Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/90B6890EDFC511EDA973CF1BC4F9AE02.roa
File: 90B6890EDFC511EDA973CF1BC4F9AE02.roa (raw, json)
Hash identifier: bFJKoHAJ9OP2m++jEz9FE69f8YOp+zxkwbB7fo19srY=
Subject key identifier: 5F:99:31:CF:06:5A:E2:C3:25:75:BD:DB:BA:7B:60:2D:08:FB:C9:59
Certificate issuer: /CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Certificate serial: 2EEB
Authority key identifier: C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/90B6890EDFC511EDA973CF1BC4F9AE02.roa
Signing time: Fri 05 May 2023 13:12:00 +0000
ROA not before: Fri 05 May 2023 13:12:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 43.241.40.0/22 maxlen: 22
43.241.40.0/24 maxlen: 25
43.241.41.0/24 maxlen: 25
43.241.42.0/24 maxlen: 25
43.241.43.0/25 maxlen: 25
43.241.43.128/25 maxlen: 25
103.16.252.0/22 maxlen: 22
116.0.64.0/19 maxlen: 19
116.0.68.0/24 maxlen: 24
116.0.70.0/24 maxlen: 24
116.0.76.0/24 maxlen: 24
116.0.82.0/24 maxlen: 24
116.0.93.0/24 maxlen: 24
120.29.192.0/19 maxlen: 19
120.29.195.0/24 maxlen: 24
120.29.209.0/24 maxlen: 24
120.29.216.0/24 maxlen: 24
120.29.219.0/24 maxlen: 24
180.87.0.0/17 maxlen: 17
180.87.11.0/24 maxlen: 24
180.87.26.0/24 maxlen: 24
180.87.31.0/24 maxlen: 24
180.87.35.0/24 maxlen: 24
180.87.65.0/24 maxlen: 24
180.87.88.0/21 maxlen: 21
180.87.88.0/24 maxlen: 24
180.87.90.0/24 maxlen: 24
180.87.112.0/24 maxlen: 24
180.87.128.0/18 maxlen: 18
180.87.128.0/24 maxlen: 24
180.87.129.0/24 maxlen: 24
180.87.130.0/24 maxlen: 24
180.87.131.0/24 maxlen: 24
180.87.132.0/24 maxlen: 24
180.87.133.0/24 maxlen: 24
180.87.134.0/24 maxlen: 24
180.87.135.0/24 maxlen: 24
180.87.136.0/24 maxlen: 24
180.87.137.0/24 maxlen: 24
180.87.138.0/24 maxlen: 24
180.87.139.0/24 maxlen: 24
180.87.140.0/24 maxlen: 24
180.87.141.0/24 maxlen: 24
180.87.142.0/24 maxlen: 24
180.87.143.0/24 maxlen: 24
180.87.144.0/24 maxlen: 24
180.87.145.0/24 maxlen: 24
180.87.146.0/24 maxlen: 24
180.87.147.0/24 maxlen: 24
180.87.148.0/24 maxlen: 24
180.87.149.0/24 maxlen: 24
180.87.150.0/24 maxlen: 24
180.87.151.0/24 maxlen: 24
180.87.152.0/24 maxlen: 24
180.87.153.0/24 maxlen: 24
180.87.154.0/24 maxlen: 24
180.87.155.0/24 maxlen: 24
180.87.156.0/24 maxlen: 24
180.87.157.0/24 maxlen: 24
180.87.158.0/24 maxlen: 24
180.87.159.0/24 maxlen: 24
180.87.160.0/24 maxlen: 24
180.87.161.0/24 maxlen: 24
180.87.162.0/24 maxlen: 24
180.87.163.0/24 maxlen: 24
180.87.164.0/24 maxlen: 24
180.87.165.0/24 maxlen: 24
180.87.166.0/24 maxlen: 24
180.87.167.0/24 maxlen: 24
180.87.168.0/24 maxlen: 24
180.87.169.0/24 maxlen: 24
180.87.170.0/24 maxlen: 24
180.87.171.0/24 maxlen: 24
180.87.172.0/24 maxlen: 24
180.87.173.0/24 maxlen: 24
180.87.174.0/24 maxlen: 24
180.87.175.0/24 maxlen: 24
180.87.176.0/24 maxlen: 24
180.87.177.0/24 maxlen: 24
180.87.178.0/24 maxlen: 24
180.87.179.0/24 maxlen: 24
180.87.180.0/24 maxlen: 24
180.87.181.0/24 maxlen: 24
180.87.182.0/24 maxlen: 24
180.87.183.0/24 maxlen: 24
180.87.184.0/24 maxlen: 24
180.87.185.0/24 maxlen: 24
180.87.186.0/24 maxlen: 24
180.87.187.0/24 maxlen: 24
180.87.188.0/24 maxlen: 24
180.87.189.0/24 maxlen: 24
180.87.190.0/24 maxlen: 24
180.87.191.0/24 maxlen: 24
202.183.64.0/20 maxlen: 24
2405:2000::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 21 Jun 2023 21:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12011 (0x2eeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Validity
Not Before: May 5 13:12:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645500a0-2f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f1:22:53:fe:15:07:e6:f2:05:d4:df:98:b8:
b6:2a:65:30:d1:67:73:38:2f:70:2f:ea:51:1d:86:
d6:03:af:6f:e6:29:ba:83:84:ea:d8:33:5e:68:cf:
06:e2:bc:07:31:76:c3:04:a8:90:ef:b2:67:b7:6d:
66:b6:be:ea:ae:ce:2d:7e:89:03:a2:89:bb:af:76:
33:6d:89:a6:7f:dd:d5:f7:06:70:c7:e9:aa:5b:0f:
1b:c4:25:61:09:ea:41:49:c3:2b:ea:f4:82:3d:0e:
cf:06:ea:1b:9d:1e:c2:7d:aa:be:e7:3b:2e:23:34:
ad:3a:27:3b:41:29:6d:2d:f2:4e:50:da:b1:66:40:
67:04:7a:3b:68:b8:17:44:3d:0f:18:69:65:4a:25:
92:5f:52:89:24:31:69:b6:e3:df:3d:de:f8:96:e6:
18:89:4e:80:ce:cc:c4:97:f4:13:d2:7d:6b:a6:84:
41:fb:0e:c6:25:3f:cd:37:45:e3:a8:25:6c:a9:ac:
27:cd:81:d4:cd:ad:c6:47:5c:ce:df:68:ba:e0:1b:
c9:7a:40:a5:79:d3:10:08:75:b8:7a:41:2e:31:1d:
ec:ce:87:e3:9d:e0:bc:5d:90:b0:48:d8:2f:df:0b:
10:51:13:c2:fb:c4:cc:7e:96:70:f1:25:a1:69:83:
25:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:99:31:CF:06:5A:E2:C3:25:75:BD:DB:BA:7B:60:2D:08:FB:C9:59
X509v3 Authority Key Identifier:
keyid:C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/90B6890EDFC511EDA973CF1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.40.0/22
103.16.252.0/22
116.0.64.0/19
120.29.192.0/19
180.87.0.0-180.87.191.255
202.183.64.0/20
IPv6:
2405:2000::/32
Signature Algorithm: sha256WithRSAEncryption
57:b3:b0:a2:74:33:88:79:8e:ff:8f:87:89:29:82:84:dd:57:
43:d4:83:9e:e0:4e:47:9b:88:2c:eb:18:48:0f:3b:52:aa:af:
6c:76:9c:ba:2b:94:25:42:24:a8:a8:17:3a:50:7c:a5:77:a5:
db:1c:1e:53:11:88:49:0b:ea:26:51:68:c4:bf:bc:a5:9c:1d:
cc:c9:47:1a:09:e5:4a:b7:70:31:18:bb:79:0f:2f:c1:de:59:
e5:05:25:da:87:56:60:10:fa:78:5a:d3:87:b3:80:e8:0b:9d:
36:48:73:4b:35:71:6c:32:91:5e:2f:9f:6c:fd:9b:b0:1e:ce:
68:6e:fd:f9:52:86:e2:16:9a:7b:a5:ba:24:b2:7a:62:b2:ad:
be:21:cf:63:83:36:81:6a:52:86:eb:a2:e8:8b:bd:ca:7f:01:
3d:a9:4e:a5:ee:ac:b3:fc:68:83:28:66:b6:02:b2:d8:8f:e1:
db:ff:8a:b8:d4:9e:95:28:2d:89:bc:a9:a6:1e:94:3f:00:df:
39:dc:5e:10:e1:2a:6b:a5:9a:1d:e8:af:61:03:b2:ea:10:1c:
98:53:d8:5f:da:b5:58:09:3d:20:8f:3c:04:67:a8:c3:53:7a:
a1:e0:4d:eb:09:34:50:49:7c:64:a8:5f:75:1f:b6:50:c9:0e:
25:84:a3:1d
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICLuswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU1QzgxMTAvBgNVBAUTKEM2NjczRDM2NDhGNDNGNDY3NEY1RjVFQkZDQkZBMzFC
Qjk2NEY2NEIwHhcNMjMwNTA1MTMxMjAwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU1MDBhMC0yZjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy/EiU/4VB+byBdTfmLi2KmUw0WdzOC9wL+pRHYbWA69v5im6g4Tq2DNeaM8G
4rwHMXbDBKiQ77Jnt21mtr7qrs4tfokDoom7r3YzbYmmf93V9wZwx+mqWw8bxCVh
CepBScMr6vSCPQ7PBuobnR7Cfaq+5zsuIzStOic7QSltLfJOUNqxZkBnBHo7aLgX
RD0PGGllSiWSX1KJJDFptuPfPd74luYYiU6AzszEl/QT0n1rpoRB+w7GJT/NN0Xj
qCVsqawnzYHUza3GR1zO32i64BvJekCledMQCHW4ekEuMR3szofjneC8XZCwSNgv
3wsQURPC+8TMfpZw8SWhaYMlawIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFF+ZMc8G
WuLDJXW927p7YC0I+8lZMB8GA1UdIwQYMBaAFMZnPTZI9D9GdPX16/y/oxu5ZPZL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTVDOC85Q0QzRThGNkZG
NTgxMUUyQkI0QjJFM0Y1OTExRUEzMi94bWM5TmtqMFAwWjA5ZlhyX0wtakc3bGs5
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3htYzlOa2owUDBaMDlmWHJfTC1qRzdsazlrcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU1QzgvOUNEM0U4RjZGRjU4MTFFMkJCNEIyRTNGNTkxMUVBMzIvOTBCNjg5MEVE
RkM1MTFFREE5NzNDRjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E
RDBCMDEEAgABMCsDBAIr8SgDBAJnEPwDBAV0AEADBAV4HcAwCwMDALRXAwQGtFeA
AwQEyrdAMA0EAgACMAcDBQAkBSAAMA0GCSqGSIb3DQEBCwUAA4IBAQBXs7CidDOI
eY7/j4eJKYKE3VdD1IOe4E5Hm4gs6xhIDztSqq9sdpy6K5QlQiSoqBc6UHyld6Xb
HB5TEYhJC+omUWjEv7ylnB3MyUcaCeVKt3AxGLt5Dy/B3lnlBSXah1ZgEPp4WtOH
s4DoC502SHNLNXFsMpFeL59s/ZuwHs5obv35UobiFpp7pboksnpisq2+Ic9jgzaB
alKG66Loi73KfwE9qU6l7qyz/GiDKGa2ArLYj+Hb/4q41J6VKC2JvKmmHpQ/AN85
3F4Q4SprpZod6K9hA7LqEByYU9hf2rVYCT0gjzwEZ6jDU3qh4E3rCTRQSXxkqF91
H7ZQyQ4lhKMd
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org