Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CFBF4D708A0F11EA9DFF7F19C4F9AE02.roa
File: CFBF4D708A0F11EA9DFF7F19C4F9AE02.roa (raw, json)
Hash identifier: ZkMXTPMm3SQdvupU6deAw078+yZoTs1etw7Rjtt471M=
Subject key identifier: 8D:62:28:58:C8:62:28:AD:AD:13:4D:AF:17:BF:EB:F5:6F:2B:B9:E5
Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Certificate serial: 1810
Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CFBF4D708A0F11EA9DFF7F19C4F9AE02.roa
Signing time: Fri 12 Jan 2024 17:04:45 +0000
ROA not before: Fri 12 Jan 2024 17:04:45 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 32787
IP address blocks: 114.141.72.0/24 maxlen: 24
114.141.73.0/24 maxlen: 24
114.141.74.0/24 maxlen: 24
114.141.75.0/24 maxlen: 24
114.141.76.0/24 maxlen: 24
114.141.77.0/24 maxlen: 24
114.141.78.0/23 maxlen: 23
114.141.78.0/24 maxlen: 24
114.141.79.0/24 maxlen: 24
2404:4e00:1::/48 maxlen: 48
2404:4e00:2::/48 maxlen: 48
2404:4e00:3::/48 maxlen: 48
2404:4e00:4::/48 maxlen: 48
2404:4e00:5::/48 maxlen: 48
2404:4e00:6::/48 maxlen: 48
2404:4e00:7::/48 maxlen: 48
2404:4e00:101::/48 maxlen: 48
2404:4e00:102::/48 maxlen: 48
2404:4e00:103::/48 maxlen: 48
2404:4e00:104::/48 maxlen: 48
2404:4e00:105::/48 maxlen: 48
2404:4e00:107::/48 maxlen: 48
2404:4e00:200::/48 maxlen: 48
2404:4e00:201::/48 maxlen: 48
2404:4e00:202::/48 maxlen: 48
2404:4e00:203::/48 maxlen: 48
2404:4e00:204::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Feb 2024 11:37:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6160 (0x1810)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Validity
Not Before: Jan 12 17:04:45 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65a1712d-6b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:40:d5:d9:39:ac:be:0e:50:b7:f9:b1:1f:99:
ca:3e:ac:01:6e:72:4d:06:46:50:46:9b:a5:77:c8:
73:e5:46:12:7c:b6:f7:ff:78:92:3f:86:00:06:e3:
88:59:7a:a5:b6:0f:bf:d5:d8:06:cb:6c:df:ed:99:
65:32:a3:41:c2:a0:f2:fc:4b:b4:1f:32:b3:4a:14:
72:73:b7:cf:63:61:30:08:44:b5:ae:24:01:24:4d:
9f:32:7c:15:73:8a:e3:e5:ce:2f:b5:d6:74:5b:ed:
97:94:02:d2:9d:03:23:51:a2:89:0f:b4:24:a9:32:
dc:a5:08:ba:27:e1:66:84:8b:9e:dc:27:3f:21:3f:
5e:5f:70:05:81:0b:d8:c4:16:5b:0c:3e:e6:e4:d6:
b0:cc:12:99:91:47:af:ee:04:7d:a9:ea:ff:53:8a:
10:02:d2:73:77:72:e3:74:e6:72:35:2e:98:fe:d0:
a4:01:e3:b8:3f:62:10:c3:52:b8:a4:44:ba:65:9e:
8f:b4:b5:93:fd:0c:97:fa:e7:af:9b:24:be:f0:d4:
25:1d:d7:38:4e:83:b8:f3:a4:ae:62:b1:4a:77:fc:
24:f6:94:99:c8:3a:98:5e:54:ab:01:a4:2f:3d:3a:
a8:de:69:ea:f2:ab:68:69:86:fc:11:48:6a:d9:e6:
91:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:62:28:58:C8:62:28:AD:AD:13:4D:AF:17:BF:EB:F5:6F:2B:B9:E5
X509v3 Authority Key Identifier:
keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CFBF4D708A0F11EA9DFF7F19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.141.72.0/21
IPv6:
2404:4e00:1::-2404:4e00:7:ffff:ffff:ffff:ffff:ffff
2404:4e00:101::-2404:4e00:105:ffff:ffff:ffff:ffff:ffff
2404:4e00:107::/48
2404:4e00:200::-2404:4e00:204:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
11:bd:95:02:2b:8a:b7:8b:6b:30:91:b0:90:95:7c:b7:35:82:
8b:55:e1:89:6a:d1:c8:df:d9:13:f4:2a:2a:56:4a:80:6a:91:
3e:70:36:b6:22:39:6a:90:f5:96:62:89:60:20:e0:f3:00:e2:
c1:44:1b:86:f0:d4:73:8e:46:c0:4a:d4:44:c3:cb:da:78:b9:
dd:f2:b1:15:e1:fd:b8:d1:30:9a:ad:ff:9a:2e:dd:13:02:cd:
a9:01:2f:55:31:cd:b3:7f:bc:7c:a2:da:7c:98:9f:b1:21:fc:
ba:af:be:56:51:80:d4:6c:7a:9f:af:bf:c8:33:de:14:51:c2:
28:32:e6:a4:56:30:f9:4e:3e:1c:86:33:e0:33:0c:22:c7:80:
d4:6b:f4:81:33:09:ef:9b:74:2b:83:19:fd:8c:4e:0a:ca:b4:
22:5b:3a:83:2d:74:e9:bf:e2:9f:32:28:46:41:86:09:a0:ff:
31:76:20:01:4e:74:b4:73:c7:e9:70:dc:7c:08:aa:13:fb:11:
ec:20:42:6f:ca:78:46:f1:48:8a:45:df:a7:dd:51:56:b1:fe:
af:16:1b:ae:38:66:90:8a:7e:1e:37:c4:b2:e8:c8:67:95:d6:
65:fc:be:ea:e9:3d:53:00:6f:61:28:07:6e:7b:6b:57:b6:45:
10:db:ba:c7
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICGBAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD
NTQyQTBEOTEwHhcNMjQwMTEyMTcwNDQ1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWExNzEyZC02YjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6UDV2Tmsvg5Qt/mxH5nKPqwBbnJNBkZQRpuld8hz5UYSfLb3/3iSP4YABuOI
WXqltg+/1dgGy2zf7ZllMqNBwqDy/Eu0HzKzShRyc7fPY2EwCES1riQBJE2fMnwV
c4rj5c4vtdZ0W+2XlALSnQMjUaKJD7QkqTLcpQi6J+FmhIue3Cc/IT9eX3AFgQvY
xBZbDD7m5NawzBKZkUev7gR9qer/U4oQAtJzd3LjdOZyNS6Y/tCkAeO4P2IQw1K4
pES6ZZ6PtLWT/QyX+uevmyS+8NQlHdc4ToO486SuYrFKd/wk9pSZyDqYXlSrAaQv
PTqo3mnq8qtoaYb8EUhq2eaRlwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFI1iKFjI
YiitrRNNrxe/6/VvK7nlMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky
NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvQ0ZCRjRENzA4
QTBGMTFFQTlERkY3RjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMAwEAgABMAYDBANyjUgwSgQCAAIwRDASAwcAJAROAAABAwcDJAROAAAAMBID
BwAkBE4AAQEDBwEkBE4AAQQDBwAkBE4AAQcwEQMGASQETgACAwcAJAROAAIEMA0G
CSqGSIb3DQEBCwUAA4IBAQARvZUCK4q3i2swkbCQlXy3NYKLVeGJatHI39kT9Coq
VkqAapE+cDa2IjlqkPWWYolgIODzAOLBRBuG8NRzjkbAStREw8vaeLnd8rEV4f24
0TCarf+aLt0TAs2pAS9VMc2zf7x8otp8mJ+xIfy6r75WUYDUbHqfr7/IM94UUcIo
MuakVjD5Tj4chjPgMwwix4DUa/SBMwnvm3Qrgxn9jE4KyrQiWzqDLXTpv+KfMihG
QYYJoP8xdiABTnS0c8fpcNx8CKoT+xHsIEJvynhG8UiKRd+n3VFWsf6vFhuuOGaQ
in4eN8Sy6MhnldZl/L7q6T1TAG9hKAdue2tXtkUQ27rH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-ams.rpki-client.org