Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/4152D1AE8D0411EFA0456056C4F9AE02.roa
File: 4152D1AE8D0411EFA0456056C4F9AE02.roa (raw, json)
Hash identifier: 5nWtRmXj3gSp+XYe8M556XKzR+uEwr+DjnDHNtcUuiY=
Subject key identifier: 04:E2:95:D0:E5:E9:73:6A:24:6E:0C:D9:FB:4C:F4:82:36:4D:6F:B3
Certificate issuer: /CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Certificate serial: 0B6E
Authority key identifier: 7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/4152D1AE8D0411EFA0456056C4F9AE02.roa
Signing time: Fri 18 Oct 2024 03:51:29 +0000
ROA not before: Fri 18 Oct 2024 03:51:29 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.128.0/22 maxlen: 22
36.255.39.0/24 maxlen: 24
103.8.176.0/22 maxlen: 22
103.8.180.0/22 maxlen: 22
119.27.0.0/19 maxlen: 19
119.27.32.0/20 maxlen: 20
119.27.50.0/23 maxlen: 23
119.27.52.0/22 maxlen: 22
119.27.56.0/22 maxlen: 22
119.27.60.0/23 maxlen: 23
122.50.64.0/19 maxlen: 19
122.50.104.0/21 maxlen: 21
122.50.112.0/22 maxlen: 22
122.50.120.0/21 maxlen: 21
180.189.0.0/20 maxlen: 20
180.189.0.0/21 maxlen: 21
180.189.8.0/21 maxlen: 21
180.189.32.0/20 maxlen: 20
180.189.48.0/22 maxlen: 22
180.189.56.0/21 maxlen: 21
183.177.0.0/20 maxlen: 20
183.177.16.0/20 maxlen: 20
183.177.32.0/20 maxlen: 20
202.167.224.0/23 maxlen: 23
202.167.227.0/24 maxlen: 24
202.167.230.0/23 maxlen: 23
202.167.232.0/24 maxlen: 24
202.167.234.0/23 maxlen: 23
202.167.236.0/22 maxlen: 22
202.167.240.0/22 maxlen: 22
202.167.244.0/22 maxlen: 22
202.167.248.0/23 maxlen: 23
202.167.252.0/23 maxlen: 23
202.167.254.0/24 maxlen: 24
202.167.255.0/24 maxlen: 24
202.177.192.0/24 maxlen: 24
202.177.193.0/24 maxlen: 24
202.177.195.0/24 maxlen: 24
202.177.196.0/23 maxlen: 23
202.177.198.0/24 maxlen: 24
202.177.199.0/24 maxlen: 24
202.177.200.0/23 maxlen: 23
202.177.202.0/23 maxlen: 23
202.177.204.0/23 maxlen: 23
202.177.207.0/24 maxlen: 24
203.190.224.0/23 maxlen: 23
203.190.232.0/22 maxlen: 22
203.190.232.0/24 maxlen: 24
203.190.236.0/22 maxlen: 22
2407:b000::/32 maxlen: 32
2407:b001::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 18 Oct 2024 05:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2926 (0xb6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Validity
Not Before: Oct 18 03:51:29 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6711db40-ae3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:28:33:71:c1:c2:72:ff:3b:ee:f4:48:99:2b:
f8:84:ea:b4:b8:70:0f:09:91:65:5c:f5:a5:58:68:
26:02:20:2a:a7:08:d5:28:c9:d5:32:d6:35:3d:ea:
44:8f:93:8e:f6:24:ce:4b:08:67:ee:db:06:9e:00:
1f:bb:d9:c9:bc:14:0f:c2:ac:be:42:5f:be:80:21:
b6:00:db:54:17:6e:b3:9d:14:50:19:5e:32:bf:9c:
61:e6:f9:2f:02:43:08:4c:97:62:2b:a0:c5:3c:2f:
c7:b8:f8:4f:c6:85:d3:c1:06:98:de:0e:1b:99:3a:
04:d2:dd:51:9f:bf:ad:05:0f:46:be:46:46:a7:7c:
ea:6b:9e:41:9d:57:12:75:45:8a:8a:9d:67:c6:fd:
4d:18:5d:d6:e9:50:c1:10:fc:d1:be:00:48:70:d4:
49:82:24:c6:3f:c6:a8:ec:51:76:d3:13:e1:99:ac:
dd:7e:ab:a3:38:fb:37:df:29:e7:17:80:82:31:28:
27:20:7c:75:ef:c8:7d:23:21:e1:7c:1f:ea:71:12:
9a:c5:c3:9d:f5:12:e4:0b:c5:b8:2f:1a:ca:aa:98:
c5:99:ce:6c:34:6e:c9:0d:86:14:d4:0e:df:62:a3:
d8:8b:1e:9b:35:48:3a:04:d0:f0:7b:73:b0:d6:de:
aa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E2:95:D0:E5:E9:73:6A:24:6E:0C:D9:FB:4C:F4:82:36:4D:6F:B3
X509v3 Authority Key Identifier:
keyid:7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/4152D1AE8D0411EFA0456056C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.128.0/22
36.255.39.0/24
103.8.176.0/21
119.27.0.0-119.27.47.255
119.27.50.0-119.27.61.255
122.50.64.0/19
122.50.104.0-122.50.115.255
122.50.120.0/21
180.189.0.0/20
180.189.32.0-180.189.51.255
180.189.56.0/21
183.177.0.0-183.177.47.255
202.167.224.0/23
202.167.227.0/24
202.167.230.0-202.167.232.255
202.167.234.0-202.167.249.255
202.167.252.0/22
202.177.192.0/23
202.177.195.0-202.177.205.255
202.177.207.0/24
203.190.224.0/23
203.190.232.0/21
IPv6:
2407:b000::/31
Signature Algorithm: sha256WithRSAEncryption
5b:7b:60:ff:68:1d:fb:7b:a1:50:30:f3:01:8c:75:46:b9:84:
90:5f:28:22:8b:38:4e:1f:6b:64:9e:8a:88:3e:86:b1:a4:10:
2f:b2:de:2e:ba:a1:d3:43:cd:96:cd:ba:b2:2b:37:8c:6c:2b:
ba:ca:0a:ea:6d:23:27:f6:3e:f6:4b:c8:a6:0a:50:59:96:f5:
83:df:8c:cf:74:5a:62:d1:a8:ff:cf:3a:5a:3b:02:d8:5a:8a:
6c:d8:d5:51:34:2e:41:51:ae:22:68:61:8c:73:75:b6:c3:6a:
3b:61:fb:5a:6b:95:52:f7:c1:b5:83:0e:38:f4:cb:74:6f:26:
ed:81:ee:30:9b:0b:a4:7a:03:65:79:89:a5:00:fe:5f:b4:38:
cb:f4:30:51:31:1d:c2:ca:10:6a:91:e4:ba:d7:e5:5b:09:99:
32:cd:e3:74:5f:b7:89:ec:f4:2c:35:7e:36:c7:c6:2c:3c:fc:
4f:9f:95:22:d3:0c:60:29:0b:37:1d:8d:31:dc:17:9a:7a:03:
3e:06:06:6b:f7:3d:73:2f:eb:b3:ff:15:ce:49:ea:15:e7:92:
29:5c:c0:c3:71:ef:69:02:ae:89:3b:d5:b8:0e:97:0e:0e:ea:
e8:24:f7:35:90:cd:d9:7c:54:d8:54:1d:f7:df:9b:27:8c:d6:
3b:45:f3:0b
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgICC24wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFM0YxMTAvBgNVBAUTKDdFMzEzQUI3RkYyNkU3ODNFMDNDMDc4NTE2MTI3NTE4
ODFBRTQ5MTgwHhcNMjQxMDE4MDM1MTI5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzExZGI0MC1hZTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3SgzccHCcv877vRImSv4hOq0uHAPCZFlXPWlWGgmAiAqpwjVKMnVMtY1PepE
j5OO9iTOSwhn7tsGngAfu9nJvBQPwqy+Ql++gCG2ANtUF26znRRQGV4yv5xh5vkv
AkMITJdiK6DFPC/HuPhPxoXTwQaY3g4bmToE0t1Rn7+tBQ9GvkZGp3zqa55BnVcS
dUWKip1nxv1NGF3W6VDBEPzRvgBIcNRJgiTGP8ao7FF20xPhmazdfqujOPs33ynn
F4CCMSgnIHx178h9IyHhfB/qcRKaxcOd9RLkC8W4LxrKqpjFmc5sNG7JDYYU1A7f
YqPYix6bNUg6BNDwe3Ow1t6qfwIDAQABo4IDZTCCA2EwHQYDVR0OBBYEFATildDl
6XNqJG4M2ftM9II2TW+zMB8GA1UdIwQYMBaAFH4xOrf/JueD4DwHhRYSdRiBrkkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEUzRi9DMjQzMjJCQTU0
NDYxMUVBOEMwNTY1MURDNEY5QUUwMi9makU2dF84bTU0UGdQQWVGRmhKMUdJR3VT
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqRTZ0XzhtNTRQZ1BBZUZGaEoxR0lHdVNSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFM0YvQzI0MzIyQkE1NDQ2MTFFQThDMDU2NTFEQzRGOUFFMDIvNDE1MkQxQUU4
RDA0MTFFRkEwNDU2MDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwge4GCCsGAQUFBwEHAQH/
BIHeMIHbMIHJBAIAATCBwgMEAhtvgAMEACT/JwMEA2cIsDALAwMAdxsDBAR3GyAw
DAMEAXcbMgMEAXcbPAMEBXoyQDAMAwQDejJoAwQCejJwAwQDejJ4AwQEtL0AMAwD
BAW0vSADBAK0vTADBAO0vTgwCwMDALexAwQEt7EgAwQByqfgAwQAyqfjMAwDBAHK
p+YDBADKp+gwDAMEAcqn6gMEAcqn+AMEAsqn/AMEAcqxwDAMAwQAyrHDAwQByrHM
AwQAyrHPAwQBy77gAwQDy77oMA0EAgACMAcDBQEkB7AAMA0GCSqGSIb3DQEBCwUA
A4IBAQBbe2D/aB37e6FQMPMBjHVGuYSQXygiizhOH2tknoqIPoaxpBAvst4uuqHT
Q82WzbqyKzeMbCu6ygrqbSMn9j72S8imClBZlvWD34zPdFpi0aj/zzpaOwLYWops
2NVRNC5BUa4iaGGMc3W2w2o7Yftaa5VS98G1gw449Mt0bybtge4wmwukegNleYml
AP5ftDjL9DBRMR3CyhBqkeS61+VbCZkyzeN0X7eJ7PQsNX42x8YsPPxPn5Ui0wxg
KQs3HY0x3BeaegM+BgZr9z1zL+uz/xXOSeoV55IpXMDDce9pAq6JO9W4DpcODuro
JPc1kM3ZfFTYVB3335snjNY7RfML
-----END CERTIFICATE-----
Generated at Fri Oct 18 06:36:34 2024 by rpki-client on console-fra.rpki-client.org