Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/AE4D9498ED5E11ED8322F422C4F9AE02.roa
File: AE4D9498ED5E11ED8322F422C4F9AE02.roa (raw, json)
Hash identifier: fXNJfuKGOi7wpKcLcl0WAAXvqwp8eo2Nk3XgqNQUHoo=
Subject key identifier: C1:4D:2C:F4:9C:CE:69:3B:7A:0B:FB:EA:92:5E:AB:AF:FA:5A:8E:69
Certificate issuer: /CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3
Certificate serial: 33C0
Authority key identifier: 17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/AE4D9498ED5E11ED8322F422C4F9AE02.roa
Signing time: Thu 12 Oct 2023 15:00:49 +0000
ROA not before: Thu 12 Oct 2023 15:00:49 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 138322
IP address blocks: 43.250.136.0/22 maxlen: 22
43.250.136.0/24 maxlen: 24
61.5.193.0/24 maxlen: 24
61.5.196.0/22 maxlen: 22
61.5.196.0/24 maxlen: 24
61.5.198.0/24 maxlen: 24
61.5.200.0/22 maxlen: 22
61.5.200.0/24 maxlen: 24
61.5.201.0/24 maxlen: 24
61.5.204.0/24 maxlen: 24
103.42.0.0/24 maxlen: 24
119.59.80.0/21 maxlen: 21
119.59.80.0/24 maxlen: 24
119.59.81.0/24 maxlen: 24
119.59.82.0/23 maxlen: 23
119.59.82.0/24 maxlen: 24
119.59.84.0/22 maxlen: 22
121.100.53.0/24 maxlen: 24
2400:e500::/48 maxlen: 48
2400:e500:2::/48 maxlen: 48
2400:e500:2f::/48 maxlen: 48
2400:e500:35::/48 maxlen: 48
2400:e500:36::/48 maxlen: 48
2400:e500:37::/48 maxlen: 48
2400:e500:38::/48 maxlen: 48
2400:e500:39::/48 maxlen: 48
2400:e500:3a::/48 maxlen: 48
2400:e500:3b::/48 maxlen: 48
2400:e500:90::/48 maxlen: 48
2400:e501::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 11 Feb 2024 17:20:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13248 (0x33c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3
Validity
Not Before: Oct 12 15:00:49 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65280a20-dcee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9b:1b:76:cc:7e:5e:16:5a:64:1a:28:2f:23:
d1:d1:df:c1:a9:83:37:b4:fc:86:d1:04:22:61:f1:
cc:df:d1:60:1e:c6:c2:f2:77:0f:a9:72:28:4a:8c:
4e:aa:b5:0b:db:5a:d7:3f:4e:d5:dc:46:2b:d1:8b:
3b:b6:b7:4a:96:f5:ff:7b:ae:76:59:8c:4e:f0:f8:
24:3b:bd:d4:dc:f2:55:98:4e:59:26:5d:75:c0:86:
79:f3:1d:32:41:59:1a:a1:57:9a:64:ed:b4:5e:62:
68:69:20:20:27:41:1b:62:2c:1a:0a:fb:2a:9a:9c:
3d:95:cb:89:e6:d9:57:3f:ff:21:98:fd:57:76:17:
03:9b:d6:b6:ae:de:1c:9d:9b:26:6c:62:96:31:3c:
94:ab:6b:4d:fc:af:d0:0f:93:38:fe:c8:21:fe:4b:
9d:4f:d3:57:ab:ec:7c:1b:00:85:79:83:ae:73:d9:
69:8e:c3:67:8c:49:dd:ea:df:55:b4:3f:f2:b2:c1:
f8:ea:aa:44:b2:7b:fc:84:d7:0d:df:63:28:b1:ce:
ff:a6:33:6b:61:0d:45:7d:6a:ce:23:19:62:d0:9f:
18:6c:33:dc:88:f5:dd:f8:8e:cb:8e:d7:02:31:9c:
c3:0f:f1:b7:88:9f:26:9e:01:36:fd:d4:65:76:38:
13:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:4D:2C:F4:9C:CE:69:3B:7A:0B:FB:EA:92:5E:AB:AF:FA:5A:8E:69
X509v3 Authority Key Identifier:
keyid:17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/AE4D9498ED5E11ED8322F422C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.136.0/22
61.5.193.0/24
61.5.196.0-61.5.204.255
103.42.0.0/24
119.59.80.0/21
121.100.53.0/24
IPv6:
2400:e500::/48
2400:e500:2::/48
2400:e500:2f::/48
2400:e500:35::-2400:e500:3b:ffff:ffff:ffff:ffff:ffff
2400:e500:90::/48
2400:e501::/32
Signature Algorithm: sha256WithRSAEncryption
81:12:fb:29:b3:9d:46:a1:ff:c5:79:ec:fc:82:c3:4c:6f:8d:
b9:bf:b2:80:2a:bb:df:51:33:7f:76:c2:89:36:83:ed:99:ad:
c1:52:75:04:5a:85:3d:8e:c7:1b:8c:b2:50:1d:cd:8f:5e:b9:
14:f0:14:01:85:74:a5:fe:3b:7b:2b:7a:88:24:fc:c5:0d:97:
8e:ea:15:89:fd:a5:d8:f8:f5:89:5c:64:d6:82:73:6b:6d:90:
3c:59:99:17:ff:72:9c:b8:eb:99:47:ec:3d:74:64:34:3a:ee:
7d:23:cb:cf:1d:3a:a8:d4:35:ff:01:44:9d:bb:d8:fb:b6:ac:
70:57:60:ca:6d:1f:22:bf:ae:24:fa:52:98:56:1d:7a:5f:f4:
3f:1c:ad:e3:46:f8:fa:f1:69:c5:2e:52:e8:24:ed:a5:76:26:
0b:98:4d:72:71:12:2e:3f:e5:fe:5f:ca:8f:7e:ae:16:27:49:
62:d6:4f:ae:12:43:77:f6:7c:6d:02:b8:26:d0:47:71:7e:82:
fb:70:d0:7f:b3:fe:e6:13:d5:c0:26:e3:b6:45:82:8d:74:f3:
ca:a5:35:7e:08:a9:71:df:6b:4b:63:44:36:de:8b:f1:40:70:
82:77:1f:10:a8:69:a0:3f:7b:e1:be:61:ba:f8:4a:bb:fe:a2:
38:08:69:cd
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgICM8AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhDN0IxMTAvBgNVBAUTKDE3NTc3RjFFOTJFQjMzQjJDREU2RTQ4OUMwQjlBOTlB
MkUwMkZEQTMwHhcNMjMxMDEyMTUwMDQ5WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI4MGEyMC1kY2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnpsbdsx+XhZaZBooLyPR0d/BqYM3tPyG0QQiYfHM39FgHsbC8ncPqXIoSoxO
qrUL21rXP07V3EYr0Ys7trdKlvX/e652WYxO8PgkO73U3PJVmE5ZJl11wIZ58x0y
QVkaoVeaZO20XmJoaSAgJ0EbYiwaCvsqmpw9lcuJ5tlXP/8hmP1XdhcDm9a2rt4c
nZsmbGKWMTyUq2tN/K/QD5M4/sgh/kudT9NXq+x8GwCFeYOuc9lpjsNnjEnd6t9V
tD/yssH46qpEsnv8hNcN32Mosc7/pjNrYQ1FfWrOIxli0J8YbDPciPXd+I7LjtcC
MZzDD/G3iJ8mngE2/dRldjgTSQIDAQABo4IDAzCCAv8wHQYDVR0OBBYEFMFNLPSc
zmk7egv76pJeq6/6Wo5pMB8GA1UdIwQYMBaAFBdXfx6S6zOyzebkicC5qZouAv2j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEM3Qi82NzUyMDhBRTFE
OTMxMUUyQkNCREU1RjYwOEIwMkNEMi9GMWRfSHBMck03TE41dVNKd0xtcG1pNENf
YU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0YxZF9IcExyTTdMTjV1U0p3TG1wbWk0Q19hTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhDN0IvNjc1MjA4QUUxRDkzMTFFMkJDQkRFNUY2MDhCMDJDRDIvQUU0RDk0OThF
RDVFMTFFRDgzMjJGNDIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYwGCCsGAQUFBwEHAQH/
BH0wezAyBAIAATAsAwQCK/qIAwQAPQXBMAwDBAI9BcQDBAA9BcwDBABnKgADBAN3
O1ADBAB5ZDUwRQQCAAIwPwMHACQA5QAAAAMHACQA5QAAAgMHACQA5QAALzASAwcA
JADlAAA1AwcCJADlAAA4AwcAJADlAACQAwUAJADlATANBgkqhkiG9w0BAQsFAAOC
AQEAgRL7KbOdRqH/xXns/ILDTG+Nub+ygCq731Ezf3bCiTaD7ZmtwVJ1BFqFPY7H
G4yyUB3Nj165FPAUAYV0pf47eyt6iCT8xQ2XjuoVif2l2Pj1iVxk1oJza22QPFmZ
F/9ynLjrmUfsPXRkNDrufSPLzx06qNQ1/wFEnbvY+7ascFdgym0fIr+uJPpSmFYd
el/0Pxyt40b4+vFpxS5S6CTtpXYmC5hNcnESLj/l/l/Kj36uFidJYtZPrhJDd/Z8
bQK4JtBHcX6C+3DQf7P+5hPVwCbjtkWCjXTzyqU1fgipcd9rS2NENt6L8UBwgncf
EKhpoD974b5huvhKu/6iOAhpzQ==
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:01 2024 by rpki-client on console.sobornost.net