Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/77B7F7C01F5611EC999E640AC4F9AE02.roa
File: 77B7F7C01F5611EC999E640AC4F9AE02.roa (raw, json)
Hash identifier: 3WecFkNaYmcaewz9gy2344QKQ28jm5BquBPu8eCebl4=
Subject key identifier: 89:2F:75:B1:C7:EF:86:4C:48:94:77:A6:D0:52:16:BE:0F:D7:58:24
Certificate issuer: /CN=A912C8AF/serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4
Certificate serial: 096C
Authority key identifier: 76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/77B7F7C01F5611EC999E640AC4F9AE02.roa
Signing time: Wed 10 May 2023 01:58:26 +0000
ROA not before: Wed 10 May 2023 01:58:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138915
IP address blocks: 59.153.156.0/24 maxlen: 24
59.153.157.0/24 maxlen: 24
59.153.158.0/24 maxlen: 24
59.153.159.0/24 maxlen: 24
103.84.108.0/24 maxlen: 24
103.84.109.0/24 maxlen: 24
103.136.248.0/22 maxlen: 22
103.136.248.0/24 maxlen: 24
103.136.249.0/24 maxlen: 24
103.136.250.0/24 maxlen: 24
103.136.251.0/24 maxlen: 24
103.198.200.0/24 maxlen: 24
103.198.201.0/24 maxlen: 24
103.198.202.0/24 maxlen: 24
175.176.192.0/24 maxlen: 24
175.176.193.0/24 maxlen: 24
175.176.194.0/24 maxlen: 24
175.176.195.0/24 maxlen: 24
2404:a140::/32 maxlen: 32
2404:a140:2::/48 maxlen: 48
2404:a140:3::/48 maxlen: 48
2404:a140:4::/48 maxlen: 48
2404:a140:5::/48 maxlen: 48
2404:a140:6::/48 maxlen: 48
2404:a140:7::/48 maxlen: 48
2404:a140:8::/48 maxlen: 48
2404:a140:9::/48 maxlen: 48
2404:a140:a::/48 maxlen: 48
2404:a140:b::/48 maxlen: 48
2404:a140:c::/48 maxlen: 48
2404:a140:d::/48 maxlen: 48
2404:a140:e::/48 maxlen: 48
2404:a140:f::/48 maxlen: 48
2404:a140:10::/48 maxlen: 48
2404:a140:11::/48 maxlen: 48
2404:a140:12::/48 maxlen: 48
2404:a140:13::/48 maxlen: 48
2404:a140:14::/48 maxlen: 48
2404:a140:15::/48 maxlen: 48
2404:a140:16::/48 maxlen: 48
2404:a140:17::/48 maxlen: 48
2404:a140:18::/48 maxlen: 48
2404:a140:19::/48 maxlen: 48
2404:a140:1a::/48 maxlen: 48
2404:a140:1b::/48 maxlen: 48
2404:a140:1c::/48 maxlen: 48
2404:a140:1d::/48 maxlen: 48
2404:a140:1e::/48 maxlen: 48
2404:a140:1f::/48 maxlen: 48
2404:a140:20::/48 maxlen: 48
2404:a140:21::/48 maxlen: 48
2404:a140:22::/48 maxlen: 48
2404:a140:23::/48 maxlen: 48
2404:a140:24::/48 maxlen: 48
2404:a140:25::/48 maxlen: 48
2404:a140:26::/48 maxlen: 48
2404:a140:27::/48 maxlen: 48
2404:a140:28::/48 maxlen: 48
2404:a140:29::/48 maxlen: 48
2404:a140:2a::/48 maxlen: 48
2404:a140:2b::/48 maxlen: 48
2404:a140:2c::/48 maxlen: 48
2404:a140:2d::/48 maxlen: 48
2404:a140:2e::/48 maxlen: 48
2404:a140:2f::/48 maxlen: 48
2404:a140:30::/48 maxlen: 48
2404:a140:3a::/48 maxlen: 48
2404:a140:3b::/48 maxlen: 48
2404:a140:3c::/48 maxlen: 48
2404:a140:3d::/48 maxlen: 48
2404:a140:3e::/48 maxlen: 48
2404:a140:4a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 May 2023 03:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2412 (0x96c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912C8AF/serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4
Validity
Not Before: May 10 01:58:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645afa41-c2a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:75:e7:75:eb:84:d4:bf:62:5f:1c:2b:33:59:
dd:ed:d2:2f:5f:4c:5d:56:cd:cf:82:26:5a:9d:64:
f3:ce:d3:cd:aa:10:da:17:e6:56:10:ff:45:7a:57:
7c:96:35:2b:8d:00:c9:12:cc:8e:8d:cc:a1:40:ff:
07:d8:22:a5:66:e2:e7:d5:d6:2f:a7:70:4a:64:58:
4f:e1:70:a4:d0:4a:fa:0f:99:cf:34:35:5e:38:43:
19:cc:ac:77:1b:e6:3e:0a:be:3f:68:23:6a:2b:ff:
8a:52:ed:ea:ee:88:6f:16:b6:59:9d:d3:c8:52:63:
08:e3:7d:fc:e8:db:4b:46:d6:0a:ae:f2:79:5e:39:
9e:60:6c:65:ed:5f:b6:ff:f3:84:64:bd:3d:98:0f:
b1:4f:f5:80:0e:81:d1:1f:27:d0:72:56:4a:93:66:
b3:96:66:cf:11:84:ed:de:55:a7:57:eb:e8:af:57:
47:a5:55:04:00:54:62:0f:32:79:05:e0:ec:f1:b5:
de:08:cb:bc:f9:f1:7d:50:3a:53:42:fe:87:72:0a:
a8:25:b5:97:e3:f2:43:13:de:d2:71:41:6a:af:4f:
4c:e0:6f:d2:81:1d:f9:05:da:c9:62:a2:2a:b1:20:
f1:b9:7d:8c:5d:df:6b:95:20:17:7a:ec:41:41:d5:
34:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2F:75:B1:C7:EF:86:4C:48:94:77:A6:D0:52:16:BE:0F:D7:58:24
X509v3 Authority Key Identifier:
keyid:76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/77B7F7C01F5611EC999E640AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.156.0/22
103.84.108.0/23
103.136.248.0/22
103.198.200.0-103.198.202.255
175.176.192.0/22
IPv6:
2404:a140::/32
Signature Algorithm: sha256WithRSAEncryption
98:8c:d9:b6:f5:9b:f3:30:6c:c2:1a:f0:79:9d:3a:65:ab:d8:
fd:ae:7b:45:37:61:7f:05:6c:62:1e:26:c7:13:b0:f0:ce:74:
25:bf:7f:5a:a8:52:db:eb:c1:ae:74:41:37:ac:67:39:fc:fb:
64:68:ae:fe:fe:47:d7:1f:f3:55:4a:3a:79:66:15:c6:cd:e9:
27:5b:ae:a2:ee:3c:54:36:b1:32:ca:8c:de:5e:ef:76:a7:44:
55:67:9f:5a:cf:b7:5c:6c:02:97:a0:03:0b:10:bf:58:9d:5a:
13:12:ee:a6:02:bd:cf:7a:8a:51:a5:5e:2a:26:2b:fc:e6:46:
5e:f2:d6:cf:d7:43:95:f1:b5:75:9c:54:7a:85:89:84:14:b4:
4e:18:d3:a8:be:95:aa:96:00:01:fe:0d:cf:ea:7a:69:c6:37:
ba:17:76:6e:43:bf:b7:19:37:56:81:7a:a2:39:d8:3c:ed:bc:
b8:f3:01:48:35:c7:55:58:a0:e0:54:59:d5:c3:69:19:b0:da:
dc:3e:7c:b6:00:d2:16:c3:c3:dc:34:21:1d:43:b5:73:ba:ca:
5c:38:fa:b4:82:09:e0:80:f0:2c:80:36:3d:98:d8:81:a1:21:
14:30:86:1f:51:cb:29:4f:07:72:4d:3a:7c:fa:1b:b6:ab:b6:
f7:ec:23:42
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICCWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkM4QUYxMTAvBgNVBAUTKDc2M0Y3RkJEOTY0QTFDMzY2ODMwOEM5QTI5RTE1MDI1
QzBEREY5RDQwHhcNMjMwNTEwMDE1ODI2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDVhZmE0MS1jMmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAynXndeuE1L9iXxwrM1nd7dIvX0xdVs3PgiZanWTzztPNqhDaF+ZWEP9Feld8
ljUrjQDJEsyOjcyhQP8H2CKlZuLn1dYvp3BKZFhP4XCk0Er6D5nPNDVeOEMZzKx3
G+Y+Cr4/aCNqK/+KUu3q7ohvFrZZndPIUmMI43386NtLRtYKrvJ5XjmeYGxl7V+2
//OEZL09mA+xT/WADoHRHyfQclZKk2azlmbPEYTt3lWnV+vor1dHpVUEAFRiDzJ5
BeDs8bXeCMu8+fF9UDpTQv6HcgqoJbWX4/JDE97ScUFqr09M4G/SgR35BdrJYqIq
sSDxuX2MXd9rlSAXeuxBQdU0KQIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFIkvdbHH
74ZMSJR3ptBSFr4P11gkMB8GA1UdIwQYMBaAFHY/f72WShw2aDCMminhUCXA3fnU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhBRi9EMUY2NEU3MjVF
RUYxMUVBQTU0RTZDNkNDNEY5QUUwMi9kajlfdlpaS0hEWm9NSXlhS2VGUUpjRGQt
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RqOV92WlpLSERab01JeWFLZUZRSmNEZC1kUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM4QUYvRDFGNjRFNzI1RUVGMTFFQUE1NEU2QzZDQzRGOUFFMDIvNzdCN0Y3QzAx
RjU2MTFFQzk5OUU2NDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E
PzA9MCwEAgABMCYDBAI7mZwDBAFnVGwDBAJniPgwDAMEA2fGyAMEAGfGygMEAq+w
wDANBAIAAjAHAwUAJAShQDANBgkqhkiG9w0BAQsFAAOCAQEAmIzZtvWb8zBswhrw
eZ06ZavY/a57RTdhfwVsYh4mxxOw8M50Jb9/WqhS2+vBrnRBN6xnOfz7ZGiu/v5H
1x/zVUo6eWYVxs3pJ1uuou48VDaxMsqM3l7vdqdEVWefWs+3XGwCl6ADCxC/WJ1a
ExLupgK9z3qKUaVeKiYr/OZGXvLWz9dDlfG1dZxUeoWJhBS0ThjTqL6VqpYAAf4N
z+p6acY3uhd2bkO/txk3VoF6ojnYPO28uPMBSDXHVVig4FRZ1cNpGbDa3D58tgDS
FsPD3DQhHUO1c7rKXDj6tIIJ4IDwLIA2PZjYgaEhFDCGH1HLKU8Hck06fPobtqu2
9+wjQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org