Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/45A01BCC805C11EF8D943B14C4F9AE02.roa
File: 45A01BCC805C11EF8D943B14C4F9AE02.roa (raw, json)
Hash identifier: XrJbP7afZTtbyWNKqG3pfMndJ12VEtDzVZRlyPfyHQQ=
Subject key identifier: 97:F9:AA:AD:B7:CE:68:51:51:0C:F8:E3:CE:49:B5:60:6B:FE:0F:32
Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Certificate serial: 0986
Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/45A01BCC805C11EF8D943B14C4F9AE02.roa
Signing time: Wed 02 Oct 2024 01:18:46 +0000
ROA not before: Wed 02 Oct 2024 01:18:46 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9908
IP address blocks: 61.10.0.0/16 maxlen: 16
61.10.0.0/17 maxlen: 17
61.10.0.0/18 maxlen: 20
61.10.64.0/18 maxlen: 18
61.10.64.0/19 maxlen: 20
61.10.96.0/19 maxlen: 20
61.10.128.0/17 maxlen: 20
61.15.0.0/16 maxlen: 16
61.15.0.0/17 maxlen: 20
61.15.128.0/17 maxlen: 20
61.18.0.0/16 maxlen: 20
125.59.0.0/16 maxlen: 20
203.83.64.0/18 maxlen: 18
203.168.160.0/20 maxlen: 20
203.168.176.0/20 maxlen: 20
203.168.192.0/18 maxlen: 20
218.252.0.0/16 maxlen: 16
218.252.0.0/17 maxlen: 20
218.252.128.0/17 maxlen: 20
218.253.0.0/18 maxlen: 20
218.254.0.0/16 maxlen: 17
222.166.0.0/16 maxlen: 20
222.167.0.0/16 maxlen: 20
Validation: Failed, certificate revoked on Fri 08 Nov 2024 02:25:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2438 (0x986)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Validity
Not Before: Oct 2 01:18:46 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66fc9f76-55d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ee:46:5d:c2:9d:b4:b0:1f:a0:4e:6c:d1:e7:
40:01:01:67:4e:b8:c7:3b:01:90:f9:f2:3b:3d:18:
a9:7a:a8:81:cc:8e:90:21:7a:9f:93:38:ff:77:57:
ae:73:91:4f:94:7f:41:b5:69:19:41:80:d9:42:1e:
7d:9f:f2:41:70:0b:7f:dd:50:ef:54:74:dd:ae:ca:
fe:9f:fb:86:4f:19:43:33:db:59:2e:b4:6e:85:88:
47:0b:43:fb:e1:ad:d6:85:b1:f7:81:b8:8f:69:64:
7d:dd:d6:92:2a:1d:86:09:d0:ea:8b:8f:2d:af:07:
8d:ae:1c:eb:52:ff:9d:71:51:fd:7f:cc:56:0b:57:
ba:96:98:9a:80:42:40:65:87:36:a5:29:62:84:aa:
1f:f1:35:11:bd:e5:c1:bb:99:25:29:eb:13:c7:d3:
2d:73:1a:75:40:b7:8b:e7:ee:66:c4:13:63:7d:04:
d3:f2:76:25:33:ec:cc:a7:80:13:c2:88:e2:66:d9:
01:26:6d:d5:89:82:05:62:4c:bb:9f:2e:7a:fb:ee:
63:23:30:25:33:d4:4e:80:ea:cb:a5:73:50:67:83:
58:e8:80:d9:30:1d:8a:5a:80:eb:28:f0:6f:a4:5b:
ae:bf:49:31:25:e4:76:58:0c:8a:4e:d4:d6:f0:72:
ea:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F9:AA:AD:B7:CE:68:51:51:0C:F8:E3:CE:49:B5:60:6B:FE:0F:32
X509v3 Authority Key Identifier:
keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/45A01BCC805C11EF8D943B14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.10.0.0/16
61.15.0.0/16
61.18.0.0/16
125.59.0.0/16
203.83.64.0/18
203.168.160.0-203.168.255.255
218.252.0.0-218.253.63.255
218.254.0.0/16
222.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1b:fe:ef:22:20:bc:19:9c:a7:2a:7a:8f:49:ed:11:d9:e4:0c:
0f:37:68:b4:53:33:c0:2d:a4:80:5b:09:bc:1f:12:40:48:71:
5d:0c:b0:e7:19:8d:60:ba:7d:ff:88:d5:2c:fb:15:58:ab:38:
fa:19:e8:82:05:fc:6b:95:30:bd:5c:53:b1:af:df:34:d0:46:
64:84:a9:48:84:8b:e3:b5:e8:59:59:a3:36:47:92:5b:0b:fa:
b8:d9:36:08:ca:58:fe:fc:dc:d9:2e:fe:00:b8:56:59:56:4d:
79:a4:05:b2:85:1f:6d:40:c9:b1:c2:d9:37:a0:36:a0:ab:ac:
07:99:8c:a7:17:58:1d:2e:d3:52:97:d0:98:55:73:73:6e:53:
2f:c4:78:61:f1:f6:ec:20:34:21:53:01:69:6a:b1:ad:b0:b1:
74:d8:20:30:ce:cb:55:df:dd:c8:a0:d3:da:dd:a6:6e:38:f0:
44:af:88:8b:4d:dc:67:bf:af:2a:42:9a:68:0f:1b:ba:b2:58:
16:9d:f8:28:e6:e5:60:ba:ef:b0:bf:a4:1b:a2:0f:66:36:44:
2e:b5:90:dc:f2:35:04:1e:8c:5a:64:8b:2b:25:e7:96:91:8a:
ed:73:2a:79:13:e7:21:89:b1:d0:c0:64:24:4c:55:3a:09:e5:
d6:f5:da:16
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICCYYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw
MzQ4QzQ2QTcwHhcNMjQxMDAyMDExODQ2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZjOWY3Ni01NWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAse5GXcKdtLAfoE5s0edAAQFnTrjHOwGQ+fI7PRipeqiBzI6QIXqfkzj/d1eu
c5FPlH9BtWkZQYDZQh59n/JBcAt/3VDvVHTdrsr+n/uGTxlDM9tZLrRuhYhHC0P7
4a3WhbH3gbiPaWR93daSKh2GCdDqi48trweNrhzrUv+dcVH9f8xWC1e6lpiagEJA
ZYc2pSlihKof8TURveXBu5klKesTx9Mtcxp1QLeL5+5mxBNjfQTT8nYlM+zMp4AT
wojiZtkBJm3ViYIFYky7ny56++5jIzAlM9ROgOrLpXNQZ4NY6IDZMB2KWoDrKPBv
pFuuv0kxJeR2WAyKTtTW8HLqXQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFJf5qq23
zmhRUQz4485JtWBr/g8yMB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF
NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvNDVBMDFCQ0M4
MDVDMTFFRjhEOTQzQjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMEQEAgABMD4DAwA9CgMDAD0PAwMAPRIDAwB9OwMEBstTQDALAwQFy6igAwMA
y6gwCwMDAtr8AwQG2v0AAwMA2v4DAwHepjANBgkqhkiG9w0BAQsFAAOCAQEAG/7v
IiC8GZynKnqPSe0R2eQMDzdotFMzwC2kgFsJvB8SQEhxXQyw5xmNYLp9/4jVLPsV
WKs4+hnoggX8a5UwvVxTsa/fNNBGZISpSISL47XoWVmjNkeSWwv6uNk2CMpY/vzc
2S7+ALhWWVZNeaQFsoUfbUDJscLZN6A2oKusB5mMpxdYHS7TUpfQmFVzc25TL8R4
YfH27CA0IVMBaWqxrbCxdNggMM7LVd/dyKDT2t2mbjjwRK+Ii03cZ7+vKkKaaA8b
urJYFp34KOblYLrvsL+kG6IPZjZELrWQ3PI1BB6MWmSLKyXnlpGK7XMqeRPnIYmx
0MBkJExVOgnl1vXaFg==
-----END CERTIFICATE-----
Generated at Fri Nov 8 06:33:12 2024 by rpki-client on console-ams.rpki-client.org