Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/F3BEEAACCED911ED9BC69385C4F9AE02.roa
File: F3BEEAACCED911ED9BC69385C4F9AE02.roa (raw, json)
Hash identifier: /EP/tFkrq4wJPdY/WfyyhdWVw0R9f5+4IbWj9x47CkE=
Subject key identifier: 44:47:C3:66:FE:F2:E3:74:16:B2:76:99:33:D1:E0:4B:E5:76:58:5F
Certificate issuer: /CN=A917E678/serialNumber=FF3341972DD8A1F6871EDE869A3A1DD92528AEB6
Certificate serial: 0AF5
Authority key identifier: FF:33:41:97:2D:D8:A1:F6:87:1E:DE:86:9A:3A:1D:D9:25:28:AE:B6
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/F3BEEAACCED911ED9BC69385C4F9AE02.roa
Signing time: Mon 20 Nov 2023 08:23:34 +0000
ROA not before: Mon 20 Nov 2023 08:23:33 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 136907
IP address blocks: 46.250.160.0/19 maxlen: 19
46.250.160.0/20 maxlen: 20
46.250.176.0/20 maxlen: 20
83.101.0.0/17 maxlen: 17
83.101.0.0/21 maxlen: 21
83.101.8.0/21 maxlen: 21
83.101.16.0/21 maxlen: 21
83.101.24.0/21 maxlen: 21
83.101.32.0/21 maxlen: 21
83.101.40.0/21 maxlen: 21
83.101.48.0/21 maxlen: 21
83.101.56.0/21 maxlen: 21
83.101.64.0/21 maxlen: 21
83.101.72.0/21 maxlen: 21
83.101.80.0/21 maxlen: 21
83.101.88.0/21 maxlen: 21
83.101.96.0/21 maxlen: 21
83.101.104.0/21 maxlen: 21
83.101.112.0/21 maxlen: 21
83.101.120.0/21 maxlen: 21
94.45.160.0/19 maxlen: 19
94.45.160.0/24 maxlen: 24
94.45.161.0/24 maxlen: 24
94.45.163.0/24 maxlen: 24
94.45.191.0/24 maxlen: 24
94.74.64.0/20 maxlen: 20
176.52.128.0/19 maxlen: 19
176.52.128.0/20 maxlen: 20
176.52.144.0/20 maxlen: 20
212.34.192.0/19 maxlen: 19
212.34.192.0/20 maxlen: 20
212.34.208.0/20 maxlen: 20
213.250.128.0/19 maxlen: 19
213.250.128.0/20 maxlen: 20
213.250.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 20 Nov 2023 09:13:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2805 (0xaf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E678/serialNumber=FF3341972DD8A1F6871EDE869A3A1DD92528AEB6
Validity
Not Before: Nov 20 08:23:33 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=655b1785-40ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:58:f2:a3:2c:d4:99:1e:b8:8d:24:92:d2:90:
4d:84:ff:6c:2c:11:59:f4:69:4d:5b:9c:68:5e:77:
09:6b:59:3f:fe:92:33:a9:f5:7c:bb:f6:9e:4b:98:
42:99:09:77:1a:df:f8:35:e4:29:f4:81:eb:83:75:
75:11:c1:be:b5:e8:db:d1:2c:24:ec:25:42:d7:3e:
ad:0d:cd:83:f0:65:c2:3d:28:30:a9:e3:f6:85:c9:
b7:1d:cf:15:11:fc:a8:ea:6d:d5:8b:49:91:63:52:
07:45:b6:7c:29:f6:f8:0f:c1:0f:c9:cc:05:ce:c8:
53:98:b4:8a:1b:eb:5e:57:6c:79:ed:f2:14:9c:b7:
69:ea:ed:76:7c:da:0e:1f:8b:b1:f2:ee:bf:24:ee:
82:76:e9:ac:2b:dd:33:0d:6e:e4:3f:5e:8b:91:3e:
48:c1:49:df:0e:73:d0:98:f8:c7:b7:66:c3:6b:3c:
38:61:77:d6:80:8b:93:f7:71:5f:19:92:3e:bf:cc:
55:e4:0a:8f:60:ff:bc:55:0f:a9:2f:f6:86:1f:5a:
b8:c2:94:4d:c1:cd:b4:e7:c8:96:85:25:70:b8:71:
bf:90:f5:c6:9f:6a:4d:85:19:e0:47:c7:a5:7a:4a:
d0:ef:c8:03:06:b5:ab:1e:bb:41:7a:ee:d9:ed:3f:
3b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:47:C3:66:FE:F2:E3:74:16:B2:76:99:33:D1:E0:4B:E5:76:58:5F
X509v3 Authority Key Identifier:
keyid:FF:33:41:97:2D:D8:A1:F6:87:1E:DE:86:9A:3A:1D:D9:25:28:AE:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/F3BEEAACCED911ED9BC69385C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
46.250.160.0/19
83.101.0.0/17
94.45.160.0/19
94.74.64.0/20
176.52.128.0/19
212.34.192.0/19
213.250.128.0/19
Signature Algorithm: sha256WithRSAEncryption
14:54:be:cd:22:bb:31:e6:3f:af:f3:0b:48:07:1c:fd:be:4c:
05:96:a8:f4:ef:56:39:19:00:ad:32:be:b6:73:d0:62:95:e5:
f7:c9:c2:e1:d5:d8:f8:c2:9e:67:78:bb:6f:fc:ad:26:2a:de:
9a:81:19:d6:4d:28:32:69:37:04:13:4e:68:0f:8c:64:51:21:
b0:50:1e:9d:ea:45:6c:db:80:a9:1a:91:8f:6e:78:f9:ad:c1:
d8:b2:73:fc:df:36:5a:a3:37:03:09:c9:d7:83:39:fa:d6:aa:
57:8e:73:3d:ed:69:2d:43:7d:5a:94:30:01:32:ac:e2:c9:a0:
0e:05:94:bc:4a:c1:8d:ad:72:5f:07:0d:d8:0a:46:ec:47:38:
5f:1f:fc:72:01:74:ba:e1:87:6a:f1:6b:41:73:d2:2e:06:6a:
4d:b8:49:9a:30:7b:ec:c3:23:32:d6:53:a0:bb:16:58:f9:af:
89:e7:e5:d6:c1:71:e1:c6:88:ac:91:50:2a:02:90:7b:b9:2d:
f0:54:b1:b2:0c:39:ce:4a:2b:ea:21:c3:f5:a5:b6:f6:41:90:
54:b4:4c:55:5b:bb:13:23:e5:73:cd:42:3c:2d:7f:7b:2f:ef:
77:cf:98:59:e1:f5:55:2b:ba:a1:61:55:73:e3:88:2f:ec:e3:
20:1d:49:8a
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICCvUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKEZGMzM0MTk3MkREOEExRjY4NzFFREU4NjlBM0ExREQ5
MjUyOEFFQjYwHhcNMjMxMTIwMDgyMzMzWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTViMTc4NS00MGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0VjyoyzUmR64jSSS0pBNhP9sLBFZ9GlNW5xoXncJa1k//pIzqfV8u/aeS5hC
mQl3Gt/4NeQp9IHrg3V1EcG+tejb0Swk7CVC1z6tDc2D8GXCPSgwqeP2hcm3Hc8V
Efyo6m3Vi0mRY1IHRbZ8Kfb4D8EPycwFzshTmLSKG+teV2x57fIUnLdp6u12fNoO
H4ux8u6/JO6CdumsK90zDW7kP16LkT5IwUnfDnPQmPjHt2bDazw4YXfWgIuT93Ff
GZI+v8xV5AqPYP+8VQ+pL/aGH1q4wpRNwc2058iWhSVwuHG/kPXGn2pNhRngR8el
ekrQ78gDBrWrHrtBeu7Z7T87oQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFERHw2b+
8uN0FrJ2mTPR4EvldlhfMB8GA1UdIwQYMBaAFP8zQZct2KH2hx7ehpo6HdklKK62
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC9CRUIzMzNGQTIy
NTExMUVBQjJDQjg0NjlDNEY5QUUwMi9fek5CbHkzWW9mYUhIdDZHbWpvZDJTVW9y
clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL196TkJseTNZb2ZhSEh0Nkdtam9kMlNVb3JyWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U2NzgvQkVCMzMzRkEyMjUxMTFFQUIyQ0I4NDY5QzRGOUFFMDIvRjNCRUVBQUND
RUQ5MTFFRDlCQzY5Mzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAUu+qADBAdTZQADBAVeLaADBAReSkADBAWwNIADBAXUIsAD
BAXV+oAwDQYJKoZIhvcNAQELBQADggEBABRUvs0iuzHmP6/zC0gHHP2+TAWWqPTv
VjkZAK0yvrZz0GKV5ffJwuHV2PjCnmd4u2/8rSYq3pqBGdZNKDJpNwQTTmgPjGRR
IbBQHp3qRWzbgKkakY9uePmtwdiyc/zfNlqjNwMJydeDOfrWqleOcz3taS1DfVqU
MAEyrOLJoA4FlLxKwY2tcl8HDdgKRuxHOF8f/HIBdLrhh2rxa0Fz0i4Gak24SZow
e+zDIzLWU6C7Flj5r4nn5dbBceHGiKyRUCoCkHu5LfBUsbIMOc5KK+ohw/WltvZB
kFS0TFVbuxMj5XPNQjwtf3sv73fPmFnh9VUruqFhVXPjiC/s4yAdSYo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-ams.rpki-client.org