Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/766A344489DC11EEA5F50782C4F9AE02.roa
File: 766A344489DC11EEA5F50782C4F9AE02.roa (raw, json)
Hash identifier: DUuwUqYeILZ73pJQMBSC0KnhbNyXlIT+Yvvy67gU+F8=
Subject key identifier: 7A:C4:56:01:21:2B:B1:CC:7B:F2:D5:23:E5:7D:4F:7F:2D:D9:43:09
Certificate issuer: /CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004
Certificate serial: FD
Authority key identifier: 54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/766A344489DC11EEA5F50782C4F9AE02.roa
Signing time: Wed 17 Jul 2024 10:26:37 +0000
ROA not before: Wed 17 Jul 2024 10:26:37 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 150436
IP address blocks: 101.47.0.0/18 maxlen: 24
101.47.64.0/20 maxlen: 24
101.47.80.0/20 maxlen: 24
101.47.128.0/18 maxlen: 21
2401:4c20::/40 maxlen: 44
Validation: Failed, certificate revoked on Wed 24 Jul 2024 07:11:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253 (0xfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004
Validity
Not Before: Jul 17 10:26:37 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66979c5c-0557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ef:b7:37:8f:fa:78:d1:d8:f6:7a:bf:cb:f5:
5a:2b:c6:54:53:9c:31:5c:15:22:d1:9d:2b:e8:30:
5c:64:9f:23:1c:4c:1f:d4:bd:91:34:40:28:39:ee:
a2:0b:be:d9:75:c8:db:b2:fc:42:fc:77:71:8b:5e:
e7:70:f1:01:51:65:7d:fa:3d:33:db:a1:3f:ea:99:
4d:a7:23:35:a8:de:20:95:b1:49:d1:58:93:6e:30:
ab:e4:d8:36:04:cc:ea:aa:22:1f:93:75:f1:24:c3:
69:3d:34:81:55:b8:af:9d:39:94:51:ab:62:4b:3f:
5d:e0:d5:5d:d9:ca:db:8b:df:8a:8d:7c:c8:c8:42:
46:84:5a:a7:33:1e:0e:05:d9:e8:89:8c:65:0b:1e:
0b:00:43:47:5b:b3:cf:2b:be:16:8a:e9:34:a9:f9:
c2:8e:66:52:86:fa:32:b4:20:dc:7a:6b:c5:19:4f:
36:ea:1c:14:ac:a5:0d:72:0c:43:10:69:ab:a4:44:
da:19:58:fd:87:0b:49:c9:27:4f:41:6e:95:5b:b2:
67:96:2b:20:55:2e:fb:e7:5a:fb:43:5d:80:ba:42:
c4:62:15:d3:72:45:e0:14:e2:a1:bb:bd:23:cd:20:
df:47:d9:a0:e4:92:f3:d8:0c:8e:b8:cc:e5:21:ff:
cb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C4:56:01:21:2B:B1:CC:7B:F2:D5:23:E5:7D:4F:7F:2D:D9:43:09
X509v3 Authority Key Identifier:
keyid:54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/766A344489DC11EEA5F50782C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.47.0.0-101.47.95.255
101.47.128.0/18
IPv6:
2401:4c20::/40
Signature Algorithm: sha256WithRSAEncryption
a4:9b:2c:eb:28:c6:b9:4d:a6:6c:9e:12:dc:f5:ed:f2:35:6e:
0b:8a:00:98:cd:23:b4:a0:a7:43:19:5b:4d:70:af:a0:8d:7c:
b5:95:c5:85:07:22:36:d8:67:0f:d0:7d:29:63:ce:4a:9a:76:
59:b9:f7:8e:3b:3e:23:32:88:3a:1c:08:1a:a9:65:6f:1f:52:
07:3a:4f:36:7a:63:f3:a4:ca:4a:b9:f6:68:d6:03:64:15:77:
99:4f:98:f7:bf:55:44:8d:c2:26:e8:ae:ee:ff:f3:16:07:06:
85:56:c4:54:4b:97:1b:ee:7f:5a:d6:1b:d6:52:38:fd:17:43:
e9:ca:09:6e:e7:10:d3:a5:92:c2:90:1a:36:e3:fb:d1:ab:d3:
12:29:71:f2:8f:b4:ef:10:e8:fd:d3:18:3e:af:3c:4f:ee:46:
85:56:b4:50:a7:b9:d1:4b:e0:7e:4e:59:3e:55:97:8b:69:2b:
ff:ed:de:19:2e:70:1e:a8:30:64:97:3f:35:5b:81:0f:ad:6f:
cd:d1:16:1b:26:2d:30:51:d7:b4:f6:7e:dc:c2:d0:ad:a1:26:
3e:bb:fe:e1:6a:f5:0b:05:c1:08:24:d9:6e:78:b6:5b:a0:06:
83:c1:53:6c:53:8b:4a:be:19:5d:20:c5:d1:7d:ce:84:00:8b:
0b:ec:93:6c
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICAP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0I1MjAxMTAvBgNVBAUTKDU0MkI5NEQ4NjI1Q0Y3MTE5NjRGRDEzNzQxMjk1RDI3
QUQ3QTkwMDQwHhcNMjQwNzE3MTAyNjM3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk3OWM1Yy0wNTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtu+3N4/6eNHY9nq/y/VaK8ZUU5wxXBUi0Z0r6DBcZJ8jHEwf1L2RNEAoOe6i
C77ZdcjbsvxC/Hdxi17ncPEBUWV9+j0z26E/6plNpyM1qN4glbFJ0ViTbjCr5Ng2
BMzqqiIfk3XxJMNpPTSBVbivnTmUUatiSz9d4NVd2crbi9+KjXzIyEJGhFqnMx4O
BdnoiYxlCx4LAENHW7PPK74Wiuk0qfnCjmZShvoytCDcemvFGU826hwUrKUNcgxD
EGmrpETaGVj9hwtJySdPQW6VW7JnlisgVS7751r7Q12AukLEYhXTckXgFOKhu70j
zSDfR9mg5JLz2AyOuMzlIf/LnwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFHrEVgEh
K7HMe/LVI+V9T38t2UMJMB8GA1UdIwQYMBaAFFQrlNhiXPcRlk/RN0EpXSetepAE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjUyMC8xNjFENEMwQUU0
Q0ExMUVEQTQxNEUyNTlDNEY5QUUwMi9WQ3VVMkdKYzl4R1dUOUUzUVNsZEo2MTZr
QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZDdVUyR0pjOXhHV1Q5RTNRU2xkSjYxNmtBUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0I1MjAvMTYxRDRDMEFFNENBMTFFREE0MTRFMjU5QzRGOUFFMDIvNzY2QTM0NDQ4
OURDMTFFRUE1RjUwNzgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBkEAgABMBMwCwMDAGUvAwQFZS9AAwQGZS+AMA4EAgACMAgDBgAkAUwgADAN
BgkqhkiG9w0BAQsFAAOCAQEApJss6yjGuU2mbJ4S3PXt8jVuC4oAmM0jtKCnQxlb
TXCvoI18tZXFhQciNthnD9B9KWPOSpp2Wbn3jjs+IzKIOhwIGqllbx9SBzpPNnpj
86TKSrn2aNYDZBV3mU+Y979VRI3CJuiu7v/zFgcGhVbEVEuXG+5/WtYb1lI4/RdD
6coJbucQ06WSwpAaNuP70avTEilx8o+07xDo/dMYPq88T+5GhVa0UKe50Uvgfk5Z
PlWXi2kr/+3eGS5wHqgwZJc/NVuBD61vzdEWGyYtMFHXtPZ+3MLQraEmPrv+4Wr1
CwXBCCTZbni2W6AGg8FTbFOLSr4ZXSDF0X3OhACLC+yTbA==
-----END CERTIFICATE-----
Generated at Wed Jul 24 09:38:43 2024 by rpki-client on console-fra.rpki-client.org