Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192210/5CA373D8127811EBA8592412C4F9AE02/955B70D2A8C111EC82C6CD3AC4F9AE02.roa
File: 955B70D2A8C111EC82C6CD3AC4F9AE02.roa (raw, json)
Hash identifier: ap3Pvt4aJZVl7LnjMRE1cL+GLkOyDpF5Y4cGa++CDQ8=
Subject key identifier: B1:6C:F5:94:27:B3:3F:AC:27:2F:79:99:32:FF:F1:3B:83:12:FF:BB
Certificate issuer: /CN=A9192210/serialNumber=781F95B0C8AB2EF7FD73CF8FC10D2FA86ECCDC4A
Certificate serial: 06EA
Authority key identifier: 78:1F:95:B0:C8:AB:2E:F7:FD:73:CF:8F:C1:0D:2F:A8:6E:CC:DC:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eB-VsMirLvf9c8-PwQ0vqG7M3Eo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192210/5CA373D8127811EBA8592412C4F9AE02/955B70D2A8C111EC82C6CD3AC4F9AE02.roa
Signing time: Wed 26 Jun 2024 22:27:47 +0000
ROA not before: Wed 26 Jun 2024 22:27:47 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 38803
IP address blocks: 1.0.4.0/22 maxlen: 22
1.0.4.0/24 maxlen: 24
1.0.5.0/24 maxlen: 24
1.0.6.0/24 maxlen: 24
1.0.7.0/24 maxlen: 24
43.252.108.0/22 maxlen: 22
43.252.108.0/24 maxlen: 24
43.252.109.0/24 maxlen: 24
43.252.110.0/24 maxlen: 24
43.252.111.0/24 maxlen: 24
45.124.164.0/22 maxlen: 22
45.124.164.0/24 maxlen: 24
45.124.165.0/24 maxlen: 24
45.124.166.0/24 maxlen: 24
45.124.167.0/24 maxlen: 24
103.2.176.0/22 maxlen: 22
103.26.60.0/22 maxlen: 22
103.26.60.0/24 maxlen: 24
103.26.61.0/24 maxlen: 24
103.26.62.0/24 maxlen: 24
103.26.63.0/24 maxlen: 24
103.29.76.0/22 maxlen: 22
103.29.76.0/24 maxlen: 24
103.29.77.0/24 maxlen: 24
103.29.78.0/24 maxlen: 24
103.29.79.0/24 maxlen: 24
103.58.216.0/22 maxlen: 22
103.145.116.0/23 maxlen: 23
103.145.116.0/24 maxlen: 24
103.145.117.0/24 maxlen: 24
118.107.184.0/21 maxlen: 21
118.107.184.0/24 maxlen: 24
118.107.185.0/24 maxlen: 24
118.107.186.0/24 maxlen: 24
118.107.187.0/24 maxlen: 24
118.107.188.0/24 maxlen: 24
118.107.189.0/24 maxlen: 24
118.107.190.0/24 maxlen: 24
118.107.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 04:54:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1770 (0x6ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192210/serialNumber=781F95B0C8AB2EF7FD73CF8FC10D2FA86ECCDC4A
Validity
Not Before: Jun 26 22:27:47 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=667c95e2-c4c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:75:a7:12:76:28:47:aa:92:8f:66:09:cf:37:
c3:2a:83:d9:1d:4e:ae:b3:9c:8b:39:9d:7a:5b:e4:
f0:61:84:3e:92:74:ee:87:5a:c1:cd:22:9e:7e:50:
5a:b2:5c:2e:4f:93:ca:83:ec:97:51:b6:33:0b:21:
02:47:12:90:4a:ed:bd:8d:89:ec:89:6d:2d:f3:c7:
0b:f4:77:69:a3:90:95:10:5e:d1:12:34:02:a4:96:
82:b4:a4:d8:0a:dc:e7:46:dc:c7:ed:10:8c:9c:b9:
71:d1:ae:64:41:31:dc:6b:d9:a8:f4:57:38:05:64:
2a:e4:26:60:7d:f8:c3:1c:ce:48:4f:e2:64:51:9b:
58:a4:93:59:21:47:ab:06:3c:8f:db:a5:7e:a2:b3:
64:0e:2d:f2:a3:4f:bc:03:4a:6e:e2:d7:d2:ee:91:
91:7e:83:80:18:f8:5b:80:23:12:2a:a2:63:6b:91:
2f:1f:df:23:fa:6c:51:4b:88:04:d9:b2:e6:15:9b:
5a:8f:f4:49:c9:b5:b2:53:0c:ff:89:ae:67:7f:74:
af:b0:48:78:db:4a:ca:d1:a8:48:e1:76:3c:7b:81:
64:da:16:0a:fd:e1:47:74:36:cf:d8:ee:e9:63:5f:
2b:17:1d:b3:54:59:ad:18:02:4a:4f:a2:c0:8c:4b:
42:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:6C:F5:94:27:B3:3F:AC:27:2F:79:99:32:FF:F1:3B:83:12:FF:BB
X509v3 Authority Key Identifier:
keyid:78:1F:95:B0:C8:AB:2E:F7:FD:73:CF:8F:C1:0D:2F:A8:6E:CC:DC:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192210/5CA373D8127811EBA8592412C4F9AE02/eB-VsMirLvf9c8-PwQ0vqG7M3Eo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eB-VsMirLvf9c8-PwQ0vqG7M3Eo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192210/5CA373D8127811EBA8592412C4F9AE02/955B70D2A8C111EC82C6CD3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.0.4.0/22
43.252.108.0/22
45.124.164.0/22
103.2.176.0/22
103.26.60.0/22
103.29.76.0/22
103.58.216.0/22
103.145.116.0/23
118.107.184.0/21
Signature Algorithm: sha256WithRSAEncryption
a8:62:2e:b4:2b:10:73:de:3b:53:27:91:81:58:e1:67:60:85:
73:5b:57:e4:b0:5c:6d:9b:7e:10:b0:08:7a:c5:ee:7b:7c:ab:
1a:2d:51:ad:5e:70:df:7f:35:51:44:8b:72:85:25:c0:5e:55:
20:e1:fc:08:d2:d1:c9:b0:8c:39:bc:6a:0c:ab:7c:31:ce:e7:
69:8e:24:49:e3:f7:89:24:7d:24:94:cb:66:32:a0:c0:87:d5:
31:be:c7:9c:5d:e0:35:e4:f7:80:aa:6e:58:6b:2c:12:54:8c:
94:2e:ac:09:e9:e9:10:2f:54:91:aa:e7:45:c5:e6:27:d4:53:
8f:93:0e:6f:49:f0:74:b3:c1:eb:63:51:a8:ca:85:8a:61:01:
12:c6:13:df:e8:7a:b3:e8:3c:36:cc:f1:5a:43:eb:3e:32:a1:
fc:3b:15:44:e6:60:9d:d4:b6:ef:9c:32:d7:9b:53:4b:bc:ef:
94:17:56:37:c6:e0:37:ea:a6:83:dc:33:91:54:9f:31:57:d1:
35:ec:ee:69:56:d8:72:a1:ec:ff:f9:b7:f4:fc:79:b2:b6:c9:
1b:4f:e0:04:90:af:65:3d:e1:89:01:34:92:72:5f:13:a8:dc:
bf:9e:11:ca:7f:96:f5:44:7e:44:b8:3d:58:bc:8b:81:e1:ff:
97:c5:d7:9f
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICBuowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTIyMTAxMTAvBgNVBAUTKDc4MUY5NUIwQzhBQjJFRjdGRDczQ0Y4RkMxMEQyRkE4
NkVDQ0RDNEEwHhcNMjQwNjI2MjIyNzQ3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdjOTVlMi1jNGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApnWnEnYoR6qSj2YJzzfDKoPZHU6us5yLOZ16W+TwYYQ+knTuh1rBzSKeflBa
slwuT5PKg+yXUbYzCyECRxKQSu29jYnsiW0t88cL9Hdpo5CVEF7REjQCpJaCtKTY
CtznRtzH7RCMnLlx0a5kQTHca9mo9Fc4BWQq5CZgffjDHM5IT+JkUZtYpJNZIUer
BjyP26V+orNkDi3yo0+8A0pu4tfS7pGRfoOAGPhbgCMSKqJja5EvH98j+mxRS4gE
2bLmFZtaj/RJybWyUwz/ia5nf3SvsEh420rK0ahI4XY8e4Fk2hYK/eFHdDbP2O7p
Y18rFx2zVFmtGAJKT6LAjEtC5wIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFLFs9ZQn
sz+sJy95mTL/8TuDEv+7MB8GA1UdIwQYMBaAFHgflbDIqy73/XPPj8ENL6huzNxK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MjIxMC81Q0EzNzNEODEy
NzgxMUVCQTg1OTI0MTJDNEY5QUUwMi9lQi1Wc01pckx2ZjljOC1Qd1EwdnFHN00z
RW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VCLVZzTWlyTHZmOWM4LVB3UTB2cUc3TTNFby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTIyMTAvNUNBMzczRDgxMjc4MTFFQkE4NTkyNDEyQzRGOUFFMDIvOTU1QjcwRDJB
OEMxMTFFQzgyQzZDRDNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYDBAIBAAQDBAIr/GwDBAItfKQDBAJnArADBAJnGjwDBAJnHUwD
BAJnOtgDBAFnkXQDBAN2a7gwDQYJKoZIhvcNAQELBQADggEBAKhiLrQrEHPeO1Mn
kYFY4WdghXNbV+SwXG2bfhCwCHrF7nt8qxotUa1ecN9/NVFEi3KFJcBeVSDh/AjS
0cmwjDm8agyrfDHO52mOJEnj94kkfSSUy2YyoMCH1TG+x5xd4DXk94CqblhrLBJU
jJQurAnp6RAvVJGq50XF5ifUU4+TDm9J8HSzwetjUajKhYphARLGE9/oerPoPDbM
8VpD6z4yofw7FUTmYJ3Utu+cMtebU0u875QXVjfG4DfqpoPcM5FUnzFX0TXs7mlW
2HKh7P/5t/T8ebK2yRtP4ASQr2U94YkBNJJyXxOo3L+eEcp/lvVEfkS4PVi8i4Hh
/5fF158=
-----END CERTIFICATE-----
Generated at Wed Oct 2 08:41:20 2024 by rpki-client on console-ams.rpki-client.org