Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/EFD21ACA36AA11EE991FC66EC4F9AE02.roa
File: EFD21ACA36AA11EE991FC66EC4F9AE02.roa (raw, json)
Hash identifier: i6MZSaLpfZtrAChBnA6ia0hDrbvORQe7DhJbP3r/tOg=
Subject key identifier: 71:EA:00:7E:CA:B9:A0:84:EC:B5:F1:DF:1B:69:5D:A6:B9:E4:1A:37
Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial: 07A5
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/EFD21ACA36AA11EE991FC66EC4F9AE02.roa
Signing time: Wed 09 Aug 2023 12:51:51 +0000
ROA not before: Wed 09 Aug 2023 12:51:51 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 132203
IP address blocks: 43.128.222.0/23 maxlen: 23
43.130.0.0/17 maxlen: 24
43.130.128.0/18 maxlen: 24
43.131.0.0/18 maxlen: 24
43.131.224.0/19 maxlen: 24
43.132.68.0/24 maxlen: 24
43.132.96.0/19 maxlen: 24
43.132.128.0/17 maxlen: 24
43.135.58.0/24 maxlen: 24
43.135.187.0/24 maxlen: 24
43.152.96.0/19 maxlen: 24
43.152.192.0/19 maxlen: 19
43.152.224.0/19 maxlen: 19
43.153.0.0/18 maxlen: 18
43.153.64.0/18 maxlen: 18
43.153.128.0/18 maxlen: 18
43.153.164.0/24 maxlen: 24
43.153.187.0/24 maxlen: 24
43.153.192.0/18 maxlen: 18
43.153.250.0/23 maxlen: 23
43.154.0.0/18 maxlen: 18
43.154.64.0/18 maxlen: 18
43.154.128.0/18 maxlen: 18
43.154.192.0/18 maxlen: 18
43.155.0.0/17 maxlen: 18
43.155.127.0/24 maxlen: 24
43.155.128.0/17 maxlen: 18
43.156.0.0/18 maxlen: 18
43.156.64.0/18 maxlen: 18
43.156.128.0/18 maxlen: 18
43.156.192.0/18 maxlen: 18
43.156.252.0/24 maxlen: 24
43.156.254.0/24 maxlen: 24
43.157.0.0/17 maxlen: 24
43.157.128.0/18 maxlen: 24
43.157.192.0/18 maxlen: 24
43.158.0.0/16 maxlen: 16
43.158.0.0/17 maxlen: 24
43.158.128.0/18 maxlen: 24
43.158.192.0/18 maxlen: 24
43.159.0.0/16 maxlen: 16
43.159.0.0/20 maxlen: 24
43.159.16.0/20 maxlen: 24
43.159.32.0/19 maxlen: 24
43.159.76.0/24 maxlen: 24
43.159.128.0/18 maxlen: 24
43.159.192.0/18 maxlen: 24
43.160.0.0/16 maxlen: 24
43.161.0.0/17 maxlen: 24
43.161.128.0/17 maxlen: 24
43.162.0.0/17 maxlen: 24
43.162.128.0/17 maxlen: 24
43.163.0.0/16 maxlen: 16
43.163.192.0/18 maxlen: 24
43.164.0.0/16 maxlen: 24
43.165.0.0/16 maxlen: 24
43.166.0.0/16 maxlen: 24
43.167.0.0/16 maxlen: 24
43.168.0.0/16 maxlen: 24
43.169.0.0/16 maxlen: 24
43.170.0.0/16 maxlen: 24
43.171.0.0/16 maxlen: 24
43.172.0.0/16 maxlen: 24
43.173.0.0/16 maxlen: 24
43.174.0.0/16 maxlen: 24
101.32.140.0/24 maxlen: 24
101.33.4.0/23 maxlen: 23
101.33.17.0/24 maxlen: 24
101.33.18.0/23 maxlen: 23
101.33.26.0/23 maxlen: 23
101.33.30.0/23 maxlen: 23
101.33.41.0/24 maxlen: 24
101.33.114.0/23 maxlen: 24
150.109.90.0/24 maxlen: 24
150.109.91.0/24 maxlen: 24
240d:c000::/24 maxlen: 32
240d:c000:1000::/36 maxlen: 36
240d:c000:2000::/36 maxlen: 36
240d:c000:3000::/36 maxlen: 36
240d:c000:6000::/36 maxlen: 36
240d:c000:6000::/44 maxlen: 48
240d:c010::/48 maxlen: 48
240d:c010::/56 maxlen: 56
240d:c010:0:100::/56 maxlen: 56
240d:c010:10::/48 maxlen: 48
240d:c010:11::/48 maxlen: 48
240d:c010:12::/48 maxlen: 48
240d:c010:14::/48 maxlen: 48
240d:c010:16::/48 maxlen: 48
240d:c010:17::/48 maxlen: 48
240d:c010:1d::/48 maxlen: 48
240d:c010:1f::/48 maxlen: 48
240d:c010:20::/44 maxlen: 44
240d:c010:20::/56 maxlen: 56
240d:c010:20:100::/56 maxlen: 56
240d:c010:20:200::/56 maxlen: 56
240d:c010:30::/48 maxlen: 48
240d:c010:30::/56 maxlen: 56
240d:c010:30:100::/56 maxlen: 56
240d:c010:31::/48 maxlen: 48
240d:c010:50::/48 maxlen: 48
240d:c010:57::/48 maxlen: 48
240d:c010:58::/47 maxlen: 48
240d:c010:5b::/48 maxlen: 48
240d:c010:5c::/46 maxlen: 48
240d:c010:60::/48 maxlen: 48
240d:c010:66::/47 maxlen: 48
240d:c010:68::/48 maxlen: 48
240d:c010:6a::/48 maxlen: 48
240d:c010:6c::/47 maxlen: 48
240d:c010:6e::/48 maxlen: 48
240d:c040::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 31 Aug 2023 13:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1957 (0x7a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Validity
Not Before: Aug 9 12:51:51 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64d38be6-82c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ac:a3:ea:1d:b0:06:f1:bd:7a:7d:0c:65:d9:
9b:53:b8:1d:59:bb:2b:e7:f3:66:09:52:54:dd:b9:
8b:a8:3f:d6:ba:d7:ad:2c:f5:f9:e3:6a:68:11:23:
d6:cb:da:39:b6:1c:86:82:1e:a0:61:93:9a:79:03:
b4:a5:a2:a0:1b:bf:f4:c2:ea:ec:b1:f9:12:50:42:
db:d9:d5:91:0b:b3:bb:ca:2d:53:58:88:14:1d:af:
db:2a:9c:f4:ac:be:62:4a:a2:bb:e4:3f:87:e6:f0:
4a:15:a4:12:13:bd:66:9d:ec:9a:e5:ac:8d:ec:7c:
47:f2:ce:c7:0c:a3:4c:4d:62:91:0d:d5:b0:31:4b:
fa:16:35:fd:e4:11:ab:53:26:12:e9:7b:c5:4b:d5:
d2:83:6a:f7:fc:33:82:81:19:db:2a:d6:00:ac:1d:
8d:5b:af:a2:4c:eb:87:1e:de:da:f9:09:39:56:2d:
d3:87:39:2f:dd:45:97:9c:be:a9:e2:29:12:a5:f7:
6a:c5:2d:e7:c2:ac:91:ff:6b:54:fe:9f:61:1d:0d:
82:be:d8:96:7a:3a:d1:0f:89:41:e7:46:0d:73:54:
bf:0f:1c:69:bd:83:45:4a:23:e9:5e:ac:d1:e6:50:
8e:92:4b:99:ed:44:85:33:50:11:4a:c6:38:e6:fb:
ca:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:EA:00:7E:CA:B9:A0:84:EC:B5:F1:DF:1B:69:5D:A6:B9:E4:1A:37
X509v3 Authority Key Identifier:
keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/EFD21ACA36AA11EE991FC66EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.128.222.0/23
43.130.0.0-43.130.191.255
43.131.0.0/18
43.131.224.0/19
43.132.68.0/24
43.132.96.0-43.132.255.255
43.135.58.0/24
43.135.187.0/24
43.152.96.0/19
43.152.192.0-43.174.255.255
101.32.140.0/24
101.33.4.0/23
101.33.17.0-101.33.19.255
101.33.26.0/23
101.33.30.0/23
101.33.41.0/24
101.33.114.0/23
150.109.90.0/23
IPv6:
240d:c000::/24
Signature Algorithm: sha256WithRSAEncryption
d2:e5:0e:52:b9:15:75:69:73:dd:07:2a:89:d6:02:b2:5b:8c:
37:49:6c:37:8f:ab:14:a0:7f:e3:cb:14:44:41:9d:4e:72:35:
d9:28:a6:b2:13:a1:75:aa:e0:01:04:17:30:c4:6a:19:d5:c2:
12:04:a0:5a:41:c5:e8:30:e1:b1:cd:f5:df:af:b7:d7:55:9c:
0a:b1:62:b5:ac:d6:7a:77:f2:f0:db:9e:3f:0b:fd:bf:ce:e8:
67:6a:91:b6:30:00:95:ab:aa:2a:c3:b9:e5:51:42:c5:ab:79:
ef:56:01:71:59:31:22:ef:02:7a:81:14:5e:a1:c0:24:30:05:
40:c8:61:36:36:ab:0a:e6:8d:35:5f:d8:78:11:d9:60:2d:f6:
b0:87:88:de:fa:65:0e:69:3a:fc:d1:64:a9:d8:3d:f0:b3:7d:
7a:30:4b:01:e8:37:f1:e3:16:40:a0:30:12:e2:4a:1b:3d:ff:
39:88:6f:e6:7a:02:7a:f7:64:6d:e4:31:0e:50:dc:a1:63:cb:
fd:f8:db:4e:56:fe:28:64:49:b4:7e:e0:a2:cb:e9:e0:82:ee:
53:c2:30:9d:0b:32:28:89:74:88:e2:83:97:f1:1e:5a:78:3c:
a2:2f:87:d0:0d:95:89:e5:fe:99:cd:8a:19:de:a2:5e:96:72:
30:18:bc:da
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgICB6UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjMwODA5MTI1MTUxWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQzOGJlNi04MmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsKyj6h2wBvG9en0MZdmbU7gdWbsr5/NmCVJU3bmLqD/WutetLPX542poESPW
y9o5thyGgh6gYZOaeQO0paKgG7/0wurssfkSUELb2dWRC7O7yi1TWIgUHa/bKpz0
rL5iSqK75D+H5vBKFaQSE71mneya5ayN7HxH8s7HDKNMTWKRDdWwMUv6FjX95BGr
UyYS6XvFS9XSg2r3/DOCgRnbKtYArB2NW6+iTOuHHt7a+Qk5Vi3Thzkv3UWXnL6p
4ikSpfdqxS3nwqyR/2tU/p9hHQ2CvtiWejrRD4lB50YNc1S/DxxpvYNFSiPpXqzR
5lCOkkuZ7USFM1ARSsY45vvKRQIDAQABo4IDKzCCAycwHQYDVR0OBBYEFHHqAH7K
uaCE7LXx3xtpXaa55Bo3MB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvRUZEMjFBQ0Ez
NkFBMTFFRTk5MUZDNjZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbQGCCsGAQUFBwEHAQH/
BIGkMIGhMIGQBAIAATCBiQMEASuA3jALAwMBK4IDBAYrgoADBAYrgwADBAUrg+AD
BAArhEQwCwMEBSuEYAMDACuEAwQAK4c6AwQAK4e7AwQFK5hgMAsDBAYrmMADAwAr
rgMEAGUgjAMEAWUhBDAMAwQAZSERAwQCZSEQAwQBZSEaAwQBZSEeAwQAZSEpAwQB
ZSFyAwQBlm1aMAwEAgACMAYDBAAkDcAwDQYJKoZIhvcNAQELBQADggEBANLlDlK5
FXVpc90HKonWArJbjDdJbDePqxSgf+PLFERBnU5yNdkoprIToXWq4AEEFzDEahnV
whIEoFpBxegw4bHN9d+vt9dVnAqxYrWs1np38vDbnj8L/b/O6GdqkbYwAJWrqirD
ueVRQsWree9WAXFZMSLvAnqBFF6hwCQwBUDIYTY2qwrmjTVf2HgR2WAt9rCHiN76
ZQ5pOvzRZKnYPfCzfXowSwHoN/HjFkCgMBLiShs9/zmIb+Z6Anr3ZG3kMQ5Q3KFj
y/34205W/ihkSbR+4KLL6eCC7lPCMJ0LMiiJdIjig5fxHlp4PKIvh9ANlYnl/pnN
ihneol6WcjAYvNo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org