Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/D35B8516E5EB11EEAD1B4222C4F9AE02.roa
File: D35B8516E5EB11EEAD1B4222C4F9AE02.roa (raw, json)
Hash identifier: clnla/SJn0Iza8yeJ8IgC0NC9b+RlYKiBua4P2MOz7Q=
Subject key identifier: E1:F7:A1:62:06:AC:2D:23:64:32:41:B1:59:E2:27:08:7C:30:F3:81
Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Certificate serial: 18A9
Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/D35B8516E5EB11EEAD1B4222C4F9AE02.roa
Signing time: Wed 10 Apr 2024 15:08:01 +0000
ROA not before: Wed 10 Apr 2024 15:08:01 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 20940
IP address blocks: 43.249.213.0/24 maxlen: 24
43.254.120.0/22 maxlen: 22
59.151.128.0/18 maxlen: 18
60.254.128.0/18 maxlen: 18
60.254.143.0/24 maxlen: 24
60.254.148.0/24 maxlen: 24
60.254.173.0/24 maxlen: 24
103.238.148.0/22 maxlen: 22
118.214.0.0/16 maxlen: 16
118.214.1.0/24 maxlen: 24
118.214.167.0/24 maxlen: 24
118.214.171.0/24 maxlen: 24
118.214.178.0/24 maxlen: 24
118.214.181.0/24 maxlen: 24
118.214.182.0/24 maxlen: 24
118.214.183.0/24 maxlen: 24
118.214.185.0/24 maxlen: 24
118.214.186.0/24 maxlen: 24
118.214.187.0/24 maxlen: 24
118.214.188.0/23 maxlen: 23
118.214.190.0/24 maxlen: 24
118.214.200.0/21 maxlen: 21
118.215.0.0/17 maxlen: 17
118.215.32.0/21 maxlen: 21
118.215.128.0/18 maxlen: 18
122.252.32.0/19 maxlen: 19
122.252.40.0/21 maxlen: 21
122.252.128.0/20 maxlen: 20
125.56.128.0/17 maxlen: 17
125.56.184.0/24 maxlen: 24
125.56.185.0/24 maxlen: 24
125.56.186.0/24 maxlen: 24
125.56.199.0/24 maxlen: 24
125.56.201.0/24 maxlen: 24
125.56.205.0/24 maxlen: 24
125.56.218.0/24 maxlen: 24
125.56.219.0/24 maxlen: 24
125.56.222.0/24 maxlen: 24
125.252.192.0/18 maxlen: 18
125.252.224.0/24 maxlen: 24
2405:9600::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 20 Jun 2024 09:19:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6313 (0x18a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Validity
Not Before: Apr 10 15:08:01 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6616ab50-0796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:71:00:bf:b8:34:a4:f4:b6:9f:8c:3b:ad:26:
ca:5a:0c:04:b3:7c:d3:2d:18:73:c9:4b:ec:a8:33:
73:87:8a:61:b2:f3:2d:29:ba:46:de:a9:ce:0a:d6:
db:a5:a4:ad:0f:2f:d4:a6:55:a1:2a:ca:c7:db:ae:
45:60:d5:81:3b:5a:25:9c:bd:9b:08:f9:ba:d2:1a:
60:fe:37:28:c1:80:cd:58:a8:c3:69:0c:ef:07:13:
b9:89:77:8b:33:63:52:55:59:5d:8e:b0:7c:23:af:
25:79:d3:aa:33:2f:3f:2e:cc:d9:e0:74:5e:06:0a:
f4:6e:da:17:98:fd:7b:b8:1b:38:53:f2:09:67:ef:
d6:7b:37:5f:45:52:6f:0e:4c:2c:9d:3e:fb:09:7c:
d2:d9:5d:72:02:0f:95:70:3d:ca:b8:de:55:17:78:
a0:df:9f:bf:93:fd:db:c9:4b:36:1e:5a:c7:53:c4:
d1:61:f7:64:2d:bb:86:45:53:dc:6e:97:fc:46:15:
88:59:21:f3:b6:27:f3:2f:33:e9:bd:b5:4d:8e:5b:
97:84:2c:76:b1:2d:8d:fb:96:e8:61:52:e9:d1:44:
20:48:d7:db:d6:c1:71:10:20:cc:38:fa:f4:2b:09:
55:14:cc:fc:e6:f4:19:da:69:69:be:85:1f:d9:79:
87:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F7:A1:62:06:AC:2D:23:64:32:41:B1:59:E2:27:08:7C:30:F3:81
X509v3 Authority Key Identifier:
keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/D35B8516E5EB11EEAD1B4222C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.213.0/24
43.254.120.0/22
59.151.128.0/18
60.254.128.0/18
103.238.148.0/22
118.214.0.0-118.215.191.255
122.252.32.0/19
122.252.128.0/20
125.56.128.0/17
125.252.192.0/18
IPv6:
2405:9600::/32
Signature Algorithm: sha256WithRSAEncryption
44:c6:ff:bc:1a:ad:cd:b7:66:6a:1d:5b:ff:e1:9b:21:11:4c:
66:cc:b3:00:3a:9a:eb:5b:f8:fd:8b:84:82:3c:5e:d6:4f:00:
7a:59:7f:3c:9a:98:bd:cf:3e:30:df:93:71:c3:ba:15:97:e2:
30:87:4a:44:4c:54:a0:81:44:7b:d2:00:84:33:d5:88:34:31:
9d:64:13:f7:3b:e6:7d:a0:19:4a:05:50:74:69:4e:ba:c9:ce:
64:74:4c:df:d9:88:3a:a6:2e:ae:d9:b1:6d:b8:b6:fc:84:87:
9a:88:f1:39:9b:b1:46:47:ad:39:7d:6d:00:ef:14:00:72:69:
12:f1:1c:f8:b9:db:d1:e8:5f:ea:c5:85:57:be:8d:1c:19:1d:
a2:47:0b:7d:77:0f:1d:3d:d9:30:b1:ed:3f:26:6c:b2:84:76:
f1:8c:c9:0e:2c:a3:e7:30:0f:fd:f2:e7:63:d0:a4:2c:c7:4d:
eb:16:04:ce:98:0d:8f:ba:bd:42:2b:80:c8:f1:c4:78:aa:f1:
11:fc:ef:8b:84:23:27:02:b3:98:a4:ca:4f:5c:5c:02:56:2a:
0b:b1:fd:74:da:60:8b:9a:a2:10:5b:ac:54:8f:8c:30:c8:3c:
aa:fe:37:d8:c5:e8:57:65:72:34:90:58:ee:ea:34:cf:70:6e:
4c:f1:5b:ce
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICGKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD
NTQyQTBEOTEwHhcNMjQwNDEwMTUwODAxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE2YWI1MC0wNzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAynEAv7g0pPS2n4w7rSbKWgwEs3zTLRhzyUvsqDNzh4phsvMtKbpG3qnOCtbb
paStDy/UplWhKsrH265FYNWBO1olnL2bCPm60hpg/jcowYDNWKjDaQzvBxO5iXeL
M2NSVVldjrB8I68ledOqMy8/LszZ4HReBgr0btoXmP17uBs4U/IJZ+/WezdfRVJv
DkwsnT77CXzS2V1yAg+VcD3KuN5VF3ig35+/k/3byUs2HlrHU8TRYfdkLbuGRVPc
bpf8RhWIWSHztifzLzPpvbVNjluXhCx2sS2N+5boYVLp0UQgSNfb1sFxECDMOPr0
KwlVFMz85vQZ2mlpvoUf2XmH0wIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFOH3oWIG
rC0jZDJBsVniJwh8MPOBMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky
NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvRDM1Qjg1MTZF
NUVCMTFFRUFEMUI0MjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMEkEAgABMEMDBAAr+dUDBAIr/ngDBAY7l4ADBAY8/oADBAJn7pQwCwMDAXbW
AwQGdteAAwQFevwgAwQEevyAAwQHfTiAAwQGffzAMA0EAgACMAcDBQAkBZYAMA0G
CSqGSIb3DQEBCwUAA4IBAQBExv+8Gq3Nt2ZqHVv/4ZshEUxmzLMAOprrW/j9i4SC
PF7WTwB6WX88mpi9zz4w35Nxw7oVl+Iwh0pETFSggUR70gCEM9WINDGdZBP3O+Z9
oBlKBVB0aU66yc5kdEzf2Yg6pi6u2bFtuLb8hIeaiPE5m7FGR605fW0A7xQAcmkS
8Rz4udvR6F/qxYVXvo0cGR2iRwt9dw8dPdkwse0/JmyyhHbxjMkOLKPnMA/98udj
0KQsx03rFgTOmA2Pur1CK4DI8cR4qvER/O+LhCMnArOYpMpPXFwCVioLsf102mCL
mqIQW6xUj4wwyDyq/jfYxehXZXI0kFju6jTPcG5M8VvO
-----END CERTIFICATE-----
Generated at Thu Jun 20 12:35:48 2024 by rpki-client on console-fra.rpki-client.org