Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/8EC7846643EE11EFBB00E971C4F9AE02.roa
File: 8EC7846643EE11EFBB00E971C4F9AE02.roa (raw, json)
Hash identifier: ySUR4JGnDF1Gs2zKZ4b6xhGq4RK1CDbg/qJzIh/4fwU=
Subject key identifier: 0C:52:31:96:EC:DF:AB:8B:04:B4:AB:D2:AA:67:98:F5:DD:27:46:52
Certificate issuer: /CN=A915F89C/serialNumber=AF8F0CFB47FBFCC7C4933C473CDB36442B5051CE
Certificate serial: 35D1
Authority key identifier: AF:8F:0C:FB:47:FB:FC:C7:C4:93:3C:47:3C:DB:36:44:2B:50:51:CE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r48M-0f7_MfEkzxHPNs2RCtQUc4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/8EC7846643EE11EFBB00E971C4F9AE02.roa
Signing time: Tue 20 Aug 2024 14:30:32 +0000
ROA not before: Tue 20 Aug 2024 14:30:32 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 9506
IP address blocks: 14.100.0.0/17 maxlen: 24
42.60.0.0/16 maxlen: 24
42.61.128.0/17 maxlen: 24
101.78.64.0/18 maxlen: 24
115.66.0.0/16 maxlen: 24
116.14.0.0/15 maxlen: 15
116.14.0.0/16 maxlen: 24
116.15.0.0/16 maxlen: 24
118.200.0.0/16 maxlen: 24
118.201.0.0/17 maxlen: 24
118.201.192.0/18 maxlen: 18
118.201.224.0/19 maxlen: 24
119.74.0.0/16 maxlen: 24
121.6.0.0/16 maxlen: 24
121.7.0.0/16 maxlen: 24
180.255.64.0/18 maxlen: 18
219.74.0.0/16 maxlen: 24
219.75.0.0/17 maxlen: 24
220.255.0.0/22 maxlen: 22
220.255.0.0/24 maxlen: 24
220.255.1.0/24 maxlen: 24
220.255.2.0/24 maxlen: 24
220.255.3.0/24 maxlen: 24
220.255.4.0/22 maxlen: 22
220.255.4.0/24 maxlen: 24
220.255.5.0/24 maxlen: 24
220.255.6.0/24 maxlen: 24
220.255.7.0/24 maxlen: 24
220.255.16.0/20 maxlen: 20
220.255.32.0/19 maxlen: 19
220.255.64.0/18 maxlen: 18
220.255.128.0/17 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 07:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13777 (0x35d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F89C/serialNumber=AF8F0CFB47FBFCC7C4933C473CDB36442B5051CE
Validity
Not Before: Aug 20 14:30:32 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66c4a887-0c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:75:4a:68:0a:94:61:6d:96:f8:44:99:db:19:
31:4b:01:3d:11:e4:21:82:e1:48:c7:d4:b4:9d:6e:
7b:74:14:54:09:37:37:5a:8b:8f:c5:80:8d:7c:4c:
7d:ed:86:db:2f:f9:5b:03:3a:98:10:7c:68:39:2d:
6c:07:20:f8:44:45:ba:25:18:c8:0b:e8:62:72:40:
ac:50:76:35:a2:c2:df:23:11:0c:4f:6b:ea:56:9f:
1c:74:34:bc:0a:40:97:3a:2e:71:65:cd:b9:67:03:
df:41:72:6b:34:a1:2b:7e:49:46:bd:29:83:18:f0:
34:b2:6e:a1:f7:58:24:e3:c8:55:fb:74:dd:79:17:
aa:ec:fb:2f:20:40:fc:9c:5a:15:d7:ec:7c:72:94:
60:b7:31:26:34:31:70:77:a7:9c:cf:78:77:2b:28:
75:c6:bc:4b:f5:9a:a7:71:1a:a5:0c:e9:71:b2:8a:
e6:94:72:f1:61:e5:a5:47:96:b4:b5:78:8d:94:62:
9b:ec:a4:5d:2d:98:00:e0:51:fc:9b:58:c1:41:af:
a2:df:22:60:20:91:26:af:99:6f:f2:14:1c:ab:30:
8b:3d:b9:eb:bc:e6:fa:66:2b:e0:88:38:5e:11:f0:
f4:97:be:6e:b4:a5:04:12:38:5b:c1:29:8a:c6:26:
7b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:52:31:96:EC:DF:AB:8B:04:B4:AB:D2:AA:67:98:F5:DD:27:46:52
X509v3 Authority Key Identifier:
keyid:AF:8F:0C:FB:47:FB:FC:C7:C4:93:3C:47:3C:DB:36:44:2B:50:51:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/r48M-0f7_MfEkzxHPNs2RCtQUc4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r48M-0f7_MfEkzxHPNs2RCtQUc4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/6907C3E21D8311E29B35A5D808B02CD2/8EC7846643EE11EFBB00E971C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.100.0.0/17
42.60.0.0/16
42.61.128.0/17
101.78.64.0/18
115.66.0.0/16
116.14.0.0/15
118.200.0.0-118.201.127.255
118.201.192.0/18
119.74.0.0/16
121.6.0.0/15
180.255.64.0/18
219.74.0.0-219.75.127.255
220.255.0.0/21
220.255.16.0-220.255.255.255
Signature Algorithm: sha256WithRSAEncryption
4c:73:91:cb:f8:79:05:3d:61:4d:0a:66:82:56:83:b9:09:3f:
6e:47:02:67:b1:d3:e0:10:f0:91:68:26:87:b6:f5:86:c4:90:
53:00:04:e7:d1:29:24:8e:a1:28:fa:69:2c:b4:4e:6b:48:13:
01:58:f5:f4:08:60:6a:b8:a8:ea:dc:4c:35:13:77:e6:96:fd:
48:7f:21:99:2a:77:e8:ff:4b:5d:49:11:52:30:3f:39:59:42:
5a:af:d3:ca:0f:07:fb:47:30:95:77:5e:e5:f0:7a:6f:ed:f5:
2c:33:a8:32:4f:0e:d9:40:a5:89:ff:75:94:c6:19:16:3d:b3:
46:55:f5:35:12:06:91:e0:15:e7:7f:9a:20:31:59:28:fd:d1:
54:c3:fd:9c:45:ea:72:6e:a3:cc:65:3a:af:60:73:44:ed:67:
70:2e:a4:37:28:c5:90:8a:23:42:e4:28:20:f0:82:d7:26:74:
74:5b:38:f2:1c:94:f9:f5:89:48:fd:5f:66:d5:a4:27:b4:4b:
c2:2a:95:da:0b:27:68:73:bc:f9:81:2e:01:be:41:92:c2:42:
0b:60:db:54:d4:43:34:6c:57:47:7a:c4:20:9b:1f:ef:31:ef:
10:d3:cf:5d:3d:1d:b3:88:c3:ac:b0:39:32:2e:b8:f4:65:ab:
81:f6:d5:f0
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgICNdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUY4OUMxMTAvBgNVBAUTKEFGOEYwQ0ZCNDdGQkZDQzdDNDkzM0M0NzNDREIzNjQ0
MkI1MDUxQ0UwHhcNMjQwODIwMTQzMDMyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0YTg4Ny0wYzJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxnVKaAqUYW2W+ESZ2xkxSwE9EeQhguFIx9S0nW57dBRUCTc3WouPxYCNfEx9
7YbbL/lbAzqYEHxoOS1sByD4REW6JRjIC+hickCsUHY1osLfIxEMT2vqVp8cdDS8
CkCXOi5xZc25ZwPfQXJrNKErfklGvSmDGPA0sm6h91gk48hV+3TdeReq7PsvIED8
nFoV1+x8cpRgtzEmNDFwd6ecz3h3Kyh1xrxL9ZqncRqlDOlxsormlHLxYeWlR5a0
tXiNlGKb7KRdLZgA4FH8m1jBQa+i3yJgIJEmr5lv8hQcqzCLPbnrvOb6ZivgiDhe
EfD0l75utKUEEjhbwSmKxiZ7jwIDAQABo4IC8jCCAu4wHQYDVR0OBBYEFAxSMZbs
36uLBLSr0qpnmPXdJ0ZSMB8GA1UdIwQYMBaAFK+PDPtH+/zHxJM8RzzbNkQrUFHO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy82OTA3QzNFMjFE
ODMxMUUyOUIzNUE1RDgwOEIwMkNEMi9yNDhNLTBmN19NZkVrenhIUE5zMlJDdFFV
YzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I0OE0tMGY3X01mRWt6eEhQTnMyUkN0UVVjNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUY4OUMvNjkwN0MzRTIxRDgzMTFFMjlCMzVBNUQ4MDhCMDJDRDIvOEVDNzg0NjY0
M0VFMTFFRkJCMDBFOTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfAYIKwYBBQUHAQcBAf8E
bTBrMGkEAgABMGMDBAcOZAADAwAqPAMEByo9gAMEBmVOQAMDAHNCAwMBdA4wCwMD
A3bIAwQHdskAAwQGdsnAAwMAd0oDAwF5BgMEBrT/QDALAwMB20oDBAfbSwADBAPc
/wAwCgMEBNz/EAMCANwwDQYJKoZIhvcNAQELBQADggEBAExzkcv4eQU9YU0KZoJW
g7kJP25HAmex0+AQ8JFoJoe29YbEkFMABOfRKSSOoSj6aSy0TmtIEwFY9fQIYGq4
qOrcTDUTd+aW/Uh/IZkqd+j/S11JEVIwPzlZQlqv08oPB/tHMJV3XuXwem/t9Swz
qDJPDtlApYn/dZTGGRY9s0ZV9TUSBpHgFed/miAxWSj90VTD/ZxF6nJuo8xlOq9g
c0TtZ3AupDcoxZCKI0LkKCDwgtcmdHRbOPIclPn1iUj9X2bVpCe0S8IqldoLJ2hz
vPmBLgG+QZLCQgtg21TUQzRsV0d6xCCbH+8x7xDTz109HbOIw6ywOTIuuPRlq4H2
1fA=
-----END CERTIFICATE-----
Generated at Fri Sep 13 09:47:09 2024 by rpki-client on console-ams.rpki-client.org