Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/CC5545B43E5F11EABE971529C4F9AE02.roa
File: CC5545B43E5F11EABE971529C4F9AE02.roa (raw, json)
Hash identifier: eL/ykZGFpJAGAAHPHwSnKEhbIUUCqPgh0mbtAHc3Twk=
Subject key identifier: 73:1A:52:8C:12:40:78:7F:3E:54:84:90:ED:37:5C:33:6F:95:F7:BC
Certificate issuer: /CN=A91CE3A3/serialNumber=B4B10E6CB38D5365D054E8DBE90F34F2C388B10C
Certificate serial: 0B50
Authority key identifier: B4:B1:0E:6C:B3:8D:53:65:D0:54:E8:DB:E9:0F:34:F2:C3:88:B1:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLEObLONU2XQVOjb6Q808sOIsQw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/CC5545B43E5F11EABE971529C4F9AE02.roa
Signing time: Thu 02 Nov 2023 19:26:53 +0000
ROA not before: Thu 02 Nov 2023 19:26:53 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 45638
IP address blocks: 43.241.52.0/22 maxlen: 24
43.250.140.0/22 maxlen: 24
103.9.168.0/22 maxlen: 24
103.11.206.0/23 maxlen: 24
103.18.108.0/24 maxlen: 24
103.18.109.0/24 maxlen: 24
103.18.110.0/24 maxlen: 24
103.27.32.0/22 maxlen: 24
103.42.108.0/22 maxlen: 24
103.241.0.0/22 maxlen: 22
103.252.152.0/22 maxlen: 24
110.232.140.0/22 maxlen: 24
112.140.176.0/22 maxlen: 24
112.140.180.0/22 maxlen: 24
223.130.24.0/22 maxlen: 24
2400:8f80::/48 maxlen: 48
2400:8f80:1::/48 maxlen: 48
2400:8f80:ac::/48 maxlen: 48
2400:b800::/48 maxlen: 48
2400:b800:1::/48 maxlen: 48
2400:b800:2::/48 maxlen: 48
2400:b800:3::/48 maxlen: 48
2400:b800:4::/48 maxlen: 48
2400:b800:5::/48 maxlen: 48
2400:b800:6::/48 maxlen: 48
2400:b800:7::/48 maxlen: 48
2400:b800:8::/48 maxlen: 48
2407:e700:1::/48 maxlen: 48
2407:e700:2::/48 maxlen: 48
2407:e700:11::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 04:08:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2896 (0xb50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE3A3/serialNumber=B4B10E6CB38D5365D054E8DBE90F34F2C388B10C
Validity
Not Before: Nov 2 19:26:53 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6543f7fd-5481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:a0:04:95:c9:f9:ac:2e:49:5b:5d:00:1b:
45:0d:f4:74:06:dd:7c:1f:f7:1c:ae:f6:f7:36:3e:
1a:28:9c:d8:5b:74:1d:92:15:ad:92:7f:a6:00:6b:
3e:7f:be:2e:56:97:d3:13:a3:bb:29:7d:f0:b4:98:
f0:17:24:43:8a:ab:c8:b1:c5:a5:28:19:18:c1:96:
6a:8e:32:69:07:e4:25:ea:b6:71:e3:ab:ae:e1:ec:
f7:a5:5e:9f:25:f2:94:c6:18:0b:fe:9d:be:ab:c6:
e1:71:e0:e9:87:e0:a2:ab:cb:0b:a0:70:24:3c:bb:
26:84:81:4e:aa:6a:60:60:68:2a:64:82:c7:23:33:
59:a3:27:cc:5a:4f:85:ee:22:88:8a:86:7d:2c:e0:
22:58:d8:83:e9:71:5a:e0:4b:23:cf:0a:41:df:0f:
48:a9:d5:83:7a:df:35:d0:3d:32:45:4b:80:99:3a:
af:cc:cd:a0:a4:e5:0c:ab:9f:f1:97:98:a7:f9:77:
0a:d9:4a:d9:87:b0:a7:63:06:f4:20:1e:96:a2:fc:
e2:fb:0f:da:4d:a1:96:ab:3c:db:2c:e6:f1:f4:a4:
e5:f2:b3:5d:bc:14:be:6f:fa:8e:c2:fc:4a:e4:e9:
3a:4a:7a:fd:d3:ae:9c:a0:cf:f5:d0:a0:a3:2f:cb:
e7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1A:52:8C:12:40:78:7F:3E:54:84:90:ED:37:5C:33:6F:95:F7:BC
X509v3 Authority Key Identifier:
keyid:B4:B1:0E:6C:B3:8D:53:65:D0:54:E8:DB:E9:0F:34:F2:C3:88:B1:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/tLEObLONU2XQVOjb6Q808sOIsQw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLEObLONU2XQVOjb6Q808sOIsQw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/CC5545B43E5F11EABE971529C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.52.0/22
43.250.140.0/22
103.9.168.0/22
103.11.206.0/23
103.18.108.0-103.18.110.255
103.27.32.0/22
103.42.108.0/22
103.241.0.0/22
103.252.152.0/22
110.232.140.0/22
112.140.176.0/21
223.130.24.0/22
IPv6:
2400:8f80::/47
2400:8f80:ac::/48
2400:b800::-2400:b800:8:ffff:ffff:ffff:ffff:ffff
2407:e700:1::-2407:e700:2:ffff:ffff:ffff:ffff:ffff
2407:e700:11::/48
Signature Algorithm: sha256WithRSAEncryption
32:d2:2e:3e:76:56:7a:2d:d5:52:ac:bd:b7:94:8c:b5:b5:f3:
e6:4e:67:5f:8e:c0:4f:f0:8a:df:fd:de:68:9a:b1:0b:67:1a:
54:5c:55:52:b8:c0:65:37:6e:74:14:ed:d6:dd:5f:8d:92:ba:
5d:1b:02:cd:36:66:5c:7e:12:e9:8e:1c:0f:93:e7:21:5f:1e:
83:27:18:e0:5c:59:39:f2:a8:a4:37:0e:35:4c:e7:b1:cf:cb:
7f:b7:b5:90:ec:60:2c:87:18:5b:b6:3f:10:76:b7:0d:82:e5:
99:56:49:96:ca:68:7e:db:1e:49:d3:a6:33:7e:e6:d8:bf:c8:
2e:aa:8e:22:be:13:c8:9b:0e:39:7e:32:7b:d0:8a:9d:b9:24:
9f:0c:e0:b5:13:39:4b:79:78:d3:a0:da:8c:0d:88:bd:94:16:
37:dc:0e:d4:3c:da:d9:0f:d6:d6:12:6d:b1:3e:88:98:ca:8c:
2b:28:1a:bb:29:ab:f7:d9:27:08:b9:dd:b8:43:36:ea:39:f9:
1e:25:7b:af:64:0c:de:e1:c5:17:6a:90:1b:a1:41:60:ec:81:
af:83:df:37:56:42:f1:57:39:60:f8:3b:77:86:0b:60:63:c5:
40:08:40:5a:1a:20:ee:66:00:8f:7b:ee:f5:33:72:88:de:f6:
48:f4:05:c0
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgICC1AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0UzQTMxMTAvBgNVBAUTKEI0QjEwRTZDQjM4RDUzNjVEMDU0RThEQkU5MEYzNEYy
QzM4OEIxMEMwHhcNMjMxMTAyMTkyNjUzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQzZjdmZC01NDgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAukmgBJXJ+awuSVtdABtFDfR0Bt18H/ccrvb3Nj4aKJzYW3QdkhWtkn+mAGs+
f74uVpfTE6O7KX3wtJjwFyRDiqvIscWlKBkYwZZqjjJpB+Ql6rZx46uu4ez3pV6f
JfKUxhgL/p2+q8bhceDph+Ciq8sLoHAkPLsmhIFOqmpgYGgqZILHIzNZoyfMWk+F
7iKIioZ9LOAiWNiD6XFa4EsjzwpB3w9IqdWDet810D0yRUuAmTqvzM2gpOUMq5/x
l5in+XcK2UrZh7CnYwb0IB6Wovzi+w/aTaGWqzzbLObx9KTl8rNdvBS+b/qOwvxK
5Ok6Snr9066coM/10KCjL8vnBwIDAQABo4IDKjCCAyYwHQYDVR0OBBYEFHMaUowS
QHh/PlSEkO03XDNvlfe8MB8GA1UdIwQYMBaAFLSxDmyzjVNl0FTo2+kPNPLDiLEM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTNBMy8yMDkxREM4RTA1
MDExMUVBQkQ5QjIwMkNDNEY5QUUwMi90TEVPYkxPTlUyWFFWT2piNlE4MDhzT0lz
UXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMRU9iTE9OVTJYUVZPamI2UTgwOHNPSXNRdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0UzQTMvMjA5MURDOEUwNTAxMTFFQUJEOUIyMDJDQzRGOUFFMDIvQ0M1NTQ1QjQz
RTVGMTFFQUJFOTcxNTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbMGCCsGAQUFBwEHAQH/
BIGjMIGgMFYEAgABMFADBAIr8TQDBAIr+owDBAJnCagDBAFnC84wDAMEAmcSbAME
AGcSbgMEAmcbIAMEAmcqbAMEAmfxAAMEAmf8mAMEAm7ojAMEA3CMsAMEAt+CGDBG
BAIAAjBAAwcBJACPgAAAAwcAJACPgACsMA8DBAMkALgDBwAkALgAAAgwEgMHACQH
5wAAAQMHACQH5wAAAgMHACQH5wAAETANBgkqhkiG9w0BAQsFAAOCAQEAMtIuPnZW
ei3VUqy9t5SMtbXz5k5nX47AT/CK3/3eaJqxC2caVFxVUrjAZTdudBTt1t1fjZK6
XRsCzTZmXH4S6Y4cD5PnIV8egycY4FxZOfKopDcONUznsc/Lf7e1kOxgLIcYW7Y/
EHa3DYLlmVZJlspoftseSdOmM37m2L/ILqqOIr4TyJsOOX4ye9CKnbkknwzgtRM5
S3l406DajA2IvZQWN9wO1Dza2Q/W1hJtsT6ImMqMKygauymr99knCLnduEM26jn5
HiV7r2QM3uHFF2qQG6FBYOyBr4PfN1ZC8Vc5YPg7d4YLYGPFQAhAWhog7mYAj3vu
9TNyiN72SPQFwA==
-----END CERTIFICATE-----
Generated at Thu Apr 11 05:32:02 2024 by rpki-client on console-fra.rpki-client.org