Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/1087858A62CE11EEAFCA7F37C4F9AE02.roa
File: 1087858A62CE11EEAFCA7F37C4F9AE02.roa (raw, json)
Hash identifier: 8xFX3+FOLY6UCSHOms6uVc+VgblFAuRu9pkK3mLxzzw=
Subject key identifier: 45:F7:7E:5F:61:4E:A8:81:DD:55:E8:A7:6A:40:6C:76:2E:85:50:E9
Certificate issuer: /CN=A913C00F/serialNumber=AD1BB06A72BE3908D432FAF0836357AA44DF16B8
Certificate serial: 1396
Authority key identifier: AD:1B:B0:6A:72:BE:39:08:D4:32:FA:F0:83:63:57:AA:44:DF:16:B8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rRuwanK-OQjUMvrwg2NXqkTfFrg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/1087858A62CE11EEAFCA7F37C4F9AE02.roa
Signing time: Wed 04 Oct 2023 15:52:47 +0000
ROA not before: Wed 04 Oct 2023 15:52:47 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 9411
IP address blocks: 158.108.0.0/16 maxlen: 16
158.108.0.0/20 maxlen: 20
158.108.0.0/22 maxlen: 22
158.108.4.0/22 maxlen: 22
158.108.8.0/22 maxlen: 22
158.108.12.0/22 maxlen: 22
158.108.16.0/20 maxlen: 20
158.108.16.0/22 maxlen: 22
158.108.20.0/22 maxlen: 22
158.108.24.0/22 maxlen: 22
158.108.28.0/22 maxlen: 22
158.108.32.0/20 maxlen: 20
158.108.32.0/22 maxlen: 22
158.108.36.0/22 maxlen: 22
158.108.40.0/22 maxlen: 22
158.108.44.0/22 maxlen: 22
158.108.48.0/20 maxlen: 20
158.108.48.0/22 maxlen: 22
158.108.52.0/22 maxlen: 22
158.108.56.0/22 maxlen: 22
158.108.60.0/22 maxlen: 22
158.108.64.0/20 maxlen: 20
158.108.64.0/22 maxlen: 22
158.108.68.0/22 maxlen: 22
158.108.72.0/22 maxlen: 22
158.108.76.0/22 maxlen: 22
158.108.80.0/20 maxlen: 20
158.108.80.0/22 maxlen: 22
158.108.84.0/22 maxlen: 22
158.108.88.0/22 maxlen: 22
158.108.92.0/22 maxlen: 22
158.108.96.0/20 maxlen: 20
158.108.96.0/22 maxlen: 22
158.108.100.0/22 maxlen: 22
158.108.104.0/22 maxlen: 22
158.108.108.0/22 maxlen: 22
158.108.112.0/20 maxlen: 20
158.108.112.0/22 maxlen: 22
158.108.116.0/22 maxlen: 22
158.108.120.0/22 maxlen: 22
158.108.124.0/22 maxlen: 22
158.108.128.0/20 maxlen: 20
158.108.128.0/22 maxlen: 22
158.108.132.0/22 maxlen: 22
158.108.136.0/22 maxlen: 22
158.108.140.0/22 maxlen: 22
158.108.144.0/20 maxlen: 20
158.108.144.0/22 maxlen: 22
158.108.148.0/22 maxlen: 22
158.108.152.0/22 maxlen: 22
158.108.156.0/22 maxlen: 22
158.108.160.0/20 maxlen: 20
158.108.160.0/22 maxlen: 22
158.108.164.0/22 maxlen: 22
158.108.168.0/22 maxlen: 22
158.108.172.0/22 maxlen: 22
158.108.176.0/20 maxlen: 20
158.108.176.0/22 maxlen: 22
158.108.180.0/22 maxlen: 22
158.108.184.0/22 maxlen: 22
158.108.188.0/22 maxlen: 22
158.108.192.0/20 maxlen: 20
158.108.192.0/22 maxlen: 22
158.108.196.0/22 maxlen: 22
158.108.200.0/22 maxlen: 22
158.108.204.0/22 maxlen: 22
158.108.208.0/20 maxlen: 20
158.108.208.0/22 maxlen: 22
158.108.212.0/22 maxlen: 22
158.108.216.0/22 maxlen: 22
158.108.220.0/22 maxlen: 22
158.108.224.0/20 maxlen: 20
158.108.224.0/22 maxlen: 22
158.108.228.0/22 maxlen: 22
158.108.232.0/22 maxlen: 22
158.108.236.0/22 maxlen: 22
158.108.240.0/20 maxlen: 20
158.108.240.0/22 maxlen: 22
158.108.244.0/22 maxlen: 22
158.108.248.0/22 maxlen: 22
158.108.252.0/22 maxlen: 22
192.102.83.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5014 (0x1396)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C00F/serialNumber=AD1BB06A72BE3908D432FAF0836357AA44DF16B8
Validity
Not Before: Oct 4 15:52:47 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=651d8a4f-4905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:75:a7:98:16:3c:4e:05:f6:09:f7:2e:74:94:
21:1e:cc:a6:ec:1a:5d:6f:8b:bb:32:d6:37:ea:39:
ca:85:27:1a:42:19:56:00:fb:21:3e:c5:1c:fe:79:
10:d3:4e:30:31:b4:c6:d6:a7:eb:75:42:73:97:7d:
2c:5a:4e:ad:2e:fa:ed:cc:8b:f5:e8:6b:29:6c:fe:
83:cc:9d:54:8a:2f:c6:51:a1:70:b4:73:b5:b6:96:
03:e3:c3:87:25:3f:75:89:37:62:48:a5:91:c3:8a:
f5:b2:b3:56:53:56:55:37:af:08:6d:18:84:c1:73:
23:a1:90:09:dc:3c:19:d3:00:a7:f9:6e:bb:ab:49:
ce:d1:00:fb:e9:f1:1b:3c:e8:83:bc:02:af:82:e9:
5d:45:4c:40:9c:92:39:cc:c1:92:02:5d:d7:31:a8:
77:5e:ab:da:74:c4:5d:7a:c4:56:0c:33:e9:f4:4a:
68:6a:d4:78:ce:9b:15:91:10:e4:e7:d9:06:b3:a9:
24:69:e1:e0:0a:18:31:e1:b7:04:a4:c3:f6:85:fa:
6d:9e:4c:a6:07:67:24:ae:8e:d0:d9:46:b5:71:da:
ac:3a:5f:b8:ac:c2:fd:a4:59:c0:32:e5:28:c7:7e:
e9:a4:76:e8:df:96:db:25:e6:0c:6a:7d:30:d0:b6:
32:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F7:7E:5F:61:4E:A8:81:DD:55:E8:A7:6A:40:6C:76:2E:85:50:E9
X509v3 Authority Key Identifier:
keyid:AD:1B:B0:6A:72:BE:39:08:D4:32:FA:F0:83:63:57:AA:44:DF:16:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/rRuwanK-OQjUMvrwg2NXqkTfFrg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rRuwanK-OQjUMvrwg2NXqkTfFrg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/1087858A62CE11EEAFCA7F37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
158.108.0.0/16
192.102.83.0/24
Signature Algorithm: sha256WithRSAEncryption
81:7e:04:cc:ef:bd:6c:02:fd:59:47:34:d6:04:c7:79:55:e3:
63:71:af:46:05:15:85:75:8e:99:e6:9a:3c:e5:ba:8f:58:81:
f4:b2:98:ec:6a:55:18:01:23:c0:f5:48:0b:42:33:c6:c1:0a:
e6:de:fe:3b:67:1d:3c:ea:d5:ec:b0:7a:ed:e1:ea:16:8c:10:
79:0d:df:04:79:9a:ba:ef:98:94:02:7c:76:aa:97:00:61:88:
5c:81:07:a5:bd:00:de:ec:c6:31:dc:d2:22:59:f1:d4:b6:e0:
79:f3:dd:29:55:91:9e:c3:a7:35:1e:99:9d:2a:90:f2:cf:02:
11:15:6f:74:cc:27:1d:61:fd:c2:a0:40:45:dd:7f:08:d4:2f:
91:b4:d6:c0:2c:4a:aa:73:29:48:63:1b:79:2a:27:48:ac:41:
01:b0:29:30:4c:8f:e1:ac:4f:ed:14:99:78:0b:41:11:69:34:
8e:37:a6:c8:b9:72:43:a6:57:3f:99:a8:a0:19:ee:ae:73:41:
2c:78:4e:3b:ab:44:1b:17:a5:1c:45:93:b3:e0:d4:19:33:13:
68:55:fd:fd:ca:03:52:d5:92:c4:67:d8:b6:18:74:ae:ea:df:
5e:46:f5:40:e5:d8:f4:db:5e:d0:3f:ed:97:f9:41:cb:3f:3a:
cb:49:1c:5b
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICE5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0MwMEYxMTAvBgNVBAUTKEFEMUJCMDZBNzJCRTM5MDhENDMyRkFGMDgzNjM1N0FB
NDRERjE2QjgwHhcNMjMxMDA0MTU1MjQ3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkOGE0Zi00OTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwnWnmBY8TgX2CfcudJQhHsym7Bpdb4u7MtY36jnKhScaQhlWAPshPsUc/nkQ
004wMbTG1qfrdUJzl30sWk6tLvrtzIv16GspbP6DzJ1Uii/GUaFwtHO1tpYD48OH
JT91iTdiSKWRw4r1srNWU1ZVN68IbRiEwXMjoZAJ3DwZ0wCn+W67q0nO0QD76fEb
POiDvAKvguldRUxAnJI5zMGSAl3XMah3XqvadMRdesRWDDPp9EpoatR4zpsVkRDk
59kGs6kkaeHgChgx4bcEpMP2hfptnkymB2ckro7Q2Ua1cdqsOl+4rML9pFnAMuUo
x37ppHbo35bbJeYMan0w0LYygwIDAQABo4ICmjCCApYwHQYDVR0OBBYEFEX3fl9h
TqiB3VXop2pAbHYuhVDpMB8GA1UdIwQYMBaAFK0bsGpyvjkI1DL68INjV6pE3xa4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzAwRi9DNDdBQTY4RTVE
ODUxMUU4OUI4NzUyN0ZDNEY5QUUwMi9yUnV3YW5LLU9RalVNdnJ3ZzJOWHFrVGZG
cmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JSdXdhbkstT1FqVU12cndnMk5YcWtUZkZyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0MwMEYvQzQ3QUE2OEU1RDg1MTFFODlCODc1MjdGQzRGOUFFMDIvMTA4Nzg1OEE2
MkNFMTFFRUFGQ0E3RjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E
FTATMBEEAgABMAsDAwCebAMEAMBmUzANBgkqhkiG9w0BAQsFAAOCAQEAgX4EzO+9
bAL9WUc01gTHeVXjY3GvRgUVhXWOmeaaPOW6j1iB9LKY7GpVGAEjwPVIC0IzxsEK
5t7+O2cdPOrV7LB67eHqFowQeQ3fBHmauu+YlAJ8dqqXAGGIXIEHpb0A3uzGMdzS
Ilnx1LbgefPdKVWRnsOnNR6ZnSqQ8s8CERVvdMwnHWH9wqBARd1/CNQvkbTWwCxK
qnMpSGMbeSonSKxBAbApMEyP4axP7RSZeAtBEWk0jjemyLlyQ6ZXP5mooBnurnNB
LHhOO6tEGxelHEWTs+DUGTMTaFX9/coDUtWSxGfYthh0rurfXkb1QOXY9Nte0D/t
l/lByz86y0kcWw==
-----END CERTIFICATE-----
Generated at Thu Nov 30 10:33:36 2023 by rpki-client on console-fra.rpki-client.org