Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/2571E94E17BC11EDB4F9E70DC4F9AE02.roa
File: 2571E94E17BC11EDB4F9E70DC4F9AE02.roa (raw, json)
Hash identifier: SlTlsWIM3ojkbp2f8W3iJ4bB22/nnnqCdgh7g5O0/Lw=
Subject key identifier: 2D:1C:C3:AB:7C:61:52:FA:98:EA:2E:D7:78:73:54:E7:CA:2F:15:45
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3AD8
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/2571E94E17BC11EDB4F9E70DC4F9AE02.roa
Signing time: Thu 13 Oct 2022 02:40:41 +0000
ROA not before: Thu 13 Oct 2022 02:40:41 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 135905
IP address blocks: 14.225.0.0/16 maxlen: 24
103.9.204.0/22 maxlen: 24
103.159.60.0/23 maxlen: 23
103.169.168.0/23 maxlen: 24
103.188.164.0/23 maxlen: 24
103.189.72.0/23 maxlen: 24
103.189.74.0/23 maxlen: 24
103.189.76.0/23 maxlen: 24
103.189.78.0/23 maxlen: 24
103.200.22.0/24 maxlen: 24
123.30.111.0/24 maxlen: 24
123.30.150.0/24 maxlen: 24
123.30.154.0/23 maxlen: 24
123.30.156.0/23 maxlen: 24
123.30.158.0/23 maxlen: 24
123.30.200.0/24 maxlen: 24
123.30.242.0/24 maxlen: 24
123.31.10.0/24 maxlen: 24
123.31.11.0/24 maxlen: 24
123.31.12.0/24 maxlen: 24
123.31.24.0/24 maxlen: 24
123.31.27.0/24 maxlen: 24
123.31.28.0/24 maxlen: 24
123.31.29.0/24 maxlen: 24
123.31.30.0/23 maxlen: 24
123.31.32.0/22 maxlen: 24
123.31.36.0/23 maxlen: 24
123.31.38.0/24 maxlen: 24
123.31.39.0/24 maxlen: 24
123.31.40.0/24 maxlen: 24
123.31.41.0/24 maxlen: 24
123.31.42.0/23 maxlen: 24
123.31.44.0/24 maxlen: 24
123.31.45.0/24 maxlen: 24
203.162.13.0/24 maxlen: 24
203.162.34.0/24 maxlen: 24
222.255.38.0/24 maxlen: 24
2001:ee0:300::/40 maxlen: 48
2400:1060::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15064 (0x3ad8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Oct 13 02:40:41 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63477aa9-ebfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:11:e6:77:c6:d3:c6:38:ca:d3:2c:0c:fe:b4:
de:2f:b4:3e:ca:6a:26:f7:07:3c:ef:33:cb:8a:e5:
64:23:b3:17:09:ac:2c:39:72:3a:b9:7a:f1:46:63:
50:94:b2:a6:3d:73:a0:eb:ba:e8:3b:8e:57:42:01:
92:44:d9:c9:26:a6:92:c4:23:2b:dc:06:e9:02:98:
7c:6e:ca:cf:05:d8:e6:6e:ea:89:d9:9b:2b:cb:25:
ad:d4:98:c8:57:8f:18:8c:37:cb:b8:8d:dd:59:ff:
d8:ef:86:77:e9:ff:42:a6:7d:cd:1c:b3:5d:a0:d8:
e1:40:1c:85:a6:6d:83:13:47:09:03:fa:30:c5:d7:
88:c5:d6:d7:3c:64:2f:54:49:2d:f8:91:25:1d:d2:
e6:55:7c:8d:6b:4c:b8:98:2f:d3:9d:0e:f4:5b:e5:
e7:9e:b7:5d:26:a1:7d:9b:79:b8:cf:9b:e9:c5:6c:
a3:94:c3:55:55:bd:c1:96:40:36:68:11:b1:f0:47:
c9:94:92:7f:7f:c1:27:9b:d3:ef:44:e2:43:3b:02:
ce:88:88:fd:fc:8e:c3:91:84:11:8f:37:01:c9:49:
1d:b8:7d:54:d6:9d:2c:17:28:06:2c:f1:5f:06:21:
dd:a4:89:6c:12:87:30:db:41:e0:98:65:6b:33:2d:
79:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:1C:C3:AB:7C:61:52:FA:98:EA:2E:D7:78:73:54:E7:CA:2F:15:45
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/2571E94E17BC11EDB4F9E70DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.225.0.0/16
103.9.204.0/22
103.159.60.0/23
103.169.168.0/23
103.188.164.0/23
103.189.72.0/21
103.200.22.0/24
123.30.111.0/24
123.30.150.0/24
123.30.154.0-123.30.159.255
123.30.200.0/24
123.30.242.0/24
123.31.10.0-123.31.12.255
123.31.24.0/24
123.31.27.0-123.31.45.255
203.162.13.0/24
203.162.34.0/24
222.255.38.0/24
IPv6:
2001:ee0:300::/40
2400:1060::/48
Signature Algorithm: sha256WithRSAEncryption
5a:5d:61:9d:ea:70:97:82:27:99:78:d0:5f:3c:c3:1d:ba:c3:
59:b4:47:68:b0:4f:a3:af:b0:51:8a:82:39:74:dc:af:29:4a:
9f:e9:e4:4e:b2:4e:39:ce:6e:ef:39:39:f0:28:51:54:18:66:
a7:f1:69:7e:05:fb:a8:0c:ec:de:6c:83:dc:62:4a:99:5b:b0:
bb:5a:18:7c:e0:ff:27:cc:12:aa:b9:9d:83:42:15:7a:65:09:
fe:78:df:db:9e:0a:1c:65:af:55:2e:fd:9d:e8:1a:c3:bc:9a:
aa:06:86:e5:9d:09:93:67:c7:27:24:5b:5b:3a:8e:ad:13:dc:
a2:9c:3c:b1:e0:49:b7:d8:d2:c2:86:9d:f3:eb:1e:de:7a:87:
91:e6:70:6b:71:88:e4:23:11:71:3e:a7:27:bf:26:07:41:b1:
82:65:86:a8:06:ec:04:18:02:6e:f0:a2:1c:b0:8d:85:8b:58:
57:71:cc:0f:78:e8:32:8d:c6:cc:8d:8c:c2:15:99:05:96:dc:
81:94:bb:17:03:a4:b7:d9:4b:87:85:e6:4b:97:4e:75:94:eb:
4f:a2:15:d6:17:35:bc:30:5a:63:1a:23:be:32:e0:f3:c0:ef:
e0:67:1c:6d:d9:11:78:1c:ac:cd:b3:45:1a:01:83:24:8f:a8:
d6:5e:4b:a7
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgICOtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIxMDEzMDI0MDQxWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ3N2FhOS1lYmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvhHmd8bTxjjK0ywM/rTeL7Q+ymom9wc87zPLiuVkI7MXCawsOXI6uXrxRmNQ
lLKmPXOg67roO45XQgGSRNnJJqaSxCMr3AbpAph8bsrPBdjmbuqJ2ZsryyWt1JjI
V48YjDfLuI3dWf/Y74Z36f9Cpn3NHLNdoNjhQByFpm2DE0cJA/owxdeIxdbXPGQv
VEkt+JElHdLmVXyNa0y4mC/TnQ70W+XnnrddJqF9m3m4z5vpxWyjlMNVVb3BlkA2
aBGx8EfJlJJ/f8Enm9PvROJDOwLOiIj9/I7DkYQRjzcByUkduH1U1p0sFygGLPFf
BiHdpIlsEocw20HgmGVrMy153wIDAQABo4IDMDCCAywwHQYDVR0OBBYEFC0cw6t8
YVL6mOou13hzVOfKLxVFMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMjU3MUU5NEUx
N0JDMTFFREI0RjlFNzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbkGCCsGAQUFBwEHAQH/
BIGpMIGmMIGKBAIAATCBgwMDAA7hAwQCZwnMAwQBZ588AwQBZ6moAwQBZ7ykAwQD
Z71IAwQAZ8gWAwQAex5vAwQAex6WMAwDBAF7HpoDBAV7HoADBAB7HsgDBAB7HvIw
DAMEAXsfCgMEAHsfDAMEAHsfGDAMAwQAex8bAwQBex8sAwQAy6INAwQAy6IiAwQA
3v8mMBcEAgACMBEDBgAgAQ7gAwMHACQAEGAAADANBgkqhkiG9w0BAQsFAAOCAQEA
Wl1hnepwl4InmXjQXzzDHbrDWbRHaLBPo6+wUYqCOXTcrylKn+nkTrJOOc5u7zk5
8ChRVBhmp/FpfgX7qAzs3myD3GJKmVuwu1oYfOD/J8wSqrmdg0IVemUJ/njf254K
HGWvVS79negaw7yaqgaG5Z0Jk2fHJyRbWzqOrRPcopw8seBJt9jSwoad8+se3nqH
keZwa3GI5CMRcT6nJ78mB0GxgmWGqAbsBBgCbvCiHLCNhYtYV3HMD3joMo3GzI2M
whWZBZbcgZS7FwOkt9lLh4XmS5dOdZTrT6IV1hc1vDBaYxojvjLg88Dv4GccbdkR
eByszbNFGgGDJI+o1l5Lpw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:00 2023 by rpki-client on console-ams.rpki-client.org