Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/CFC13268ACE011EFA4CD5F48C4F9AE02.roa
File: CFC13268ACE011EFA4CD5F48C4F9AE02.roa (raw, json)
Hash identifier: 3M6necDRjHSaTH9TWHRAJXb9BesBS95/tGoNX05J6Xo=
Subject key identifier: D6:34:A0:F8:EE:D5:23:80:1D:D7:D4:29:B9:6D:4C:C7:25:1F:F5:B1
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0C62
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/CFC13268ACE011EFA4CD5F48C4F9AE02.roa
Signing time: Mon 30 Dec 2024 01:27:40 +0000
ROA not before: Mon 30 Dec 2024 01:27:40 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 17971
IP address blocks: 49.236.192.0/20 maxlen: 24
103.17.168.0/22 maxlen: 24
112.137.160.0/20 maxlen: 24
119.110.96.0/20 maxlen: 24
202.71.96.0/20 maxlen: 24
202.75.32.0/20 maxlen: 24
202.75.48.0/20 maxlen: 24
202.165.3.0/24 maxlen: 24
210.48.144.0/20 maxlen: 20
210.48.145.0/24 maxlen: 24
210.48.148.0/23 maxlen: 24
210.48.150.0/24 maxlen: 24
210.48.152.0/24 maxlen: 24
210.48.153.0/24 maxlen: 24
210.48.154.0/24 maxlen: 24
210.48.156.0/24 maxlen: 24
210.48.157.0/24 maxlen: 24
210.48.158.0/24 maxlen: 24
210.48.159.0/24 maxlen: 24
218.100.22.0/24 maxlen: 24
2401:b000::/32 maxlen: 32
2401:b000::/48 maxlen: 48
2401:b000:0:5::/64 maxlen: 64
2401:b000:0:6::/64 maxlen: 64
2401:b000:10::/48 maxlen: 48
2404:b8::/48 maxlen: 48
2404:b8:0:1::/64 maxlen: 64
2404:b8:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 03 Jan 2025 16:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3170 (0xc62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78, serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Dec 30 01:27:40 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6771f70c-de24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9b:3d:8e:0e:60:82:e7:6d:bc:e5:6a:2f:8c:
c8:ef:16:52:33:a8:f9:a4:cf:e8:9a:58:ea:9d:dc:
ea:6a:d4:0b:78:97:cb:42:2c:c1:c4:2b:cf:6a:20:
e3:1c:70:74:16:51:5f:87:17:b6:ed:3a:ee:71:b7:
03:85:59:ae:95:c9:31:91:b6:2f:1c:5f:6d:15:d7:
b5:12:39:36:f5:1f:8b:ed:4a:b7:81:4f:2c:ba:b4:
98:0f:fd:56:40:86:96:53:0e:30:d3:e9:5e:61:a2:
f6:a4:53:b6:20:06:93:7c:47:73:5c:58:70:8a:b5:
8d:4a:97:2b:1c:f6:e9:29:d7:e0:57:17:d8:ee:70:
88:a2:c2:0f:78:c5:50:b1:7a:c6:c1:c1:46:19:25:
b8:cd:c6:ec:e4:ea:40:92:45:24:94:74:e6:3f:7b:
fa:29:15:53:c1:65:6b:38:11:66:f6:98:c3:01:39:
1b:96:43:de:9b:de:20:e7:68:c2:44:51:cb:f7:c2:
3c:ff:09:dd:41:be:36:3d:39:0c:1c:24:1c:78:18:
26:1d:b1:36:2b:6e:11:7b:73:49:a6:d0:31:a2:7c:
0f:f6:36:99:f8:c1:0f:25:56:5f:df:c8:40:f7:11:
44:f4:e8:c2:79:98:fd:0b:ce:31:51:f9:c2:1d:e7:
94:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:34:A0:F8:EE:D5:23:80:1D:D7:D4:29:B9:6D:4C:C7:25:1F:F5:B1
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/CFC13268ACE011EFA4CD5F48C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/20
103.17.168.0/22
112.137.160.0/20
119.110.96.0/20
202.71.96.0/20
202.75.32.0/19
202.165.3.0/24
210.48.144.0/20
218.100.22.0/24
IPv6:
2401:b000::/32
2404:b8::/48
2404:b8:3::/48
Signature Algorithm: sha256WithRSAEncryption
45:b1:70:1f:22:51:44:0d:23:84:b0:47:fa:3d:57:6f:24:40:
aa:2c:60:93:a2:ec:9a:e7:cf:1f:0c:81:ee:d9:65:9e:4d:b2:
d6:31:31:87:ac:ce:96:3c:6d:67:0f:b3:fb:e5:ae:2a:7c:a3:
61:c4:16:a7:96:71:86:88:09:ba:e2:ee:19:e6:38:38:25:74:
3c:fd:b0:28:db:86:60:35:e8:3e:34:af:93:ca:3e:e5:2a:62:
79:c8:d2:3a:2d:3c:1e:47:38:9a:89:70:23:0b:44:59:3f:e3:
51:ff:9b:3e:4a:61:6e:88:c0:63:25:14:2f:ab:30:2c:37:68:
e0:a5:bb:de:f5:8a:28:ad:8e:bf:31:58:0b:e9:06:8f:35:c9:
9f:92:48:ae:91:e0:65:63:ff:4f:1a:c0:a9:24:22:38:a4:fc:
d0:5e:2f:f8:ea:7b:fe:6c:64:11:de:69:61:27:2b:af:8f:78:
0b:6a:09:43:6c:f7:5b:b3:13:da:4a:a3:34:1a:28:07:8e:7c:
28:1a:16:c9:fd:04:9f:e8:23:00:31:6b:7c:0b:06:34:00:6a:
73:d6:96:41:85:61:77:8f:df:bd:82:34:4f:51:58:66:5b:c8:
22:a5:6a:b0:a6:75:bd:cd:05:9e:61:06:46:96:22:ed:aa:46:
54:ad:4d:af
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgICDGIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjQxMjMwMDEyNzQwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcxZjcwYy1kZTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz5s9jg5ggudtvOVqL4zI7xZSM6j5pM/omljqndzqatQLeJfLQizBxCvPaiDj
HHB0FlFfhxe27TrucbcDhVmulckxkbYvHF9tFde1Ejk29R+L7Uq3gU8surSYD/1W
QIaWUw4w0+leYaL2pFO2IAaTfEdzXFhwirWNSpcrHPbpKdfgVxfY7nCIosIPeMVQ
sXrGwcFGGSW4zcbs5OpAkkUklHTmP3v6KRVTwWVrOBFm9pjDATkblkPem94g52jC
RFHL98I8/wndQb42PTkMHCQceBgmHbE2K24Re3NJptAxonwP9jaZ+MEPJVZf38hA
9xFE9OjCeZj9C84xUfnCHeeUCwIDAQABo4IC5jCCAuIwHQYDVR0OBBYEFNY0oPju
1SOAHdfUKbltTMclH/WxMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvQ0ZDMTMyNjhB
Q0UwMTFFRkE0Q0Q1RjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcAYIKwYBBQUHAQcBAf8E
YTBfMDwEAgABMDYDBAQx7MADBAJnEagDBARwiaADBAR3bmADBATKR2ADBAXKSyAD
BADKpQMDBATSMJADBADaZBYwHwQCAAIwGQMFACQBsAADBwAkBAC4AAADBwAkBAC4
AAMwDQYJKoZIhvcNAQELBQADggEBAEWxcB8iUUQNI4SwR/o9V28kQKosYJOi7Jrn
zx8Mge7ZZZ5NstYxMYeszpY8bWcPs/vlrip8o2HEFqeWcYaICbri7hnmODgldDz9
sCjbhmA16D40r5PKPuUqYnnI0jotPB5HOJqJcCMLRFk/41H/mz5KYW6IwGMlFC+r
MCw3aOClu971iiitjr8xWAvpBo81yZ+SSK6R4GVj/08awKkkIjik/NBeL/jqe/5s
ZBHeaWEnK6+PeAtqCUNs91uzE9pKozQaKAeOfCgaFsn9BJ/oIwAxa3wLBjQAanPW
lkGFYXeP372CNE9RWGZbyCKlarCmdb3NBZ5hBkaWIu2qRlStTa8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:23:02 2025 by rpki-client