Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/39E64DFC558111EF9D0E0279C4F9AE02.roa
File: 39E64DFC558111EF9D0E0279C4F9AE02.roa (raw, json)
Hash identifier: Xbt9YCcXU65GwHt7P+8z5ES34UYvkJDydsN73Ou7oZs=
Subject key identifier: D6:D3:28:D4:5D:88:54:13:C1:AB:26:84:F4:73:AE:7D:3D:60:56:26
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 359C
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/39E64DFC558111EF9D0E0279C4F9AE02.roa
Signing time: Wed 18 Dec 2024 14:40:40 +0000
ROA not before: Wed 18 Dec 2024 14:40:40 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 23750
IP address blocks: 103.207.84.0/24 maxlen: 24
103.207.86.0/24 maxlen: 24
103.207.87.0/24 maxlen: 24
116.90.100.0/24 maxlen: 24
116.90.106.0/24 maxlen: 24
116.90.107.0/24 maxlen: 24
116.90.108.0/24 maxlen: 24
116.90.109.0/24 maxlen: 24
116.90.110.0/24 maxlen: 24
116.90.111.0/24 maxlen: 24
116.90.115.0/24 maxlen: 24
116.90.120.0/24 maxlen: 24
116.90.123.0/24 maxlen: 24
116.90.124.0/24 maxlen: 24
116.90.125.0/24 maxlen: 24
116.90.126.0/24 maxlen: 24
116.90.127.0/24 maxlen: 24
121.46.64.0/24 maxlen: 24
121.46.66.0/24 maxlen: 24
121.46.67.0/24 maxlen: 24
202.69.32.0/24 maxlen: 24
202.69.33.0/24 maxlen: 24
202.69.34.0/24 maxlen: 24
202.69.35.0/24 maxlen: 24
202.69.36.0/24 maxlen: 24
202.69.37.0/24 maxlen: 24
202.69.38.0/24 maxlen: 24
202.69.39.0/24 maxlen: 24
202.69.40.0/24 maxlen: 24
202.69.41.0/24 maxlen: 24
202.69.42.0/24 maxlen: 24
202.69.43.0/24 maxlen: 24
202.69.44.0/24 maxlen: 24
202.69.45.0/24 maxlen: 24
202.69.46.0/24 maxlen: 24
202.69.47.0/24 maxlen: 24
202.69.48.0/24 maxlen: 24
202.69.49.0/24 maxlen: 24
202.69.50.0/24 maxlen: 24
202.69.51.0/24 maxlen: 24
202.69.52.0/24 maxlen: 24
202.69.53.0/24 maxlen: 24
202.69.54.0/24 maxlen: 24
202.69.55.0/24 maxlen: 24
202.69.56.0/24 maxlen: 24
202.69.57.0/24 maxlen: 24
202.69.58.0/24 maxlen: 24
202.69.59.0/24 maxlen: 24
202.69.60.0/24 maxlen: 24
202.69.61.0/24 maxlen: 24
202.69.62.0/24 maxlen: 24
202.69.63.0/24 maxlen: 24
202.142.144.0/24 maxlen: 24
202.142.145.0/24 maxlen: 24
202.142.146.0/24 maxlen: 24
202.142.147.0/24 maxlen: 24
202.142.148.0/24 maxlen: 24
202.142.149.0/24 maxlen: 24
202.142.150.0/24 maxlen: 24
202.142.152.0/24 maxlen: 24
202.142.153.0/24 maxlen: 24
202.142.154.0/24 maxlen: 24
202.142.156.0/24 maxlen: 24
202.142.157.0/24 maxlen: 24
202.142.158.0/24 maxlen: 24
202.142.159.0/24 maxlen: 24
2406:ac00:1::/48 maxlen: 48
2406:ac00:2::/48 maxlen: 48
2406:ac00:203::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 Jan 2025 15:39:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13724 (0x359c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E
Validity
Not Before: Dec 18 14:40:40 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762dee7-5156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:31:83:6e:3f:d4:75:15:cb:27:21:40:23:54:
bb:d4:d0:42:9b:33:db:2c:75:29:5b:0a:83:11:1a:
74:4b:0a:b1:d4:ae:87:86:68:64:4d:cc:95:74:56:
91:d6:eb:24:bb:60:27:40:3f:87:6a:bf:3d:37:fc:
cd:6e:f3:9d:ef:7c:80:47:13:5e:20:be:68:e3:09:
bd:18:4c:88:39:73:87:c1:bd:35:3b:75:71:6f:67:
dc:03:11:0a:8a:56:ee:6d:0f:4e:22:55:43:5f:c8:
f6:cd:b9:27:58:0b:aa:fd:9e:d1:30:84:4a:aa:37:
d3:cb:4f:33:0b:6a:ea:7c:1a:a8:7b:bd:c3:73:41:
af:49:00:13:cf:d6:11:94:c2:2b:ff:2b:5d:74:e2:
0b:84:06:49:02:63:eb:4f:4a:f3:f4:5f:56:c6:ad:
94:ec:ad:fc:54:58:50:fa:a0:41:34:43:d7:5e:a4:
a2:51:2c:bc:08:8b:9d:fb:01:85:f2:3f:18:56:70:
cf:d8:d0:64:8e:2c:b5:70:7d:c9:af:a4:ad:67:47:
5d:39:33:c7:61:6b:b4:b7:53:ed:13:db:58:4b:23:
c6:2a:2c:7f:27:c2:36:91:23:22:66:59:3e:8b:21:
fc:a9:86:c4:91:10:1f:7e:ab:f2:5c:52:0f:36:77:
d2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D3:28:D4:5D:88:54:13:C1:AB:26:84:F4:73:AE:7D:3D:60:56:26
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/39E64DFC558111EF9D0E0279C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.207.84.0/24
103.207.86.0/23
116.90.100.0/24
116.90.106.0-116.90.111.255
116.90.115.0/24
116.90.120.0/24
116.90.123.0-116.90.127.255
121.46.64.0/24
121.46.66.0/23
202.69.32.0/19
202.142.144.0-202.142.150.255
202.142.152.0-202.142.154.255
202.142.156.0/22
IPv6:
2406:ac00:1::-2406:ac00:2:ffff:ffff:ffff:ffff:ffff
2406:ac00:203::/48
Signature Algorithm: sha256WithRSAEncryption
35:90:7f:44:cd:6f:18:2d:28:3d:b8:39:be:50:8b:ac:ad:78:
a4:c9:cc:39:06:81:5d:db:62:2a:14:b2:80:56:ae:2d:28:c1:
66:8d:c8:ea:73:bf:2f:ef:24:2e:4a:91:21:81:e2:03:19:6b:
54:45:69:1f:5b:a9:ae:e0:56:4b:4e:59:b8:b4:b6:8a:99:ad:
e7:01:4a:a0:07:92:90:4e:be:2c:ce:97:5e:d0:f9:41:3e:29:
9e:5c:e3:05:b9:b7:9f:f1:70:f7:c1:40:ce:ef:20:56:72:b6:
aa:d3:1b:a7:1e:c4:b5:83:b9:3c:c9:84:86:73:c0:bf:1f:c7:
4d:fe:dc:8d:8d:4f:eb:09:6b:27:d7:cb:4f:7c:21:61:23:2f:
9b:b5:49:f9:75:46:0c:f5:32:8d:4b:47:0d:b2:38:f9:bd:61:
ca:16:a3:43:8a:05:7e:ad:de:ba:00:3d:9a:79:22:b1:be:8d:
35:f3:d0:55:82:ce:f2:0f:01:d5:80:9e:6e:23:ee:5d:55:45:
e3:57:64:ac:ab:f6:19:3b:0b:32:d8:88:69:4e:51:b5:60:01:
26:12:be:4b:a3:68:0a:ee:3c:9e:2f:77:47:5c:aa:2e:ee:9b:
72:44:83:63:51:ad:49:ec:5f:85:7f:f0:3d:10:94:86:62:bb:
17:67:a7:45
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgICNZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQxMjE4MTQ0MDQwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZGVlNy01MTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxTGDbj/UdRXLJyFAI1S71NBCmzPbLHUpWwqDERp0Swqx1K6HhmhkTcyVdFaR
1usku2AnQD+Har89N/zNbvOd73yARxNeIL5o4wm9GEyIOXOHwb01O3Vxb2fcAxEK
ilbubQ9OIlVDX8j2zbknWAuq/Z7RMIRKqjfTy08zC2rqfBqoe73Dc0GvSQATz9YR
lMIr/ytddOILhAZJAmPrT0rz9F9Wxq2U7K38VFhQ+qBBNEPXXqSiUSy8CIud+wGF
8j8YVnDP2NBkjiy1cH3Jr6StZ0ddOTPHYWu0t1PtE9tYSyPGKix/J8I2kSMiZlk+
iyH8qYbEkRAffqvyXFIPNnfS5QIDAQABo4IDJTCCAyEwHQYDVR0OBBYEFNbTKNRd
iFQTwasmhPRzrn09YFYmMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvMzlFNjRERkM1
NTgxMTFFRjlEMEUwMjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga4GCCsGAQUFBwEHAQH/
BIGeMIGbMHQEAgABMG4DBABnz1QDBAFnz1YDBAB0WmQwDAMEAXRaagMEBHRaYAME
AHRacwMEAHRaeDAMAwQAdFp7AwQHdFoAAwQAeS5AAwQBeS5CAwQFykUgMAwDBATK
jpADBADKjpYwDAMEA8qOmAMEAMqOmgMEAsqOnDAjBAIAAjAdMBIDBwAkBqwAAAED
BwAkBqwAAAIDBwAkBqwAAgMwDQYJKoZIhvcNAQELBQADggEBADWQf0TNbxgtKD24
Ob5Qi6yteKTJzDkGgV3bYioUsoBWri0owWaNyOpzvy/vJC5KkSGB4gMZa1RFaR9b
qa7gVktOWbi0toqZrecBSqAHkpBOvizOl17Q+UE+KZ5c4wW5t5/xcPfBQM7vIFZy
tqrTG6cexLWDuTzJhIZzwL8fx03+3I2NT+sJayfXy098IWEjL5u1Sfl1Rgz1Mo1L
Rw2yOPm9YcoWo0OKBX6t3roAPZp5IrG+jTXz0FWCzvIPAdWAnm4j7l1VReNXZKyr
9hk7CzLYiGlOUbVgASYSvkujaAruPJ4vd0dcqi7um3JEg2NRrUnsX4V/8D0QlIZi
uxdnp0U=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:02 2025 by rpki-client