Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/B4A905C489D011EFBA65A086C4F9AE02.roa
File: B4A905C489D011EFBA65A086C4F9AE02.roa (raw, json)
Hash identifier: 5BsogF62CMu95CPHfKA5qrQAuGjaMKmEWw5wbzMKmOI=
Subject key identifier: 56:68:C6:3F:9F:0F:90:46:71:4A:65:F1:08:88:C4:AB:1B:42:96:9B
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0BDE
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/B4A905C489D011EFBA65A086C4F9AE02.roa
Signing time: Mon 14 Oct 2024 02:04:55 +0000
ROA not before: Mon 14 Oct 2024 02:04:55 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 17971
IP address blocks: 49.236.192.0/20 maxlen: 24
103.17.168.0/22 maxlen: 24
112.137.160.0/20 maxlen: 24
119.110.96.0/20 maxlen: 24
202.71.96.0/20 maxlen: 24
202.75.32.0/20 maxlen: 24
202.75.48.0/20 maxlen: 24
202.165.3.0/24 maxlen: 24
218.100.22.0/24 maxlen: 24
2401:b000::/32 maxlen: 32
2401:b000::/48 maxlen: 48
2401:b000:0:5::/64 maxlen: 64
2401:b000:0:6::/64 maxlen: 64
2401:b000:10::/48 maxlen: 48
2404:b8::/48 maxlen: 48
2404:b8:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Oct 2024 06:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3038 (0xbde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Oct 14 02:04:55 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=670c7c47-2788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d6:34:a3:e7:a0:43:2b:f7:86:1e:d9:af:e4:
ec:57:1f:33:94:c9:36:3d:f8:20:b9:bd:82:61:98:
0e:02:53:2f:ec:3c:ae:e8:ef:75:8a:df:69:e1:69:
a7:6a:26:72:55:d1:b4:5e:74:b1:f6:b2:a9:76:23:
98:d4:da:57:c7:0e:16:4b:ed:ac:a6:28:0b:f4:66:
95:48:cc:e7:86:b8:d8:89:d7:bb:24:48:9c:01:40:
5a:16:ba:4d:dc:9b:a9:03:b7:0a:f2:bb:09:52:55:
c2:78:1b:0a:54:56:0b:2b:7c:db:5b:d8:f4:a6:ef:
e6:86:bc:92:1f:f1:8a:ad:24:1e:a5:3d:8e:cf:39:
71:8b:c1:e1:27:b0:c7:8d:3a:5b:fd:d0:8c:0f:c5:
3c:29:4a:95:cb:1f:de:fc:6a:ea:29:bd:a8:68:cb:
2f:f7:4a:66:36:78:53:13:8c:e3:81:e6:3f:11:ec:
da:8f:61:c6:7a:52:be:e9:ba:8d:22:ae:10:21:3d:
78:34:60:f3:2f:60:49:8c:a8:1c:6c:a1:f2:60:86:
d7:cb:99:7e:a1:75:5d:ee:de:93:6f:b1:13:06:28:
7c:26:0d:06:5e:a7:ed:2a:c4:d6:e3:3b:f4:13:9b:
72:db:7e:e9:1b:c9:0a:70:ed:24:1f:63:3a:0f:51:
3d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:68:C6:3F:9F:0F:90:46:71:4A:65:F1:08:88:C4:AB:1B:42:96:9B
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/B4A905C489D011EFBA65A086C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/20
103.17.168.0/22
112.137.160.0/20
119.110.96.0/20
202.71.96.0/20
202.75.32.0/19
202.165.3.0/24
218.100.22.0/24
IPv6:
2401:b000::/32
2404:b8::/48
2404:b8:3::/48
Signature Algorithm: sha256WithRSAEncryption
58:81:ee:14:d5:96:fd:e0:d8:c4:72:4e:60:a1:a6:74:9f:7d:
5b:03:cb:98:33:2a:e6:ce:dc:a8:8b:1f:98:a7:74:cd:46:94:
41:ea:73:e0:d3:16:5a:c1:10:f2:f9:48:18:f2:06:1c:da:64:
ec:6d:c6:47:d8:60:9a:64:4c:d8:8a:10:71:57:8f:65:9c:4d:
1f:86:9a:3b:c7:a7:17:38:52:ef:83:cc:62:d6:8c:cd:ea:07:
e1:91:ec:4d:28:e7:6f:25:d5:0f:fe:2a:ab:b7:92:a1:77:0d:
e2:ef:37:67:69:b6:a2:f0:a3:29:97:aa:03:45:cf:22:fe:87:
68:b8:37:d8:d7:3f:47:06:39:e5:d1:4f:96:55:61:50:7d:02:
2a:24:0d:02:5b:55:c1:a9:6e:dd:8d:fc:a8:b7:39:64:0b:44:
1f:66:83:a7:2d:6b:0b:d4:a0:b8:5d:a2:59:6f:28:ac:fe:ef:
dc:d9:0e:25:75:ab:5c:05:f3:8a:81:9f:8c:a3:e7:9f:85:e4:
05:6e:28:77:51:9a:4e:fc:e6:fc:1b:55:3b:bf:d2:dc:a2:6e:
c3:17:d4:b4:bb:1a:3e:71:c2:20:09:0e:8a:9c:71:92:ff:fa:
ea:a7:cd:25:ff:a9:77:d7:8d:0b:c0:10:42:3e:55:ac:8a:53:
42:0c:37:b5
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICC94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjQxMDE0MDIwNDU1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzBjN2M0Ny0yNzg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr9Y0o+egQyv3hh7Zr+TsVx8zlMk2Pfggub2CYZgOAlMv7Dyu6O91it9p4Wmn
aiZyVdG0XnSx9rKpdiOY1NpXxw4WS+2spigL9GaVSMznhrjYide7JEicAUBaFrpN
3JupA7cK8rsJUlXCeBsKVFYLK3zbW9j0pu/mhrySH/GKrSQepT2Ozzlxi8HhJ7DH
jTpb/dCMD8U8KUqVyx/e/GrqKb2oaMsv90pmNnhTE4zjgeY/Eezaj2HGelK+6bqN
Iq4QIT14NGDzL2BJjKgcbKHyYIbXy5l+oXVd7t6Tb7ETBih8Jg0GXqftKsTW4zv0
E5ty237pG8kKcO0kH2M6D1E9aQIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFFZoxj+f
D5BGcUpl8QiIxKsbQpabMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvQjRBOTA1QzQ4
OUQwMTFFRkJBNjVBMDg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMDYEAgABMDADBAQx7MADBAJnEagDBARwiaADBAR3bmADBATKR2ADBAXKSyAD
BADKpQMDBADaZBYwHwQCAAIwGQMFACQBsAADBwAkBAC4AAADBwAkBAC4AAMwDQYJ
KoZIhvcNAQELBQADggEBAFiB7hTVlv3g2MRyTmChpnSffVsDy5gzKubO3KiLH5in
dM1GlEHqc+DTFlrBEPL5SBjyBhzaZOxtxkfYYJpkTNiKEHFXj2WcTR+GmjvHpxc4
Uu+DzGLWjM3qB+GR7E0o528l1Q/+Kqu3kqF3DeLvN2dptqLwoymXqgNFzyL+h2i4
N9jXP0cGOeXRT5ZVYVB9AiokDQJbVcGpbt2N/Ki3OWQLRB9mg6ctawvUoLhdollv
KKz+79zZDiV1q1wF84qBn4yj55+F5AVuKHdRmk785vwbVTu/0tyibsMX1LS7Gj5x
wiAJDoqccZL/+uqnzSX/qXfXjQvAEEI+VayKU0IMN7U=
-----END CERTIFICATE-----
Generated at Mon Oct 14 09:56:07 2024 by rpki-client on console.sobornost.net