Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/29D5A10486FC11EF87B5ED31C4F9AE02.roa
File: 29D5A10486FC11EF87B5ED31C4F9AE02.roa (raw, json)
Hash identifier: XGODC8WoxqANM/sb5LGpVBEU9fofWyXNHcXqfqb2oy8=
Subject key identifier: A4:57:CF:4D:97:C3:0A:29:A5:0A:A7:CF:7F:C8:03:70:3A:6D:61:80
Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Certificate serial: 0A04
Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/29D5A10486FC11EF87B5ED31C4F9AE02.roa
Signing time: Thu 10 Oct 2024 11:38:26 +0000
ROA not before: Thu 10 Oct 2024 11:38:26 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 9229
IP address blocks: 202.174.128.0/19 maxlen: 19
202.174.129.0/24 maxlen: 24
202.174.130.0/24 maxlen: 24
202.174.131.0/24 maxlen: 24
202.174.132.0/24 maxlen: 24
202.174.133.0/24 maxlen: 24
202.174.134.0/24 maxlen: 24
202.174.135.0/24 maxlen: 24
202.174.136.0/24 maxlen: 24
202.174.137.0/24 maxlen: 24
202.174.138.0/24 maxlen: 24
202.174.139.0/24 maxlen: 24
202.174.140.0/24 maxlen: 24
202.174.141.0/24 maxlen: 24
202.174.142.0/24 maxlen: 24
202.174.143.0/24 maxlen: 24
202.174.144.0/24 maxlen: 24
202.174.145.0/24 maxlen: 24
202.174.146.0/24 maxlen: 24
202.174.147.0/24 maxlen: 24
202.174.148.0/24 maxlen: 24
202.174.149.0/24 maxlen: 24
202.174.150.0/24 maxlen: 24
202.174.151.0/24 maxlen: 24
202.174.152.0/24 maxlen: 24
202.174.153.0/24 maxlen: 24
202.174.154.0/24 maxlen: 24
202.174.155.0/24 maxlen: 24
202.174.156.0/24 maxlen: 24
202.174.157.0/24 maxlen: 24
202.174.158.0/24 maxlen: 24
202.174.159.0/24 maxlen: 24
203.88.64.0/19 maxlen: 19
203.88.64.0/24 maxlen: 24
203.88.65.0/24 maxlen: 24
203.88.66.0/24 maxlen: 24
203.88.67.0/24 maxlen: 24
203.88.68.0/24 maxlen: 24
203.88.69.0/24 maxlen: 24
203.88.70.0/24 maxlen: 24
203.88.71.0/24 maxlen: 24
203.88.72.0/24 maxlen: 24
203.88.73.0/24 maxlen: 24
203.88.74.0/24 maxlen: 24
203.88.75.0/24 maxlen: 24
203.88.76.0/24 maxlen: 24
203.88.77.0/24 maxlen: 24
203.88.78.0/24 maxlen: 24
203.88.79.0/24 maxlen: 24
203.88.80.0/24 maxlen: 24
203.88.81.0/24 maxlen: 24
203.88.82.0/24 maxlen: 24
203.88.83.0/24 maxlen: 24
203.88.84.0/24 maxlen: 24
203.88.85.0/24 maxlen: 24
203.88.86.0/24 maxlen: 24
203.88.87.0/24 maxlen: 24
203.88.88.0/24 maxlen: 24
203.88.89.0/24 maxlen: 24
203.88.90.0/24 maxlen: 24
203.88.91.0/24 maxlen: 24
203.88.92.0/24 maxlen: 24
203.88.93.0/24 maxlen: 24
203.88.94.0/24 maxlen: 24
203.88.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 01:54:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2564 (0xa04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Validity
Not Before: Oct 10 11:38:26 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6707bcb2-5469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7a:03:c3:08:c2:dc:15:33:f2:65:c8:e3:fb:
b4:98:5c:3d:70:25:b3:8d:ae:65:80:4e:1b:76:ad:
6f:d4:0e:45:15:cb:e6:39:2a:91:00:8b:0c:da:71:
76:cf:12:6a:47:03:2b:99:29:82:c4:a2:86:87:78:
ac:a1:9d:85:0a:d8:77:cd:ef:fb:7d:1a:80:24:46:
d2:26:42:84:47:85:b1:b8:0f:73:b1:11:2c:3f:1e:
74:de:f6:d3:31:44:fe:39:52:cf:d0:67:a5:43:05:
19:1e:25:18:00:26:7e:48:02:3d:10:f0:72:c0:4f:
03:71:81:ff:e7:f8:f2:fe:5b:7f:13:22:4e:61:d3:
e5:6b:6c:10:c5:ce:85:0b:a0:f1:14:3c:4e:a8:64:
a5:1c:c1:24:50:ca:f5:b9:a0:30:f4:48:20:b1:b2:
72:40:2f:07:e2:8b:1d:00:52:ac:2c:ec:ca:b4:1e:
37:49:b8:a8:6e:9d:3d:dd:5f:8f:e2:d9:40:60:64:
e1:82:f9:87:cc:fe:c2:fb:ab:4e:5a:d1:02:c1:5f:
22:b5:b1:be:45:61:6d:ec:ba:c3:a7:7a:5c:f1:6a:
b6:a9:f5:79:f7:2d:bf:f3:ac:30:d3:d6:bf:1b:be:
e1:8c:71:14:fb:90:90:54:06:c5:ba:86:be:c9:64:
e3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:57:CF:4D:97:C3:0A:29:A5:0A:A7:CF:7F:C8:03:70:3A:6D:61:80
X509v3 Authority Key Identifier:
keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/29D5A10486FC11EF87B5ED31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.174.128.0/19
203.88.64.0/19
Signature Algorithm: sha256WithRSAEncryption
98:9a:18:d1:6d:5e:2c:0a:f3:b0:98:7d:95:30:74:fc:c9:01:
a4:62:91:0a:ad:1d:e8:ab:fd:e3:0c:fa:45:64:bd:5d:44:cb:
e6:0d:b2:2b:ae:83:5e:3e:e0:88:17:d6:8f:b7:9e:ed:80:b7:
57:25:4f:cd:a8:66:0b:57:98:93:37:d7:77:5f:9b:74:b7:17:
b6:66:5e:a8:43:06:ba:cc:5a:29:d7:51:bf:a8:91:91:89:ed:
c0:ae:fd:03:b3:db:6b:e3:a7:ca:1a:63:45:0e:ef:81:c4:46:
79:15:c1:f7:15:da:d3:0d:4a:e4:d7:ae:07:27:83:79:c3:71:
91:d9:9e:2f:25:28:1b:f3:b6:fb:c9:33:e0:ad:84:0b:f5:10:
b0:21:ab:cb:2f:86:8f:12:99:74:9e:2c:b8:1d:1b:08:3b:09:
c4:a4:80:8a:cc:99:83:71:a6:78:61:cd:85:4e:81:78:54:30:
59:23:e7:ab:8a:1a:0d:89:ed:a1:0e:bc:c2:8b:a6:79:ae:99:
21:8d:24:51:2a:3a:fa:c9:5d:d8:08:1e:4d:68:f9:66:c4:f7:
3f:96:87:6e:78:cd:83:d0:5e:93:15:fa:1b:bd:ef:b9:5e:ac:
8a:33:5a:35:0b:05:76:89:90:d2:59:8f:91:b8:f3:bd:0c:8e:
18:29:a9:7f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw
OEM3NDNENEIwHhcNMjQxMDEwMTEzODI2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA3YmNiMi01NDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwHoDwwjC3BUz8mXI4/u0mFw9cCWzja5lgE4bdq1v1A5FFcvmOSqRAIsM2nF2
zxJqRwMrmSmCxKKGh3isoZ2FCth3ze/7fRqAJEbSJkKER4WxuA9zsREsPx503vbT
MUT+OVLP0GelQwUZHiUYACZ+SAI9EPBywE8DcYH/5/jy/lt/EyJOYdPla2wQxc6F
C6DxFDxOqGSlHMEkUMr1uaAw9EggsbJyQC8H4osdAFKsLOzKtB43Sbiobp093V+P
4tlAYGThgvmHzP7C+6tOWtECwV8itbG+RWFt7LrDp3pc8Wq2qfV59y2/86ww09a/
G77hjHEU+5CQVAbFuoa+yWTjoQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKRXz02X
wwoppQqnz3/IA3A6bWGAMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG
M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNFMjcvRjM4ODg3NjY2RjNBMTFFQTk4NDAxMzNEQzRGOUFFMDIvMjlENUExMDQ4
NkZDMTFFRjg3QjVFRDMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAXKroADBAXLWEAwDQYJKoZIhvcNAQELBQADggEBAJiaGNFt
XiwK87CYfZUwdPzJAaRikQqtHeir/eMM+kVkvV1Ey+YNsiuug14+4IgX1o+3nu2A
t1clT82oZgtXmJM313dfm3S3F7ZmXqhDBrrMWinXUb+okZGJ7cCu/QOz22vjp8oa
Y0UO74HERnkVwfcV2tMNSuTXrgcng3nDcZHZni8lKBvztvvJM+CthAv1ELAhq8sv
ho8SmXSeLLgdGwg7CcSkgIrMmYNxpnhhzYVOgXhUMFkj56uKGg2J7aEOvMKLpnmu
mSGNJFEqOvrJXdgIHk1o+WbE9z+Wh254zYPQXpMV+hu977lerIozWjULBXaJkNJZ
j5G4870MjhgpqX8=
-----END CERTIFICATE-----
Generated at Fri Oct 18 03:49:26 2024 by rpki-client on console-fra.rpki-client.org