Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/4E95EB787ECA11EF83BE320FC4F9AE02.roa
File: 4E95EB787ECA11EF83BE320FC4F9AE02.roa (raw, json)
Hash identifier: SPS2jJNlob9JsVeJ09lsSJ1gI+VU+cBFUKeG3g/JTY8=
Subject key identifier: 86:E5:39:AE:57:D7:77:E1:54:FB:4F:B3:92:AB:2B:8C:22:D4:78:80
Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Certificate serial: 0983
Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/4E95EB787ECA11EF83BE320FC4F9AE02.roa
Signing time: Mon 30 Sep 2024 01:21:24 +0000
ROA not before: Mon 30 Sep 2024 01:21:24 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9908
IP address blocks: 61.10.0.0/16 maxlen: 16
61.10.0.0/17 maxlen: 17
61.10.0.0/18 maxlen: 20
61.10.64.0/18 maxlen: 18
61.10.64.0/19 maxlen: 20
61.10.96.0/19 maxlen: 20
61.10.128.0/17 maxlen: 20
61.15.0.0/16 maxlen: 16
61.15.0.0/17 maxlen: 20
61.15.128.0/17 maxlen: 20
61.18.0.0/16 maxlen: 20
125.59.0.0/16 maxlen: 20
203.83.64.0/18 maxlen: 18
203.168.160.0/20 maxlen: 20
203.168.176.0/20 maxlen: 20
203.168.192.0/18 maxlen: 20
218.252.0.0/16 maxlen: 16
218.252.0.0/17 maxlen: 20
218.252.128.0/17 maxlen: 20
218.253.0.0/18 maxlen: 20
218.254.0.0/16 maxlen: 19
222.166.0.0/16 maxlen: 20
222.167.0.0/16 maxlen: 20
Validation: Failed, certificate revoked on Wed 02 Oct 2024 01:18:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2435 (0x983)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Validity
Not Before: Sep 30 01:21:24 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66f9fd14-46e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:46:d8:91:0c:40:1b:3c:08:23:c3:48:b7:51:
f7:ad:e2:ff:dc:bd:0d:5a:9e:b1:ed:df:44:f8:cf:
45:e4:7c:8a:e1:26:23:93:b6:85:1e:8d:25:e1:23:
f3:2e:59:a2:57:8d:1c:7d:b2:ec:9d:b1:7d:39:a0:
23:fd:47:df:ad:0e:59:14:3f:94:03:b8:67:0e:82:
a9:9b:e8:df:d5:83:07:ca:e7:f9:07:64:ed:0f:d2:
d8:51:8b:18:1b:2d:14:63:d3:49:d9:f9:65:6e:a7:
b1:2b:80:23:07:15:da:4a:75:cb:17:44:42:5f:25:
fc:81:5e:a0:40:77:d3:a7:0d:a6:e2:f5:03:68:94:
9a:82:c0:1d:16:23:ed:45:0b:ba:fa:09:60:5f:56:
19:2b:64:30:23:22:5f:fd:83:e6:41:a4:c5:87:e3:
ec:25:c3:f0:9d:9a:e8:50:a8:bb:81:e6:81:4b:36:
d8:89:24:83:b6:d0:ee:a2:41:f2:c9:91:06:48:bd:
bb:86:c0:36:5c:b8:25:ad:68:fe:ff:04:0a:02:c2:
92:19:2b:bf:b9:29:84:db:95:d1:3a:f5:a2:08:4b:
2b:b9:c5:95:d2:cd:8b:26:ba:3d:ad:91:71:24:f9:
01:30:93:78:be:38:d2:59:fc:cd:57:c8:85:b0:2d:
d7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E5:39:AE:57:D7:77:E1:54:FB:4F:B3:92:AB:2B:8C:22:D4:78:80
X509v3 Authority Key Identifier:
keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/4E95EB787ECA11EF83BE320FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.10.0.0/16
61.15.0.0/16
61.18.0.0/16
125.59.0.0/16
203.83.64.0/18
203.168.160.0-203.168.255.255
218.252.0.0-218.253.63.255
218.254.0.0/16
222.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
36:30:31:5d:54:2a:87:8c:ea:9b:db:e4:8f:c9:bc:eb:8f:4e:
b3:27:32:dd:c7:07:91:c5:2e:cc:f1:f8:16:12:86:4a:2a:9c:
89:61:43:06:6a:cb:2c:db:86:8e:d8:3d:06:60:dc:39:ac:d8:
bf:27:ef:1b:9b:ed:88:07:2d:88:16:ea:d1:45:81:90:f6:09:
31:a7:4d:f5:20:85:b0:3b:f2:29:18:41:44:74:1b:2b:78:2f:
3b:92:00:77:a8:c3:64:f8:2a:e1:67:6a:82:c1:0d:5c:d1:55:
de:52:69:32:29:f5:b1:64:6b:26:1f:df:d9:70:a5:aa:52:5b:
cb:ab:49:7e:4a:21:6c:4d:e1:06:89:97:bd:ff:cb:17:2e:36:
e0:29:d3:ff:1f:58:98:43:fe:54:9d:8f:af:49:d1:79:20:ef:
30:f3:2c:15:65:3d:01:03:42:0d:5c:af:b3:83:62:1a:1f:27:
5d:0f:b9:b5:90:4d:40:6a:e9:1a:fb:4d:a3:c9:79:06:ab:0e:
2b:2a:fa:b3:17:ad:4a:d0:1d:43:25:a3:10:b0:d0:b2:ec:89:
3e:3c:4b:ba:62:90:28:a9:5a:45:0b:2e:88:ac:0d:aa:d3:96:
17:49:da:68:bb:dd:e3:71:21:29:60:94:37:c2:2f:a3:63:86:
dd:75:e1:97
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICCYMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw
MzQ4QzQ2QTcwHhcNMjQwOTMwMDEyMTI0WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY5ZmQxNC00NmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAskbYkQxAGzwII8NIt1H3reL/3L0NWp6x7d9E+M9F5HyK4SYjk7aFHo0l4SPz
LlmiV40cfbLsnbF9OaAj/UffrQ5ZFD+UA7hnDoKpm+jf1YMHyuf5B2TtD9LYUYsY
Gy0UY9NJ2fllbqexK4AjBxXaSnXLF0RCXyX8gV6gQHfTpw2m4vUDaJSagsAdFiPt
RQu6+glgX1YZK2QwIyJf/YPmQaTFh+PsJcPwnZroUKi7geaBSzbYiSSDttDuokHy
yZEGSL27hsA2XLglrWj+/wQKAsKSGSu/uSmE25XROvWiCEsrucWV0s2LJro9rZFx
JPkBMJN4vjjSWfzNV8iFsC3XmwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFIblOa5X
13fhVPtPs5KrK4wi1HiAMB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF
NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvNEU5NUVCNzg3
RUNBMTFFRjgzQkUzMjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMEQEAgABMD4DAwA9CgMDAD0PAwMAPRIDAwB9OwMEBstTQDALAwQFy6igAwMA
y6gwCwMDAtr8AwQG2v0AAwMA2v4DAwHepjANBgkqhkiG9w0BAQsFAAOCAQEANjAx
XVQqh4zqm9vkj8m8649Osycy3ccHkcUuzPH4FhKGSiqciWFDBmrLLNuGjtg9BmDc
OazYvyfvG5vtiActiBbq0UWBkPYJMadN9SCFsDvyKRhBRHQbK3gvO5IAd6jDZPgq
4WdqgsENXNFV3lJpMin1sWRrJh/f2XClqlJby6tJfkohbE3hBomXvf/LFy424CnT
/x9YmEP+VJ2Pr0nReSDvMPMsFWU9AQNCDVyvs4NiGh8nXQ+5tZBNQGrpGvtNo8l5
BqsOKyr6sxetStAdQyWjELDQsuyJPjxLumKQKKlaRQsuiKwNqtOWF0naaLvd43Eh
KWCUN8Ivo2OG3XXhlw==
-----END CERTIFICATE-----
Generated at Wed Oct 2 03:49:09 2024 by rpki-client on console-fra.rpki-client.org