Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/A7A8EC169D7811EF9D40CF32C4F9AE02.roa
File: A7A8EC169D7811EF9D40CF32C4F9AE02.roa (raw, json)
Hash identifier: /zixP2e0WdfO5KK1FSA9EGLQ2FnOIi3xqglsw7uUDsU=
Subject key identifier: E1:C3:30:40:69:34:8D:6D:BC:23:3A:AC:C4:F9:AC:8B:FC:B2:F2:4D
Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Certificate serial: 099B
Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/A7A8EC169D7811EF9D40CF32C4F9AE02.roa
Signing time: Fri 08 Nov 2024 02:25:01 +0000
ROA not before: Fri 08 Nov 2024 02:25:01 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9908
IP address blocks: 61.10.0.0/16 maxlen: 16
61.10.0.0/17 maxlen: 17
61.10.0.0/18 maxlen: 20
61.10.64.0/18 maxlen: 18
61.10.64.0/19 maxlen: 20
61.10.96.0/19 maxlen: 20
61.10.128.0/17 maxlen: 20
61.15.0.0/16 maxlen: 16
61.15.0.0/17 maxlen: 20
61.15.128.0/17 maxlen: 20
61.18.0.0/16 maxlen: 20
125.59.0.0/16 maxlen: 20
203.83.64.0/18 maxlen: 18
203.168.192.0/18 maxlen: 20
218.252.0.0/16 maxlen: 16
218.252.0.0/17 maxlen: 20
218.252.128.0/17 maxlen: 20
218.253.0.0/18 maxlen: 20
218.254.0.0/16 maxlen: 17
222.166.0.0/16 maxlen: 20
222.167.0.0/16 maxlen: 20
Validation: Failed, certificate revoked on Fri 08 Nov 2024 08:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2459 (0x99b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Validity
Not Before: Nov 8 02:25:01 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=672d767c-f6f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:34:a0:46:aa:db:57:88:33:62:87:73:1c:9f:
e7:9e:53:dd:8b:b9:4a:95:6a:db:80:8f:89:f6:f5:
ca:59:18:0f:42:90:70:a4:73:52:14:1e:b6:5b:d9:
bf:29:f1:09:d4:de:fb:b0:f7:04:80:49:45:be:a8:
00:bf:fe:c5:db:bc:04:a6:be:95:ee:54:1a:8b:d8:
54:3a:32:bb:03:85:cf:11:10:f4:ee:2f:ef:67:a9:
c0:ec:a7:75:89:06:97:1a:d8:3d:17:aa:4c:1b:11:
a1:ed:b1:fe:1c:f3:49:89:ab:62:8a:56:8d:2c:85:
97:36:11:af:09:2d:eb:42:02:0b:ee:e8:9e:a3:65:
7b:aa:5c:50:e7:d8:63:ee:b7:0f:b1:e0:59:1b:1e:
1f:1b:66:01:3a:09:14:88:fa:b3:f3:75:bf:ef:50:
bf:fb:94:0b:eb:35:e4:38:69:37:d9:20:e6:86:c6:
f5:ad:75:a5:b7:bd:df:15:4b:be:c3:26:30:b5:37:
f8:ae:10:3c:91:89:ac:ba:9a:5f:5e:ac:57:f2:c7:
05:ad:a0:a6:03:4f:6a:72:a0:f7:16:47:7b:bf:80:
b2:87:9b:df:0d:d7:61:41:f2:63:5f:d5:7d:42:dd:
6c:40:8b:11:e7:88:bf:b6:44:2b:dd:10:c6:7f:ac:
a0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C3:30:40:69:34:8D:6D:BC:23:3A:AC:C4:F9:AC:8B:FC:B2:F2:4D
X509v3 Authority Key Identifier:
keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/A7A8EC169D7811EF9D40CF32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.10.0.0/16
61.15.0.0/16
61.18.0.0/16
125.59.0.0/16
203.83.64.0/18
203.168.192.0/18
218.252.0.0-218.253.63.255
218.254.0.0/16
222.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4f:89:a6:39:0c:2e:b8:4d:13:65:e1:13:bb:2a:fd:f4:63:e1:
7a:ca:44:7c:01:9a:00:06:f6:09:05:fa:c7:15:cf:0a:80:7b:
9e:b3:92:cd:5b:f6:b9:18:78:3e:e9:09:3f:5b:95:25:cb:25:
40:5e:40:08:8a:68:8f:16:6c:c9:fc:5a:9e:9a:ad:6a:62:74:
c4:24:f2:b1:f5:bb:22:a6:f8:24:54:c8:a2:41:5f:8c:b8:83:
9c:9d:d4:ec:42:de:35:2f:6d:84:0f:0e:bf:40:18:69:46:da:
2b:e3:31:0e:fa:7b:01:62:98:bb:14:5d:22:84:38:14:bb:c0:
b6:9b:82:7c:f0:09:77:a1:e2:65:92:42:4f:13:aa:2a:59:b3:
60:bf:55:ad:6e:f6:25:26:a8:83:d6:a2:df:04:37:0f:fd:35:
9b:bc:d4:5e:5e:08:01:69:3b:44:cd:47:3b:3e:2b:d1:1d:07:
4f:ad:28:9c:64:f2:94:97:6b:b1:d0:e7:bf:51:5b:d5:db:f6:
8f:49:3e:4c:5b:bf:7e:44:e6:b3:84:d6:e6:90:2b:62:2a:df:
69:51:32:fc:ef:7c:03:2d:dc:16:47:02:a4:f8:ad:b2:1c:f9:
15:49:be:4f:bb:83:b6:f1:82:92:d1:3d:e3:ed:78:33:79:af:
03:0d:81:40
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICCZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw
MzQ4QzQ2QTcwHhcNMjQxMTA4MDIyNTAxWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJkNzY3Yy1mNmY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnzSgRqrbV4gzYodzHJ/nnlPdi7lKlWrbgI+J9vXKWRgPQpBwpHNSFB62W9m/
KfEJ1N77sPcEgElFvqgAv/7F27wEpr6V7lQai9hUOjK7A4XPERD07i/vZ6nA7Kd1
iQaXGtg9F6pMGxGh7bH+HPNJiatiilaNLIWXNhGvCS3rQgIL7uieo2V7qlxQ59hj
7rcPseBZGx4fG2YBOgkUiPqz83W/71C/+5QL6zXkOGk32SDmhsb1rXWlt73fFUu+
wyYwtTf4rhA8kYmsuppfXqxX8scFraCmA09qcqD3Fkd7v4Cyh5vfDddhQfJjX9V9
Qt1sQIsR54i/tkQr3RDGf6ygRQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFOHDMEBp
NI1tvCM6rMT5rIv8svJNMB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF
NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvQTdBOEVDMTY5
RDc4MTFFRjlENDBDRjMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MD0EAgABMDcDAwA9CgMDAD0PAwMAPRIDAwB9OwMEBstTQAMEBsuowDALAwMC
2vwDBAba/QADAwDa/gMDAd6mMA0GCSqGSIb3DQEBCwUAA4IBAQBPiaY5DC64TRNl
4RO7Kv30Y+F6ykR8AZoABvYJBfrHFc8KgHues5LNW/a5GHg+6Qk/W5UlyyVAXkAI
imiPFmzJ/Fqemq1qYnTEJPKx9bsipvgkVMiiQV+MuIOcndTsQt41L22EDw6/QBhp
Rtor4zEO+nsBYpi7FF0ihDgUu8C2m4J88Al3oeJlkkJPE6oqWbNgv1WtbvYlJqiD
1qLfBDcP/TWbvNReXggBaTtEzUc7PivRHQdPrSicZPKUl2ux0Oe/UVvV2/aPST5M
W79+ROazhNbmkCtiKt9pUTL873wDLdwWRwKk+K2yHPkVSb5Pu4O28YKS0T3j7Xgz
ea8DDYFA
-----END CERTIFICATE-----
Generated at Fri Nov 8 10:04:19 2024 by rpki-client on console-fra.rpki-client.org