Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/A9CC8E6A3EDA11EEA0B19A82C4F9AE02.roa
File: A9CC8E6A3EDA11EEA0B19A82C4F9AE02.roa (raw, json)
Hash identifier: LVLUFIXBB3rZwUKioXZekvS5rS2eeIn5omnm5r9d9ng=
Subject key identifier: 98:9C:62:34:30:25:4C:3D:2B:41:1A:52:51:35:3D:EA:75:00:33:ED
Certificate issuer: /CN=A9197390/serialNumber=A135B814E1EB1E27C9597EED2E822854930D3FCF
Certificate serial: E8
Authority key identifier: A1:35:B8:14:E1:EB:1E:27:C9:59:7E:ED:2E:82:28:54:93:0D:3F:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oTW4FOHrHifJWX7tLoIoVJMNP88.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/A9CC8E6A3EDA11EEA0B19A82C4F9AE02.roa
Signing time: Wed 04 Sep 2024 09:36:25 +0000
ROA not before: Wed 04 Sep 2024 09:36:25 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 17439
IP address blocks: 45.115.119.0/24 maxlen: 24
103.57.17.0/24 maxlen: 24
103.57.18.0/24 maxlen: 24
103.57.19.0/24 maxlen: 24
202.6.80.0/24 maxlen: 24
203.153.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 06:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 232 (0xe8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197390/serialNumber=A135B814E1EB1E27C9597EED2E822854930D3FCF
Validity
Not Before: Sep 4 09:36:25 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66d82a19-2517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:6f:90:2d:8e:8b:3f:79:41:55:9d:e0:b7:62:
f7:12:8c:c8:c4:95:16:4b:90:51:f1:f2:47:1b:52:
d5:42:00:b2:33:af:87:2c:fe:4a:d0:df:03:83:b9:
2b:86:a7:fc:88:d8:e5:cd:96:1d:8c:55:d2:5b:13:
4f:6f:b7:ec:eb:71:fe:e2:0a:f2:8e:9a:50:47:8c:
94:6e:40:77:b0:38:98:6c:49:2e:6d:ed:a9:fb:14:
3a:4d:49:0b:bf:0a:d6:52:b4:b3:99:21:7c:ec:32:
13:05:a1:93:69:2a:e9:79:86:28:31:e5:ee:da:0a:
03:26:23:54:60:1a:23:ec:d4:cb:d7:ff:56:7c:ff:
d2:6f:00:4d:5f:b4:16:79:72:b9:71:b0:19:70:53:
85:6a:a8:6c:0b:db:25:50:32:53:a1:06:20:7b:28:
9c:8e:7e:e1:76:ae:9b:57:be:69:2f:a8:b0:d5:87:
14:70:e0:c6:02:b9:48:81:65:31:fe:2f:23:6b:6c:
9c:59:86:9f:49:54:3b:e7:2a:ab:84:a1:4f:3c:cb:
1a:c7:72:79:ea:f0:e0:6c:5e:ba:ce:44:15:67:98:
4b:cb:2c:f6:1e:32:0a:39:20:62:67:00:ad:e2:47:
1b:45:c6:98:85:f3:a8:70:f9:dc:3f:be:e1:0e:6d:
bf:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9C:62:34:30:25:4C:3D:2B:41:1A:52:51:35:3D:EA:75:00:33:ED
X509v3 Authority Key Identifier:
keyid:A1:35:B8:14:E1:EB:1E:27:C9:59:7E:ED:2E:82:28:54:93:0D:3F:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/oTW4FOHrHifJWX7tLoIoVJMNP88.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oTW4FOHrHifJWX7tLoIoVJMNP88.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/A9CC8E6A3EDA11EEA0B19A82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.115.119.0/24
103.57.17.0-103.57.19.255
202.6.80.0/24
203.153.208.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:9d:43:ba:76:0b:ad:92:4e:98:f8:96:8d:3d:2c:5b:7c:bd:
bf:26:7f:d2:bb:cc:19:6f:60:c4:5f:f1:fa:cf:0d:6b:28:b8:
4d:95:e2:3b:d1:3f:53:cc:15:11:c5:47:93:6f:f1:61:bb:8e:
b9:7c:de:b5:90:b1:47:70:7e:bd:3f:98:af:3b:77:72:fd:ca:
4d:f8:4e:3b:35:64:03:a7:98:2c:46:d9:3a:4a:0e:69:05:cc:
62:ee:6c:6f:19:d9:05:f2:e1:cb:d5:c4:95:df:e1:98:b7:ac:
fb:f9:06:89:51:ed:47:f6:37:e0:4c:a7:11:84:4e:04:97:8a:
bd:77:09:06:5f:e3:d0:ee:63:fd:8a:7e:07:d2:5a:b6:14:46:
ba:80:98:f0:57:e7:8b:b0:e3:ab:25:3c:e4:5d:f8:f8:43:13:
23:33:6b:e9:c5:11:e4:8a:a0:b3:ac:f5:dd:50:35:dd:4e:a7:
db:fc:2d:b3:30:1a:6a:63:22:42:8f:e9:7b:2e:55:c8:60:1d:
76:73:9e:58:6b:4c:0a:91:8c:ee:b8:1f:6a:47:9e:8a:11:08:
0a:ee:64:6c:ee:f3:dd:3a:ae:9b:d8:5f:d4:63:7b:07:cf:8c:
57:6f:b4:57:99:f3:af:ca:e4:41:48:a8:2c:82:f3:36:88:a2:
83:35:ee:bc
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTczOTAxMTAvBgNVBAUTKEExMzVCODE0RTFFQjFFMjdDOTU5N0VFRDJFODIyODU0
OTMwRDNGQ0YwHhcNMjQwOTA0MDkzNjI1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ4MmExOS0yNTE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9W+QLY6LP3lBVZ3gt2L3EozIxJUWS5BR8fJHG1LVQgCyM6+HLP5K0N8Dg7kr
hqf8iNjlzZYdjFXSWxNPb7fs63H+4gryjppQR4yUbkB3sDiYbEkube2p+xQ6TUkL
vwrWUrSzmSF87DITBaGTaSrpeYYoMeXu2goDJiNUYBoj7NTL1/9WfP/SbwBNX7QW
eXK5cbAZcFOFaqhsC9slUDJToQYgeyicjn7hdq6bV75pL6iw1YcUcODGArlIgWUx
/i8ja2ycWYafSVQ75yqrhKFPPMsax3J56vDgbF66zkQVZ5hLyyz2HjIKOSBiZwCt
4kcbRcaYhfOocPncP77hDm2/XwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFJicYjQw
JUw9K0EaUlE1Pep1ADPtMB8GA1UdIwQYMBaAFKE1uBTh6x4nyVl+7S6CKFSTDT/P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzM5MC9EMkM3RTcxNjNF
N0ExMUVFQTk3N0Q2MjBDNEY5QUUwMi9vVFc0Rk9IckhpZkpXWDd0TG9Jb1ZKTU5Q
ODguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29UVzRGT0hySGlmSldYN3RMb0lvVkpNTlA4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTczOTAvRDJDN0U3MTYzRTdBMTFFRUE5NzdENjIwQzRGOUFFMDIvQTlDQzhFNkEz
RURBMTFFRUEwQjE5QTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAAtc3cwDAMEAGc5EQMEAmc5EAMEAMoGUAMEAMuZ0DANBgkq
hkiG9w0BAQsFAAOCAQEALJ1DunYLrZJOmPiWjT0sW3y9vyZ/0rvMGW9gxF/x+s8N
ayi4TZXiO9E/U8wVEcVHk2/xYbuOuXzetZCxR3B+vT+Yrzt3cv3KTfhOOzVkA6eY
LEbZOkoOaQXMYu5sbxnZBfLhy9XEld/hmLes+/kGiVHtR/Y34EynEYROBJeKvXcJ
Bl/j0O5j/Yp+B9JathRGuoCY8Ffni7DjqyU85F34+EMTIzNr6cUR5Iqgs6z13VA1
3U6n2/wtszAaamMiQo/pey5VyGAddnOeWGtMCpGM7rgfakeeihEICu5kbO7z3Tqu
m9hf1GN7B8+MV2+0V5nzr8rkQUioLILzNoiigzXuvA==
-----END CERTIFICATE-----
Generated at Thu Sep 5 08:09:12 2024 by rpki-client on console-ams.rpki-client.org