Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/CC7C571C6B5511EFAC416B2DC4F9AE02.roa
File: CC7C571C6B5511EFAC416B2DC4F9AE02.roa (raw, json)
Hash identifier: wRcKP6kSNnNiBJqVhRhd/yjG4NjCUExvJB7rwHHsdmo=
Subject key identifier: 35:23:BD:D9:F8:09:3C:F5:B3:0A:05:42:A6:6A:FD:15:4B:3B:DA:D2
Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Certificate serial: 0973
Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/CC7C571C6B5511EFAC416B2DC4F9AE02.roa
Signing time: Thu 05 Sep 2024 07:09:32 +0000
ROA not before: Thu 05 Sep 2024 07:09:32 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9908
IP address blocks: 61.10.0.0/16 maxlen: 16
61.10.0.0/17 maxlen: 17
61.10.0.0/18 maxlen: 20
61.10.64.0/18 maxlen: 18
61.10.64.0/19 maxlen: 20
61.10.96.0/19 maxlen: 20
61.10.128.0/17 maxlen: 20
61.15.0.0/16 maxlen: 16
61.15.0.0/17 maxlen: 20
61.15.128.0/17 maxlen: 20
61.18.0.0/16 maxlen: 20
125.59.0.0/16 maxlen: 20
203.83.64.0/18 maxlen: 18
203.168.160.0/20 maxlen: 20
203.168.176.0/20 maxlen: 20
203.168.192.0/18 maxlen: 20
218.252.0.0/16 maxlen: 16
218.252.0.0/17 maxlen: 20
218.252.128.0/17 maxlen: 20
218.253.0.0/18 maxlen: 20
218.254.0.0/16 maxlen: 19
218.254.0.0/18 maxlen: 20
218.254.64.0/20 maxlen: 20
218.254.96.0/19 maxlen: 20
218.254.128.0/17 maxlen: 20
222.166.0.0/16 maxlen: 20
222.167.0.0/16 maxlen: 20
Validation: Failed, certificate revoked on Fri 06 Sep 2024 06:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2419 (0x973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Validity
Not Before: Sep 5 07:09:32 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66d9592c-67d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2f:8c:b9:3a:d7:0f:31:56:9a:33:64:a9:08:
d5:e8:e3:a1:f0:bd:d5:7a:94:31:e7:bd:3c:6b:33:
ce:5f:3c:22:7f:44:63:07:6a:6f:70:88:fd:a2:f5:
8f:ed:d6:68:82:25:9c:23:80:ed:cc:d5:0b:7d:c1:
73:02:bf:71:15:d4:78:b5:56:2b:33:37:1a:a6:fa:
ad:c1:6f:8e:4b:4e:08:35:a7:eb:05:1a:77:17:f2:
59:ca:dd:cd:fc:88:cc:a4:fa:4f:6b:71:08:17:f5:
a8:5e:31:2c:5c:38:2c:fd:69:f4:12:95:24:d1:b8:
1e:6b:0e:11:95:b1:67:da:35:92:63:bf:ab:90:d9:
85:45:c7:5e:1d:36:51:cb:e7:95:3f:5a:77:f8:95:
5c:b3:31:d1:18:b4:ba:b8:d7:7b:e9:89:bd:1f:5e:
a2:bf:37:3e:de:cf:eb:75:7f:e6:80:5b:b2:d4:b2:
c5:9e:b4:8f:68:fe:33:63:81:91:ad:af:3e:c4:35:
f5:06:eb:cc:76:6e:66:22:22:45:c1:6b:cd:eb:d3:
89:11:ca:76:cb:a7:cb:b3:e3:ea:85:5e:c3:4e:7b:
7a:10:d3:79:66:f7:34:68:23:13:61:dd:13:47:d5:
a5:63:1b:d6:79:a1:af:de:4c:3b:ee:8f:36:f2:da:
0a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:23:BD:D9:F8:09:3C:F5:B3:0A:05:42:A6:6A:FD:15:4B:3B:DA:D2
X509v3 Authority Key Identifier:
keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/CC7C571C6B5511EFAC416B2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.10.0.0/16
61.15.0.0/16
61.18.0.0/16
125.59.0.0/16
203.83.64.0/18
203.168.160.0-203.168.255.255
218.252.0.0-218.253.63.255
218.254.0.0/16
222.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1a:2d:52:7a:1c:a0:96:72:c1:fe:03:b0:d1:00:1e:bf:f0:d5:
2c:a3:fc:72:fd:a9:f1:15:ab:c7:e7:ed:79:11:94:a6:1c:c2:
fe:5f:75:44:ec:75:7e:3c:ce:68:79:9c:63:cd:28:36:24:ab:
8e:e5:c3:fc:65:03:47:9e:55:a4:4c:32:3e:d2:04:ed:40:a1:
04:7f:17:af:f5:22:6b:a7:90:eb:e2:ab:86:ba:de:10:7c:bf:
de:5e:5b:03:4d:24:d1:78:a2:e5:9a:88:7c:2b:5e:e3:0c:b9:
33:7c:fe:6a:9e:a7:91:7a:20:8a:61:e8:09:94:6c:80:9b:aa:
ef:8d:d1:1c:a4:73:77:d5:5a:d1:3c:3e:26:96:70:7a:fa:ec:
c5:d5:cb:06:63:e1:23:29:dc:2e:25:34:3a:6e:82:41:70:85:
0a:2a:d2:78:1b:9c:ab:df:32:93:98:7c:01:b6:1a:85:14:f4:
ab:dc:d8:3e:5d:f3:51:fd:7b:16:07:b2:c0:a8:a7:e1:8b:ae:
f1:2e:a6:a8:33:69:36:99:5b:6d:dd:3f:7d:ac:cb:07:91:da:
99:5b:a6:30:fe:55:66:3b:83:54:bb:ac:19:1b:59:ea:a0:93:
3e:86:53:ae:f0:9a:d2:a0:80:f3:06:87:4a:a0:b1:46:a9:60:
25:6b:7a:d6
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICCXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw
MzQ4QzQ2QTcwHhcNMjQwOTA1MDcwOTMyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5NTkyYy02N2QzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3y+MuTrXDzFWmjNkqQjV6OOh8L3VepQx5708azPOXzwif0RjB2pvcIj9ovWP
7dZogiWcI4DtzNULfcFzAr9xFdR4tVYrMzcapvqtwW+OS04INafrBRp3F/JZyt3N
/IjMpPpPa3EIF/WoXjEsXDgs/Wn0EpUk0bgeaw4RlbFn2jWSY7+rkNmFRcdeHTZR
y+eVP1p3+JVcszHRGLS6uNd76Ym9H16ivzc+3s/rdX/mgFuy1LLFnrSPaP4zY4GR
ra8+xDX1BuvMdm5mIiJFwWvN69OJEcp2y6fLs+PqhV7DTnt6ENN5Zvc0aCMTYd0T
R9WlYxvWeaGv3kw77o828toKCwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFDUjvdn4
CTz1swoFQqZq/RVLO9rSMB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF
NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvQ0M3QzU3MUM2
QjU1MTFFRkFDNDE2QjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMEQEAgABMD4DAwA9CgMDAD0PAwMAPRIDAwB9OwMEBstTQDALAwQFy6igAwMA
y6gwCwMDAtr8AwQG2v0AAwMA2v4DAwHepjANBgkqhkiG9w0BAQsFAAOCAQEAGi1S
ehyglnLB/gOw0QAev/DVLKP8cv2p8RWrx+fteRGUphzC/l91ROx1fjzOaHmcY80o
NiSrjuXD/GUDR55VpEwyPtIE7UChBH8Xr/Uia6eQ6+KrhrreEHy/3l5bA00k0Xii
5ZqIfCte4wy5M3z+ap6nkXogimHoCZRsgJuq743RHKRzd9Va0Tw+JpZwevrsxdXL
BmPhIyncLiU0Om6CQXCFCirSeBucq98yk5h8AbYahRT0q9zYPl3zUf17FgeywKin
4Yuu8S6mqDNpNplbbd0/fazLB5HamVumMP5VZjuDVLusGRtZ6qCTPoZTrvCa0qCA
8waHSqCxRqlgJWt61g==
-----END CERTIFICATE-----
Generated at Fri Sep 6 08:35:59 2024 by rpki-client on console-ams.rpki-client.org