Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/BB571BD8998D11EE896F7A74C4F9AE02.roa
File: BB571BD8998D11EE896F7A74C4F9AE02.roa (raw, json)
Hash identifier: KNtXi34z3X4iHY8OEMO1tQ5foTqAeIEZDPCaag5/PmA=
Subject key identifier: D4:9D:FE:5D:55:71:E1:0C:A8:FE:D6:E7:9D:2C:FD:C0:48:4F:A2:B7
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 06EF
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/BB571BD8998D11EE896F7A74C4F9AE02.roa
Signing time: Wed 20 Nov 2024 09:51:04 +0000
ROA not before: Wed 20 Nov 2024 09:51:04 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 9790
IP address blocks: 60.234.0.0/16 maxlen: 20
101.98.0.0/16 maxlen: 20
101.100.128.0/19 maxlen: 24
103.224.128.0/22 maxlen: 24
103.237.40.0/22 maxlen: 24
110.44.16.0/22 maxlen: 24
118.148.64.0/20 maxlen: 24
118.148.80.0/20 maxlen: 24
118.148.96.0/20 maxlen: 24
118.148.112.0/20 maxlen: 24
118.149.64.0/20 maxlen: 24
118.149.80.0/20 maxlen: 24
118.149.96.0/20 maxlen: 24
118.149.112.0/20 maxlen: 24
119.224.0.0/18 maxlen: 22
119.224.64.0/19 maxlen: 22
119.224.128.0/20 maxlen: 20
121.98.0.0/15 maxlen: 20
124.197.0.0/18 maxlen: 22
202.49.92.0/22 maxlen: 24
202.49.244.0/22 maxlen: 24
202.50.124.0/22 maxlen: 24
202.50.170.0/24 maxlen: 24
202.53.176.0/20 maxlen: 20
202.89.128.0/19 maxlen: 20
202.150.96.0/20 maxlen: 22
202.150.112.0/20 maxlen: 20
202.180.64.0/18 maxlen: 20
202.189.160.0/20 maxlen: 20
202.191.32.0/20 maxlen: 20
203.184.0.0/18 maxlen: 20
2400:4800::/32 maxlen: 32
2402:6000::/32 maxlen: 32
2402:8200::/32 maxlen: 32
2404:4400::/28 maxlen: 36
Validation: Failed, certificate revoked on Thu 13 Feb 2025 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1775 (0x6ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA
Validity
Not Before: Nov 20 09:51:04 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=673db107-07ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3f:1c:57:f1:bc:40:80:e2:6e:27:b2:76:36:
1b:83:2e:ac:66:2f:53:d8:a5:ba:fc:78:a1:29:0f:
92:ab:52:6c:4b:7f:d0:5b:ff:6e:d2:d6:2f:1f:bd:
4a:90:c3:c7:09:f7:29:fd:a6:a9:7e:fd:89:47:4a:
c8:be:45:d8:de:bd:45:4f:83:37:1e:24:4f:75:05:
2e:07:9f:a7:84:27:b2:5c:45:47:ce:80:4b:36:2f:
77:b4:a6:af:f4:10:a7:6e:50:18:c3:1a:26:7a:df:
43:3c:ce:ed:d9:51:ec:5c:3e:b7:66:f1:73:1c:ae:
bd:37:bf:08:b7:50:5a:50:f2:11:dc:e9:cb:eb:b1:
1b:8d:e6:42:a1:ab:0c:ae:64:03:b9:02:df:6c:a1:
e4:9a:23:00:d4:d1:91:ac:b9:fa:11:45:84:57:5b:
a1:1d:90:c7:f2:bd:f5:f5:80:01:fc:1b:6b:e8:a2:
3d:82:ba:c8:1c:27:39:4e:6a:0e:72:f1:f4:dc:e9:
2c:4c:e9:d7:52:41:80:79:81:62:30:6f:ec:9f:79:
60:b8:e4:35:1c:dc:c7:45:0e:48:22:39:6a:41:df:
79:95:3a:5e:5e:8d:24:4a:ab:11:98:b7:44:05:ac:
a5:c2:fc:73:0e:35:88:be:45:72:1f:7e:b9:6b:e6:
d3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:9D:FE:5D:55:71:E1:0C:A8:FE:D6:E7:9D:2C:FD:C0:48:4F:A2:B7
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/BB571BD8998D11EE896F7A74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
60.234.0.0/16
101.98.0.0/16
101.100.128.0/19
103.224.128.0/22
103.237.40.0/22
110.44.16.0/22
118.148.64.0/18
118.149.64.0/18
119.224.0.0-119.224.95.255
119.224.128.0/20
121.98.0.0/15
124.197.0.0/18
202.49.92.0/22
202.49.244.0/22
202.50.124.0/22
202.50.170.0/24
202.53.176.0/20
202.89.128.0/19
202.150.96.0/19
202.180.64.0/18
202.189.160.0/20
202.191.32.0/20
203.184.0.0/18
IPv6:
2400:4800::/32
2402:6000::/32
2402:8200::/32
2404:4400::/28
Signature Algorithm: sha256WithRSAEncryption
4b:1b:35:a0:54:23:18:c1:cc:7c:d4:99:84:dd:94:e2:6f:c0:
c9:8c:0c:59:e5:72:7d:4b:d5:91:9a:9d:e2:b0:54:79:ec:b6:
e7:62:b7:86:41:ca:f8:5f:66:1f:19:56:ac:37:c9:80:69:55:
98:0a:fb:36:ba:72:2c:c3:ea:4a:4c:11:a8:21:e6:fc:7c:1b:
f4:0f:8c:a9:12:27:b6:fd:a5:a3:bd:e2:32:d0:68:c0:8e:d1:
6a:56:d0:6a:3a:b8:78:4a:91:36:ce:b3:f4:e5:ff:f5:da:c7:
f8:17:f9:89:ef:73:19:cc:d3:ea:96:64:50:9a:56:9d:ee:00:
1b:85:24:64:a9:07:50:3a:52:72:84:b3:59:24:67:52:5c:09:
2d:5b:84:52:f2:7c:bb:f7:14:98:e5:22:02:97:23:12:8a:5e:
58:ed:16:26:5f:dd:ec:9f:3c:23:f5:41:93:6d:e4:2b:f9:a4:
a9:3b:99:5b:0d:7c:ea:cc:cf:a9:b0:40:29:52:79:07:e5:c5:
8d:16:c5:cf:da:ac:da:5b:09:6c:c7:f7:c4:ee:37:54:fd:a6:
0b:a3:0a:e7:9e:f7:82:2a:b4:2d:0b:f5:c3:c9:21:0f:e0:e1:
ae:06:4a:ce:f7:1d:b4:5c:b2:6c:0b:22:19:87:90:40:f6:93:
a9:63:f5:9c
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgICBu8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjQxMTIwMDk1MTA0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNkYjEwNy0wN2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtT8cV/G8QIDibieydjYbgy6sZi9T2KW6/HihKQ+Sq1JsS3/QW/9u0tYvH71K
kMPHCfcp/aapfv2JR0rIvkXY3r1FT4M3HiRPdQUuB5+nhCeyXEVHzoBLNi93tKav
9BCnblAYwxomet9DPM7t2VHsXD63ZvFzHK69N78It1BaUPIR3OnL67EbjeZCoasM
rmQDuQLfbKHkmiMA1NGRrLn6EUWEV1uhHZDH8r319YAB/Btr6KI9grrIHCc5TmoO
cvH03OksTOnXUkGAeYFiMG/sn3lguOQ1HNzHRQ5IIjlqQd95lTpeXo0kSqsRmLdE
BaylwvxzDjWIvkVyH365a+bTXwIDAQABo4IDRjCCA0IwHQYDVR0OBBYEFNSd/l1V
ceEMqP7W550s/cBIT6K3MB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvQkI1NzFCRDg5
OThEMTFFRTg5NkY3QTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgc8GCCsGAQUFBwEHAQH/
BIG/MIG8MIGVBAIAATCBjgMDADzqAwMAZWIDBAVlZIADBAJn4IADBAJn7SgDBAJu
LBADBAZ2lEADBAZ2lUAwCwMDBXfgAwQFd+BAAwQEd+CAAwMBeWIDBAZ8xQADBALK
MVwDBALKMfQDBALKMnwDBADKMqoDBATKNbADBAXKWYADBAXKlmADBAbKtEADBATK
vaADBATKvyADBAbLuAAwIgQCAAIwHAMFACQASAADBQAkAmAAAwUAJAKCAAMFBCQE
RAAwDQYJKoZIhvcNAQELBQADggEBAEsbNaBUIxjBzHzUmYTdlOJvwMmMDFnlcn1L
1ZGaneKwVHnstudit4ZByvhfZh8ZVqw3yYBpVZgK+za6cizD6kpMEagh5vx8G/QP
jKkSJ7b9paO94jLQaMCO0WpW0Go6uHhKkTbOs/Tl//Xax/gX+YnvcxnM0+qWZFCa
Vp3uABuFJGSpB1A6UnKEs1kkZ1JcCS1bhFLyfLv3FJjlIgKXIxKKXljtFiZf3eyf
PCP1QZNt5Cv5pKk7mVsNfOrMz6mwQClSeQflxY0Wxc/arNpbCWzH98TuN1T9pguj
Cuee94IqtC0L9cPJIQ/g4a4GSs73HbRcsmwLIhmHkED2k6lj9Zw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:44 2025 by rpki-client