Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/E749847A5EC611EFACA48863C4F9AE02.roa
File: E749847A5EC611EFACA48863C4F9AE02.roa (raw, json)
Hash identifier: 9R6PE8Vrnvyk00YH1pC/SxHY9zXbkYGGhFq3tmykefg=
Subject key identifier: 05:E1:71:3C:E0:7F:75:71:02:6B:10:37:FF:5B:54:7D:59:3B:9F:6D
Certificate issuer: /CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897
Certificate serial: 15C6
Authority key identifier: E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/E749847A5EC611EFACA48863C4F9AE02.roa
Signing time: Tue 20 Aug 2024 07:36:25 +0000
ROA not before: Tue 20 Aug 2024 07:36:25 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 17819
IP address blocks: 27.111.183.0/24 maxlen: 24
45.126.14.0/23 maxlen: 23
103.14.116.0/22 maxlen: 22
113.59.240.0/20 maxlen: 20
113.59.240.0/24 maxlen: 24
113.59.241.0/24 maxlen: 24
113.59.243.0/24 maxlen: 24
113.59.248.0/21 maxlen: 21
113.59.250.0/24 maxlen: 24
2404:6900::/33 maxlen: 33
2404:6900:7000::/40 maxlen: 40
2404:6900:7001::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 Aug 2024 06:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5574 (0x15c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897
Validity
Not Before: Aug 20 07:36:25 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c44779-3081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2a:c8:ca:f1:00:a7:d3:7f:a3:ea:68:72:f7:
3a:8f:6e:2e:93:f2:a4:a0:a4:f7:b9:50:2f:f4:3a:
24:92:38:e5:63:83:3d:16:66:66:c5:8d:22:96:4d:
6d:ac:88:27:47:0e:30:06:9c:97:5e:87:ed:82:32:
9e:a6:19:71:d3:9c:05:15:76:d5:df:af:46:d1:4c:
53:91:21:e3:c2:68:c0:1c:a0:b7:0e:e3:ee:0d:f6:
1c:01:90:87:09:ab:ac:9f:84:81:e5:b3:5f:03:9f:
34:8f:88:d7:22:3e:26:74:18:e2:fa:10:7b:21:d9:
f0:05:dc:e6:1d:d2:24:39:c8:5e:05:04:79:84:b2:
0d:e4:06:6e:b2:4d:4b:10:92:37:9a:46:7c:ed:e1:
9f:1e:77:f4:bb:74:d6:b3:85:38:7a:f6:cf:b9:83:
43:e3:02:08:e4:4c:df:00:e1:b8:80:cb:4a:b2:4f:
27:73:60:cb:8e:55:c7:7d:b9:3a:1e:ee:a2:3b:a3:
a0:d6:42:b8:9c:b3:5e:7c:8c:8e:91:3a:63:1b:d2:
cf:c5:21:d7:54:d1:5a:69:fd:43:7e:68:98:3d:28:
58:e8:23:1e:06:61:3a:13:65:41:2e:cc:a0:ed:ad:
61:f1:6b:2e:16:98:e4:ec:c0:4a:ea:93:de:11:83:
10:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E1:71:3C:E0:7F:75:71:02:6B:10:37:FF:5B:54:7D:59:3B:9F:6D
X509v3 Authority Key Identifier:
keyid:E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/E749847A5EC611EFACA48863C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.183.0/24
45.126.14.0/23
103.14.116.0/22
113.59.240.0/20
IPv6:
2404:6900::/33
Signature Algorithm: sha256WithRSAEncryption
bc:d2:e9:69:70:a8:3f:82:7a:de:f5:13:97:f7:3a:da:8b:86:
4e:f0:59:28:c3:1a:8c:41:10:64:02:b9:51:3e:8e:8a:6c:83:
c7:25:62:57:2b:40:a8:87:2a:a2:1b:69:b3:72:f6:2c:8b:92:
5a:31:9e:e8:10:4d:bc:8c:92:47:0e:de:8f:14:8a:27:8b:34:
e5:99:34:fd:62:83:a2:4e:2f:9b:11:ee:60:82:7d:de:95:24:
a8:62:48:c7:12:57:5f:f0:66:ee:46:0f:9c:4b:37:37:72:0a:
32:8e:e6:71:7b:58:ee:29:ea:e8:9e:46:c3:d0:15:f8:b4:0d:
6a:1e:ec:0d:3c:01:a2:3a:b1:06:67:33:49:e8:aa:0c:30:9d:
e5:b1:83:f8:fc:cd:d8:b2:e4:4a:5b:90:b6:71:f1:c2:67:07:
d8:00:02:c1:37:6d:89:7c:82:46:b9:3f:79:bc:2d:4d:03:e0:
ab:e2:91:ec:78:16:4f:a8:59:d4:8d:2a:46:63:bf:cb:64:a8:
63:f5:c9:b1:00:5a:15:ee:ab:7c:5e:3d:4f:3d:61:80:f9:df:
b5:f3:db:d7:52:6b:2f:8b:62:f0:b1:2c:d2:51:34:3f:7d:bd:
20:2f:c8:18:b3:3b:22:9f:a1:a5:8c:5d:41:fc:77:08:cb:a0:
54:3d:20:65
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICFcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzJEOTExMTAvBgNVBAUTKEUyRURFNEE3RUE5NzI2NjhBNzk1QjI3QkE5REM4N0Y0
QjkwREE4OTcwHhcNMjQwODIwMDczNjI1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0NDc3OS0zMDgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtirIyvEAp9N/o+pocvc6j24uk/KkoKT3uVAv9DokkjjlY4M9FmZmxY0ilk1t
rIgnRw4wBpyXXoftgjKephlx05wFFXbV369G0UxTkSHjwmjAHKC3DuPuDfYcAZCH
Causn4SB5bNfA580j4jXIj4mdBji+hB7IdnwBdzmHdIkOcheBQR5hLIN5AZusk1L
EJI3mkZ87eGfHnf0u3TWs4U4evbPuYND4wII5EzfAOG4gMtKsk8nc2DLjlXHfbk6
Hu6iO6Og1kK4nLNefIyOkTpjG9LPxSHXVNFaaf1DfmiYPShY6CMeBmE6E2VBLsyg
7a1h8WsuFpjk7MBK6pPeEYMQNQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFAXhcTzg
f3VxAmsQN/9bVH1ZO59tMB8GA1UdIwQYMBaAFOLt5KfqlyZop5Wye6nch/S5DaiX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkQ5MS9FQTY3MkE1QzE5
RTcxMUU4QjI0M0Q1N0NDNEY5QUUwMi80dTNrcC1xWEptaW5sYko3cWR5SDlMa05x
SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzR1M2twLXFYSm1pbmxiSjdxZHlIOUxrTnFKYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJEOTEvRUE2NzJBNUMxOUU3MTFFOEIyNDNENTdDQzRGOUFFMDIvRTc0OTg0N0E1
RUM2MTFFRkFDQTQ4ODYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMB4EAgABMBgDBAAbb7cDBAEtfg4DBAJnDnQDBARxO/AwDgQCAAIwCAMGByQE
aQAAMA0GCSqGSIb3DQEBCwUAA4IBAQC80ulpcKg/gnre9ROX9zrai4ZO8FkowxqM
QRBkArlRPo6KbIPHJWJXK0CohyqiG2mzcvYsi5JaMZ7oEE28jJJHDt6PFIonizTl
mTT9YoOiTi+bEe5ggn3elSSoYkjHEldf8GbuRg+cSzc3cgoyjuZxe1juKeronkbD
0BX4tA1qHuwNPAGiOrEGZzNJ6KoMMJ3lsYP4/M3YsuRKW5C2cfHCZwfYAALBN22J
fIJGuT95vC1NA+Cr4pHseBZPqFnUjSpGY7/LZKhj9cmxAFoV7qt8Xj1PPWGA+d+1
89vXUmsvi2LwsSzSUTQ/fb0gL8gYszsin6GljF1B/HcIy6BUPSBl
-----END CERTIFICATE-----
Generated at Wed Aug 21 09:58:20 2024 by rpki-client on console-fra.rpki-client.org