Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/7F574824A93711EEAD42EF0AC4F9AE02.roa
File: 7F574824A93711EEAD42EF0AC4F9AE02.roa (raw, json)
Hash identifier: fuygPKOV84AmvT48UlWf4mObJHgdC9DkfPGx+mkRTag=
Subject key identifier: DB:AC:1D:9D:59:A2:0F:13:E4:11:4B:00:4D:75:B8:0A:D3:C9:C8:DD
Certificate issuer: /CN=A91D176D/serialNumber=AA0178EA78511A15B1470EBFC0C5721A70E2769F
Certificate serial: 2A
Authority key identifier: AA:01:78:EA:78:51:1A:15:B1:47:0E:BF:C0:C5:72:1A:70:E2:76:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgF46nhRGhWxRw6_wMVyGnDidp8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/7F574824A93711EEAD42EF0AC4F9AE02.roa
Signing time: Tue 05 Mar 2024 07:49:26 +0000
ROA not before: Tue 05 Mar 2024 07:49:26 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 134078
IP address blocks: 45.112.76.0/22 maxlen: 22
61.13.2.0/24 maxlen: 24
61.13.16.0/20 maxlen: 21
61.13.32.0/21 maxlen: 21
61.13.128.0/22 maxlen: 22
61.13.128.0/24 maxlen: 24
61.13.136.0/23 maxlen: 23
61.13.138.0/23 maxlen: 23
61.14.64.0/19 maxlen: 19
61.14.90.0/24 maxlen: 24
61.14.91.0/24 maxlen: 24
61.14.95.0/24 maxlen: 24
61.16.0.0/22 maxlen: 22
61.16.4.0/22 maxlen: 22
61.16.8.0/22 maxlen: 22
61.16.12.0/22 maxlen: 22
61.16.16.0/22 maxlen: 22
61.16.32.0/22 maxlen: 22
103.51.160.0/22 maxlen: 22
103.51.160.0/24 maxlen: 24
103.51.163.0/24 maxlen: 24
103.227.88.0/22 maxlen: 22
103.250.56.0/22 maxlen: 22
103.250.58.0/24 maxlen: 24
202.52.64.0/23 maxlen: 23
202.52.72.0/21 maxlen: 21
202.52.80.0/21 maxlen: 21
202.52.96.0/19 maxlen: 19
202.52.112.0/20 maxlen: 20
202.136.16.0/20 maxlen: 20
202.148.160.0/20 maxlen: 20
203.31.234.0/24 maxlen: 24
203.149.128.0/24 maxlen: 24
203.149.140.0/22 maxlen: 22
203.149.168.0/22 maxlen: 22
203.149.184.0/21 maxlen: 21
203.149.240.0/22 maxlen: 22
203.149.254.0/23 maxlen: 23
2404:1100::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 27 Jun 2024 02:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42 (0x2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D176D/serialNumber=AA0178EA78511A15B1470EBFC0C5721A70E2769F
Validity
Not Before: Mar 5 07:49:26 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e6ce86-d94a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d0:44:75:fa:77:82:d3:84:62:7a:b4:a4:b4:
92:e9:d2:bd:65:f3:2a:40:3d:7e:fc:d7:ed:91:d1:
76:63:ac:48:96:dc:00:d0:30:bb:79:cc:e2:4d:62:
8a:07:0f:1a:de:e4:6c:0f:88:3c:cd:af:f7:23:8d:
0b:6b:97:31:a4:ea:d8:a6:3b:d9:47:9a:47:aa:0e:
8e:5d:7d:d5:f6:9e:ce:c7:c4:e8:ce:0b:a6:ef:92:
50:5d:22:4f:dd:a5:27:3d:f7:3c:32:33:d0:be:9d:
e7:ce:c6:9a:55:47:a9:9e:3b:9b:45:d7:83:2b:0c:
31:90:d9:1f:63:b7:70:c7:67:76:9e:8a:9c:e5:2e:
86:28:a6:41:b4:9b:3f:23:7b:79:da:c1:9f:bc:d0:
c2:29:09:17:78:5b:87:92:6a:d4:48:33:f2:74:a8:
f5:e9:f7:b9:31:eb:38:17:95:2e:7d:cf:e8:0e:a8:
cf:d5:96:d2:8c:d2:3b:00:ad:2b:07:7b:b9:b8:b6:
90:ab:d4:96:e5:21:68:ed:c5:df:e1:58:ad:53:a9:
76:46:dd:11:3e:6f:ca:5c:0c:de:91:4c:37:f1:ec:
13:79:a6:51:48:c6:3b:a1:ef:dd:78:92:02:6f:dd:
a1:ee:ce:f4:f6:65:f1:d5:00:57:c9:83:0d:b4:71:
87:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:AC:1D:9D:59:A2:0F:13:E4:11:4B:00:4D:75:B8:0A:D3:C9:C8:DD
X509v3 Authority Key Identifier:
keyid:AA:01:78:EA:78:51:1A:15:B1:47:0E:BF:C0:C5:72:1A:70:E2:76:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/qgF46nhRGhWxRw6_wMVyGnDidp8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgF46nhRGhWxRw6_wMVyGnDidp8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/7F574824A93711EEAD42EF0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.76.0/22
61.13.2.0/24
61.13.16.0-61.13.39.255
61.13.128.0/22
61.13.136.0/22
61.14.64.0/19
61.16.0.0-61.16.19.255
61.16.32.0/22
103.51.160.0/22
103.227.88.0/22
103.250.56.0/22
202.52.64.0/23
202.52.72.0-202.52.87.255
202.52.96.0/19
202.136.16.0/20
202.148.160.0/20
203.31.234.0/24
203.149.128.0/24
203.149.140.0/22
203.149.168.0/22
203.149.184.0/21
203.149.240.0/22
203.149.254.0/23
IPv6:
2404:1100::/32
Signature Algorithm: sha256WithRSAEncryption
3f:74:91:24:cb:68:c2:88:16:ed:48:52:b7:ca:f4:75:c3:cb:
f1:6a:28:ea:c6:ef:23:89:d6:43:dc:10:67:9f:2a:2f:02:a7:
e1:7f:5c:d8:5e:58:48:54:99:8f:47:7b:18:3b:a4:d6:b0:2d:
bd:10:60:fa:8c:6a:3a:1e:9c:4c:39:4f:48:22:6b:60:cb:9c:
3c:d3:75:09:13:b5:ae:67:78:80:39:be:25:f6:99:f9:ad:ab:
80:0a:05:62:ce:00:d8:be:a1:ac:3a:59:2c:b9:d2:8a:17:d2:
6e:64:20:84:1c:02:21:d5:15:e5:30:27:41:8d:1d:e3:0f:d5:
4c:70:14:3f:3a:3e:7f:51:83:2e:42:bb:9b:d1:da:79:fd:ca:
73:cb:37:76:ae:61:2b:96:40:3c:21:f1:f2:4a:9f:ee:d4:8d:
a8:88:cc:63:7c:4d:a1:13:66:ab:a4:35:28:1e:a5:1a:55:cb:
a3:92:36:1d:08:7a:0b:79:8a:68:2c:43:66:db:95:1f:22:8b:
34:ba:c2:22:99:fa:35:e8:74:ab:73:00:8a:15:06:78:8a:99:
a9:84:08:26:ed:43:65:3b:47:fb:53:53:7d:ee:1b:ae:9a:30:
91:47:3b:73:48:2e:58:5f:3b:51:06:b9:bc:2b:b1:77:ea:46:
f4:29:ff:24
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MTc2RDExMC8GA1UEBRMoQUEwMTc4RUE3ODUxMUExNUIxNDcwRUJGQzBDNTcyMUE3
MEUyNzY5RjAeFw0yNDAzMDUwNzQ5MjZaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZTZjZTg2LWQ5NGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQ0ER1+neC04RierSktJLp0r1l8ypAPX781+2R0XZjrEiW3ADQMLt5zOJNYooH
Dxre5GwPiDzNr/cjjQtrlzGk6timO9lHmkeqDo5dfdX2ns7HxOjOC6bvklBdIk/d
pSc99zwyM9C+nefOxppVR6meO5tF14MrDDGQ2R9jt3DHZ3aeipzlLoYopkG0mz8j
e3nawZ+80MIpCRd4W4eSatRIM/J0qPXp97kx6zgXlS59z+gOqM/VltKM0jsArSsH
e7m4tpCr1JblIWjtxd/hWK1TqXZG3RE+b8pcDN6RTDfx7BN5plFIxjuh7914kgJv
3aHuzvT2ZfHVAFfJgw20cYcbAgMBAAGjggNEMIIDQDAdBgNVHQ4EFgQU26wdnVmi
DxPkEUsATXW4CtPJyN0wHwYDVR0jBBgwFoAUqgF46nhRGhWxRw6/wMVyGnDidp8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQxNzZEL0YwMkEzNUU4QTkx
NDExRUVCMjcxMkQzRkM0RjlBRTAyL3FnRjQ2bmhSR2hXeFJ3Nl93TVZ5R25EaWRw
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcWdGNDZuaFJHaFd4Unc2X3dNVnlHbkRpZHA4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MTc2RC9GMDJBMzVFOEE5MTQxMUVFQjI3MTJEM0ZDNEY5QUUwMi83RjU3NDgyNEE5
MzcxMUVFQUQ0MkVGMEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCBzQYIKwYBBQUHAQcBAf8E
gb0wgbowgagEAgABMIGhAwQCLXBMAwQAPQ0CMAwDBAQ9DRADBAM9DSADBAI9DYAD
BAI9DYgDBAU9DkAwCwMDBD0QAwQCPRAQAwQCPRAgAwQCZzOgAwQCZ+NYAwQCZ/o4
AwQByjRAMAwDBAPKNEgDBAPKNFADBAXKNGADBATKiBADBATKlKADBADLH+oDBADL
lYADBALLlYwDBALLlagDBAPLlbgDBALLlfADBAHLlf4wDQQCAAIwBwMFACQEEQAw
DQYJKoZIhvcNAQELBQADggEBAD90kSTLaMKIFu1IUrfK9HXDy/FqKOrG7yOJ1kPc
EGefKi8Cp+F/XNheWEhUmY9Hexg7pNawLb0QYPqMajoenEw5T0gia2DLnDzTdQkT
ta5neIA5viX2mfmtq4AKBWLOANi+oaw6WSy50ooX0m5kIIQcAiHVFeUwJ0GNHeMP
1UxwFD86Pn9Rgy5Cu5vR2nn9ynPLN3auYSuWQDwh8fJKn+7UjaiIzGN8TaETZquk
NSgepRpVy6OSNh0Iegt5imgsQ2bblR8iizS6wiKZ+jXodKtzAIoVBniKmamECCbt
Q2U7R/tTU33uG66aMJFHO3NILlhfO1EGubwrsXfqRvQp/yQ=
-----END CERTIFICATE-----
Generated at Thu Jun 27 05:39:34 2024 by rpki-client on console-ams.rpki-client.org