Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/13E506A05F8D11EFA0D0E63EC4F9AE02.roa
File: 13E506A05F8D11EFA0D0E63EC4F9AE02.roa (raw, json)
Hash identifier: 5aHwyh7mKf3mabB3+B/ULHUMzqLd6tPgtR4X65Nue2c=
Subject key identifier: D0:65:7B:72:17:1D:1D:EB:77:43:2E:4B:0C:A1:A4:2E:5F:E1:96:30
Certificate issuer: /CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897
Certificate serial: 161F
Authority key identifier: E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/13E506A05F8D11EFA0D0E63EC4F9AE02.roa
Signing time: Fri 20 Dec 2024 01:35:15 +0000
ROA not before: Fri 20 Dec 2024 01:35:15 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.160.0/19 maxlen: 19
27.111.160.0/21 maxlen: 21
27.111.168.0/22 maxlen: 22
27.111.173.0/24 maxlen: 24
27.111.174.0/23 maxlen: 23
27.111.176.0/20 maxlen: 20
27.111.192.0/20 maxlen: 20
45.126.14.0/23 maxlen: 23
103.14.116.0/22 maxlen: 22
113.59.240.0/20 maxlen: 20
113.59.240.0/23 maxlen: 23
113.59.243.0/24 maxlen: 24
113.59.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 05 Feb 2025 05:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5663 (0x161f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172D91
Validity
Not Before: Dec 20 01:35:15 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6764c9d2-dc21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:80:ce:ea:73:9c:58:f2:35:ef:11:cf:f8:1c:
70:2f:7e:f8:45:e1:ec:d9:8e:67:d5:69:39:07:f6:
ab:a9:6b:d4:68:b0:5d:7d:70:e6:8a:ce:16:0b:ae:
a7:e0:49:ed:db:47:eb:1e:95:af:af:18:52:55:d3:
86:23:bf:30:6e:ad:09:d4:18:3b:56:b1:da:d7:72:
d1:95:e2:f3:82:49:52:e4:94:24:98:4b:90:f0:1d:
6c:3d:ac:9e:b6:a8:28:ba:3f:90:a1:e5:52:45:c0:
3c:94:58:1c:53:e7:46:9c:b3:c4:aa:c5:49:7f:7e:
a4:c9:f4:b4:9f:47:3a:93:35:a8:ee:f7:21:df:3e:
fa:1a:a3:37:d7:a5:89:42:47:64:ca:b1:01:8e:82:
70:93:91:2d:bc:96:63:a5:fd:19:ae:07:95:f2:71:
2a:bd:8a:38:86:2a:4f:44:09:bf:d4:f7:c8:75:6b:
84:56:2e:27:56:f9:14:e1:ff:ae:ca:2d:85:a1:80:
25:96:0a:2f:77:f3:cb:8b:91:d6:0f:14:e1:a4:cd:
6d:d3:2a:26:5c:60:c7:ef:2f:8a:43:5f:30:27:50:
20:9b:ce:cc:5e:35:7b:f6:f2:19:ba:e5:99:ef:6f:
c8:2d:c8:e0:3e:ae:fe:e6:c3:18:f8:05:51:3a:74:
87:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:65:7B:72:17:1D:1D:EB:77:43:2E:4B:0C:A1:A4:2E:5F:E1:96:30
X509v3 Authority Key Identifier:
keyid:E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/13E506A05F8D11EFA0D0E63EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.160.0-27.111.207.255
45.126.14.0/23
103.14.116.0/22
113.59.240.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:6d:d0:17:4e:58:05:00:25:58:42:d3:c2:5b:c9:66:27:75:
e6:56:e4:66:3b:3e:64:d1:d1:02:59:d4:c8:84:90:7a:a3:0f:
67:9f:2b:2f:e0:b2:c2:6a:94:7e:85:b3:e6:10:7b:fe:3b:d8:
c5:a0:bb:17:f3:46:ec:7c:20:c4:5f:5a:4c:cf:c6:e7:4c:d1:
78:87:b6:3b:84:e7:e6:38:85:95:81:ff:d9:2e:c1:4e:d9:07:
30:ec:ae:a1:00:a2:44:a4:52:31:05:37:75:f0:cb:98:27:c6:
3e:ef:f5:bc:9a:78:1c:53:25:61:c5:4a:10:5b:e9:45:6c:6f:
3b:4a:3c:1b:54:0c:33:2d:2b:8e:23:f9:a5:91:44:96:b6:61:
f3:32:8a:2e:4b:80:5a:50:07:1e:8f:e6:df:2c:9d:9a:6b:ca:
c6:e9:4c:56:ab:3d:30:55:03:03:4e:4a:14:c2:4e:a9:f7:38:
73:db:43:bf:9c:e9:9c:2c:bd:0d:a4:de:d5:35:ea:c3:43:72:
45:14:fc:ca:67:cf:92:66:a9:c8:c0:00:3c:77:11:50:40:48:
e4:c1:ac:7c:88:89:07:65:cf:d7:bd:be:43:c4:15:7d:91:25:
93:da:88:1b:6f:7f:3b:9d:96:0a:67:1f:bd:e4:03:0a:68:45:
7e:d9:48:ca
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICFh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzJEOTExMTAvBgNVBAUTKEUyRURFNEE3RUE5NzI2NjhBNzk1QjI3QkE5REM4N0Y0
QjkwREE4OTcwHhcNMjQxMjIwMDEzNTE1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY0YzlkMi1kYzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArYDO6nOcWPI17xHP+BxwL374ReHs2Y5n1Wk5B/arqWvUaLBdfXDmis4WC66n
4Ent20frHpWvrxhSVdOGI78wbq0J1Bg7VrHa13LRleLzgklS5JQkmEuQ8B1sPaye
tqgouj+QoeVSRcA8lFgcU+dGnLPEqsVJf36kyfS0n0c6kzWo7vch3z76GqM316WJ
QkdkyrEBjoJwk5EtvJZjpf0ZrgeV8nEqvYo4hipPRAm/1PfIdWuEVi4nVvkU4f+u
yi2FoYAllgovd/PLi5HWDxThpM1t0yomXGDH7y+KQ18wJ1Agm87MXjV79vIZuuWZ
72/ILcjgPq7+5sMY+AVROnSHWQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFNBle3IX
HR3rd0MuSwyhpC5f4ZYwMB8GA1UdIwQYMBaAFOLt5KfqlyZop5Wye6nch/S5DaiX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkQ5MS9FQTY3MkE1QzE5
RTcxMUU4QjI0M0Q1N0NDNEY5QUUwMi80dTNrcC1xWEptaW5sYko3cWR5SDlMa05x
SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzR1M2twLXFYSm1pbmxiSjdxZHlIOUxrTnFKYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJEOTEvRUE2NzJBNUMxOUU3MTFFOEIyNDNENTdDQzRGOUFFMDIvMTNFNTA2QTA1
RjhEMTFFRkEwRDBFNjNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCAwDAMEBRtvoAMEBBtvwAMEAS1+DgMEAmcOdAMEBHE78DANBgkq
hkiG9w0BAQsFAAOCAQEAK23QF05YBQAlWELTwlvJZid15lbkZjs+ZNHRAlnUyISQ
eqMPZ58rL+CywmqUfoWz5hB7/jvYxaC7F/NG7HwgxF9aTM/G50zReIe2O4Tn5jiF
lYH/2S7BTtkHMOyuoQCiRKRSMQU3dfDLmCfGPu/1vJp4HFMlYcVKEFvpRWxvO0o8
G1QMMy0rjiP5pZFElrZh8zKKLkuAWlAHHo/m3yydmmvKxulMVqs9MFUDA05KFMJO
qfc4c9tDv5zpnCy9DaTe1TXqw0NyRRT8ymfPkmapyMAAPHcRUEBI5MGsfIiJB2XP
172+Q8QVfZElk9qIG29/O52WCmcfveQDCmhFftlIyg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:22 2025 by rpki-client