Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/425832460EB611EFB9CD4F47C4F9AE02.roa
File: 425832460EB611EFB9CD4F47C4F9AE02.roa (raw, json)
Hash identifier: mAJhQGXd6FKo/hdfSQXMPfmhwlA7PQAE/rIKMlv1Zuc=
Subject key identifier: CE:E1:09:47:43:E9:61:86:E3:99:E9:89:66:AD:63:05:35:46:47:A0
Certificate issuer: /CN=A91697FA/serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Certificate serial: 350E
Authority key identifier: 9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/425832460EB611EFB9CD4F47C4F9AE02.roa
Signing time: Thu 05 Sep 2024 12:12:37 +0000
ROA not before: Thu 05 Sep 2024 12:12:37 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 7693
IP address blocks: 58.181.128.0/17 maxlen: 17
58.181.128.0/20 maxlen: 20
58.181.144.0/20 maxlen: 20
58.181.146.0/23 maxlen: 23
58.181.160.0/20 maxlen: 20
58.181.176.0/20 maxlen: 20
58.181.192.0/20 maxlen: 20
58.181.200.0/24 maxlen: 24
58.181.208.0/20 maxlen: 20
58.181.212.0/24 maxlen: 24
58.181.224.0/20 maxlen: 20
58.181.225.0/24 maxlen: 24
58.181.240.0/20 maxlen: 20
58.181.248.0/23 maxlen: 23
58.181.252.0/22 maxlen: 22
103.19.104.0/22 maxlen: 22
202.44.144.0/24 maxlen: 24
202.149.96.0/19 maxlen: 19
202.149.96.0/20 maxlen: 20
202.149.112.0/20 maxlen: 20
203.107.128.0/17 maxlen: 17
203.107.128.0/20 maxlen: 20
203.107.129.0/24 maxlen: 24
203.107.130.0/24 maxlen: 24
203.107.144.0/20 maxlen: 20
203.107.160.0/20 maxlen: 20
203.107.176.0/20 maxlen: 20
203.107.192.0/20 maxlen: 20
203.107.192.0/24 maxlen: 24
203.107.208.0/20 maxlen: 20
203.107.224.0/20 maxlen: 20
203.107.231.0/24 maxlen: 24
203.107.240.0/20 maxlen: 20
203.107.255.0/24 maxlen: 24
203.155.0.0/16 maxlen: 16
203.155.0.0/20 maxlen: 20
203.155.0.0/23 maxlen: 23
203.155.16.0/20 maxlen: 20
203.155.32.0/20 maxlen: 20
203.155.42.0/24 maxlen: 24
203.155.48.0/20 maxlen: 20
203.155.54.0/23 maxlen: 23
203.155.64.0/20 maxlen: 20
203.155.66.0/24 maxlen: 24
203.155.80.0/20 maxlen: 20
203.155.96.0/20 maxlen: 20
203.155.112.0/20 maxlen: 20
203.155.128.0/20 maxlen: 20
203.155.144.0/20 maxlen: 20
203.155.160.0/20 maxlen: 20
203.155.176.0/20 maxlen: 20
203.155.192.0/20 maxlen: 20
203.155.208.0/20 maxlen: 20
203.155.219.0/24 maxlen: 24
203.155.224.0/20 maxlen: 20
203.155.240.0/20 maxlen: 20
203.155.253.0/24 maxlen: 24
203.155.255.0/24 maxlen: 24
203.188.0.0/18 maxlen: 18
203.188.0.0/20 maxlen: 24
203.188.32.0/20 maxlen: 24
203.195.96.0/20 maxlen: 20
203.195.105.0/24 maxlen: 24
203.209.0.0/18 maxlen: 18
203.209.0.0/20 maxlen: 20
203.209.16.0/20 maxlen: 20
203.209.32.0/20 maxlen: 20
203.209.48.0/20 maxlen: 20
203.209.64.0/18 maxlen: 18
203.209.64.0/20 maxlen: 20
203.209.75.0/24 maxlen: 24
203.209.80.0/20 maxlen: 20
203.209.93.0/24 maxlen: 24
203.209.96.0/20 maxlen: 20
203.209.112.0/20 maxlen: 20
203.209.122.0/24 maxlen: 24
203.209.123.0/24 maxlen: 24
203.209.125.0/24 maxlen: 24
2405:a000::/32 maxlen: 32
2405:a000::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 05 Sep 2024 13:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13582 (0x350e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91697FA, serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Validity
Not Before: Sep 5 12:12:37 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d9a035-5fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:45:0e:84:69:f2:23:10:bf:d7:43:55:37:9d:
40:e3:27:05:2d:91:c8:97:20:8f:ec:e2:a0:93:f5:
1f:a1:55:3c:64:ee:06:63:b5:f8:b9:96:8a:03:6b:
a7:8f:b4:50:91:e8:57:94:29:f8:21:60:f4:23:bb:
12:fa:6f:70:a6:04:2c:26:cf:83:45:64:81:c6:e3:
06:08:bc:8b:00:77:66:5c:4f:5a:7a:48:a4:d9:0f:
22:88:03:6a:d1:ef:90:e0:54:51:98:55:f6:92:04:
bd:da:16:47:1f:50:c9:bf:25:cd:3a:7d:ff:19:b1:
01:5c:ff:84:9a:c8:ac:9a:52:10:eb:0f:50:fd:b5:
44:66:ad:db:28:45:3b:d4:5b:2c:ab:9a:51:58:86:
1c:89:da:0e:05:0e:43:13:c4:0c:12:bf:91:45:4c:
fd:aa:eb:d6:14:79:b1:37:c9:75:a5:07:03:79:15:
8c:65:63:2a:5d:93:6f:79:6c:62:98:9a:91:d8:e2:
93:11:ef:0e:da:ba:33:e7:a4:ed:a7:f8:f8:b7:ec:
db:86:33:e9:80:03:57:10:41:12:65:45:e0:bf:47:
f5:6d:3a:54:50:c2:24:b3:c6:30:e9:90:34:d7:fb:
8f:52:09:b8:79:6b:ac:50:66:2d:31:2f:94:c6:b2:
35:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E1:09:47:43:E9:61:86:E3:99:E9:89:66:AD:63:05:35:46:47:A0
X509v3 Authority Key Identifier:
keyid:9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/425832460EB611EFB9CD4F47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.181.128.0/17
103.19.104.0/22
202.44.144.0/24
202.149.96.0/19
203.107.128.0/17
203.155.0.0/16
203.188.0.0/18
203.195.96.0/20
203.209.0.0/17
IPv6:
2405:a000::/32
Signature Algorithm: sha256WithRSAEncryption
27:b8:31:9c:f4:7d:b5:23:a5:19:e2:40:fd:fc:25:60:99:8b:
be:1b:2e:4a:95:1c:af:8a:bf:cc:e7:6b:b6:f4:9e:ef:5f:5e:
b1:11:8e:a4:de:48:f2:b8:1a:3b:f1:b0:ef:5a:fb:61:95:15:
69:34:7f:6b:79:1a:5b:a8:98:d0:2f:ef:b2:5d:e2:7b:f3:43:
f4:a1:28:81:2f:af:32:1e:9d:4f:af:23:45:81:0f:22:68:bc:
f5:02:c7:21:69:7e:a4:5c:af:a2:79:68:66:16:5f:72:5a:bd:
2f:9a:ec:e8:14:26:33:bd:7c:c0:b2:a5:d8:98:ff:2c:36:9c:
2f:77:ef:42:86:87:6d:ef:d4:89:a1:66:b5:c3:1a:26:73:64:
21:42:c2:f1:22:bd:eb:13:07:4b:41:20:af:41:31:68:36:59:
15:8e:f4:45:4b:c0:32:5c:70:66:a8:bc:23:84:e5:9b:89:1d:
7a:c9:d6:0c:59:28:d4:c7:6f:a9:2a:e6:e6:0d:09:da:4b:f9:
0f:a3:3b:6e:38:e6:09:e9:4c:5f:2c:b5:31:80:74:b2:bc:1b:
92:0d:81:1a:83:00:83:fe:d7:a1:ab:e9:ba:f6:35:94:a0:4b:
aa:98:23:cc:f4:46:f8:80:e8:ff:46:95:b4:41:e1:36:21:a9:
30:9e:a2:b5
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICNQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk3RkExMTAvBgNVBAUTKDlGODJEQkM5NDY2MzEyQzVCQTJFOTIxMjc5MzAyNDAw
OTU2QTk4MkEwHhcNMjQwOTA1MTIxMjM3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5YTAzNS01ZmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxUUOhGnyIxC/10NVN51A4ycFLZHIlyCP7OKgk/UfoVU8ZO4GY7X4uZaKA2un
j7RQkehXlCn4IWD0I7sS+m9wpgQsJs+DRWSBxuMGCLyLAHdmXE9aekik2Q8iiANq
0e+Q4FRRmFX2kgS92hZHH1DJvyXNOn3/GbEBXP+EmsismlIQ6w9Q/bVEZq3bKEU7
1Fssq5pRWIYcidoOBQ5DE8QMEr+RRUz9quvWFHmxN8l1pQcDeRWMZWMqXZNveWxi
mJqR2OKTEe8O2roz56Ttp/j4t+zbhjPpgANXEEESZUXgv0f1bTpUUMIks8Yw6ZA0
1/uPUgm4eWusUGYtMS+UxrI1EQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFM7hCUdD
6WGG45npiWatYwU1RkegMB8GA1UdIwQYMBaAFJ+C28lGYxLFui6SEnkwJACVapgq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTdGQS8yN0Y4M0I3MDFE
ODMxMUUyOTMyOTIxRDgwOEIwMkNEMi9uNExieVVaakVzVzZMcElTZVRBa0FKVnFt
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL240TGJ5VVpqRXNXNkxwSVNlVEFrQUpWcW1Dby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk3RkEvMjdGODNCNzAxRDgzMTFFMjkzMjkyMUQ4MDhCMDJDRDIvNDI1ODMyNDYw
RUI2MTFFRkI5Q0Q0RjQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMDsEAgABMDUDBAc6tYADBAJnE2gDBADKLJADBAXKlWADBAfLa4ADAwDLmwME
Bsu8AAMEBMvDYAMEB8vRADANBAIAAjAHAwUAJAWgADANBgkqhkiG9w0BAQsFAAOC
AQEAJ7gxnPR9tSOlGeJA/fwlYJmLvhsuSpUcr4q/zOdrtvSe719esRGOpN5I8rga
O/Gw71r7YZUVaTR/a3kaW6iY0C/vsl3ie/ND9KEogS+vMh6dT68jRYEPImi89QLH
IWl+pFyvonloZhZfclq9L5rs6BQmM718wLKl2Jj/LDacL3fvQoaHbe/UiaFmtcMa
JnNkIULC8SK96xMHS0Egr0ExaDZZFY70RUvAMlxwZqi8I4Tlm4kdesnWDFko1Mdv
qSrm5g0J2kv5D6M7bjjmCelMXyy1MYB0srwbkg2BGoMAg/7XoavpuvY1lKBLqpgj
zPRG+IDo/0aVtEHhNiGpMJ6itQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:30:19 2025 by rpki-client