Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9336F3EA238111EDB6DA1F37C4F9AE02.roa
File: 9336F3EA238111EDB6DA1F37C4F9AE02.roa (raw, json)
Hash identifier: hccm4gFrWuUdxKmrZjaAZDIxfNdv3dTjYXeSZRn477g=
Subject key identifier: 5F:66:06:2F:9D:76:7D:6B:3D:57:72:AD:33:76:04:EF:1C:C8:36:CB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 79B8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9336F3EA238111EDB6DA1F37C4F9AE02.roa
Signing time: Tue 05 Sep 2023 08:19:13 +0000
ROA not before: Tue 05 Sep 2023 08:19:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9498
IP address blocks: 45.119.176.0/22 maxlen: 24
45.119.180.0/22 maxlen: 24
45.119.184.0/22 maxlen: 24
45.119.188.0/22 maxlen: 24
45.121.44.0/22 maxlen: 24
45.124.224.0/22 maxlen: 24
45.124.228.0/22 maxlen: 24
45.124.232.0/22 maxlen: 24
45.124.236.0/22 maxlen: 24
103.61.132.0/22 maxlen: 24
103.68.220.0/23 maxlen: 24
103.179.146.0/24 maxlen: 24
103.209.96.0/23 maxlen: 24
192.12.109.0/24 maxlen: 24
202.53.87.0/24 maxlen: 24
202.58.102.0/23 maxlen: 24
202.65.141.0/24 maxlen: 24
202.65.142.0/24 maxlen: 24
2405:a700::/32 maxlen: 32
2405:a700:14::/48 maxlen: 48
2405:a700:15::/48 maxlen: 48
2405:a700:1b::/48 maxlen: 48
2405:a700:1c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 11:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31160 (0x79b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 5 08:19:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f6e481-9013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:40:94:d2:d5:e4:15:a1:5b:6e:2c:27:76:0e:
86:01:d8:34:81:f9:56:3e:d0:78:5d:ae:2f:c9:10:
78:de:2e:5f:4a:2c:82:e4:27:c1:fb:41:50:9a:c2:
69:ce:b8:bb:12:dc:34:2a:29:7c:ac:09:13:28:7b:
d2:9d:1b:c8:fc:34:3f:36:83:77:cb:ff:00:ea:7d:
1d:f4:b4:f8:e6:ac:e3:d0:7d:84:a9:dc:e2:69:4f:
f4:2e:c7:01:56:d1:14:44:4e:65:da:2e:09:36:f5:
c0:27:70:fa:d9:17:2c:c8:08:17:ce:26:21:13:42:
37:22:6d:92:c5:db:c7:6a:11:76:87:2f:fe:01:da:
3b:eb:7c:c0:c0:6f:0e:42:4e:78:c3:4a:f7:a7:d4:
f0:85:c0:13:fa:22:cb:57:f7:63:e8:7c:fa:a7:5d:
9d:de:50:02:44:00:af:d4:38:3d:17:a7:bc:02:73:
f1:b7:0e:dd:1e:9e:42:20:d5:4b:8f:73:6c:37:83:
31:f0:be:dd:38:a6:33:7b:69:56:64:78:b2:d9:7f:
1f:3e:05:ee:ce:15:95:95:34:16:3d:89:05:f1:39:
db:af:43:28:8f:dd:5e:01:8b:3d:c4:e6:46:e1:49:
16:a0:14:b5:df:67:8c:d0:69:93:93:d2:fc:07:fd:
8c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:66:06:2F:9D:76:7D:6B:3D:57:72:AD:33:76:04:EF:1C:C8:36:CB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9336F3EA238111EDB6DA1F37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.119.176.0/20
45.121.44.0/22
45.124.224.0/20
103.61.132.0/22
103.68.220.0/23
103.179.146.0/24
103.209.96.0/23
192.12.109.0/24
202.53.87.0/24
202.58.102.0/23
202.65.141.0-202.65.142.255
IPv6:
2405:a700::/32
Signature Algorithm: sha256WithRSAEncryption
6f:5f:05:d2:22:9d:4a:ad:c5:6c:a4:39:ec:8c:10:80:66:a0:
dd:42:56:76:db:36:43:4b:92:ab:96:2d:0a:69:d7:11:d1:c5:
3a:71:ea:63:e9:fe:ea:66:51:f6:56:2e:25:e8:18:30:17:29:
34:65:9e:c3:07:c9:f3:be:7e:e8:e7:92:28:7a:12:81:67:bf:
04:78:84:0e:b9:02:14:ab:03:5e:71:87:7e:d3:c6:8f:45:08:
19:79:1c:07:32:cd:b3:93:e6:fa:05:4a:b9:22:4c:28:34:2d:
2a:d6:bf:7e:a2:7a:69:29:7d:86:60:94:25:89:52:ad:85:dd:
94:c5:85:80:42:b9:3c:d5:a0:87:43:69:c2:2a:6e:d4:1e:27:
2e:98:b4:63:45:a4:49:c2:91:d7:13:3b:ab:44:92:72:aa:50:
a7:f9:95:26:46:7e:4a:db:2b:cb:ac:26:4f:ae:80:e3:3a:f4:
8b:35:5b:ac:0f:c3:1a:ee:98:b8:64:e8:d2:8d:89:69:cb:13:
7a:6e:cf:eb:cc:be:74:0c:53:84:24:29:49:58:b7:d3:b6:9c:
27:5c:99:79:9c:b5:01:2f:0e:ab:51:43:91:68:0c:29:7b:fb:
26:af:83:e8:00:eb:2f:05:b0:e1:00:56:3e:fd:1e:82:ca:b9:
b8:94:30:73
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICebgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwOTA1MDgxOTEzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY2ZTQ4MS05MDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ECU0tXkFaFbbiwndg6GAdg0gflWPtB4Xa4vyRB43i5fSiyC5CfB+0FQmsJp
zri7Etw0Kil8rAkTKHvSnRvI/DQ/NoN3y/8A6n0d9LT45qzj0H2EqdziaU/0LscB
VtEURE5l2i4JNvXAJ3D62RcsyAgXziYhE0I3Im2SxdvHahF2hy/+Ado763zAwG8O
Qk54w0r3p9TwhcAT+iLLV/dj6Hz6p12d3lACRACv1Dg9F6e8AnPxtw7dHp5CINVL
j3NsN4Mx8L7dOKYze2lWZHiy2X8fPgXuzhWVlTQWPYkF8Tnbr0Moj91eAYs9xOZG
4UkWoBS132eM0GmTk9L8B/2MtwIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFF9mBi+d
dn1rPVdyrTN2BO8cyDbLMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOTMzNkYzRUEy
MzgxMTFFREI2REExRjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcgYIKwYBBQUHAQcBAf8E
YzBhMFAEAgABMEoDBAQtd7ADBAIteSwDBAQtfOADBAJnPYQDBAFnRNwDBABns5ID
BAFn0WADBADADG0DBADKNVcDBAHKOmYwDAMEAMpBjQMEAMpBjjANBAIAAjAHAwUA
JAWnADANBgkqhkiG9w0BAQsFAAOCAQEAb18F0iKdSq3FbKQ57IwQgGag3UJWdts2
Q0uSq5YtCmnXEdHFOnHqY+n+6mZR9lYuJegYMBcpNGWewwfJ875+6OeSKHoSgWe/
BHiEDrkCFKsDXnGHftPGj0UIGXkcBzLNs5Pm+gVKuSJMKDQtKta/fqJ6aSl9hmCU
JYlSrYXdlMWFgEK5PNWgh0Npwipu1B4nLpi0Y0WkScKR1xM7q0SScqpQp/mVJkZ+
Stsry6wmT66A4zr0izVbrA/DGu6YuGTo0o2JacsTem7P68y+dAxThCQpSVi307ac
J1yZeZy1AS8Oq1FDkWgMKXv7Jq+D6ADrLwWw4QBWPv0egsq5uJQwcw==
-----END CERTIFICATE-----
Generated at Thu Jan 18 16:02:58 2024 by rpki-client on console-fra.rpki-client.org