Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CA1ADBD4EF1811ED96D1F733C4F9AE02.roa
File: CA1ADBD4EF1811ED96D1F733C4F9AE02.roa (raw, json)
Hash identifier: VFrs2ig5JDw2gN8y1B2ks9rcw61kSoIzY+a3asjZfGI=
Subject key identifier: 02:27:7A:CC:ED:86:25:40:43:94:72:A8:79:3B:E3:72:8C:7A:CC:8A
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 1230
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CA1ADBD4EF1811ED96D1F733C4F9AE02.roa
Signing time: Tue 25 Jun 2024 11:42:23 +0000
ROA not before: Tue 25 Jun 2024 11:42:23 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 138345
IP address blocks: 27.54.32.0/22 maxlen: 22
27.54.37.0/24 maxlen: 24
113.10.64.0/18 maxlen: 24
117.20.128.0/23 maxlen: 24
117.20.130.0/23 maxlen: 24
117.20.140.0/22 maxlen: 24
117.20.144.0/22 maxlen: 24
117.20.150.0/23 maxlen: 24
117.20.152.0/23 maxlen: 24
117.20.154.0/24 maxlen: 24
117.20.160.0/19 maxlen: 24
122.11.169.0/24 maxlen: 24
122.11.212.0/24 maxlen: 24
122.11.213.0/24 maxlen: 24
122.11.214.0/24 maxlen: 24
122.11.215.0/24 maxlen: 24
122.11.245.0/25 maxlen: 32
122.11.245.128/25 maxlen: 32
122.11.246.0/25 maxlen: 32
122.11.246.128/25 maxlen: 32
171.0.0.0/15 maxlen: 15
171.0.0.0/16 maxlen: 24
171.1.0.0/16 maxlen: 24
171.207.0.0/16 maxlen: 24
203.117.247.0/24 maxlen: 32
2406:3000:5a::/48 maxlen: 56
2406:3000:5b::/48 maxlen: 56
2406:3000:5c::/48 maxlen: 56
2406:3000:5d::/48 maxlen: 56
2406:3002:40::/48 maxlen: 56
2406:3002:50::/48 maxlen: 56
Validation: Failed, certificate revoked on Thu 04 Jul 2024 05:54:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4656 (0x1230)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: Jun 25 11:42:23 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=667aad1f-1791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d1:08:90:c5:02:98:a2:07:09:58:7a:80:46:
c7:fe:ee:85:2d:7a:46:f9:f2:25:45:b2:9e:db:5e:
82:d4:8e:fa:34:14:7b:db:cf:69:b1:45:da:80:42:
d2:8d:36:15:b5:07:00:a3:f5:d8:14:29:cb:01:4c:
35:50:35:c3:6b:c4:7c:8e:4f:1e:65:bb:22:a4:f1:
5a:f9:da:e5:d9:d9:a6:2d:8f:4a:ea:0b:c8:86:30:
01:7e:2c:a8:45:4e:55:93:0e:b8:20:4d:35:f0:a0:
12:a3:83:67:9d:95:2f:e4:dd:e1:85:29:df:46:1a:
bd:1a:cf:ec:d0:8a:5c:44:ab:77:ff:4c:be:07:eb:
1e:07:3b:7e:89:e9:15:da:07:f3:ba:23:0f:fc:fe:
6a:eb:4e:0a:cf:e7:58:53:44:de:54:cb:c8:d2:09:
a3:fe:c7:05:39:2d:5e:30:58:ca:73:a6:9c:ab:da:
4e:37:68:70:4d:45:ba:9b:92:98:59:0a:ed:9d:26:
49:05:31:30:cf:30:fa:01:04:b2:4a:2f:ff:4b:24:
de:22:cd:c9:12:96:9e:88:53:76:80:48:41:d2:59:
2d:ad:1d:52:0e:bf:4c:60:5e:6f:3a:fa:38:e5:1e:
55:ac:84:29:ef:07:68:49:58:20:d3:bd:7f:1a:94:
89:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:27:7A:CC:ED:86:25:40:43:94:72:A8:79:3B:E3:72:8C:7A:CC:8A
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CA1ADBD4EF1811ED96D1F733C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.32.0/22
27.54.37.0/24
113.10.64.0/18
117.20.128.0/22
117.20.140.0-117.20.147.255
117.20.150.0-117.20.154.255
117.20.160.0/19
122.11.169.0/24
122.11.212.0/22
122.11.245.0-122.11.246.255
171.0.0.0/15
171.207.0.0/16
203.117.247.0/24
IPv6:
2406:3000:5a::-2406:3000:5d:ffff:ffff:ffff:ffff:ffff
2406:3002:40::/48
2406:3002:50::/48
Signature Algorithm: sha256WithRSAEncryption
5f:1f:f0:af:9a:ca:db:b3:a3:38:dc:65:54:79:a8:19:fc:67:
e6:b0:48:ba:28:2c:ac:da:14:03:7e:71:1c:c1:3b:4e:d4:b9:
e8:14:b7:aa:1c:bf:87:ac:fe:56:59:e7:78:96:17:06:34:2d:
58:32:9a:b8:6a:ed:43:cd:41:12:ad:62:79:2d:73:46:b7:e9:
43:89:7c:2f:81:8e:01:02:f1:08:47:10:5f:5c:03:f8:5c:a4:
d9:4d:1c:37:d7:f1:44:57:9c:1e:02:fe:95:b5:03:97:f3:d8:
84:86:e1:41:e4:41:a3:d4:b2:da:1f:1f:ef:70:39:fe:36:d2:
f3:28:95:63:85:c4:5f:31:26:15:b2:53:77:20:83:02:78:eb:
bf:ae:b4:ff:a1:df:19:fd:69:69:fb:9b:1b:15:d2:c3:2a:23:
39:a5:18:e2:71:9d:8a:a3:a3:aa:b0:87:72:e4:d4:2f:45:13:
b7:78:f2:90:af:b5:45:e8:31:1f:d0:e5:33:6a:92:75:be:11:
92:dd:35:de:ab:cd:e4:10:4b:cd:a9:c2:0c:99:76:f6:dc:c6:
31:d1:1b:59:45:3d:42:9a:25:0e:b4:22:d1:50:5f:85:e2:55:
80:98:47:84:41:1b:ff:d6:64:0a:0b:36:1a:bb:1a:66:70:e5:
16:1a:f4:6f
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICEjAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjQwNjI1MTE0MjIzWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdhYWQxZi0xNzkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArNEIkMUCmKIHCVh6gEbH/u6FLXpG+fIlRbKe216C1I76NBR7289psUXagELS
jTYVtQcAo/XYFCnLAUw1UDXDa8R8jk8eZbsipPFa+drl2dmmLY9K6gvIhjABfiyo
RU5Vkw64IE018KASo4NnnZUv5N3hhSnfRhq9Gs/s0IpcRKt3/0y+B+seBzt+iekV
2gfzuiMP/P5q604Kz+dYU0TeVMvI0gmj/scFOS1eMFjKc6acq9pON2hwTUW6m5KY
WQrtnSZJBTEwzzD6AQSySi//SyTeIs3JEpaeiFN2gEhB0lktrR1SDr9MYF5vOvo4
5R5VrIQp7wdoSVgg071/GpSJvQIDAQABo4IDJDCCAyAwHQYDVR0OBBYEFAIneszt
hiVAQ5RyqHk743KMesyKMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvQ0ExQURCRDRF
RjE4MTFFRDk2RDFGNzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga0GCCsGAQUFBwEHAQH/
BIGdMIGaMGoEAgABMGQDBAIbNiADBAAbNiUDBAZxCkADBAJ1FIAwDAMEAnUUjAME
AnUUkDAMAwQBdRSWAwQAdRSaAwQFdRSgAwQAegupAwQCegvUMAwDBAB6C/UDBAB6
C/YDAwGrAAMDAKvPAwQAy3X3MCwEAgACMCYwEgMHASQGMAAAWgMHASQGMAAAXAMH
ACQGMAIAQAMHACQGMAIAUDANBgkqhkiG9w0BAQsFAAOCAQEAXx/wr5rK27OjONxl
VHmoGfxn5rBIuigsrNoUA35xHME7TtS56BS3qhy/h6z+VlnneJYXBjQtWDKauGrt
Q81BEq1ieS1zRrfpQ4l8L4GOAQLxCEcQX1wD+Fyk2U0cN9fxRFecHgL+lbUDl/PY
hIbhQeRBo9Sy2h8f73A5/jbS8yiVY4XEXzEmFbJTdyCDAnjrv660/6HfGf1pafub
GxXSwyojOaUY4nGdiqOjqrCHcuTUL0UTt3jykK+1RegxH9DlM2qSdb4Rkt013qvN
5BBLzanCDJl29tzGMdEbWUU9QpolDrQi0VBfheJVgJhHhEEb/9ZkCgs2GrsaZnDl
Fhr0bw==
-----END CERTIFICATE-----
Generated at Thu Jul 4 07:10:49 2024 by rpki-client on console-fra.rpki-client.org