Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/24EA095A45AC11EF8465315CC4F9AE02.roa
File: 24EA095A45AC11EF8465315CC4F9AE02.roa (raw, json)
Hash identifier: vn5ghveI6/k31FgbeVnB5Tv1gn/UIDp0DsjSkvCXpTU=
Subject key identifier: 06:81:05:41:26:4B:40:27:76:6A:12:C5:7E:83:7E:60:33:3E:1D:34
Certificate issuer: /CN=A916413C/serialNumber=365D71B2682F56B0EEFF1154755D279B8F9AFB33
Certificate serial: 27E1
Authority key identifier: 36:5D:71:B2:68:2F:56:B0:EE:FF:11:54:75:5D:27:9B:8F:9A:FB:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/24EA095A45AC11EF8465315CC4F9AE02.roa
Signing time: Tue 12 Nov 2024 21:18:30 +0000
ROA not before: Tue 12 Nov 2024 21:18:30 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 18001
IP address blocks: 43.228.108.0/22 maxlen: 22
43.228.108.0/24 maxlen: 24
43.228.109.0/24 maxlen: 24
43.228.110.0/24 maxlen: 24
43.228.111.0/24 maxlen: 24
101.2.176.0/20 maxlen: 20
101.2.176.0/21 maxlen: 21
101.2.176.0/22 maxlen: 22
101.2.176.0/24 maxlen: 24
101.2.177.0/24 maxlen: 24
101.2.178.0/24 maxlen: 24
101.2.179.0/24 maxlen: 24
101.2.180.0/22 maxlen: 22
101.2.180.0/24 maxlen: 24
101.2.181.0/24 maxlen: 24
101.2.182.0/24 maxlen: 24
101.2.183.0/24 maxlen: 24
101.2.184.0/21 maxlen: 21
101.2.184.0/22 maxlen: 22
101.2.184.0/24 maxlen: 24
101.2.185.0/24 maxlen: 24
101.2.186.0/24 maxlen: 24
101.2.187.0/24 maxlen: 24
101.2.188.0/24 maxlen: 24
101.2.189.0/24 maxlen: 24
101.2.190.0/24 maxlen: 24
101.2.191.0/24 maxlen: 24
103.227.244.0/22 maxlen: 22
103.227.244.0/24 maxlen: 24
103.227.245.0/24 maxlen: 24
103.227.246.0/24 maxlen: 24
103.227.247.0/24 maxlen: 24
203.153.220.0/22 maxlen: 22
203.153.220.0/24 maxlen: 24
203.153.221.0/24 maxlen: 24
203.153.222.0/24 maxlen: 24
203.153.223.0/24 maxlen: 24
223.224.0.0/19 maxlen: 19
223.224.0.0/22 maxlen: 22
223.224.1.0/24 maxlen: 24
223.224.4.0/22 maxlen: 22
223.224.8.0/22 maxlen: 22
223.224.12.0/22 maxlen: 22
223.224.16.0/22 maxlen: 22
223.224.19.0/24 maxlen: 24
223.224.20.0/22 maxlen: 22
223.224.24.0/22 maxlen: 22
223.224.28.0/22 maxlen: 22
2400:ff00::/32 maxlen: 32
2400:ff00:5::/48 maxlen: 48
2400:ff00:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Nov 2024 09:22:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10209 (0x27e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916413C/serialNumber=365D71B2682F56B0EEFF1154755D279B8F9AFB33
Validity
Not Before: Nov 12 21:18:30 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6733c626-db60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:17:99:e7:62:2e:2b:dd:46:27:f0:47:c4:61:
7a:45:9a:c7:42:d9:aa:74:d8:03:3f:ef:95:6b:61:
e2:b4:4a:59:f7:36:e2:fd:87:92:59:23:2e:9a:b3:
07:17:bb:de:87:70:d0:eb:80:78:ad:cd:34:e5:48:
ad:1c:7e:24:fa:ac:f6:c1:23:31:db:ff:9f:03:f7:
d5:9a:24:7d:46:45:63:ee:3d:b0:85:57:74:b9:fd:
a5:8c:cd:b5:a7:22:de:17:4a:51:63:fd:f9:6c:fe:
b2:87:14:e4:8b:72:35:f3:0a:d1:a7:42:e6:92:8a:
93:90:26:84:58:ba:b3:d4:ff:e0:b6:88:8a:68:de:
bd:92:5c:3f:1a:77:a2:e7:c4:8b:01:c9:ac:31:46:
3d:1d:84:4b:68:e5:71:f0:16:08:93:fb:2b:d3:2c:
2f:13:82:ad:2a:8c:80:9a:f6:91:9f:2c:a5:53:9b:
dd:a1:32:98:2c:ec:b0:19:01:a1:89:db:e8:89:64:
3d:f2:83:e2:20:41:a8:a4:7a:0c:d3:f7:9b:6f:af:
0f:af:c8:49:55:d7:d9:6b:d8:a3:2d:7a:1e:e2:62:
ad:dc:38:6b:71:e2:b8:b5:22:f1:6b:52:cb:6e:54:
9c:42:80:db:a7:22:46:1b:07:ac:87:02:26:2f:b6:
b9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:81:05:41:26:4B:40:27:76:6A:12:C5:7E:83:7E:60:33:3E:1D:34
X509v3 Authority Key Identifier:
keyid:36:5D:71:B2:68:2F:56:B0:EE:FF:11:54:75:5D:27:9B:8F:9A:FB:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/24EA095A45AC11EF8465315CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.108.0/22
101.2.176.0/20
103.227.244.0/22
203.153.220.0/22
223.224.0.0/19
IPv6:
2400:ff00::/32
Signature Algorithm: sha256WithRSAEncryption
a0:66:b0:dd:93:ca:78:43:a8:ce:dd:38:9e:4c:e0:4a:35:c5:
38:21:06:88:f8:87:86:22:c3:c8:2a:1f:fa:eb:fe:a6:46:b8:
78:1c:3b:b0:68:fc:6a:1f:62:39:c7:af:df:01:d4:c1:e5:bf:
46:ab:0c:8b:74:62:70:10:a6:3f:04:79:c9:a1:49:1e:06:e0:
b0:9d:dd:bb:1e:50:45:47:c1:0e:d1:c7:b9:e8:66:41:c6:dd:
ee:ad:17:fd:38:d0:72:d4:1d:0f:f6:b4:42:41:17:b9:2d:0e:
f6:ca:28:57:7b:13:c0:b1:ed:0c:4e:03:8a:39:be:08:9a:77:
85:10:fa:fd:a2:21:25:12:13:3f:7e:36:2f:48:ba:e3:b9:18:
7e:bf:08:f9:e3:66:79:32:52:bd:84:76:2a:bc:b0:71:e6:1f:
ec:50:1b:f9:37:8c:c9:09:1e:38:fa:9e:ae:32:b3:cb:2d:45:
8e:52:19:e7:df:96:b3:32:45:36:e0:f1:92:1a:77:c7:bb:bb:
fb:f3:31:5a:14:98:d9:43:98:67:4a:2f:1c:23:1b:75:ed:64:
01:fa:07:9a:da:8c:29:73:e7:0c:ca:16:76:32:f7:ff:26:4e:
24:72:2a:75:8f:94:34:e4:f4:9f:31:06:dd:ac:a2:2d:58:c8:
b9:68:0d:96
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICJ+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQxM0MxMTAvBgNVBAUTKDM2NUQ3MUIyNjgyRjU2QjBFRUZGMTE1NDc1NUQyNzlC
OEY5QUZCMzMwHhcNMjQxMTEyMjExODMwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzMzYzYyNi1kYjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwxeZ52IuK91GJ/BHxGF6RZrHQtmqdNgDP++Va2HitEpZ9zbi/YeSWSMumrMH
F7veh3DQ64B4rc005UitHH4k+qz2wSMx2/+fA/fVmiR9RkVj7j2whVd0uf2ljM21
pyLeF0pRY/35bP6yhxTki3I18wrRp0LmkoqTkCaEWLqz1P/gtoiKaN69klw/Gnei
58SLAcmsMUY9HYRLaOVx8BYIk/sr0ywvE4KtKoyAmvaRnyylU5vdoTKYLOywGQGh
idvoiWQ98oPiIEGopHoM0/ebb68Pr8hJVdfZa9ijLXoe4mKt3DhrceK4tSLxa1LL
blScQoDbpyJGGweshwImL7a54wIDAQABo4ICvDCCArgwHQYDVR0OBBYEFAaBBUEm
S0AndmoSxX6DfmAzPh00MB8GA1UdIwQYMBaAFDZdcbJoL1aw7v8RVHVdJ5uPmvsz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDEzQy85REQ4MjAxQUEw
NzMxMUU0QThCQjZGNDRDNEY5QUUwMi9ObDF4c21ndlZyRHVfeEZVZFYwbm00LWEt
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05sMXhzbWd2VnJEdV94RlVkVjBubTQtYS16TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjQxM0MvOUREODIwMUFBMDczMTFFNEE4QkI2RjQ0QzRGOUFFMDIvMjRFQTA5NUE0
NUFDMTFFRjg0NjUzMTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIr5GwDBARlArADBAJn4/QDBALLmdwDBAXf4AAwDQQCAAIw
BwMFACQA/wAwDQYJKoZIhvcNAQELBQADggEBAKBmsN2TynhDqM7dOJ5M4Eo1xTgh
Boj4h4Yiw8gqH/rr/qZGuHgcO7Bo/GofYjnHr98B1MHlv0arDIt0YnAQpj8Eecmh
SR4G4LCd3bseUEVHwQ7Rx7noZkHG3e6tF/040HLUHQ/2tEJBF7ktDvbKKFd7E8Cx
7QxOA4o5vgiad4UQ+v2iISUSEz9+Ni9IuuO5GH6/CPnjZnkyUr2Ediq8sHHmH+xQ
G/k3jMkJHjj6nq4ys8stRY5SGefflrMyRTbg8ZIad8e7u/vzMVoUmNlDmGdKLxwj
G3XtZAH6B5rajClz5wzKFnYy9/8mTiRyKnWPlDTk9J8xBt2soi1YyLloDZY=
-----END CERTIFICATE-----
Generated at Wed Nov 13 13:01:07 2024 by rpki-client on console-fra.rpki-client.org