Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/62AE77F649CF11EDB720FD60C4F9AE02.roa
File: 62AE77F649CF11EDB720FD60C4F9AE02.roa (raw, json)
Hash identifier: T56Cd5DJTcKa33PJ9oxp9L7ELkKG0hUW9+feTeklipM=
Subject key identifier: 0F:6D:11:69:D7:38:EC:8A:AD:08:78:80:54:A0:0C:1A:04:F7:5A:A9
Certificate issuer: /CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897
Certificate serial: 1598
Authority key identifier: E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/62AE77F649CF11EDB720FD60C4F9AE02.roa
Signing time: Fri 12 Jul 2024 17:25:16 +0000
ROA not before: Fri 12 Jul 2024 17:25:16 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 17819
IP address blocks: 27.111.160.0/19 maxlen: 19
27.111.169.0/24 maxlen: 24
27.111.170.0/24 maxlen: 24
27.111.171.0/24 maxlen: 24
27.111.183.0/24 maxlen: 24
27.111.192.0/20 maxlen: 20
27.111.195.0/24 maxlen: 24
45.126.14.0/23 maxlen: 23
103.14.116.0/22 maxlen: 22
113.59.240.0/20 maxlen: 20
113.59.240.0/24 maxlen: 24
113.59.241.0/24 maxlen: 24
113.59.243.0/24 maxlen: 24
113.59.248.0/21 maxlen: 21
113.59.250.0/24 maxlen: 24
2404:6900::/33 maxlen: 33
2404:6900:7000::/40 maxlen: 40
2404:6900:7001::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 Aug 2024 07:20:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5528 (0x1598)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897
Validity
Not Before: Jul 12 17:25:16 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=669166fb-33d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8c:9a:25:e0:52:93:62:13:7a:50:b5:4b:97:
bd:8c:84:86:9a:64:73:6d:15:51:71:4f:db:c2:9c:
85:2f:32:ec:1f:1f:e6:eb:8f:78:86:cb:f4:45:f7:
1c:9c:38:d3:9d:b0:19:62:81:36:40:90:4b:91:c2:
d4:cf:5c:36:3a:38:88:a7:8e:71:e4:6e:88:87:a7:
7b:e5:2e:e3:c8:2c:49:58:8f:5c:b5:fd:22:64:1a:
d0:62:48:2a:12:1f:b9:c8:7c:85:28:23:11:6e:9f:
84:37:5f:91:81:90:bf:e6:85:2f:e6:df:e1:74:44:
7c:dc:2b:53:ac:7e:6c:3f:42:25:42:46:da:d5:a8:
16:1d:78:22:f8:e4:47:6c:e3:30:49:43:70:a9:c9:
6a:e3:3a:67:39:9c:0c:e1:0b:ed:e3:20:89:fc:8c:
7a:9b:e4:c5:a3:2f:46:84:3e:83:96:0c:5f:a1:5e:
dc:0b:55:b4:fe:08:3b:58:6c:7c:24:59:78:2c:96:
8a:a6:0f:af:94:62:ca:dc:69:73:9a:68:f5:ac:81:
2b:90:70:78:c5:87:67:e0:68:b7:22:24:07:b9:f8:
31:b7:a6:3e:a1:c1:fa:4b:e9:25:8b:14:11:b8:12:
c4:8b:02:47:7f:a4:f5:aa:1d:a5:14:06:3b:ad:39:
78:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:6D:11:69:D7:38:EC:8A:AD:08:78:80:54:A0:0C:1A:04:F7:5A:A9
X509v3 Authority Key Identifier:
keyid:E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/62AE77F649CF11EDB720FD60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.160.0-27.111.207.255
45.126.14.0/23
103.14.116.0/22
113.59.240.0/20
IPv6:
2404:6900::/33
Signature Algorithm: sha256WithRSAEncryption
2b:f5:ed:98:0f:b9:81:27:8d:4e:7d:6e:7d:8c:b5:dd:65:0b:
9b:77:31:87:f9:00:50:e9:72:b4:c7:3d:aa:34:66:2d:35:b1:
a3:49:fc:2a:6d:36:bf:e8:0f:4b:62:50:4a:d4:d8:c4:d7:63:
e8:45:c4:0e:36:39:0c:79:ce:63:24:39:ea:4f:85:20:ee:53:
cc:a4:3d:a1:05:da:d3:3d:73:05:86:cb:1b:fd:7e:28:6b:0d:
5f:5f:e1:10:7a:8f:c8:dc:d2:13:d8:03:71:f8:9b:83:a3:03:
6b:37:83:28:c7:c8:34:92:1c:0a:72:d4:70:6c:aa:b7:1c:57:
84:47:1b:3c:92:b6:45:45:b9:ae:cf:9d:29:00:3c:5b:fb:5f:
97:04:3b:b0:e8:0a:d4:ff:80:41:fe:1d:40:f7:65:fc:e3:33:
04:82:3b:c0:af:da:79:d0:e2:ff:73:d5:85:4f:5f:df:bd:f8:
47:44:8d:4d:9c:a7:db:29:9d:b6:c6:92:8c:2a:cc:82:d2:d1:
53:d8:7e:f9:8d:88:4e:c1:7e:ac:e8:c3:49:f3:2c:8c:ad:bd:
ec:1e:11:eb:7c:fd:c6:f4:bb:b5:6f:a6:ef:a9:fb:bf:8b:b5:
a7:d4:36:02:16:b6:85:07:04:8f:01:17:b5:3f:6a:ff:fd:e9:
8c:fb:ba:60
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICFZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzJEOTExMTAvBgNVBAUTKEUyRURFNEE3RUE5NzI2NjhBNzk1QjI3QkE5REM4N0Y0
QjkwREE4OTcwHhcNMjQwNzEyMTcyNTE2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkxNjZmYi0zM2Q3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA34yaJeBSk2ITelC1S5e9jISGmmRzbRVRcU/bwpyFLzLsHx/m6494hsv0Rfcc
nDjTnbAZYoE2QJBLkcLUz1w2OjiIp45x5G6Ih6d75S7jyCxJWI9ctf0iZBrQYkgq
Eh+5yHyFKCMRbp+EN1+RgZC/5oUv5t/hdER83CtTrH5sP0IlQkba1agWHXgi+ORH
bOMwSUNwqclq4zpnOZwM4Qvt4yCJ/Ix6m+TFoy9GhD6DlgxfoV7cC1W0/gg7WGx8
JFl4LJaKpg+vlGLK3Glzmmj1rIErkHB4xYdn4Gi3IiQHufgxt6Y+ocH6S+klixQR
uBLEiwJHf6T1qh2lFAY7rTl49QIDAQABo4ICvzCCArswHQYDVR0OBBYEFA9tEWnX
OOyKrQh4gFSgDBoE91qpMB8GA1UdIwQYMBaAFOLt5KfqlyZop5Wye6nch/S5DaiX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkQ5MS9FQTY3MkE1QzE5
RTcxMUU4QjI0M0Q1N0NDNEY5QUUwMi80dTNrcC1xWEptaW5sYko3cWR5SDlMa05x
SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzR1M2twLXFYSm1pbmxiSjdxZHlIOUxrTnFKYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJEOTEvRUE2NzJBNUMxOUU3MTFFOEIyNDNENTdDQzRGOUFFMDIvNjJBRTc3RjY0
OUNGMTFFREI3MjBGRDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MCYEAgABMCAwDAMEBRtvoAMEBBtvwAMEAS1+DgMEAmcOdAMEBHE78DAOBAIA
AjAIAwYHJARpAAAwDQYJKoZIhvcNAQELBQADggEBACv17ZgPuYEnjU59bn2Mtd1l
C5t3MYf5AFDpcrTHPao0Zi01saNJ/CptNr/oD0tiUErU2MTXY+hFxA42OQx5zmMk
OepPhSDuU8ykPaEF2tM9cwWGyxv9fihrDV9f4RB6j8jc0hPYA3H4m4OjA2s3gyjH
yDSSHApy1HBsqrccV4RHGzyStkVFua7PnSkAPFv7X5cEO7DoCtT/gEH+HUD3Zfzj
MwSCO8Cv2nnQ4v9z1YVPX9+9+EdEjU2cp9spnbbGkowqzILS0VPYfvmNiE7Bfqzo
w0nzLIytveweEet8/cb0u7Vvpu+p+7+LtafUNgIWtoUHBI8BF7U/av/96Yz7umA=
-----END CERTIFICATE-----
Generated at Tue Aug 20 10:01:35 2024 by rpki-client on console-ams.rpki-client.org