Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/9333F1B499F211EB8C7F3D2DC4F9AE02.roa
File: 9333F1B499F211EB8C7F3D2DC4F9AE02.roa (raw, json)
Hash identifier: UOlnmb6U35P4UDJtGEr4weJxS+xxfrKZfpn9+u8tAwc=
Subject key identifier: 3F:32:F9:94:4D:B1:8D:C5:4F:0C:C8:04:9B:A4:44:F7:A7:9F:C8:80
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 05A9
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/9333F1B499F211EB8C7F3D2DC4F9AE02.roa
Signing time: Mon 20 Nov 2023 05:27:33 +0000
ROA not before: Mon 20 Nov 2023 05:27:33 +0000
ROA not after: Tue 28 May 2024 00:00:00 +0000
asID: 17762
IP address blocks: 27.107.0.0/16 maxlen: 16
27.107.0.0/20 maxlen: 24
27.107.16.0/21 maxlen: 24
27.107.24.0/21 maxlen: 24
27.107.32.0/20 maxlen: 24
27.107.144.0/20 maxlen: 24
27.107.160.0/20 maxlen: 24
49.201.24.0/21 maxlen: 24
49.249.192.0/19 maxlen: 24
103.8.36.0/22 maxlen: 24
115.160.208.0/20 maxlen: 24
182.156.6.0/23 maxlen: 24
182.156.20.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 12:22:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1449 (0x5a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Nov 20 05:27:33 2023 GMT
Not After : May 28 00:00:00 2024 GMT
Subject: CN=655aee45-5a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1e:9f:8d:d7:4d:0e:db:34:cc:ae:4f:1f:39:
27:0f:4d:87:7a:85:2c:7b:67:35:b2:c9:3e:7e:dc:
d0:f0:75:31:90:fe:86:10:4e:fa:30:0c:36:16:1d:
cc:86:b9:8f:b7:1d:cd:43:c8:79:e6:ab:ae:7c:9a:
2b:00:8d:a0:f1:34:94:a5:ad:57:14:cf:ae:0c:22:
6e:c4:ab:f6:74:a0:33:94:a2:78:cc:67:0b:81:4a:
28:4e:c7:af:02:0d:7d:f4:2c:13:00:f8:6d:9b:b4:
40:3a:87:85:1c:9c:0c:a7:f8:c8:5f:ea:e8:e6:3d:
b5:13:43:1e:88:c0:bb:de:ad:00:fb:16:eb:ae:5b:
11:9c:d9:25:2d:52:7e:ea:fd:ef:ef:bf:06:08:e3:
ef:83:dd:e7:6e:71:89:0c:1b:2c:6b:c2:7f:fb:ad:
a6:df:85:e0:eb:5f:bc:82:76:1d:67:61:01:9e:8f:
b8:3c:66:43:d9:b2:67:5f:e1:7d:16:51:2a:b4:61:
e7:5f:7d:99:cc:45:21:a7:43:b4:49:06:c3:60:bb:
2d:bb:fc:36:c8:86:be:6b:53:9b:f8:86:35:ca:dc:
02:dd:97:1c:60:71:c7:3d:6d:4f:5e:2a:02:92:f5:
b1:4b:ee:63:8c:d9:12:45:08:1b:4c:25:1d:be:49:
cf:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:32:F9:94:4D:B1:8D:C5:4F:0C:C8:04:9B:A4:44:F7:A7:9F:C8:80
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/9333F1B499F211EB8C7F3D2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.107.0.0/16
49.201.24.0/21
49.249.192.0/19
103.8.36.0/22
115.160.208.0/20
182.156.6.0/23
182.156.20.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:d3:43:f0:7d:d4:02:4f:c5:50:eb:e6:02:65:ba:76:36:9e:
01:ca:9e:81:d1:e2:f8:be:0d:df:cd:cc:f8:29:c8:29:53:20:
34:75:06:c0:a5:e9:0a:83:60:4e:c8:95:7c:b7:5f:f7:9f:00:
0b:4a:01:dc:11:06:32:9c:8f:5f:e4:d6:10:66:f1:2b:aa:b4:
22:57:a8:34:35:b0:b0:a5:a4:34:0d:9a:d5:a5:bf:2a:52:6a:
16:1d:26:ff:e0:0f:16:b3:ed:ca:f4:1a:81:5e:58:7c:45:27:
ff:65:4a:0c:fd:64:d8:4b:96:de:fa:31:b0:56:13:34:ac:84:
dd:a6:b7:07:61:77:c9:28:c4:f2:9e:ef:4a:99:f8:ee:c4:65:
7e:72:7c:df:ac:99:73:94:89:ac:99:17:15:1f:aa:84:ca:5d:
35:c4:0c:49:c7:f9:5a:00:63:d5:2b:bc:44:6a:40:4c:13:75:
68:f0:7f:d5:cb:a5:b1:ba:ed:2c:f2:6e:87:c1:9f:a9:fe:a6:
f6:96:d7:5e:0c:72:f6:a0:d0:45:38:4b:40:dd:a9:22:e3:0c:
89:df:c5:64:f3:aa:af:fe:4a:d9:7b:61:a2:d8:e8:a7:81:ba:
38:aa:4a:38:2c:20:2e:57:72:7a:89:73:e6:fc:cd:99:1c:46:
cd:3d:e0:81
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICBakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjMxMTIwMDUyNzMzWhcNMjQwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVhZWU0NS01YTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmh6fjddNDts0zK5PHzknD02HeoUse2c1ssk+ftzQ8HUxkP6GEE76MAw2Fh3M
hrmPtx3NQ8h55quufJorAI2g8TSUpa1XFM+uDCJuxKv2dKAzlKJ4zGcLgUooTsev
Ag199CwTAPhtm7RAOoeFHJwMp/jIX+ro5j21E0MeiMC73q0A+xbrrlsRnNklLVJ+
6v3v778GCOPvg93nbnGJDBssa8J/+62m34Xg61+8gnYdZ2EBno+4PGZD2bJnX+F9
FlEqtGHnX32ZzEUhp0O0SQbDYLstu/w2yIa+a1Ob+IY1ytwC3ZccYHHHPW1PXioC
kvWxS+5jjNkSRQgbTCUdvknPGwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFD8y+ZRN
sY3FTwzIBJukRPenn8iAMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvOTMzM0YxQjQ5
OUYyMTFFQjhDN0YzRDJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMC8EAgABMCkDAwAbawMEAzHJGAMEBTH5wAMEAmcIJAMEBHOg0AMEAbacBgME
AbacFDANBgkqhkiG9w0BAQsFAAOCAQEAT9ND8H3UAk/FUOvmAmW6djaeAcqegdHi
+L4N383M+CnIKVMgNHUGwKXpCoNgTsiVfLdf958AC0oB3BEGMpyPX+TWEGbxK6q0
IleoNDWwsKWkNA2a1aW/KlJqFh0m/+APFrPtyvQagV5YfEUn/2VKDP1k2EuW3vox
sFYTNKyE3aa3B2F3ySjE8p7vSpn47sRlfnJ836yZc5SJrJkXFR+qhMpdNcQMScf5
WgBj1Su8RGpATBN1aPB/1culsbrtLPJuh8Gfqf6m9pbXXgxy9qDQRThLQN2pIuMM
id/FZPOqr/5K2Xthotjop4G6OKpKOCwgLldyeolz5vzNmRxGzT3ggQ==
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:01 2024 by rpki-client on console.sobornost.net