Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/5D9BB536257811EF94122453C4F9AE02.roa
File: 5D9BB536257811EF94122453C4F9AE02.roa (raw, json)
Hash identifier: HuCJcxDgFlLtk0FNZ0bTXscHP3DEmcJFxyOsTgkH/6Q=
Subject key identifier: 1C:F2:0F:33:C4:F1:96:22:75:06:7D:0D:5A:64:36:E6:73:9E:75:73
Certificate issuer: /CN=A911C362/serialNumber=EA83AF4A21CBC2071F56956E5DDD584C7638FA5B
Certificate serial: 15
Authority key identifier: EA:83:AF:4A:21:CB:C2:07:1F:56:95:6E:5D:DD:58:4C:76:38:FA:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6oOvSiHLwgcfVpVuXd1YTHY4-ls.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/5D9BB536257811EF94122453C4F9AE02.roa
Signing time: Wed 12 Jun 2024 08:41:08 +0000
ROA not before: Wed 12 Jun 2024 08:41:08 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 132335
IP address blocks: 43.230.200.0/24 maxlen: 24
43.230.201.0/24 maxlen: 24
43.230.202.0/24 maxlen: 24
45.64.104.0/22 maxlen: 24
45.120.136.0/22 maxlen: 22
45.120.136.0/24 maxlen: 24
45.120.137.0/24 maxlen: 24
45.120.138.0/24 maxlen: 24
45.120.139.0/24 maxlen: 24
103.12.211.0/24 maxlen: 24
103.13.112.0/22 maxlen: 24
103.26.204.0/22 maxlen: 24
103.250.184.0/23 maxlen: 24
103.250.186.0/24 maxlen: 24
2001:df2:1000::/48 maxlen: 48
2001:df2:1001::/48 maxlen: 48
2405:7140::/48 maxlen: 48
2405:7140:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Jun 2024 09:39:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21 (0x15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C362/serialNumber=EA83AF4A21CBC2071F56956E5DDD584C7638FA5B
Validity
Not Before: Jun 12 08:41:08 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66695f24-0b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:43:2c:5b:73:14:31:97:d1:46:cd:94:01:4b:
ae:7f:cd:85:cd:be:2e:15:6d:6e:aa:6b:cb:ed:67:
6a:78:09:46:b4:ce:71:60:13:3c:d1:73:f4:54:c4:
2d:ee:0d:68:40:58:8a:81:36:d4:bb:25:06:14:2e:
79:b2:d5:aa:7f:b8:10:ed:8f:63:2c:2b:43:40:1a:
eb:b5:53:34:4b:f5:f2:7f:b8:08:e8:50:9c:b2:a5:
e6:f7:36:e4:c4:50:d7:ba:d0:a5:af:eb:0a:53:2a:
ae:86:fd:46:2e:09:55:09:bf:f1:a4:85:9a:8b:b1:
89:0c:f5:0d:e2:0a:39:75:6e:f0:08:49:64:15:95:
25:be:9e:78:c4:83:a7:59:61:f4:68:20:c8:91:99:
ee:80:6b:d1:d7:35:45:af:1d:70:f8:c9:c4:6e:96:
75:69:a5:3a:5b:31:e3:c6:8a:5a:31:8e:23:00:e6:
c7:0d:1d:f2:92:10:aa:1b:83:8f:b3:71:12:18:e9:
f3:d4:e7:ac:9f:53:f6:b7:15:14:23:c8:bf:f7:83:
6d:7e:e3:df:ef:e7:24:39:b7:9b:8e:13:7d:39:aa:
b9:b2:e6:ad:15:7d:2c:a0:9f:8d:c1:63:04:12:39:
7a:0c:38:a8:0d:6d:08:df:82:eb:a9:06:4c:a0:4f:
7b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F2:0F:33:C4:F1:96:22:75:06:7D:0D:5A:64:36:E6:73:9E:75:73
X509v3 Authority Key Identifier:
keyid:EA:83:AF:4A:21:CB:C2:07:1F:56:95:6E:5D:DD:58:4C:76:38:FA:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/6oOvSiHLwgcfVpVuXd1YTHY4-ls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6oOvSiHLwgcfVpVuXd1YTHY4-ls.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C362/6A08F492257711EFBB0B8251C4F9AE02/5D9BB536257811EF94122453C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.200.0-43.230.202.255
45.64.104.0/22
45.120.136.0/22
103.12.211.0/24
103.13.112.0/22
103.26.204.0/22
103.250.184.0-103.250.186.255
IPv6:
2001:df2:1000::/47
2405:7140::/47
Signature Algorithm: sha256WithRSAEncryption
69:88:9e:0c:bb:cd:30:94:be:eb:ba:0c:4f:1d:30:a4:8d:08:
90:03:15:48:4e:4b:b1:ad:3d:73:94:2e:cb:79:30:f7:39:99:
96:a4:f5:2e:3a:b9:cb:30:39:31:fa:c6:60:3e:36:39:67:ac:
e8:eb:9e:54:04:b3:eb:d1:08:c3:ce:70:13:aa:cd:b2:85:1f:
92:f6:ff:e1:48:a7:ec:fa:fa:ed:90:bd:da:ad:ff:80:1b:f1:
8e:7a:69:57:64:22:0b:43:0d:f2:09:c9:f8:1d:c6:51:21:c3:
db:b9:9f:a0:3e:97:d6:be:aa:fb:70:05:a1:01:64:0f:98:85:
a4:e9:00:39:24:6d:7e:2d:33:60:8b:87:c2:28:2b:ef:94:bd:
3c:15:f3:18:2b:ae:75:49:7e:de:33:92:ef:ef:1c:31:7b:b3:
f8:35:a5:b2:e6:be:40:08:ac:7d:3a:11:49:72:1f:12:99:f4:
c7:91:07:a6:45:90:b4:d0:b9:c4:aa:40:6d:d8:03:f5:33:ee:
6e:8c:5a:26:40:be:2a:f8:20:55:cb:17:09:c3:0c:b0:1e:73:
81:8d:ee:a4:fc:0e:1a:77:c2:ae:c2:bd:f0:31:f3:7c:27:4b:
0e:92:50:3a:07:db:f3:c9:5d:1f:a6:5a:ec:e4:3a:a3:24:7d:
4e:70:fb:56
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QzM2MjExMC8GA1UEBRMoRUE4M0FGNEEyMUNCQzIwNzFGNTY5NTZFNURERDU4NEM3
NjM4RkE1QjAeFw0yNDA2MTIwODQxMDhaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2Njk1ZjI0LTBiOWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCUQyxbcxQxl9FGzZQBS65/zYXNvi4VbW6qa8vtZ2p4CUa0znFgEzzRc/RUxC3u
DWhAWIqBNtS7JQYULnmy1ap/uBDtj2MsK0NAGuu1UzRL9fJ/uAjoUJyypeb3NuTE
UNe60KWv6wpTKq6G/UYuCVUJv/GkhZqLsYkM9Q3iCjl1bvAISWQVlSW+nnjEg6dZ
YfRoIMiRme6Aa9HXNUWvHXD4ycRulnVppTpbMePGiloxjiMA5scNHfKSEKobg4+z
cRIY6fPU56yfU/a3FRQjyL/3g21+49/v5yQ5t5uOE305qrmy5q0VfSygn43BYwQS
OXoMOKgNbQjfguupBkygT3ujAgMBAAGjggLjMIIC3zAdBgNVHQ4EFgQUHPIPM8Tx
liJ1Bn0NWmQ25nOedXMwHwYDVR0jBBgwFoAU6oOvSiHLwgcfVpVuXd1YTHY4+lsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDMzYyLzZBMDhGNDkyMjU3
NzExRUZCQjBCODI1MUM0RjlBRTAyLzZvT3ZTaUhMd2djZlZwVnVYZDFZVEhZNC1s
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNm9PdlNpSEx3Z2NmVnBWdVhkMVlUSFk0LWxzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QzM2Mi82QTA4RjQ5MjI1NzcxMUVGQkIwQjgyNTFDNEY5QUUwMi81RDlCQjUzNjI1
NzgxMUVGOTQxMjI0NTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBtBggrBgEFBQcBBwEB/wRe
MFwwQAQCAAEwOjAMAwQDK+bIAwQAK+bKAwQCLUBoAwQCLXiIAwQAZwzTAwQCZw1w
AwQCZxrMMAwDBANn+rgDBABn+rowGAQCAAIwEgMHASABDfIQAAMHASQFcUAAADAN
BgkqhkiG9w0BAQsFAAOCAQEAaYieDLvNMJS+67oMTx0wpI0IkAMVSE5Lsa09c5Qu
y3kw9zmZlqT1Ljq5yzA5MfrGYD42OWes6OueVASz69EIw85wE6rNsoUfkvb/4Uin
7Pr67ZC92q3/gBvxjnppV2QiC0MN8gnJ+B3GUSHD27mfoD6X1r6q+3AFoQFkD5iF
pOkAOSRtfi0zYIuHwigr75S9PBXzGCuudUl+3jOS7+8cMXuz+DWlsua+QAisfToR
SXIfEpn0x5EHpkWQtNC5xKpAbdgD9TPuboxaJkC+KvggVcsXCcMMsB5zgY3upPwO
GnfCrsK98DHzfCdLDpJQOgfb88ldH6Za7OQ6oyR9TnD7Vg==
-----END CERTIFICATE-----
Generated at Wed Jun 26 15:26:57 2024 by rpki-client on console-fra.rpki-client.org