Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/864C4A7832C911EF9984B42FC4F9AE02.roa
File: 864C4A7832C911EF9984B42FC4F9AE02.roa (raw, json)
Hash identifier: o4p2JQ6w4XbE3YFPGYwDu67+sWVYdwkb1yAIwW6Fbms=
Subject key identifier: 55:62:50:C9:26:4B:09:B8:E5:14:A0:6D:EA:B9:F3:71:B5:96:98:3C
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 48B0
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/864C4A7832C911EF9984B42FC4F9AE02.roa
Signing time: Mon 09 Dec 2024 04:22:38 +0000
ROA not before: Mon 09 Dec 2024 04:22:38 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 131386
IP address blocks: 45.119.80.0/22 maxlen: 24
45.119.84.0/22 maxlen: 24
103.2.224.0/22 maxlen: 24
103.2.228.0/22 maxlen: 24
103.27.236.0/22 maxlen: 24
103.87.220.0/22 maxlen: 24
103.95.156.0/22 maxlen: 24
103.200.24.0/22 maxlen: 24
2403:bf40::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Jan 2025 03:53:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18608 (0x48b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Dec 9 04:22:38 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6756708e-7b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7e:d9:17:68:c0:d6:2d:f9:dc:e2:64:c6:ae:
d1:29:b3:b3:a5:87:d6:69:1e:a2:12:e0:5d:92:a0:
74:0f:b0:65:ad:f1:fd:b8:37:9a:1b:97:2e:c4:a4:
36:7a:30:a6:fe:f1:02:aa:b6:9b:0f:25:89:4c:d2:
d6:bd:78:42:ba:03:0b:dc:83:0d:b3:99:a6:b4:91:
5d:36:5e:3e:49:76:9a:1f:0e:78:eb:00:33:46:22:
34:cb:0e:5b:37:49:11:32:32:07:f9:e5:58:59:59:
f5:5d:38:61:63:48:33:6b:13:b4:41:87:a6:72:ad:
47:58:4a:69:62:49:7c:d9:47:e7:1b:ce:80:7e:ef:
1c:17:3a:d6:f3:f1:fc:bf:34:0c:a9:29:02:f8:ca:
8a:94:ac:4c:c5:d4:0c:65:38:23:50:fd:08:72:1c:
66:7f:d8:fa:65:eb:82:51:fa:a5:0a:17:ac:74:56:
12:76:b2:e4:3b:22:7d:a9:7c:b3:5f:5a:8e:33:c0:
5b:ea:15:e6:4a:db:d2:76:35:68:22:15:e5:25:0e:
b3:08:88:cf:79:f4:e4:43:0d:c5:b1:ca:7e:33:1e:
f0:2e:ae:ae:6b:ab:e9:b6:8e:18:74:eb:2f:ec:02:
43:f6:f7:c6:24:c2:69:9c:b0:a8:aa:52:88:fc:e7:
37:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:62:50:C9:26:4B:09:B8:E5:14:A0:6D:EA:B9:F3:71:B5:96:98:3C
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/864C4A7832C911EF9984B42FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.119.80.0/21
103.2.224.0/21
103.27.236.0/22
103.87.220.0/22
103.95.156.0/22
103.200.24.0/22
IPv6:
2403:bf40::/48
Signature Algorithm: sha256WithRSAEncryption
1e:b0:b7:d8:bd:22:bd:98:15:a8:b0:a8:0b:20:af:53:5f:7f:
2f:64:52:61:cb:0d:ca:d1:af:1b:52:49:a8:ef:35:d8:c2:05:
da:56:47:9e:ff:33:2b:e0:ca:27:92:72:05:95:ba:ca:a2:4c:
11:7c:cf:83:c4:3c:ab:21:57:da:e0:ef:56:26:5a:93:cc:e4:
b0:d0:d7:13:32:fb:23:16:fd:15:8b:5e:ca:3a:54:6d:e2:18:
a7:d3:42:41:c6:fc:75:41:33:ea:d4:45:2e:03:94:ab:ab:ee:
72:07:69:bd:23:a3:23:27:62:32:04:33:24:ad:61:af:31:99:
71:65:0b:04:aa:40:85:47:fc:35:26:e2:00:0e:07:6d:45:c4:
58:77:cf:02:c2:50:4f:00:4d:5b:1b:2f:af:ce:c6:e5:df:e0:
a8:73:80:68:97:0a:97:a3:2c:c6:a6:c3:89:9b:b4:f5:23:ed:
69:98:3f:aa:bf:6d:44:75:05:d0:7a:6c:b4:67:43:60:7c:35:
6b:ad:a8:8e:d5:29:b6:ec:e8:b4:c5:cd:fe:27:80:b8:8e:2b:
95:e3:bf:9d:94:4f:ef:95:50:3a:45:b1:07:81:b5:4d:d9:f9:
9b:39:b6:b1:48:3b:3a:75:42:0c:b3:99:fc:03:b5:ba:6c:d6:
44:93:1c:db
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICSLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMjA5MDQyMjM4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU2NzA4ZS03YjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy37ZF2jA1i353OJkxq7RKbOzpYfWaR6iEuBdkqB0D7BlrfH9uDeaG5cuxKQ2
ejCm/vECqrabDyWJTNLWvXhCugML3IMNs5mmtJFdNl4+SXaaHw546wAzRiI0yw5b
N0kRMjIH+eVYWVn1XThhY0gzaxO0QYemcq1HWEppYkl82UfnG86Afu8cFzrW8/H8
vzQMqSkC+MqKlKxMxdQMZTgjUP0Ichxmf9j6ZeuCUfqlChesdFYSdrLkOyJ9qXyz
X1qOM8Bb6hXmStvSdjVoIhXlJQ6zCIjPefTkQw3Fscp+Mx7wLq6ua6vpto4YdOsv
7AJD9vfGJMJpnLCoqlKI/Oc3LQIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFFViUMkm
Swm45RSgbeq583G1lpg8MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvODY0QzRBNzgz
MkM5MTFFRjk5ODRCNDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E
PzA9MCoEAgABMCQDBAMtd1ADBANnAuADBAJnG+wDBAJnV9wDBAJnX5wDBAJnyBgw
DwQCAAIwCQMHACQDv0AAADANBgkqhkiG9w0BAQsFAAOCAQEAHrC32L0ivZgVqLCo
CyCvU19/L2RSYcsNytGvG1JJqO812MIF2lZHnv8zK+DKJ5JyBZW6yqJMEXzPg8Q8
qyFX2uDvViZak8zksNDXEzL7Ixb9FYteyjpUbeIYp9NCQcb8dUEz6tRFLgOUq6vu
cgdpvSOjIydiMgQzJK1hrzGZcWULBKpAhUf8NSbiAA4HbUXEWHfPAsJQTwBNWxsv
r87G5d/gqHOAaJcKl6MsxqbDiZu09SPtaZg/qr9tRHUF0HpstGdDYHw1a62ojtUp
tuzotMXN/ieAuI4rleO/nZRP75VQOkWxB4G1Tdn5mzm2sUg7OnVCDLOZ/AO1umzW
RJMc2w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:35:50 2025 by rpki-client