Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/44790DE46EF111EE99360929C4F9AE02.roa
File: 44790DE46EF111EE99360929C4F9AE02.roa (raw, json)
Hash identifier: akHxw8IKz5bOQjpfsM9XQGxvAJtzCw9ydWZdqquDfMk=
Subject key identifier: 10:00:C3:D5:A8:8A:F8:2B:F1:FD:22:B0:A0:30:C0:F0:ED:75:5D:42
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4824
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/44790DE46EF111EE99360929C4F9AE02.roa
Signing time: Sat 16 Nov 2024 14:17:06 +0000
ROA not before: Sat 16 Nov 2024 14:17:06 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150820
IP address blocks: 36.50.174.0/23 maxlen: 23
103.70.114.0/23 maxlen: 23
203.175.96.0/23 maxlen: 23
2001:df3:f0c0::/48 maxlen: 48
2001:df3:f140::/48 maxlen: 48
2001:df4:35c0::/48 maxlen: 48
2001:df4:5040::/48 maxlen: 48
2001:df4:8d40::/48 maxlen: 48
2001:df4:9bc0::/48 maxlen: 48
2401:4e20::/48 maxlen: 48
2401:9be0::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 22 Nov 2024 02:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18468 (0x4824)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Nov 16 14:17:06 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6738a961-b886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:46:01:92:d6:57:dc:54:d3:55:10:7b:b0:11:
2e:08:df:a0:ac:40:79:c2:b7:61:8d:9f:c9:08:10:
63:5e:9b:28:46:f7:25:68:1e:c5:5e:d5:c1:96:1b:
68:02:5a:bb:4b:dc:7c:2a:1b:a9:90:fc:f6:b7:5a:
0c:35:80:41:19:e2:e6:22:40:be:88:1e:92:e4:bb:
97:fe:8f:4c:df:e1:fb:58:6c:90:c4:60:31:ef:28:
f4:df:21:ba:6e:e9:21:4a:ae:84:06:53:1c:06:34:
15:34:62:24:78:ba:2f:00:e7:63:a8:93:93:e7:f2:
1c:93:99:fd:72:d2:ac:0b:64:d9:a9:97:b3:5c:aa:
c7:59:67:05:f7:44:eb:33:4a:36:04:6d:fd:55:e2:
90:5f:e8:87:ba:ae:6f:8a:de:f4:d1:87:52:20:cc:
da:64:79:61:59:92:8b:2d:38:55:54:c4:e7:df:fb:
97:18:a5:58:89:b1:28:b5:b0:f7:98:6d:d1:ef:b9:
39:f0:5e:1f:93:5c:62:c5:d8:fc:57:51:82:e8:5e:
78:56:16:c2:5b:ff:11:c5:a9:af:6a:ea:9f:c2:b4:
03:3e:ac:92:42:2f:89:ed:f7:d3:11:88:77:92:ab:
40:d5:c2:67:67:b3:eb:28:bd:b7:60:f2:61:07:96:
19:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:00:C3:D5:A8:8A:F8:2B:F1:FD:22:B0:A0:30:C0:F0:ED:75:5D:42
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/44790DE46EF111EE99360929C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.174.0/23
103.70.114.0/23
203.175.96.0/23
IPv6:
2001:df3:f0c0::/48
2001:df3:f140::/48
2001:df4:35c0::/48
2001:df4:5040::/48
2001:df4:8d40::/48
2001:df4:9bc0::/48
2401:4e20::/48
2401:9be0::/48
Signature Algorithm: sha256WithRSAEncryption
aa:13:13:b0:25:94:b8:50:5a:60:56:6b:d6:42:8a:7e:f3:3b:
0b:9c:cf:df:60:15:3a:f2:58:94:6d:e3:9b:82:c6:0d:de:14:
58:f7:b8:2e:e5:51:af:74:8d:83:4e:56:aa:40:44:75:1e:83:
67:d9:a2:03:82:21:97:fa:79:54:e5:fa:30:a6:27:28:b2:37:
11:28:a2:5e:96:10:d2:db:f1:bb:78:da:68:e7:82:7f:f1:b5:
cb:62:1e:85:1d:18:87:38:0b:b0:1e:2a:99:44:3c:e8:21:a5:
bb:57:2a:26:a6:f8:41:54:47:21:97:e1:79:c8:c1:57:f2:33:
8d:23:36:d5:27:25:0a:67:e2:bc:54:f9:5a:4d:62:32:5d:92:
cb:55:c9:5b:a1:f5:e1:59:16:a0:e8:b0:46:bc:8d:42:8b:4d:
af:ce:70:90:f5:88:c5:c6:dd:79:9e:d4:b5:a8:8c:4d:2b:24:
ce:4b:52:45:22:c7:ea:f3:23:38:6d:06:aa:c3:7c:96:ee:89:
3e:d6:23:8f:d2:69:2f:fb:b2:6e:a6:d4:74:5e:73:aa:87:c2:
88:8b:e4:85:28:56:7c:d2:d2:6d:ad:00:6b:6a:ce:91:1b:06:
02:74:d5:d0:ed:75:a7:de:67:87:4b:73:9e:ea:b4:3b:71:77:
7b:cb:0e:3b
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICSCQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMTE2MTQxNzA2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM4YTk2MS1iODg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv0YBktZX3FTTVRB7sBEuCN+grEB5wrdhjZ/JCBBjXpsoRvclaB7FXtXBlhto
Alq7S9x8KhupkPz2t1oMNYBBGeLmIkC+iB6S5LuX/o9M3+H7WGyQxGAx7yj03yG6
bukhSq6EBlMcBjQVNGIkeLovAOdjqJOT5/Ick5n9ctKsC2TZqZezXKrHWWcF90Tr
M0o2BG39VeKQX+iHuq5vit700YdSIMzaZHlhWZKLLThVVMTn3/uXGKVYibEotbD3
mG3R77k58F4fk1xixdj8V1GC6F54VhbCW/8RxamvauqfwrQDPqySQi+J7ffTEYh3
kqtA1cJnZ7PrKL23YPJhB5YZCQIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFBAAw9Wo
ivgr8f0isKAwwPDtdV1CMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNDQ3OTBERTQ2
RUYxMTFFRTk5MzYwOTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E
bDBqMBgEAgABMBIDBAEkMq4DBAFnRnIDBAHLr2AwTgQCAAIwSAMHACABDfPwwAMH
ACABDfPxQAMHACABDfQ1wAMHACABDfRQQAMHACABDfSNQAMHACABDfSbwAMHACQB
TiAAAAMHACQBm+AAADANBgkqhkiG9w0BAQsFAAOCAQEAqhMTsCWUuFBaYFZr1kKK
fvM7C5zP32AVOvJYlG3jm4LGDd4UWPe4LuVRr3SNg05WqkBEdR6DZ9miA4Ihl/p5
VOX6MKYnKLI3ESiiXpYQ0tvxu3jaaOeCf/G1y2IehR0YhzgLsB4qmUQ86CGlu1cq
Jqb4QVRHIZfhecjBV/IzjSM21SclCmfivFT5Wk1iMl2Sy1XJW6H14VkWoOiwRryN
QotNr85wkPWIxcbdeZ7UtaiMTSskzktSRSLH6vMjOG0GqsN8lu6JPtYjj9JpL/uy
bqbUdF5zqofCiIvkhShWfNLSba0Aa2rOkRsGAnTV0O11p95nh0tznuq0O3F3e8sO
Ow==
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:02:53 2024 by rpki-client on console-ams.rpki-client.org