Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/289782725F9111EFA75FFB6AC4F9AE02.roa
File: 289782725F9111EFA75FFB6AC4F9AE02.roa (raw, json)
Hash identifier: kCn4o5M4CdKR4JXqlcEmt0ab2oOVW8gpuJi7P657Icw=
Subject key identifier: BC:3E:6A:7D:92:26:58:4E:A6:8D:D9:3B:FC:52:1B:58:05:E0:BA:58
Certificate issuer: /CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Certificate serial: 0B35
Authority key identifier: 7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/289782725F9111EFA75FFB6AC4F9AE02.roa
Signing time: Mon 23 Sep 2024 10:33:51 +0000
ROA not before: Mon 23 Sep 2024 10:33:50 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.128.0/22 maxlen: 22
36.255.39.0/24 maxlen: 24
103.8.176.0/22 maxlen: 22
103.8.180.0/22 maxlen: 22
119.27.0.0/19 maxlen: 19
119.27.32.0/20 maxlen: 20
119.27.50.0/23 maxlen: 23
119.27.52.0/22 maxlen: 22
119.27.56.0/22 maxlen: 22
119.27.60.0/23 maxlen: 23
122.50.64.0/19 maxlen: 19
122.50.104.0/21 maxlen: 21
122.50.112.0/22 maxlen: 22
122.50.120.0/21 maxlen: 21
122.50.120.0/22 maxlen: 22
122.50.124.0/22 maxlen: 22
180.189.0.0/20 maxlen: 20
180.189.0.0/21 maxlen: 21
180.189.8.0/21 maxlen: 21
180.189.32.0/20 maxlen: 20
180.189.48.0/22 maxlen: 22
180.189.56.0/21 maxlen: 21
183.177.0.0/20 maxlen: 20
183.177.16.0/20 maxlen: 20
183.177.32.0/20 maxlen: 20
202.167.224.0/23 maxlen: 23
202.167.227.0/24 maxlen: 24
202.167.230.0/23 maxlen: 23
202.167.232.0/24 maxlen: 24
202.167.234.0/23 maxlen: 23
202.167.236.0/22 maxlen: 22
202.167.240.0/22 maxlen: 22
202.167.244.0/22 maxlen: 22
202.167.248.0/23 maxlen: 23
202.167.252.0/23 maxlen: 23
202.167.254.0/24 maxlen: 24
202.167.255.0/24 maxlen: 24
202.177.192.0/24 maxlen: 24
202.177.193.0/24 maxlen: 24
202.177.195.0/24 maxlen: 24
202.177.196.0/23 maxlen: 23
202.177.198.0/24 maxlen: 24
202.177.199.0/24 maxlen: 24
202.177.200.0/23 maxlen: 23
202.177.202.0/23 maxlen: 23
202.177.204.0/23 maxlen: 23
202.177.207.0/24 maxlen: 24
203.190.224.0/23 maxlen: 23
203.190.232.0/22 maxlen: 22
203.190.232.0/24 maxlen: 24
203.190.236.0/22 maxlen: 22
2407:b000::/32 maxlen: 32
2407:b001::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 18 Oct 2024 03:51:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2869 (0xb35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Validity
Not Before: Sep 23 10:33:50 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66f1440e-7277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e1:77:f9:18:5a:da:17:c6:65:c5:18:a9:7d:
2b:98:65:03:ca:78:46:7c:8c:07:ff:53:d4:69:b3:
66:c7:e2:9d:58:0d:e3:19:d6:16:bc:24:c3:4b:b8:
9c:93:0d:9e:1e:bf:60:41:5e:7f:0a:22:64:57:a7:
f0:35:72:d6:2a:d9:5c:d9:b4:4b:0e:14:a1:de:28:
f8:de:81:18:64:dc:ff:38:61:16:87:15:5f:7f:bd:
c0:c2:bb:c2:2f:81:71:c9:0a:57:9a:3a:fa:2f:52:
01:ea:6d:14:4e:c4:2d:29:78:3a:70:db:9e:65:51:
8e:ca:50:65:23:ca:71:83:e2:24:2f:ed:85:5f:b9:
0b:fc:75:c2:dd:22:6c:b8:32:97:fb:d9:b0:e1:f4:
02:46:55:f7:7d:5d:f2:1c:0a:5c:f7:37:22:b6:99:
8d:cb:aa:70:35:ac:ed:fe:d2:68:c5:02:82:c9:58:
72:34:9c:ab:cc:38:66:7a:5b:3c:d9:e2:8d:73:44:
ec:3c:89:af:6f:cf:1e:cf:40:b4:f1:57:82:f9:04:
ea:8a:90:dd:f2:c1:50:d2:88:d3:56:1c:22:8d:cf:
36:ba:07:54:ac:0e:4b:69:de:ce:cb:f5:6c:49:64:
08:e1:97:a6:72:65:e7:98:b6:10:e4:7f:f9:bc:0f:
79:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3E:6A:7D:92:26:58:4E:A6:8D:D9:3B:FC:52:1B:58:05:E0:BA:58
X509v3 Authority Key Identifier:
keyid:7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/289782725F9111EFA75FFB6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.128.0/22
36.255.39.0/24
103.8.176.0/21
119.27.0.0-119.27.47.255
119.27.50.0-119.27.61.255
122.50.64.0/19
122.50.104.0-122.50.115.255
122.50.120.0/21
180.189.0.0/20
180.189.32.0-180.189.51.255
180.189.56.0/21
183.177.0.0-183.177.47.255
202.167.224.0/23
202.167.227.0/24
202.167.230.0-202.167.232.255
202.167.234.0-202.167.249.255
202.167.252.0/22
202.177.192.0/23
202.177.195.0-202.177.205.255
202.177.207.0/24
203.190.224.0/23
203.190.232.0/21
IPv6:
2407:b000::/31
Signature Algorithm: sha256WithRSAEncryption
91:d3:95:a1:a7:b6:58:96:f1:4e:34:70:5e:c9:a7:32:a3:d3:
59:fb:06:4c:3b:d6:d5:cc:8f:52:37:5c:7c:06:21:f5:2f:4d:
cb:e5:06:f7:78:bd:f7:6d:57:73:1e:0f:2e:9d:cb:d0:43:07:
14:92:bc:8e:1c:40:b7:93:72:44:e5:a8:e1:64:8e:6f:d4:82:
a9:26:c1:ee:fe:b0:9b:d3:2c:5c:8a:11:aa:5f:11:cc:c2:24:
64:99:62:da:6b:7c:52:77:de:1e:6d:e7:79:1a:cf:b8:65:44:
1d:5e:aa:ed:a2:cc:d0:e0:99:c4:7a:e7:ef:99:f1:f7:9e:ca:
09:df:63:bb:fd:69:c1:24:d9:ad:f6:ae:da:52:97:b6:02:f0:
a7:d0:d6:53:43:b1:a3:84:43:13:05:bd:ec:1e:16:d1:a4:f7:
cf:2e:b5:93:54:45:94:04:0b:8a:8c:07:77:d6:9a:3a:f7:e7:
94:b0:87:8c:d9:b8:fd:e2:32:62:5d:12:6e:7f:0f:cb:d3:5c:
37:9d:20:36:cc:9d:4c:d6:b9:c3:2d:a2:c1:46:bf:fc:18:9f:
56:4a:34:96:32:0d:19:8f:7b:29:96:11:3e:dc:b0:1a:bf:ff:
98:d4:98:9c:10:15:d5:16:73:54:39:af:80:d5:ef:9e:8f:2d:
cf:b2:64:0a
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgICCzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFM0YxMTAvBgNVBAUTKDdFMzEzQUI3RkYyNkU3ODNFMDNDMDc4NTE2MTI3NTE4
ODFBRTQ5MTgwHhcNMjQwOTIzMTAzMzUwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYxNDQwZS03Mjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0eF3+Rha2hfGZcUYqX0rmGUDynhGfIwH/1PUabNmx+KdWA3jGdYWvCTDS7ic
kw2eHr9gQV5/CiJkV6fwNXLWKtlc2bRLDhSh3ij43oEYZNz/OGEWhxVff73AwrvC
L4FxyQpXmjr6L1IB6m0UTsQtKXg6cNueZVGOylBlI8pxg+IkL+2FX7kL/HXC3SJs
uDKX+9mw4fQCRlX3fV3yHApc9zcitpmNy6pwNazt/tJoxQKCyVhyNJyrzDhmels8
2eKNc0TsPImvb88ez0C08VeC+QTqipDd8sFQ0ojTVhwijc82ugdUrA5Lad7Oy/Vs
SWQI4ZemcmXnmLYQ5H/5vA95jQIDAQABo4IDZTCCA2EwHQYDVR0OBBYEFLw+an2S
JlhOpo3ZO/xSG1gF4LpYMB8GA1UdIwQYMBaAFH4xOrf/JueD4DwHhRYSdRiBrkkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEUzRi9DMjQzMjJCQTU0
NDYxMUVBOEMwNTY1MURDNEY5QUUwMi9makU2dF84bTU0UGdQQWVGRmhKMUdJR3VT
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqRTZ0XzhtNTRQZ1BBZUZGaEoxR0lHdVNSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFM0YvQzI0MzIyQkE1NDQ2MTFFQThDMDU2NTFEQzRGOUFFMDIvMjg5NzgyNzI1
RjkxMTFFRkE3NUZGQjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwge4GCCsGAQUFBwEHAQH/
BIHeMIHbMIHJBAIAATCBwgMEAhtvgAMEACT/JwMEA2cIsDALAwMAdxsDBAR3GyAw
DAMEAXcbMgMEAXcbPAMEBXoyQDAMAwQDejJoAwQCejJwAwQDejJ4AwQEtL0AMAwD
BAW0vSADBAK0vTADBAO0vTgwCwMDALexAwQEt7EgAwQByqfgAwQAyqfjMAwDBAHK
p+YDBADKp+gwDAMEAcqn6gMEAcqn+AMEAsqn/AMEAcqxwDAMAwQAyrHDAwQByrHM
AwQAyrHPAwQBy77gAwQDy77oMA0EAgACMAcDBQEkB7AAMA0GCSqGSIb3DQEBCwUA
A4IBAQCR05Whp7ZYlvFONHBeyacyo9NZ+wZMO9bVzI9SN1x8BiH1L03L5Qb3eL33
bVdzHg8uncvQQwcUkryOHEC3k3JE5ajhZI5v1IKpJsHu/rCb0yxcihGqXxHMwiRk
mWLaa3xSd94ebed5Gs+4ZUQdXqrtoszQ4JnEeufvmfH3nsoJ32O7/WnBJNmt9q7a
Upe2AvCn0NZTQ7GjhEMTBb3sHhbRpPfPLrWTVEWUBAuKjAd31po69+eUsIeM2bj9
4jJiXRJufw/L01w3nSA2zJ1M1rnDLaLBRr/8GJ9WSjSWMg0Zj3splhE+3LAav/+Y
1JicEBXVFnNUOa+A1e+ejy3PsmQK
-----END CERTIFICATE-----
Generated at Fri Oct 18 06:42:06 2024 by rpki-client on console-ams.rpki-client.org