb:
11:dc:a7:cb:a9:cd:3d:fe:32:e4:da:ab:14:f1:c0:dc:48:2f:
2f:3b:61:2f
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICCzgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjQwNDAzMDIwMTA0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjYjg2MC1jNDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Fcov+iWuEEwh3yCLc6zhruiYaAegTMFmhzonrS8/QV/t08mLYXg+Du2xJHY
nA16Fkcy+0wfdXEUpXaa9mG7HqdaDdIU3b/H0y8vdn1favdUtEeO08HtFMluzQnO
26zwSqYJb34B8uHgJDZ9ETWZsw5mZ/TM4YPsTg2wUL3f+uIjt8OaMJNN5y/b/gCs
UfEhpOMjU2J8mUv4FiySmiUZ3u4IXw2EFoyv/ax1ELdIMHRzsLa/kx+SxH57Jv6W
YL+ro0h+kZjS8npin+spJ7o5iLValN2nMTcSXI4C2a/q1trq26nKMquEvdlu2VDs
RcR5S+pU2ABBj+PxBIjkAsITMQIDAQABo4IDGTCCAxUwHQYDVR0OBBYEFH+TNKga
eIXimlyvBC9gVZxYcRoVMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvNjRCMTcyMjA1
MzVGMTFFRTlCQzg1RjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaIGCCsGAQUFBwEHAQH/
BIGSMIGPMH4EAgABMHgDBAIx7MADBAAx7MUDBAAx7McwDAMEADHsywMEADHszDAM
AwQFcImgAwQAcImiMAwDBABwiakDBABwiaoDBAFwiawDBABwia8DBAB3bmYDBAR8
xeADBADKSy0DBAXKogADBAXKpQADBATLmVADBADSMJIDBADSMJcwDQQCAAIwBwMF
ACQEALgwDQYJKoZIhvcNAQELBQADggEBAI3tkniIq2WfI3MHkByXgrJ+J1TfmIQK
KZ4AY4Dec5Ty3EQR1etuEidTrxKbjExTJjdhkBckkkGeeqAq1nx3fFwwJ5ycSp9C
cRd231PTp5LKHI/5K9chWMNIbtJz1+JinLr6ApUV4gMfiXtzap1L0MIYfDZPbjaU
kcM6B5ZAUjtNyPTApC2ipukkH4R1bLtQ35hl7OdRC2Ya9BdG/EP2mtbHGb9I47KW
WbMW6+g9AL5LJYBNYJuB31HBki+W669JmF2TJFU3WVrHNa1/Jt8EJbInzu4lDX0V
EQgcjRDlSm4cXcTglTjWvEfJuxHcp8upzT3+MuTaqxTxwNxILy87YS8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org