Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/F0EB7520724E11EEABE38155C4F9AE02.roa
File: F0EB7520724E11EEABE38155C4F9AE02.roa (raw, json)
Hash identifier: tirI9GYSLQbIS+apeH0PELaYqIdnb3E475EdSbWl1tk=
Subject key identifier: A5:26:96:6F:3A:72:3B:AF:B9:79:7D:7E:1F:44:3D:75:26:F2:9C:F8
Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial: 0853
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/F0EB7520724E11EEABE38155C4F9AE02.roa
Signing time: Tue 24 Oct 2023 09:23:07 +0000
ROA not before: Tue 24 Oct 2023 09:23:07 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 132203
IP address blocks: 43.128.222.0/23 maxlen: 23
43.130.0.0/17 maxlen: 24
43.130.128.0/18 maxlen: 24
43.131.0.0/18 maxlen: 24
43.131.224.0/19 maxlen: 24
43.132.68.0/24 maxlen: 24
43.132.96.0/19 maxlen: 24
43.132.128.0/17 maxlen: 24
43.134.0.0/18 maxlen: 18
43.134.64.0/18 maxlen: 18
43.135.58.0/24 maxlen: 24
43.135.187.0/24 maxlen: 24
43.152.96.0/19 maxlen: 24
43.152.192.0/19 maxlen: 19
43.152.224.0/19 maxlen: 19
43.153.0.0/18 maxlen: 18
43.153.64.0/18 maxlen: 18
43.153.128.0/18 maxlen: 18
43.153.164.0/24 maxlen: 24
43.153.187.0/24 maxlen: 24
43.153.192.0/18 maxlen: 18
43.153.250.0/23 maxlen: 23
43.154.0.0/18 maxlen: 18
43.154.64.0/18 maxlen: 18
43.154.128.0/18 maxlen: 18
43.154.192.0/18 maxlen: 18
43.155.0.0/17 maxlen: 18
43.155.127.0/24 maxlen: 24
43.155.128.0/17 maxlen: 18
43.156.0.0/18 maxlen: 18
43.156.64.0/18 maxlen: 18
43.156.128.0/18 maxlen: 18
43.156.192.0/18 maxlen: 18
43.156.252.0/24 maxlen: 24
43.156.254.0/24 maxlen: 24
43.157.0.0/17 maxlen: 24
43.157.128.0/18 maxlen: 24
43.157.192.0/18 maxlen: 24
43.158.0.0/16 maxlen: 16
43.158.0.0/17 maxlen: 24
43.158.128.0/18 maxlen: 24
43.158.192.0/18 maxlen: 24
43.159.0.0/16 maxlen: 16
43.159.0.0/20 maxlen: 24
43.159.16.0/20 maxlen: 24
43.159.32.0/19 maxlen: 24
43.159.76.0/24 maxlen: 24
43.159.128.0/18 maxlen: 24
43.159.192.0/18 maxlen: 24
43.160.0.0/16 maxlen: 24
43.161.0.0/17 maxlen: 24
43.161.128.0/17 maxlen: 24
43.162.0.0/17 maxlen: 24
43.162.128.0/17 maxlen: 24
43.163.0.0/16 maxlen: 16
43.163.192.0/18 maxlen: 24
43.164.0.0/16 maxlen: 24
43.165.0.0/16 maxlen: 24
43.166.0.0/16 maxlen: 24
43.167.0.0/16 maxlen: 24
43.168.0.0/16 maxlen: 24
43.169.0.0/16 maxlen: 24
43.170.0.0/16 maxlen: 24
43.171.0.0/16 maxlen: 24
43.172.0.0/16 maxlen: 24
43.173.0.0/16 maxlen: 24
43.174.0.0/16 maxlen: 24
101.32.140.0/24 maxlen: 24
101.33.4.0/23 maxlen: 23
101.33.17.0/24 maxlen: 24
101.33.18.0/23 maxlen: 23
101.33.26.0/23 maxlen: 23
101.33.30.0/23 maxlen: 23
101.33.41.0/24 maxlen: 24
101.33.114.0/23 maxlen: 24
150.109.90.0/24 maxlen: 24
150.109.91.0/24 maxlen: 24
240d:c000::/24 maxlen: 32
240d:c000:1000::/36 maxlen: 36
240d:c000:2000::/36 maxlen: 36
240d:c000:3000::/36 maxlen: 36
240d:c000:6000::/36 maxlen: 36
240d:c000:6000::/44 maxlen: 48
240d:c010::/48 maxlen: 48
240d:c010::/56 maxlen: 56
240d:c010:0:100::/56 maxlen: 56
240d:c010:10::/48 maxlen: 48
240d:c010:11::/48 maxlen: 48
240d:c010:12::/48 maxlen: 48
240d:c010:14::/48 maxlen: 48
240d:c010:16::/48 maxlen: 48
240d:c010:17::/48 maxlen: 48
240d:c010:1d::/48 maxlen: 48
240d:c010:20::/44 maxlen: 44
240d:c010:20::/56 maxlen: 56
240d:c010:20:100::/56 maxlen: 56
240d:c010:20:200::/56 maxlen: 56
240d:c010:30::/48 maxlen: 48
240d:c010:30::/56 maxlen: 56
240d:c010:30:100::/56 maxlen: 56
240d:c010:31::/48 maxlen: 48
240d:c010:50::/48 maxlen: 48
240d:c010:57::/48 maxlen: 48
240d:c010:58::/47 maxlen: 48
240d:c010:5c::/46 maxlen: 48
240d:c010:60::/48 maxlen: 48
240d:c010:66::/47 maxlen: 48
240d:c010:68::/48 maxlen: 48
240d:c010:6a::/48 maxlen: 48
240d:c010:6c::/47 maxlen: 48
240d:c010:6e::/48 maxlen: 48
240d:c040::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 26 Oct 2023 09:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2131 (0x853)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Validity
Not Before: Oct 24 09:23:07 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65378cfb-f3ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6a:29:4b:20:97:58:c3:fa:40:aa:02:dd:14:
94:e2:ea:5c:39:74:d2:23:c4:10:96:61:0e:7a:70:
a9:dc:27:c4:68:09:9e:d3:fb:01:43:eb:44:18:a5:
2c:eb:49:cd:ae:43:36:db:fc:a1:e6:9a:2f:b8:13:
79:05:78:83:65:72:ac:6f:64:d9:33:79:bf:4a:13:
4a:03:1b:a1:13:50:07:7b:ef:bf:f5:70:83:6b:ad:
55:bc:c6:9c:52:cc:35:2c:d8:5f:af:9c:e7:3d:60:
bd:eb:d8:b1:11:97:2e:40:82:c4:6b:e5:a5:69:b7:
fd:0c:58:c3:d3:31:4c:f6:b8:2b:9a:8e:46:1b:eb:
15:c2:84:19:21:49:72:b8:31:9e:e6:6c:a9:8c:b5:
1d:30:56:8e:58:a4:bb:b0:bb:61:7f:02:8d:00:a7:
bf:1d:6b:8c:78:4c:44:af:02:97:44:7c:ea:e1:02:
7d:45:9c:a9:02:82:ba:1e:47:fe:ba:36:a0:96:81:
ab:84:bb:8e:f8:ce:14:51:6b:fe:fe:9b:32:e4:f4:
a4:82:f1:70:f1:ca:60:a1:6c:8c:12:39:ab:0d:0b:
70:73:ed:a9:5b:7d:74:fb:e0:8f:33:2b:71:64:53:
0a:b3:09:49:56:83:97:62:4c:c5:59:1b:db:f3:45:
c4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:26:96:6F:3A:72:3B:AF:B9:79:7D:7E:1F:44:3D:75:26:F2:9C:F8
X509v3 Authority Key Identifier:
keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/F0EB7520724E11EEABE38155C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.128.222.0/23
43.130.0.0-43.130.191.255
43.131.0.0/18
43.131.224.0/19
43.132.68.0/24
43.132.96.0-43.132.255.255
43.134.0.0/17
43.135.58.0/24
43.135.187.0/24
43.152.96.0/19
43.152.192.0-43.174.255.255
101.32.140.0/24
101.33.4.0/23
101.33.17.0-101.33.19.255
101.33.26.0/23
101.33.30.0/23
101.33.41.0/24
101.33.114.0/23
150.109.90.0/23
IPv6:
240d:c000::/24
Signature Algorithm: sha256WithRSAEncryption
2a:3d:e3:64:54:7f:d7:1b:ac:f7:8a:4e:7e:ae:e2:80:dc:66:
5c:be:83:5f:3b:6d:0b:be:75:d5:25:dc:68:af:ce:67:c4:b3:
ff:71:06:e2:67:8b:97:b6:61:a2:b3:d4:03:2f:77:27:d9:20:
79:25:8b:e4:4d:35:1a:6b:6d:de:20:2b:83:9f:ac:29:7a:8f:
4b:5c:e3:20:a2:a7:0c:df:d9:2a:a4:f6:85:f9:c9:75:45:f0:
c9:36:05:2b:62:90:b1:45:ca:38:96:36:e9:00:f6:57:d2:b2:
97:d5:a5:e0:44:00:dd:02:60:bf:5d:1e:d7:80:47:ea:1e:7a:
c2:c4:d9:ba:a0:42:f0:44:61:9f:51:c3:dc:be:6c:e3:77:8f:
07:4d:38:e4:ad:75:dc:c3:dc:c6:cf:31:26:14:59:3e:38:e1:
b4:15:e2:a6:b4:9a:c1:9e:9c:45:8c:16:70:37:0f:f1:82:85:
23:9c:35:b8:39:0b:99:47:e7:35:af:fe:1a:59:35:89:81:92:
ae:55:f5:74:c3:9b:1a:65:60:a6:6e:4e:34:a1:dc:95:12:bc:
7b:40:38:b2:21:08:6f:1d:f7:1f:6a:2d:d5:26:29:40:6f:83:
24:88:7c:da:9a:2e:9a:84:29:e6:db:ab:4b:de:f1:c2:e1:96:
78:77:1a:26
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgICCFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjMxMDI0MDkyMzA3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTM3OGNmYi1mM2ZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyGopSyCXWMP6QKoC3RSU4upcOXTSI8QQlmEOenCp3CfEaAme0/sBQ+tEGKUs
60nNrkM22/yh5povuBN5BXiDZXKsb2TZM3m/ShNKAxuhE1AHe++/9XCDa61VvMac
Usw1LNhfr5znPWC969ixEZcuQILEa+Wlabf9DFjD0zFM9rgrmo5GG+sVwoQZIUly
uDGe5mypjLUdMFaOWKS7sLthfwKNAKe/HWuMeExErwKXRHzq4QJ9RZypAoK6Hkf+
ujagloGrhLuO+M4UUWv+/psy5PSkgvFw8cpgoWyMEjmrDQtwc+2pW310++CPMytx
ZFMKswlJVoOXYkzFWRvb80XE+wIDAQABo4IDMTCCAy0wHQYDVR0OBBYEFKUmlm86
cjuvuXl9fh9EPXUm8pz4MB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvRjBFQjc1MjA3
MjRFMTFFRUFCRTM4MTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgboGCCsGAQUFBwEHAQH/
BIGqMIGnMIGWBAIAATCBjwMEASuA3jALAwMBK4IDBAYrgoADBAYrgwADBAUrg+AD
BAArhEQwCwMEBSuEYAMDACuEAwQHK4YAAwQAK4c6AwQAK4e7AwQFK5hgMAsDBAYr
mMADAwArrgMEAGUgjAMEAWUhBDAMAwQAZSERAwQCZSEQAwQBZSEaAwQBZSEeAwQA
ZSEpAwQBZSFyAwQBlm1aMAwEAgACMAYDBAAkDcAwDQYJKoZIhvcNAQELBQADggEB
ACo942RUf9cbrPeKTn6u4oDcZly+g187bQu+ddUl3GivzmfEs/9xBuJni5e2YaKz
1AMvdyfZIHkli+RNNRprbd4gK4OfrCl6j0tc4yCipwzf2Sqk9oX5yXVF8Mk2BSti
kLFFyjiWNukA9lfSspfVpeBEAN0CYL9dHteAR+oeesLE2bqgQvBEYZ9Rw9y+bON3
jwdNOOStddzD3MbPMSYUWT444bQV4qa0msGenEWMFnA3D/GChSOcNbg5C5lH5zWv
/hpZNYmBkq5V9XTDmxplYKZuTjSh3JUSvHtAOLIhCG8d9x9qLdUmKUBvgySIfNqa
LpqEKebbq0ve8cLhlnh3GiY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org