Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/01571CFC878511EE8A9D2C3FC4F9AE02.roa
File: 01571CFC878511EE8A9D2C3FC4F9AE02.roa (raw, json)
Hash identifier: rtRKYBcOQEuQr56+rVuo1aRGpIy1DdaOE0oCflIuCg4=
Subject key identifier: F6:5B:47:A7:F1:41:58:5B:84:47:71:55:80:5D:60:F7:D7:EA:DF:73
Certificate issuer: /CN=A917E678/serialNumber=FF3341972DD8A1F6871EDE869A3A1DD92528AEB6
Certificate serial: 0BD8
Authority key identifier: FF:33:41:97:2D:D8:A1:F6:87:1E:DE:86:9A:3A:1D:D9:25:28:AE:B6
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/01571CFC878511EE8A9D2C3FC4F9AE02.roa
Signing time: Mon 09 Sep 2024 02:20:25 +0000
ROA not before: Mon 09 Sep 2024 02:20:25 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 136907
IP address blocks: 46.250.160.0/19 maxlen: 19
46.250.160.0/20 maxlen: 20
46.250.176.0/20 maxlen: 20
62.245.0.0/19 maxlen: 19
62.245.0.0/20 maxlen: 20
62.245.16.0/20 maxlen: 20
80.238.128.0/17 maxlen: 17
80.238.128.0/22 maxlen: 22
80.238.128.0/24 maxlen: 24
80.238.129.0/24 maxlen: 24
80.238.132.0/22 maxlen: 22
80.238.136.0/22 maxlen: 22
80.238.140.0/22 maxlen: 22
80.238.144.0/22 maxlen: 22
80.238.148.0/22 maxlen: 22
80.238.152.0/22 maxlen: 22
80.238.156.0/22 maxlen: 22
80.238.160.0/22 maxlen: 22
80.238.164.0/22 maxlen: 22
80.238.168.0/22 maxlen: 22
80.238.172.0/22 maxlen: 22
80.238.176.0/22 maxlen: 22
80.238.180.0/24 maxlen: 24
80.238.181.0/24 maxlen: 24
80.238.182.0/24 maxlen: 24
80.238.183.0/24 maxlen: 24
80.238.184.0/24 maxlen: 24
80.238.185.0/24 maxlen: 24
80.238.186.0/24 maxlen: 24
80.238.187.0/24 maxlen: 24
80.238.188.0/24 maxlen: 24
80.238.189.0/24 maxlen: 24
80.238.190.0/24 maxlen: 24
80.238.191.0/24 maxlen: 24
80.238.192.0/20 maxlen: 20
80.238.208.0/20 maxlen: 20
80.238.224.0/20 maxlen: 20
80.238.240.0/20 maxlen: 20
83.101.0.0/17 maxlen: 17
83.101.0.0/21 maxlen: 21
83.101.8.0/21 maxlen: 21
83.101.8.0/24 maxlen: 24
83.101.9.0/24 maxlen: 24
83.101.16.0/21 maxlen: 21
83.101.24.0/21 maxlen: 21
83.101.32.0/21 maxlen: 21
83.101.40.0/21 maxlen: 21
83.101.48.0/21 maxlen: 21
83.101.56.0/21 maxlen: 21
83.101.64.0/21 maxlen: 21
83.101.72.0/21 maxlen: 21
83.101.80.0/21 maxlen: 21
83.101.88.0/21 maxlen: 21
83.101.96.0/21 maxlen: 21
83.101.104.0/21 maxlen: 21
83.101.112.0/21 maxlen: 21
83.101.120.0/21 maxlen: 21
87.119.12.0/24 maxlen: 24
89.150.192.0/18 maxlen: 18
89.150.192.0/20 maxlen: 20
89.150.208.0/20 maxlen: 20
89.150.224.0/20 maxlen: 20
89.150.240.0/20 maxlen: 20
94.45.160.0/19 maxlen: 19
94.45.160.0/24 maxlen: 24
94.45.161.0/24 maxlen: 24
94.45.163.0/24 maxlen: 24
94.45.191.0/24 maxlen: 24
94.74.64.0/20 maxlen: 20
94.74.80.0/20 maxlen: 20
94.74.96.0/20 maxlen: 20
94.74.120.0/21 maxlen: 21
94.244.128.0/18 maxlen: 18
94.244.128.0/20 maxlen: 20
94.244.144.0/20 maxlen: 20
94.244.160.0/20 maxlen: 20
94.244.176.0/20 maxlen: 20
176.52.128.0/19 maxlen: 19
176.52.128.0/20 maxlen: 20
176.52.144.0/20 maxlen: 20
188.119.192.0/18 maxlen: 18
188.119.192.0/20 maxlen: 20
188.119.208.0/20 maxlen: 20
188.119.224.0/20 maxlen: 20
188.119.240.0/20 maxlen: 20
188.239.0.0/18 maxlen: 18
188.239.0.0/20 maxlen: 20
188.239.16.0/20 maxlen: 20
188.239.32.0/20 maxlen: 20
188.239.48.0/20 maxlen: 20
212.34.192.0/19 maxlen: 19
212.34.192.0/20 maxlen: 20
212.34.208.0/20 maxlen: 20
213.250.128.0/19 maxlen: 19
213.250.128.0/20 maxlen: 20
213.250.144.0/20 maxlen: 20
213.250.160.0/19 maxlen: 19
213.250.160.0/20 maxlen: 20
213.250.176.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 31 Oct 2024 10:15:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3032 (0xbd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E678/serialNumber=FF3341972DD8A1F6871EDE869A3A1DD92528AEB6
Validity
Not Before: Sep 9 02:20:25 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66de5b68-34ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:64:4c:c4:ff:fc:ef:ac:3a:71:03:b4:7c:db:
c9:9b:98:a9:fc:25:a9:3e:b3:cc:07:33:f0:b5:fb:
52:87:a0:00:14:36:fa:44:bc:32:5e:ee:75:ec:7c:
ef:59:45:3e:e4:9d:2e:ae:1e:39:f6:82:73:c7:e2:
28:9a:31:80:58:bf:89:ab:1b:53:4c:62:35:b9:5c:
6c:8e:95:55:86:86:62:42:da:6a:d4:e2:82:ff:31:
dd:d2:ef:8c:2e:67:32:1f:7f:c6:7e:4e:f8:e6:e4:
65:f3:e4:ca:aa:2d:29:bd:dd:2a:78:b9:54:f3:7b:
c1:12:be:41:82:e2:cc:f0:01:1a:b1:75:1c:d2:3d:
6e:cd:dc:31:ee:98:5b:5c:8c:ea:16:7d:3a:c2:2e:
5f:4d:91:c8:98:25:fe:35:24:6e:3f:f9:53:86:35:
15:f7:87:bb:77:c9:3a:25:bd:dc:60:0f:c2:49:71:
6f:84:99:9d:53:7a:08:b2:71:f3:b0:ab:51:71:3e:
d5:fd:99:e4:79:b9:0e:d0:ab:09:2a:52:a9:d7:4f:
cf:33:95:42:55:fb:32:8e:bf:1e:58:dd:e2:4a:ad:
a9:24:d0:cf:24:aa:25:22:c0:19:47:2c:7c:20:0f:
33:9d:14:72:ac:92:05:42:79:2a:42:84:9f:06:8e:
8f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5B:47:A7:F1:41:58:5B:84:47:71:55:80:5D:60:F7:D7:EA:DF:73
X509v3 Authority Key Identifier:
keyid:FF:33:41:97:2D:D8:A1:F6:87:1E:DE:86:9A:3A:1D:D9:25:28:AE:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/01571CFC878511EE8A9D2C3FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
46.250.160.0/19
62.245.0.0/19
80.238.128.0/17
83.101.0.0/17
87.119.12.0/24
89.150.192.0/18
94.45.160.0/19
94.74.64.0-94.74.111.255
94.74.120.0/21
94.244.128.0/18
176.52.128.0/19
188.119.192.0/18
188.239.0.0/18
212.34.192.0/19
213.250.128.0/18
Signature Algorithm: sha256WithRSAEncryption
a3:9b:b8:93:a8:b7:a7:41:7c:d7:9d:3d:c7:c9:13:37:e8:ea:
73:e0:a3:66:61:ea:5e:8f:1e:80:dd:2e:2e:fe:fd:64:e8:49:
88:2d:48:26:35:41:ba:cb:49:e5:a3:16:bc:29:e6:e7:de:03:
c3:dd:50:05:f7:5f:b7:10:30:42:95:e4:f8:d4:60:f1:02:1a:
34:c7:d7:4a:9e:5d:2d:76:25:b5:84:23:26:7a:bc:15:f1:e9:
3c:9c:7e:7a:05:91:e8:68:25:31:ef:52:ef:66:fb:9e:7f:7b:
0e:00:cd:fb:a3:f6:ab:9d:5d:e0:de:af:a9:9c:ba:ee:9e:93:
64:43:a4:b2:93:f3:7d:e5:e2:29:36:f7:08:48:32:28:44:0b:
4d:34:95:f2:30:4f:b7:fd:b2:c6:ec:93:05:7b:54:04:68:91:
02:0d:75:52:90:52:76:ab:2f:81:89:ca:de:90:1e:dd:21:47:
90:b3:90:ae:e1:b8:dd:8c:62:38:e1:d1:8a:c8:a5:91:d8:76:
8c:fd:c1:0e:f0:79:58:47:06:e7:32:3d:99:47:cc:15:9b:6f:
c9:71:e5:8a:cb:26:7d:9a:55:2f:26:fd:3e:e9:11:b2:ae:e7:
44:7f:0d:35:03:35:41:43:1b:5a:71:72:97:28:67:d1:15:4d:
aa:8e:43:18
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKEZGMzM0MTk3MkREOEExRjY4NzFFREU4NjlBM0ExREQ5
MjUyOEFFQjYwHhcNMjQwOTA5MDIyMDI1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmRlNWI2OC0zNGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlmRMxP/876w6cQO0fNvJm5ip/CWpPrPMBzPwtftSh6AAFDb6RLwyXu517Hzv
WUU+5J0urh459oJzx+IomjGAWL+JqxtTTGI1uVxsjpVVhoZiQtpq1OKC/zHd0u+M
LmcyH3/Gfk745uRl8+TKqi0pvd0qeLlU83vBEr5BguLM8AEasXUc0j1uzdwx7phb
XIzqFn06wi5fTZHImCX+NSRuP/lThjUV94e7d8k6Jb3cYA/CSXFvhJmdU3oIsnHz
sKtRcT7V/ZnkebkO0KsJKlKp10/PM5VCVfsyjr8eWN3iSq2pJNDPJKolIsAZRyx8
IA8znRRyrJIFQnkqQoSfBo6P5wIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFPZbR6fx
QVhbhEdxVYBdYPfX6t9zMB8GA1UdIwQYMBaAFP8zQZct2KH2hx7ehpo6HdklKK62
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC9CRUIzMzNGQTIy
NTExMUVBQjJDQjg0NjlDNEY5QUUwMi9fek5CbHkzWW9mYUhIdDZHbWpvZDJTVW9y
clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL196TkJseTNZb2ZhSEh0Nkdtam9kMlNVb3JyWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U2NzgvQkVCMzMzRkEyMjUxMTFFQUIyQ0I4NDY5QzRGOUFFMDIvMDE1NzFDRkM4
Nzg1MTFFRThBOUQyQzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E
bDBqMGgEAgABMGIDBAUu+qADBAU+9QADBAdQ7oADBAdTZQADBABXdwwDBAZZlsAD
BAVeLaAwDAMEBl5KQAMEBF5KYAMEA15KeAMEBl70gAMEBbA0gAMEBrx3wAMEBrzv
AAMEBdQiwAMEBtX6gDANBgkqhkiG9w0BAQsFAAOCAQEAo5u4k6i3p0F81509x8kT
N+jqc+CjZmHqXo8egN0uLv79ZOhJiC1IJjVBustJ5aMWvCnm594Dw91QBfdftxAw
QpXk+NRg8QIaNMfXSp5dLXYltYQjJnq8FfHpPJx+egWR6GglMe9S72b7nn97DgDN
+6P2q51d4N6vqZy67p6TZEOkspPzfeXiKTb3CEgyKEQLTTSV8jBPt/2yxuyTBXtU
BGiRAg11UpBSdqsvgYnK3pAe3SFHkLOQruG43YxiOOHRisilkdh2jP3BDvB5WEcG
5zI9mUfMFZtvyXHlissmfZpVLyb9PukRsq7nRH8NNQM1QUMbWnFylyhn0RVNqo5D
GA==
-----END CERTIFICATE-----
Generated at Thu Oct 31 13:43:43 2024 by rpki-client on console-ams.rpki-client.org