Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/20B8871C2C3F11EE899C056EC4F9AE02.roa
File: 20B8871C2C3F11EE899C056EC4F9AE02.roa (raw, json)
Hash identifier: 4c9MGAwbWmUuBIqoUZoDXtBVK+ncvR0Cki8p1yqdSPc=
Subject key identifier: E1:1B:77:DB:82:04:4D:6C:15:DB:AE:C9:E8:7F:54:A5:8B:CE:13:3A
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 3731
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/20B8871C2C3F11EE899C056EC4F9AE02.roa
Signing time: Thu 27 Jul 2023 06:13:10 +0000
ROA not before: Thu 27 Jul 2023 06:13:10 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 17552
IP address blocks: 27.145.0.0/16 maxlen: 24
58.8.0.0/16 maxlen: 24
58.9.0.0/16 maxlen: 24
58.10.0.0/16 maxlen: 24
58.11.0.0/16 maxlen: 24
61.90.0.0/17 maxlen: 24
61.91.128.0/21 maxlen: 24
61.91.144.0/21 maxlen: 24
61.91.190.0/24 maxlen: 24
61.91.191.0/24 maxlen: 24
61.91.192.0/24 maxlen: 24
61.91.193.0/24 maxlen: 24
61.91.201.0/24 maxlen: 24
61.91.214.0/24 maxlen: 24
110.168.0.0/17 maxlen: 24
110.168.128.0/17 maxlen: 24
110.169.0.0/16 maxlen: 24
110.171.0.0/17 maxlen: 24
110.171.128.0/17 maxlen: 24
114.109.0.0/16 maxlen: 24
115.87.0.0/17 maxlen: 24
115.87.128.0/17 maxlen: 24
119.46.255.0/24 maxlen: 24
119.76.0.0/16 maxlen: 24
124.120.0.0/16 maxlen: 24
124.121.0.0/16 maxlen: 24
124.122.0.0/16 maxlen: 24
171.96.0.0/16 maxlen: 24
171.97.0.0/16 maxlen: 24
171.98.0.0/16 maxlen: 24
171.99.0.0/16 maxlen: 24
171.100.0.0/16 maxlen: 24
171.101.0.0/16 maxlen: 24
171.103.0.0/16 maxlen: 24
182.17.0.0/16 maxlen: 24
202.176.64.0/18 maxlen: 18
202.176.64.0/19 maxlen: 24
202.176.96.0/19 maxlen: 24
202.176.128.0/18 maxlen: 18
202.176.128.0/19 maxlen: 19
202.176.183.0/24 maxlen: 24
202.176.184.0/24 maxlen: 24
2001:fb1::/32 maxlen: 32
2001:fb1::/44 maxlen: 48
2001:fb1:10::/44 maxlen: 48
2001:fb1:20::/44 maxlen: 48
2001:fb1:30::/44 maxlen: 48
2001:fb1:40::/44 maxlen: 48
2001:fb1:50::/44 maxlen: 48
2001:fb1:60::/44 maxlen: 48
2001:fb1:70::/44 maxlen: 48
2001:fb1:80::/44 maxlen: 48
2001:fb1:90::/44 maxlen: 48
2001:fb1:a0::/44 maxlen: 48
2001:fb1:b0::/44 maxlen: 48
2001:fb1:c0::/44 maxlen: 48
2001:fb1:d0::/44 maxlen: 48
2001:fb1:e0::/44 maxlen: 48
2001:fb1:f0::/44 maxlen: 48
2001:fb1:100::/44 maxlen: 48
2001:fb1:110::/44 maxlen: 48
2001:fb1:120::/44 maxlen: 48
2001:fb1:130::/44 maxlen: 48
2001:fb1:140::/44 maxlen: 48
2001:fb1:150::/44 maxlen: 48
2001:fb1:160::/44 maxlen: 48
2001:fb1:170::/44 maxlen: 48
2001:fb1:180::/44 maxlen: 48
2001:fb1:fc0::/48 maxlen: 48
2001:fb1:fd0::/48 maxlen: 48
2001:fb1:fe0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 27 Jul 2023 06:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14129 (0x3731)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 27 06:13:10 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64c20af5-8d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:33:18:52:4f:e0:86:c0:cd:27:d9:86:93:de:
6d:0f:e3:90:2b:c0:2d:a7:e2:a8:52:81:88:b2:01:
ea:33:ac:78:9d:92:cf:6a:f6:16:d7:d0:76:c2:d1:
c2:40:22:fa:50:84:e3:ba:64:f3:03:a3:b0:24:ce:
3f:46:df:b8:b4:e1:a3:71:81:a5:68:3a:f6:8e:88:
90:50:63:bd:f9:be:d3:60:d7:50:5e:42:34:a3:0e:
ff:26:71:17:7c:3a:35:3d:8d:3d:3a:6e:b5:d3:c3:
d3:51:41:c1:92:8c:2f:6b:68:5f:36:4a:4b:aa:19:
c6:f3:8b:a0:10:bf:9d:9a:d3:58:28:4b:ee:a7:13:
6a:d2:4e:99:26:09:c6:aa:5e:89:11:6d:6e:ff:17:
6e:f1:05:bb:3d:41:b2:27:fc:08:18:79:7e:d8:38:
29:3d:62:38:61:64:63:17:fa:fe:01:90:59:83:bc:
71:6b:7f:fe:56:fe:b6:b6:82:60:6e:cb:05:8c:bb:
55:6d:62:3f:f3:d2:7d:f3:a8:aa:b6:48:d3:4f:61:
e3:18:43:98:a4:e8:0c:31:a7:4a:e6:28:ce:4e:fb:
70:68:c5:ee:c4:99:93:da:76:f2:ac:5a:dd:2b:54:
96:e6:07:df:61:fb:6c:f6:d0:c2:4c:4c:6d:ae:b2:
a6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:1B:77:DB:82:04:4D:6C:15:DB:AE:C9:E8:7F:54:A5:8B:CE:13:3A
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/20B8871C2C3F11EE899C056EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.145.0.0/16
58.8.0.0/14
61.90.0.0/17
61.91.128.0/21
61.91.144.0/21
61.91.190.0-61.91.193.255
61.91.201.0/24
61.91.214.0/24
110.168.0.0/15
110.171.0.0/16
114.109.0.0/16
115.87.0.0/16
119.46.255.0/24
119.76.0.0/16
124.120.0.0-124.122.255.255
171.96.0.0-171.101.255.255
171.103.0.0/16
182.17.0.0/16
202.176.64.0-202.176.191.255
IPv6:
2001:fb1::/32
Signature Algorithm: sha256WithRSAEncryption
26:dd:54:b3:f0:b8:f4:69:5b:d5:b0:25:26:6f:e7:14:f5:11:
b8:f2:5d:ef:d2:79:9f:e5:06:10:f6:73:ea:53:81:3e:a5:9c:
db:28:5b:2f:b4:ff:0a:35:11:f5:fc:ab:e5:c2:7f:f3:81:5e:
0b:3a:5d:b7:a3:14:44:9d:06:f8:b7:ce:53:ec:2c:0f:9e:98:
87:90:1b:6f:73:00:69:3c:76:f4:47:37:76:51:65:30:da:77:
e4:0d:23:09:67:40:2a:91:b3:c4:1a:69:8e:1a:2e:e4:b5:4d:
bb:52:cb:93:b8:03:63:9c:64:ee:1d:cb:13:5a:4a:f7:f3:50:
97:f6:fe:11:32:5b:90:ea:cf:2d:4e:2c:a3:df:d4:1f:27:b4:
0d:1f:db:da:76:37:88:c0:13:96:fa:0c:a7:01:9e:17:fa:27:
3d:e7:6a:78:12:19:55:dd:43:c9:f4:f1:ad:45:31:67:0d:68:
40:05:a0:69:b9:13:47:20:6a:b7:be:0e:0d:a0:bf:f1:38:2b:
22:72:45:1d:60:6b:1b:52:5e:d4:c0:cf:be:01:d8:8d:59:c1:
21:ef:4b:45:2d:51:f8:5e:01:98:69:83:b7:8f:e9:60:e7:07:
e9:98:c9:61:6e:ee:8a:ce:90:c0:4d:e0:b7:ea:98:37:23:8f:
d1:97:e4:34
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICNzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjMwNzI3MDYxMzEwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGMyMGFmNS04ZDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtjMYUk/ghsDNJ9mGk95tD+OQK8Atp+KoUoGIsgHqM6x4nZLPavYW19B2wtHC
QCL6UITjumTzA6OwJM4/Rt+4tOGjcYGlaDr2joiQUGO9+b7TYNdQXkI0ow7/JnEX
fDo1PY09Om6108PTUUHBkowva2hfNkpLqhnG84ugEL+dmtNYKEvupxNq0k6ZJgnG
ql6JEW1u/xdu8QW7PUGyJ/wIGHl+2DgpPWI4YWRjF/r+AZBZg7xxa3/+Vv62toJg
bssFjLtVbWI/89J986iqtkjTT2HjGEOYpOgMMadK5ijOTvtwaMXuxJmT2nbyrFrd
K1SW5gffYfts9tDCTExtrrKmpQIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFOEbd9uC
BE1sFduuyeh/VKWLzhM6MB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvMjBCODg3MUMy
QzNGMTFFRTg5OUMwNTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbEGCCsGAQUFBwEHAQH/
BIGhMIGeMIGMBAIAATCBhQMDABuRAwMCOggDBAc9WgADBAM9W4ADBAM9W5AwDAME
AT1bvgMEAT1bwAMEAD1byQMEAD1b1gMDAW6oAwMAbqsDAwBybQMDAHNXAwQAdy7/
AwMAd0wwCgMDA3x4AwMAfHowCgMDBatgAwMBq2QDAwCrZwMDALYRMAwDBAbKsEAD
BAbKsIAwDQQCAAIwBwMFACABD7EwDQYJKoZIhvcNAQELBQADggEBACbdVLPwuPRp
W9WwJSZv5xT1EbjyXe/SeZ/lBhD2c+pTgT6lnNsoWy+0/wo1EfX8q+XCf/OBXgs6
XbejFESdBvi3zlPsLA+emIeQG29zAGk8dvRHN3ZRZTDad+QNIwlnQCqRs8QaaY4a
LuS1TbtSy5O4A2OcZO4dyxNaSvfzUJf2/hEyW5Dqzy1OLKPf1B8ntA0f29p2N4jA
E5b6DKcBnhf6Jz3nangSGVXdQ8n08a1FMWcNaEAFoGm5E0cgare+Dg2gv/E4KyJy
RR1gaxtSXtTAz74B2I1ZwSHvS0UtUfheAZhpg7eP6WDnB+mYyWFu7orOkMBN4Lfq
mDcjj9GX5DQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org