Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6833/F3D480EC83B311E69DD86730C4F9AE02/EF0BF59A39BF11EDA8838D3AC4F9AE02.roa
File: EF0BF59A39BF11EDA8838D3AC4F9AE02.roa (raw, json)
Hash identifier: VEZ+tz1tXEm2HADp7/Sie94uk6lMR1Z44KBZPwGJmaI=
Subject key identifier: 75:F8:44:A7:63:F9:2A:74:E2:DB:62:A3:EF:2B:B1:1F:AA:1E:D2:44
Certificate issuer: /CN=A91C6833/serialNumber=45C808A8ACDE24AC9613E01A49596100ED5E8CF1
Certificate serial: 1DC8
Authority key identifier: 45:C8:08:A8:AC:DE:24:AC:96:13:E0:1A:49:59:61:00:ED:5E:8C:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RcgIqKzeJKyWE-AaSVlhAO1ejPE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6833/F3D480EC83B311E69DD86730C4F9AE02/EF0BF59A39BF11EDA8838D3AC4F9AE02.roa
Signing time: Tue 10 Sep 2024 16:53:37 +0000
ROA not before: Tue 10 Sep 2024 16:53:37 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 58893
IP address blocks: 43.242.176.0/24 maxlen: 24
43.242.177.0/24 maxlen: 24
43.242.178.0/24 maxlen: 24
43.242.179.0/24 maxlen: 24
103.11.220.0/24 maxlen: 24
103.12.58.0/24 maxlen: 24
103.18.243.0/24 maxlen: 24
103.29.163.0/24 maxlen: 24
103.75.244.0/22 maxlen: 22
103.75.244.0/24 maxlen: 24
103.75.245.0/24 maxlen: 24
103.75.246.0/24 maxlen: 24
103.75.247.0/24 maxlen: 24
103.93.95.0/24 maxlen: 24
103.97.154.0/24 maxlen: 24
103.97.168.0/23 maxlen: 23
116.206.64.0/22 maxlen: 22
116.206.64.0/24 maxlen: 24
116.206.65.0/24 maxlen: 24
116.206.66.0/24 maxlen: 24
116.206.67.0/24 maxlen: 24
203.80.128.0/24 maxlen: 24
203.80.130.0/24 maxlen: 24
2407:5b80::/32 maxlen: 32
2407:5b80::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 05 Nov 2024 21:52:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7624 (0x1dc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6833
Validity
Not Before: Sep 10 16:53:37 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66e07990-f2c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8b:92:61:b2:0a:69:fb:72:02:d9:82:32:74:
35:e2:cb:45:82:bf:7a:4a:62:e2:e6:71:bf:43:bf:
09:fa:d8:66:4b:40:c3:f2:59:9c:24:51:d8:a3:00:
96:ee:97:61:88:26:15:70:a7:94:dc:e9:20:57:bd:
a6:4a:b8:64:2b:aa:cf:f8:85:8b:98:a6:46:40:45:
90:9a:17:e4:27:e4:b1:6f:0a:6a:fd:7c:0a:df:17:
d5:21:4a:85:ab:87:9b:ba:c3:d5:44:75:e3:b9:18:
0b:e5:90:f3:af:9c:4f:7e:8d:f9:4c:b3:d8:cc:3b:
31:83:80:90:12:bf:09:09:e0:bc:a5:f4:3d:e4:44:
6c:df:97:5a:d4:3e:55:02:5a:93:cf:b3:3b:39:d8:
f2:fd:e6:83:56:29:78:2c:3c:fb:c3:a1:c1:a3:e0:
ec:77:b8:53:d6:3f:ce:94:5e:34:46:7e:5b:c6:92:
2d:e1:07:05:69:a1:e3:f9:f1:8e:c2:35:67:27:ba:
3e:92:50:7e:86:95:ee:a3:33:23:79:c1:7d:40:c6:
e5:c2:42:fc:59:3d:20:a3:57:af:13:ef:4e:2f:9f:
de:c0:ff:c3:69:dd:79:0e:2a:87:83:e2:22:4b:30:
59:35:8d:a7:1a:f2:a9:e4:16:98:83:e9:fe:00:c6:
99:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F8:44:A7:63:F9:2A:74:E2:DB:62:A3:EF:2B:B1:1F:AA:1E:D2:44
X509v3 Authority Key Identifier:
keyid:45:C8:08:A8:AC:DE:24:AC:96:13:E0:1A:49:59:61:00:ED:5E:8C:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6833/F3D480EC83B311E69DD86730C4F9AE02/RcgIqKzeJKyWE-AaSVlhAO1ejPE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RcgIqKzeJKyWE-AaSVlhAO1ejPE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6833/F3D480EC83B311E69DD86730C4F9AE02/EF0BF59A39BF11EDA8838D3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.242.176.0/22
103.11.220.0/24
103.12.58.0/24
103.18.243.0/24
103.29.163.0/24
103.75.244.0/22
103.93.95.0/24
103.97.154.0/24
103.97.168.0/23
116.206.64.0/22
203.80.128.0/24
203.80.130.0/24
IPv6:
2407:5b80::/32
Signature Algorithm: sha256WithRSAEncryption
1b:72:04:1f:c6:8f:f4:96:51:0c:0e:58:23:94:d0:cf:92:78:
eb:09:02:48:2f:1b:56:6e:e8:32:eb:fe:1d:17:85:ae:4f:06:
7e:a8:f6:ca:67:0e:46:40:75:9d:ae:18:21:f6:4f:20:3b:8b:
32:6f:80:e5:53:d8:2a:6a:95:ff:86:03:f5:38:33:c3:6c:ae:
11:40:b5:27:d7:78:54:48:b1:09:0a:1f:f3:bf:ab:44:4b:32:
59:0e:93:2a:90:9e:aa:67:3c:df:24:12:df:b9:ac:f4:15:3b:
ac:b3:cc:5a:10:73:2a:ed:55:c0:87:d7:81:61:ee:1f:9e:c6:
a6:33:c0:e3:73:69:aa:cd:ce:78:fd:9d:56:7a:87:16:fb:57:
37:18:f9:3c:15:b8:d6:f4:9a:df:ec:3a:76:d5:89:80:ec:1d:
85:fe:c0:19:63:ac:83:29:08:8f:8a:53:b2:36:23:39:56:61:
d8:3d:a9:d8:55:95:a6:c8:fc:2b:46:5f:36:1d:f6:b8:55:ff:
6b:e4:25:87:94:4d:8b:b8:8d:e5:1f:7e:fa:28:34:35:43:6f:
5f:26:73:da:6c:37:1f:0a:34:9d:02:e9:8f:2b:a8:a5:4c:13:
3e:be:4b:8d:92:2b:55:1a:5b:58:2d:98:96:65:e9:0e:30:3a:
b4:04:70:bb
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgICHcgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY4MzMxMTAvBgNVBAUTKDQ1QzgwOEE4QUNERTI0QUM5NjEzRTAxQTQ5NTk2MTAw
RUQ1RThDRjEwHhcNMjQwOTEwMTY1MzM3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUwNzk5MC1mMmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvIuSYbIKaftyAtmCMnQ14stFgr96SmLi5nG/Q78J+thmS0DD8lmcJFHYowCW
7pdhiCYVcKeU3OkgV72mSrhkK6rP+IWLmKZGQEWQmhfkJ+Sxbwpq/XwK3xfVIUqF
q4ebusPVRHXjuRgL5ZDzr5xPfo35TLPYzDsxg4CQEr8JCeC8pfQ95ERs35da1D5V
AlqTz7M7Odjy/eaDVil4LDz7w6HBo+Dsd7hT1j/OlF40Rn5bxpIt4QcFaaHj+fGO
wjVnJ7o+klB+hpXuozMjecF9QMblwkL8WT0go1evE+9OL5/ewP/Dad15DiqHg+Ii
SzBZNY2nGvKp5BaYg+n+AMaZCQIDAQABo4IC5jCCAuIwHQYDVR0OBBYEFHX4RKdj
+Sp04ttio+8rsR+qHtJEMB8GA1UdIwQYMBaAFEXICKis3iSslhPgGklZYQDtXozx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjgzMy9GM0Q0ODBFQzgz
QjMxMUU2OUREODY3MzBDNEY5QUUwMi9SY2dJcUt6ZUpLeVdFLUFhU1ZsaEFPMWVq
UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JjZ0lxS3plSkt5V0UtQWFTVmxoQU8xZWpQRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY4MzMvRjNENDgwRUM4M0IzMTFFNjlERDg2NzMwQzRGOUFFMDIvRUYwQkY1OUEz
OUJGMTFFREE4ODM4RDNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcAYIKwYBBQUHAQcBAf8E
YTBfME4EAgABMEgDBAIr8rADBABnC9wDBABnDDoDBABnEvMDBABnHaMDBAJnS/QD
BABnXV8DBABnYZoDBAFnYagDBAJ0zkADBADLUIADBADLUIIwDQQCAAIwBwMFACQH
W4AwDQYJKoZIhvcNAQELBQADggEBABtyBB/Gj/SWUQwOWCOU0M+SeOsJAkgvG1Zu
6DLr/h0Xha5PBn6o9spnDkZAdZ2uGCH2TyA7izJvgOVT2Cpqlf+GA/U4M8NsrhFA
tSfXeFRIsQkKH/O/q0RLMlkOkyqQnqpnPN8kEt+5rPQVO6yzzFoQcyrtVcCH14Fh
7h+exqYzwONzaarNznj9nVZ6hxb7VzcY+TwVuNb0mt/sOnbViYDsHYX+wBljrIMp
CI+KU7I2IzlWYdg9qdhVlabI/CtGXzYd9rhV/2vkJYeUTYu4jeUffvooNDVDb18m
c9psNx8KNJ0C6Y8rqKVMEz6+S42SK1UaW1gtmJZl6Q4wOrQEcLs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:16:17 2025 by rpki-client