Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/A3C7651AD06411ED8A5ADE5EC4F9AE02.roa
File: A3C7651AD06411ED8A5ADE5EC4F9AE02.roa (raw, json)
Hash identifier: +gV5YtGPlw0TxgMltDQ5V+AdgGx+8q2+nDg/5Frsc+E=
Subject key identifier: 4C:C9:76:A1:52:52:77:5D:81:FB:5F:BE:22:6C:3B:6A:1A:5B:CB:E7
Certificate issuer: /CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2
Certificate serial: 0748
Authority key identifier: 1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/A3C7651AD06411ED8A5ADE5EC4F9AE02.roa
Signing time: Thu 05 Sep 2024 10:26:51 +0000
ROA not before: Thu 05 Sep 2024 10:26:51 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 55705
IP address blocks: 45.124.108.0/23 maxlen: 23
45.124.108.0/24 maxlen: 24
45.124.109.0/24 maxlen: 24
103.36.156.0/24 maxlen: 24
103.36.158.0/24 maxlen: 24
103.36.159.0/24 maxlen: 24
103.225.60.0/24 maxlen: 24
103.225.61.0/24 maxlen: 24
103.225.62.0/24 maxlen: 24
103.225.63.0/24 maxlen: 24
103.238.100.0/24 maxlen: 24
103.238.101.0/24 maxlen: 24
103.238.102.0/24 maxlen: 24
103.238.103.0/24 maxlen: 24
202.41.22.0/24 maxlen: 24
202.41.23.0/24 maxlen: 24
202.41.24.0/24 maxlen: 24
202.41.25.0/24 maxlen: 24
202.41.26.0/24 maxlen: 24
202.41.27.0/24 maxlen: 24
202.41.28.0/24 maxlen: 24
202.41.29.0/24 maxlen: 24
202.41.30.0/24 maxlen: 24
202.41.31.0/24 maxlen: 24
203.55.102.0/24 maxlen: 24
203.55.103.0/24 maxlen: 24
223.165.24.0/24 maxlen: 24
223.165.25.0/24 maxlen: 24
223.165.26.0/24 maxlen: 24
223.165.27.0/24 maxlen: 24
223.165.28.0/24 maxlen: 24
223.165.29.0/24 maxlen: 24
223.165.30.0/24 maxlen: 24
223.165.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 07:20:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1864 (0x748)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2
Validity
Not Before: Sep 5 10:26:51 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d9876a-6fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a5:0f:02:f3:d3:6b:3d:97:f9:bd:17:0c:c0:
6a:79:6c:04:2d:6b:ac:c8:fe:20:2f:99:63:47:de:
b1:4c:26:b4:50:51:31:6c:30:0d:ab:a9:4d:51:09:
bb:d5:5c:41:44:00:f2:f5:53:d6:f0:5f:4e:92:ef:
18:2a:8b:e6:de:74:0e:2a:19:b3:27:41:73:4a:4f:
9a:36:38:c9:9b:06:ef:bc:33:cc:4e:d7:d3:3a:35:
7f:d4:f0:00:9d:32:a1:1e:84:21:1d:76:30:ec:99:
7c:46:c8:7d:62:11:f0:c4:f0:e0:b8:5b:52:f4:1d:
de:6c:a2:0e:83:c4:27:96:e1:74:6e:9e:66:a9:a4:
15:18:df:41:32:f2:8c:4d:10:99:50:ce:1e:c8:b9:
79:49:0a:0b:20:e4:63:17:77:60:d5:89:13:7a:f2:
48:e0:4b:21:ac:ed:6f:10:0e:7d:26:39:51:fa:a9:
2a:79:ee:a6:a3:74:6e:2b:db:6f:84:75:16:ab:e8:
e3:1b:e0:fa:12:b4:53:fd:36:be:da:d7:b0:5b:84:
fb:ff:06:3c:b0:17:43:c0:dd:07:02:a9:e7:12:b1:
a2:82:30:7a:ea:68:62:23:b0:0c:17:eb:73:e8:09:
36:c4:89:34:e0:0b:07:54:6c:39:33:73:bd:22:2d:
16:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C9:76:A1:52:52:77:5D:81:FB:5F:BE:22:6C:3B:6A:1A:5B:CB:E7
X509v3 Authority Key Identifier:
keyid:1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/A3C7651AD06411ED8A5ADE5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.108.0/23
103.36.156.0/24
103.36.158.0/23
103.225.60.0/22
103.238.100.0/22
202.41.22.0-202.41.31.255
203.55.102.0/23
223.165.24.0/21
Signature Algorithm: sha256WithRSAEncryption
10:2d:8b:eb:6b:c1:68:74:72:91:cc:b4:67:5a:69:49:a0:7c:
2c:86:b0:4c:f5:3e:d5:bb:cb:8f:c2:9d:c9:7f:35:2f:f7:e8:
52:c1:ca:12:45:fe:24:28:64:d6:2f:a4:8c:a1:ad:d5:11:78:
29:e2:f2:b7:59:25:b2:79:fb:97:c0:39:63:67:24:b8:8f:fb:
95:31:17:bd:86:4f:41:da:c8:97:02:7b:cd:ac:b7:39:d9:15:
5f:8e:74:47:2a:80:dd:85:6b:b1:6a:9e:c3:66:c3:24:17:fb:
9a:64:45:fc:14:d1:8f:ff:be:d6:83:b8:be:88:1c:a8:7f:c5:
4c:03:46:a7:15:50:ca:37:e7:f8:a8:95:16:ff:2d:e4:c2:92:
f6:2d:c8:7a:fb:9c:ec:79:f9:1b:3c:0d:4d:e1:09:3c:bf:b7:
be:26:e7:61:ac:78:b5:6e:ae:26:d8:63:22:5a:00:e3:38:b3:
36:b0:f8:d8:22:00:b3:1b:86:90:6b:0b:e1:c6:63:c1:d7:66:
0d:fe:f6:fd:98:aa:eb:71:1e:0b:b5:a9:88:aa:b4:5a:2c:e4:
9f:97:f3:ea:41:21:c2:84:7b:a5:3f:59:c5:25:ec:c9:0d:e4:
68:09:88:dd:0f:f2:1d:be:11:e9:86:6d:d0:d8:b1:d1:b1:e6:
d8:87:b1:87
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgICB0gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYyNEYxMTAvBgNVBAUTKDFFQjdBRDIzNTJGN0M2RUE0QTYyRjc4NENFNUZCQjEx
NkRGMjZFQzIwHhcNMjQwOTA1MTAyNjUxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5ODc2YS02ZmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApqUPAvPTaz2X+b0XDMBqeWwELWusyP4gL5ljR96xTCa0UFExbDANq6lNUQm7
1VxBRADy9VPW8F9Oku8YKovm3nQOKhmzJ0FzSk+aNjjJmwbvvDPMTtfTOjV/1PAA
nTKhHoQhHXYw7Jl8Rsh9YhHwxPDguFtS9B3ebKIOg8QnluF0bp5mqaQVGN9BMvKM
TRCZUM4eyLl5SQoLIORjF3dg1YkTevJI4EshrO1vEA59JjlR+qkqee6mo3RuK9tv
hHUWq+jjG+D6ErRT/Ta+2tewW4T7/wY8sBdDwN0HAqnnErGigjB66mhiI7AMF+tz
6Ak2xIk04AsHVGw5M3O9Ii0WoQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFEzJdqFS
UnddgftfviJsO2oaW8vnMB8GA1UdIwQYMBaAFB63rSNS98bqSmL3hM5fuxFt8m7C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjI0Ri82NURERkFCNDAy
RkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1cEtZdmVFemwtN0VXM3li
c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hyZXRJMUwzeHVwS1l2ZUV6bC03RVczeWJzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYyNEYvNjVEREZBQjQwMkZBMTFFQkEzQTBBMjMxQzRGOUFFMDIvQTNDNzY1MUFE
MDY0MTFFRDhBNUFERTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E
QjBAMD4EAgABMDgDBAEtfGwDBABnJJwDBAFnJJ4DBAJn4TwDBAJn7mQwDAMEAcop
FgMEBcopAAMEAcs3ZgMEA9+lGDANBgkqhkiG9w0BAQsFAAOCAQEAEC2L62vBaHRy
kcy0Z1ppSaB8LIawTPU+1bvLj8KdyX81L/foUsHKEkX+JChk1i+kjKGt1RF4KeLy
t1klsnn7l8A5Y2ckuI/7lTEXvYZPQdrIlwJ7zay3OdkVX450RyqA3YVrsWqew2bD
JBf7mmRF/BTRj/++1oO4vogcqH/FTANGpxVQyjfn+KiVFv8t5MKS9i3Ievuc7Hn5
GzwNTeEJPL+3vibnYax4tW6uJthjIloA4zizNrD42CIAsxuGkGsL4cZjwddmDf72
/Ziq63EeC7WpiKq0Wizkn5fz6kEhwoR7pT9ZxSXsyQ3kaAmI3Q/yHb4R6YZt0Nix
0bHm2Iexhw==
-----END CERTIFICATE-----
Generated at Mon Oct 21 09:40:14 2024 by rpki-client on console-fra.rpki-client.org