Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/4486416ABA4F11E78DA4F010C4F9AE02.roa
File: 4486416ABA4F11E78DA4F010C4F9AE02.roa (raw, json)
Hash identifier: 3TlptPRtva7d7D3sit+dlnOOzhmSnQoG3jYtXpG9HsU=
Subject key identifier: 4F:76:B1:62:0A:56:8C:07:0D:44:5E:38:38:FE:27:04:9A:93:A9:DF
Certificate issuer: /CN=A91743EF/serialNumber=D1D65C8A4324E287F6EA915B39F5D3602D1E37A6
Certificate serial: 1673
Authority key identifier: D1:D6:5C:8A:43:24:E2:87:F6:EA:91:5B:39:F5:D3:60:2D:1E:37:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0dZcikMk4of26pFbOfXTYC0eN6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/4486416ABA4F11E78DA4F010C4F9AE02.roa
Signing time: Wed 12 Apr 2023 17:34:20 +0000
ROA not before: Wed 12 Apr 2023 17:34:20 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 17747
IP address blocks: 103.24.188.0/24 maxlen: 24
103.24.189.0/24 maxlen: 24
103.24.190.0/24 maxlen: 24
103.24.191.0/24 maxlen: 24
103.199.224.0/24 maxlen: 24
103.199.225.0/24 maxlen: 24
103.199.226.0/24 maxlen: 24
103.199.227.0/24 maxlen: 24
150.107.8.0/23 maxlen: 24
150.107.10.0/24 maxlen: 24
150.107.11.0/24 maxlen: 24
202.142.64.0/24 maxlen: 24
202.142.65.0/24 maxlen: 24
202.142.66.0/24 maxlen: 24
202.142.67.0/24 maxlen: 24
202.142.68.0/24 maxlen: 24
202.142.69.0/24 maxlen: 24
202.142.70.0/24 maxlen: 24
202.142.71.0/24 maxlen: 24
202.142.72.0/24 maxlen: 24
202.142.73.0/24 maxlen: 24
202.142.74.0/24 maxlen: 24
202.142.75.0/24 maxlen: 24
202.142.76.0/24 maxlen: 24
202.142.77.0/24 maxlen: 24
202.142.78.0/24 maxlen: 24
202.142.79.0/24 maxlen: 24
202.142.80.0/24 maxlen: 24
202.142.81.0/24 maxlen: 24
202.142.82.0/24 maxlen: 24
202.142.83.0/24 maxlen: 24
202.142.84.0/24 maxlen: 24
202.142.85.0/24 maxlen: 24
202.142.86.0/24 maxlen: 24
202.142.87.0/24 maxlen: 24
202.142.88.0/24 maxlen: 24
202.142.89.0/24 maxlen: 24
202.142.90.0/24 maxlen: 24
202.142.91.0/24 maxlen: 24
202.142.92.0/24 maxlen: 24
202.142.93.0/24 maxlen: 24
202.142.94.0/24 maxlen: 24
202.142.95.0/24 maxlen: 24
202.142.96.0/24 maxlen: 24
202.142.97.0/24 maxlen: 24
202.142.98.0/24 maxlen: 24
202.142.99.0/24 maxlen: 24
202.142.100.0/24 maxlen: 24
202.142.101.0/24 maxlen: 24
202.142.102.0/24 maxlen: 24
202.142.103.0/24 maxlen: 24
202.142.104.0/24 maxlen: 24
202.142.105.0/24 maxlen: 24
202.142.106.0/24 maxlen: 24
202.142.107.0/24 maxlen: 24
202.142.108.0/23 maxlen: 23
202.142.109.0/24 maxlen: 24
202.142.110.0/24 maxlen: 24
202.142.111.0/24 maxlen: 24
202.142.112.0/24 maxlen: 24
202.142.113.0/24 maxlen: 24
202.142.114.0/24 maxlen: 24
202.142.115.0/24 maxlen: 24
202.142.116.0/24 maxlen: 24
202.142.117.0/24 maxlen: 24
202.142.118.0/24 maxlen: 24
202.142.119.0/24 maxlen: 24
202.142.120.0/24 maxlen: 24
202.142.121.0/24 maxlen: 24
202.142.122.0/24 maxlen: 24
202.142.123.0/24 maxlen: 24
202.142.124.0/24 maxlen: 24
202.142.125.0/24 maxlen: 24
202.142.126.0/24 maxlen: 24
202.142.127.0/24 maxlen: 24
203.81.240.0/24 maxlen: 24
203.81.241.0/24 maxlen: 24
203.81.242.0/24 maxlen: 24
203.81.243.0/24 maxlen: 24
2402:ea80::/32 maxlen: 32
2402:ea80::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5747 (0x1673)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91743EF/serialNumber=D1D65C8A4324E287F6EA915B39F5D3602D1E37A6
Validity
Not Before: Apr 12 17:34:20 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6436eb9c-fe39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:55:bc:b2:48:65:08:e4:f2:84:d0:f4:10:fe:
46:5a:25:63:18:b3:f9:8a:7c:7a:10:b0:cb:12:a9:
7f:9e:e2:d6:33:2d:1d:f6:40:7e:bf:f0:0d:80:47:
84:83:53:42:50:f9:78:ce:5a:52:82:6f:76:c1:52:
6a:65:99:21:fb:4b:bf:ea:d7:41:97:71:12:37:4a:
23:6f:fd:6d:ef:1c:69:b3:b7:e3:f1:2d:4f:21:79:
07:f4:74:d9:41:8f:93:9c:e6:44:9e:fe:18:7f:41:
8b:83:69:4a:1a:46:ef:ab:f3:62:14:db:3a:3d:c7:
73:2a:11:16:c7:27:78:22:6d:57:0a:80:15:75:d8:
1d:05:d0:00:bd:2d:17:04:fe:a1:64:68:b2:13:7a:
0f:5b:14:96:cf:fe:4f:9c:64:a2:50:94:da:fe:67:
24:f6:17:ce:5d:09:a5:ae:64:07:6e:50:ed:f4:e0:
e5:0f:56:9d:4e:f4:b5:5e:16:d2:75:05:59:b4:42:
50:b8:a3:65:01:31:3c:05:2e:32:a8:f0:37:d1:3a:
83:fa:a3:4a:3c:92:9b:42:9b:1f:05:c0:78:e8:f1:
67:e6:e2:96:f6:f2:b6:fb:65:fd:70:d8:f2:88:5d:
89:2c:2f:3c:6c:04:fb:ee:0e:5b:9c:11:68:e9:f6:
72:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:76:B1:62:0A:56:8C:07:0D:44:5E:38:38:FE:27:04:9A:93:A9:DF
X509v3 Authority Key Identifier:
keyid:D1:D6:5C:8A:43:24:E2:87:F6:EA:91:5B:39:F5:D3:60:2D:1E:37:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/0dZcikMk4of26pFbOfXTYC0eN6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0dZcikMk4of26pFbOfXTYC0eN6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/4486416ABA4F11E78DA4F010C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.24.188.0/22
103.199.224.0/22
150.107.8.0/22
202.142.64.0/18
203.81.240.0/22
IPv6:
2402:ea80::/32
Signature Algorithm: sha256WithRSAEncryption
5d:5a:bd:6b:bf:5d:83:42:4a:3b:4a:85:01:56:40:93:59:98:
36:88:61:84:c7:97:40:27:2a:93:e5:b5:ff:a1:4b:c6:18:96:
6b:3d:71:3c:f7:c1:dc:56:95:24:82:40:c7:45:95:bd:18:03:
66:bb:01:21:7b:79:08:5f:33:b7:5d:64:9f:c8:69:27:9b:54:
f2:61:1b:b2:c5:bc:b7:70:89:de:da:d4:5b:92:46:03:b5:cb:
5b:10:85:30:14:34:c5:fa:8c:db:a5:b5:23:9a:a7:e2:48:99:
34:ce:f9:78:44:4f:e9:06:81:77:be:20:36:f3:14:fa:07:3f:
17:8f:82:15:08:4f:81:05:26:61:29:fe:39:5d:d1:fd:d0:c5:
7f:f2:b8:12:2b:d9:59:c7:63:e6:f1:39:0c:05:d5:c1:e1:18:
a3:ec:1d:a1:f8:b8:c1:76:0a:1e:d2:9c:be:08:a7:03:ef:58:
70:2b:de:9d:f6:81:4c:93:df:c9:37:86:43:8e:50:8d:b8:5f:
da:2e:af:83:99:b0:5a:fc:41:0d:29:42:e6:c2:31:26:4b:ce:
86:8f:ae:d3:3b:d1:49:c4:7b:9a:35:3e:42:b9:98:8d:d9:19:
b0:5e:2f:d4:71:23:56:61:ca:03:f3:ca:63:19:0a:5f:45:27:
6d:1f:28:60
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICFnMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQzRUYxMTAvBgNVBAUTKEQxRDY1QzhBNDMyNEUyODdGNkVBOTE1QjM5RjVEMzYw
MkQxRTM3QTYwHhcNMjMwNDEyMTczNDIwWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM2ZWI5Yy1mZTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl1W8skhlCOTyhND0EP5GWiVjGLP5inx6ELDLEql/nuLWMy0d9kB+v/ANgEeE
g1NCUPl4zlpSgm92wVJqZZkh+0u/6tdBl3ESN0ojb/1t7xxps7fj8S1PIXkH9HTZ
QY+TnOZEnv4Yf0GLg2lKGkbvq/NiFNs6PcdzKhEWxyd4Im1XCoAVddgdBdAAvS0X
BP6hZGiyE3oPWxSWz/5PnGSiUJTa/mck9hfOXQmlrmQHblDt9ODlD1adTvS1XhbS
dQVZtEJQuKNlATE8BS4yqPA30TqD+qNKPJKbQpsfBcB46PFn5uKW9vK2+2X9cNjy
iF2JLC88bAT77g5bnBFo6fZyxwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFE92sWIK
VowHDUReODj+JwSak6nfMB8GA1UdIwQYMBaAFNHWXIpDJOKH9uqRWzn102AtHjem
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDNFRi9FNkFCQjAxMEJB
NDAxMUU3QTA4RDI2NkZDNEY5QUUwMi8wZFpjaWtNazRvZjI2cEZiT2ZYVFlDMGVO
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBkWmNpa01rNG9mMjZwRmJPZlhUWUMwZU42WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQzRUYvRTZBQkIwMTBCQTQwMTFFN0EwOEQyNjZGQzRGOUFFMDIvNDQ4NjQxNkFC
QTRGMTFFNzhEQTRGMDEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnGLwDBAJnx+ADBAKWawgDBAbKjkADBALLUfAwDQQCAAIw
BwMFACQC6oAwDQYJKoZIhvcNAQELBQADggEBAF1avWu/XYNCSjtKhQFWQJNZmDaI
YYTHl0AnKpPltf+hS8YYlms9cTz3wdxWlSSCQMdFlb0YA2a7ASF7eQhfM7ddZJ/I
aSebVPJhG7LFvLdwid7a1FuSRgO1y1sQhTAUNMX6jNultSOap+JImTTO+XhET+kG
gXe+IDbzFPoHPxePghUIT4EFJmEp/jld0f3QxX/yuBIr2VnHY+bxOQwF1cHhGKPs
HaH4uMF2Ch7SnL4IpwPvWHAr3p32gUyT38k3hkOOUI24X9our4OZsFr8QQ0pQubC
MSZLzoaPrtM70UnEe5o1PkK5mI3ZGbBeL9RxI1ZhygPzymMZCl9FJ20fKGA=
-----END CERTIFICATE-----
Generated at Fri Nov 3 05:30:43 2023 by rpki-client on console-fra.rpki-client.org