Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/77EDBFA2730211EE94308945C4F9AE02.roa
File: 77EDBFA2730211EE94308945C4F9AE02.roa (raw, json)
Hash identifier: HeeIasnSXPh7qhUfTF2b8bW4VZGRwBGmsXmcjppCY9c=
Subject key identifier: 44:23:0A:02:E6:2C:20:02:03:CC:1D:D9:65:D6:60:05:90:59:C9:00
Certificate issuer: /CN=A91EECAF/serialNumber=6EBD3A269785123ADC3F496639AEDFB10F30D618
Certificate serial: 09B4
Authority key identifier: 6E:BD:3A:26:97:85:12:3A:DC:3F:49:66:39:AE:DF:B1:0F:30:D6:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/br06JpeFEjrcP0lmOa7fsQ8w1hg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/77EDBFA2730211EE94308945C4F9AE02.roa
Signing time: Thu 02 Nov 2023 20:48:07 +0000
ROA not before: Thu 02 Nov 2023 20:48:07 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 58453
IP address blocks: 103.11.108.0/22 maxlen: 22
103.11.108.0/24 maxlen: 24
103.11.109.0/24 maxlen: 24
223.118.0.0/15 maxlen: 15
223.118.0.0/16 maxlen: 24
223.118.0.0/27 maxlen: 27
223.119.0.0/16 maxlen: 20
223.119.0.0/21 maxlen: 24
223.119.8.0/22 maxlen: 24
223.119.12.0/22 maxlen: 24
223.119.16.0/20 maxlen: 24
223.119.32.0/19 maxlen: 23
223.119.33.0/24 maxlen: 24
223.119.38.0/23 maxlen: 24
223.119.40.0/21 maxlen: 24
223.119.48.0/22 maxlen: 24
223.119.53.0/24 maxlen: 24
223.119.54.0/23 maxlen: 24
223.119.56.0/21 maxlen: 24
223.119.64.0/18 maxlen: 23
223.119.64.0/19 maxlen: 24
223.119.96.0/22 maxlen: 24
223.119.101.0/24 maxlen: 24
223.119.102.0/23 maxlen: 24
223.119.104.0/21 maxlen: 24
223.119.112.0/20 maxlen: 24
223.119.128.0/17 maxlen: 23
223.119.128.0/18 maxlen: 24
223.119.192.0/19 maxlen: 24
223.119.224.0/20 maxlen: 24
223.119.240.0/21 maxlen: 24
223.119.248.0/22 maxlen: 24
223.119.252.0/23 maxlen: 24
223.120.0.0/17 maxlen: 24
223.121.0.0/17 maxlen: 24
2402:4f00::/32 maxlen: 32
2402:4f00:1000::/36 maxlen: 36
2402:4f00:2000::/36 maxlen: 36
2402:4f00:4000:4::/64 maxlen: 64
2402:4f00:4001:100::/56 maxlen: 56
2402:4f00:4002:100::/56 maxlen: 56
2402:4f00:4003::/48 maxlen: 48
2402:4f00:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 06 May 2024 08:28:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2484 (0x9b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EECAF/serialNumber=6EBD3A269785123ADC3F496639AEDFB10F30D618
Validity
Not Before: Nov 2 20:48:07 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65440b07-eeda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:18:cd:66:41:4a:0b:4f:23:e1:69:24:06:b8:
5f:8e:fa:30:e2:4e:ac:ab:21:05:20:c5:a6:4c:c5:
ab:52:9d:a0:cc:5f:de:30:6d:6a:b5:04:45:4a:c7:
3a:12:4a:9c:07:5a:ba:49:3e:51:4d:e3:cf:ef:bd:
53:80:c0:72:04:86:86:28:d9:e1:05:30:b1:2a:b7:
4e:15:11:78:38:2e:20:c0:e7:94:6e:4b:20:f1:ec:
cf:c8:95:4f:ee:7d:93:8a:17:23:e4:11:f4:76:e8:
3a:2a:cd:b6:b3:33:66:66:aa:04:3b:a0:72:1b:58:
2a:48:3d:0c:bc:81:dd:e3:3f:35:ed:d1:24:64:a6:
c1:24:12:b1:23:26:1d:cd:17:a2:17:28:8f:f2:bd:
68:4c:1d:ab:b6:ef:39:7f:e7:ef:21:b9:05:6b:1d:
7f:31:38:c7:c4:a6:90:64:05:e4:49:2d:ea:3a:7e:
52:e1:da:9f:66:f0:82:3a:c3:f4:e9:55:04:4d:9f:
df:c2:29:b5:b3:50:72:5e:92:96:58:b3:c5:bc:a9:
3f:6f:00:1c:0f:bf:a8:e8:65:22:7b:bb:27:77:f8:
2d:6f:07:b7:96:74:bb:ec:4d:69:d0:79:3c:0e:eb:
20:63:26:41:b0:37:7c:ff:7f:fb:43:e2:31:ee:40:
91:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:23:0A:02:E6:2C:20:02:03:CC:1D:D9:65:D6:60:05:90:59:C9:00
X509v3 Authority Key Identifier:
keyid:6E:BD:3A:26:97:85:12:3A:DC:3F:49:66:39:AE:DF:B1:0F:30:D6:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/br06JpeFEjrcP0lmOa7fsQ8w1hg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/br06JpeFEjrcP0lmOa7fsQ8w1hg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/77EDBFA2730211EE94308945C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.108.0/22
223.118.0.0-223.120.127.255
223.121.0.0/17
IPv6:
2402:4f00::/32
Signature Algorithm: sha256WithRSAEncryption
89:5a:2e:0b:f0:15:4c:0f:e7:d2:63:18:b9:72:15:f9:b1:06:
04:5d:1e:cc:47:4f:9c:35:8d:2d:bd:e2:0c:99:7e:61:d4:55:
3c:8a:2f:fc:0f:7e:a2:b9:36:1b:55:f0:6d:e5:b0:37:ff:c1:
da:cf:e1:43:6a:97:fb:a2:35:cd:5d:62:8f:88:d1:cb:a0:c5:
16:c6:a2:e5:86:8a:3f:12:8c:35:be:20:e7:39:7b:fc:85:b3:
aa:8b:3c:55:c2:8c:72:74:e1:e7:7d:8f:56:c0:25:82:55:b4:
63:21:71:eb:ee:4c:5e:75:fc:43:2a:9e:a3:60:dd:21:4e:6c:
86:ff:e4:b4:b2:8b:12:d0:d0:74:8d:e7:e8:b5:fb:f9:15:2c:
7c:74:ad:ab:ed:dd:f1:a2:ce:d3:a4:38:e3:1e:f3:60:3f:30:
10:7d:13:93:cf:b2:a7:4d:ae:88:16:7f:9e:2c:be:37:47:51:
9c:60:b6:44:3f:44:b2:51:81:41:19:3f:f8:11:c9:04:82:f9:
94:31:b4:39:18:62:68:ce:8b:dd:cb:8b:78:70:ba:7b:d5:e2:
7d:ba:c8:34:5f:e0:3e:71:29:15:19:2b:ba:d5:9a:58:d7:17:
61:4c:02:59:73:71:e5:4d:7f:61:62:6d:84:5e:77:47:1b:08:
f8:b8:4c:67
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICCbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVDQUYxMTAvBgNVBAUTKDZFQkQzQTI2OTc4NTEyM0FEQzNGNDk2NjM5QUVERkIx
MEYzMEQ2MTgwHhcNMjMxMTAyMjA0ODA3WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0MGIwNy1lZWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvxjNZkFKC08j4WkkBrhfjvow4k6sqyEFIMWmTMWrUp2gzF/eMG1qtQRFSsc6
EkqcB1q6ST5RTePP771TgMByBIaGKNnhBTCxKrdOFRF4OC4gwOeUbksg8ezPyJVP
7n2Tihcj5BH0dug6Ks22szNmZqoEO6ByG1gqSD0MvIHd4z817dEkZKbBJBKxIyYd
zReiFyiP8r1oTB2rtu85f+fvIbkFax1/MTjHxKaQZAXkSS3qOn5S4dqfZvCCOsP0
6VUETZ/fwim1s1ByXpKWWLPFvKk/bwAcD7+o6GUie7snd/gtbwe3lnS77E1p0Hk8
DusgYyZBsDd8/3/7Q+Ix7kCRXwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFEQjCgLm
LCACA8wd2WXWYAWQWckAMB8GA1UdIwQYMBaAFG69OiaXhRI63D9JZjmu37EPMNYY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUNBRi9FRUZERkVBNDVF
QTcxMUVBQTVFODMxODRDNEY5QUUwMi9icjA2SnBlRkVqcmNQMGxtT2E3ZnNROHcx
aGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JyMDZKcGVGRWpyY1AwbG1PYTdmc1E4dzFoZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVDQUYvRUVGREZFQTQ1RUE3MTFFQUE1RTgzMTg0QzRGOUFFMDIvNzdFREJGQTI3
MzAyMTFFRTk0MzA4OTQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMB8EAgABMBkDBAJnC2wwCwMDAd92AwQH33gAAwQH33kAMA0EAgACMAcDBQAk
Ak8AMA0GCSqGSIb3DQEBCwUAA4IBAQCJWi4L8BVMD+fSYxi5chX5sQYEXR7MR0+c
NY0tveIMmX5h1FU8ii/8D36iuTYbVfBt5bA3/8Haz+FDapf7ojXNXWKPiNHLoMUW
xqLlhoo/Eow1viDnOXv8hbOqizxVwoxydOHnfY9WwCWCVbRjIXHr7kxedfxDKp6j
YN0hTmyG/+S0sosS0NB0jefotfv5FSx8dK2r7d3xos7TpDjjHvNgPzAQfROTz7Kn
Ta6IFn+eLL43R1GcYLZEP0SyUYFBGT/4EckEgvmUMbQ5GGJozovdy4t4cLp71eJ9
usg0X+A+cSkVGSu61ZpY1xdhTAJZc3HlTX9hYm2EXndHGwj4uExn
-----END CERTIFICATE-----
Generated at Mon May 6 11:49:47 2024 by rpki-client on console-ams.rpki-client.org