Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/AA9BE3F0539611EFB8D0655CC4F9AE02.roa
File: AA9BE3F0539611EFB8D0655CC4F9AE02.roa (raw, json)
Hash identifier: Q12A/ZAreq7sv+YeaF81VhepV0ImnueZL5tNl/h0qSw=
Subject key identifier: FB:E2:A5:C8:D1:CD:90:D2:94:9C:56:E2:3F:20:B2:FD:6E:D5:19:02
Certificate issuer: /CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Certificate serial: 0AF5
Authority key identifier: 7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/AA9BE3F0539611EFB8D0655CC4F9AE02.roa
Signing time: Fri 16 Aug 2024 07:01:43 +0000
ROA not before: Fri 16 Aug 2024 07:01:43 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.128.0/22 maxlen: 22
103.8.176.0/22 maxlen: 22
103.8.180.0/22 maxlen: 22
119.27.0.0/19 maxlen: 19
119.27.32.0/20 maxlen: 20
119.27.52.0/22 maxlen: 22
119.27.56.0/22 maxlen: 22
119.27.60.0/23 maxlen: 23
122.50.64.0/19 maxlen: 19
122.50.104.0/21 maxlen: 21
122.50.112.0/22 maxlen: 22
122.50.120.0/22 maxlen: 22
122.50.124.0/22 maxlen: 22
180.189.0.0/21 maxlen: 21
180.189.8.0/21 maxlen: 21
180.189.32.0/20 maxlen: 20
180.189.48.0/22 maxlen: 22
180.189.56.0/21 maxlen: 21
183.177.0.0/20 maxlen: 20
183.177.16.0/20 maxlen: 20
183.177.32.0/20 maxlen: 20
202.167.224.0/23 maxlen: 23
202.167.232.0/24 maxlen: 24
202.167.234.0/23 maxlen: 23
202.167.236.0/22 maxlen: 22
202.167.240.0/22 maxlen: 22
202.167.248.0/23 maxlen: 23
202.167.255.0/24 maxlen: 24
202.177.192.0/24 maxlen: 24
202.177.193.0/24 maxlen: 24
202.177.195.0/24 maxlen: 24
202.177.198.0/24 maxlen: 24
202.177.199.0/24 maxlen: 24
202.177.200.0/23 maxlen: 23
202.177.201.0/24 maxlen: 24
202.177.202.0/23 maxlen: 23
202.177.204.0/23 maxlen: 23
203.190.224.0/23 maxlen: 23
203.190.228.0/23 maxlen: 23
2407:b000::/32 maxlen: 32
2407:b001::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 16 Aug 2024 07:11:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2805 (0xaf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Validity
Not Before: Aug 16 07:01:43 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=66bef957-42c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3e:a2:3a:37:54:0d:60:20:0a:7a:be:5e:62:
df:3f:39:f5:64:e0:13:d4:72:cc:a1:80:51:e8:03:
e8:df:f0:20:aa:0d:17:87:da:5a:f5:a2:6f:01:dd:
f7:8c:b3:ee:a0:d1:48:81:71:6d:f3:6e:f6:6b:f2:
46:e8:69:c4:28:3f:63:2b:75:26:8d:e7:32:49:9c:
6c:21:0c:59:08:f3:90:79:80:fd:cf:62:55:1a:c6:
c7:c6:a3:9c:35:3f:8b:90:65:4a:2e:34:89:4e:8c:
05:6c:c7:0a:b1:2c:7a:6f:3e:a1:35:c3:55:24:65:
a5:d3:42:b8:7e:96:4f:f8:1d:8f:1e:02:73:72:f2:
a8:29:90:c7:48:8e:fc:13:63:96:fa:78:da:d1:69:
31:42:65:42:4c:ca:71:73:6c:8a:1c:ba:88:ac:db:
cf:9d:fd:1f:c8:f7:45:9a:48:56:fc:4f:88:e6:af:
6d:a5:27:fc:d6:9f:b7:59:c1:3d:79:c0:cf:57:d6:
8a:31:b0:12:81:d9:46:5e:6f:21:5d:e7:04:85:9d:
26:95:50:a5:fa:3d:9d:76:5d:2e:8d:c3:20:48:29:
46:bc:de:b7:75:b8:6b:09:f7:81:f6:45:7a:53:1f:
68:e7:79:a9:a7:40:6e:92:ad:23:a5:7b:c0:d7:dd:
5a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E2:A5:C8:D1:CD:90:D2:94:9C:56:E2:3F:20:B2:FD:6E:D5:19:02
X509v3 Authority Key Identifier:
keyid:7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/AA9BE3F0539611EFB8D0655CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.128.0/22
103.8.176.0/21
119.27.0.0-119.27.47.255
119.27.52.0-119.27.61.255
122.50.64.0/19
122.50.104.0-122.50.115.255
122.50.120.0/21
180.189.0.0/20
180.189.32.0-180.189.51.255
180.189.56.0/21
183.177.0.0-183.177.47.255
202.167.224.0/23
202.167.232.0/24
202.167.234.0-202.167.243.255
202.167.248.0/23
202.167.255.0/24
202.177.192.0/23
202.177.195.0/24
202.177.198.0-202.177.205.255
203.190.224.0/23
203.190.228.0/23
IPv6:
2407:b000::/31
Signature Algorithm: sha256WithRSAEncryption
0d:bd:9b:3d:51:8b:d0:96:f5:fc:b2:e4:41:af:ea:f5:d3:88:
99:db:c7:62:5c:24:b1:ef:6f:f6:7e:c0:27:5d:cf:10:9c:38:
72:1d:02:8f:5f:42:8d:b7:76:32:7f:3f:04:21:0a:8e:9f:96:
06:25:92:4e:f6:70:e2:c9:a6:82:ff:d2:62:6d:fe:de:6b:63:
c4:35:ed:38:b2:38:ba:e4:58:05:b6:58:e0:22:28:03:45:dd:
b9:05:00:8f:52:ea:e3:70:86:1c:fd:ed:9b:1c:76:85:c5:12:
8c:30:7c:32:2b:0e:1e:4e:1e:97:d5:16:f9:c2:f6:6f:f9:e0:
1a:44:f4:b6:8f:93:d1:11:e1:ba:2e:b8:62:5f:ed:82:19:3a:
1e:db:9b:d4:b7:ae:c6:fb:34:76:be:ae:ac:51:37:dc:58:4b:
65:8f:9e:19:69:99:3c:13:ab:e9:4b:bb:88:f0:4e:ac:49:38:
06:e8:be:46:41:cd:9e:21:88:bb:ca:89:2e:45:a9:0f:c3:43:
10:64:df:3e:1d:5c:f9:0c:7b:c6:9a:8e:8f:3d:49:f7:ca:8c:
cc:28:24:8d:e4:21:d7:d8:4e:f9:2d:67:2c:08:38:03:bd:93:
04:59:2b:cf:c2:0e:ed:ae:cd:d1:68:87:c8:14:da:57:22:26:
a7:48:f6:dd
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgICCvUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFM0YxMTAvBgNVBAUTKDdFMzEzQUI3RkYyNkU3ODNFMDNDMDc4NTE2MTI3NTE4
ODFBRTQ5MTgwHhcNMjQwODE2MDcwMTQzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJlZjk1Ny00MmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtj6iOjdUDWAgCnq+XmLfPzn1ZOAT1HLMoYBR6APo3/Agqg0Xh9pa9aJvAd33
jLPuoNFIgXFt8272a/JG6GnEKD9jK3UmjecySZxsIQxZCPOQeYD9z2JVGsbHxqOc
NT+LkGVKLjSJTowFbMcKsSx6bz6hNcNVJGWl00K4fpZP+B2PHgJzcvKoKZDHSI78
E2OW+nja0WkxQmVCTMpxc2yKHLqIrNvPnf0fyPdFmkhW/E+I5q9tpSf81p+3WcE9
ecDPV9aKMbASgdlGXm8hXecEhZ0mlVCl+j2ddl0ujcMgSClGvN63dbhrCfeB9kV6
Ux9o53mpp0Bukq0jpXvA191aeQIDAQABo4IDVzCCA1MwHQYDVR0OBBYEFPvipcjR
zZDSlJxW4j8gsv1u1RkCMB8GA1UdIwQYMBaAFH4xOrf/JueD4DwHhRYSdRiBrkkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEUzRi9DMjQzMjJCQTU0
NDYxMUVBOEMwNTY1MURDNEY5QUUwMi9makU2dF84bTU0UGdQQWVGRmhKMUdJR3VT
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqRTZ0XzhtNTRQZ1BBZUZGaEoxR0lHdVNSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFM0YvQzI0MzIyQkE1NDQ2MTFFQThDMDU2NTFEQzRGOUFFMDIvQUE5QkUzRjA1
Mzk2MTFFRkI4RDA2NTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeAGCCsGAQUFBwEHAQH/
BIHQMIHNMIG7BAIAATCBtAMEAhtvgAMEA2cIsDALAwMAdxsDBAR3GyAwDAMEAncb
NAMEAXcbPAMEBXoyQDAMAwQDejJoAwQCejJwAwQDejJ4AwQEtL0AMAwDBAW0vSAD
BAK0vTADBAO0vTgwCwMDALexAwQEt7EgAwQByqfgAwQAyqfoMAwDBAHKp+oDBALK
p/ADBAHKp/gDBADKp/8DBAHKscADBADKscMwDAMEAcqxxgMEAcqxzAMEAcu+4AME
Acu+5DANBAIAAjAHAwUBJAewADANBgkqhkiG9w0BAQsFAAOCAQEADb2bPVGL0Jb1
/LLkQa/q9dOImdvHYlwkse9v9n7AJ13PEJw4ch0Cj19Cjbd2Mn8/BCEKjp+WBiWS
TvZw4smmgv/SYm3+3mtjxDXtOLI4uuRYBbZY4CIoA0XduQUAj1Lq43CGHP3tmxx2
hcUSjDB8MisOHk4el9UW+cL2b/ngGkT0to+T0RHhui64Yl/tghk6Htub1Leuxvs0
dr6urFE33FhLZY+eGWmZPBOr6Uu7iPBOrEk4Bui+RkHNniGIu8qJLkWpD8NDEGTf
Ph1c+Qx7xpqOjz1J98qMzCgkjeQh19hO+S1nLAg4A72TBFkrz8IO7a7N0WiHyBTa
VyImp0j23Q==
-----END CERTIFICATE-----
Generated at Fri Aug 16 10:13:44 2024 by rpki-client on console-fra.rpki-client.org