Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/9C4FABA09B8911EC826E9357C4F9AE02.roa
File: 9C4FABA09B8911EC826E9357C4F9AE02.roa (raw, json)
Hash identifier: hcj/Y6A+vhV7V9soBmH6xqhaMtWT/kmP2G633b6vvho=
Subject key identifier: C8:37:BE:71:6F:51:E8:52:07:F0:F0:C1:0A:BD:4B:A8:F5:73:F2:B0
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1B5E
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/9C4FABA09B8911EC826E9357C4F9AE02.roa
Signing time: Thu 28 Sep 2023 16:33:58 +0000
ROA not before: Thu 28 Sep 2023 16:33:58 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 132165
IP address blocks: 43.245.128.0/24 maxlen: 24
43.245.129.0/24 maxlen: 24
43.245.130.0/24 maxlen: 24
43.245.131.0/24 maxlen: 24
103.12.120.0/24 maxlen: 24
103.12.121.0/24 maxlen: 24
103.12.122.0/24 maxlen: 24
103.12.123.0/24 maxlen: 24
111.119.160.0/24 maxlen: 24
111.119.161.0/24 maxlen: 24
111.119.162.0/24 maxlen: 24
111.119.163.0/24 maxlen: 24
111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
111.119.166.0/24 maxlen: 24
111.119.167.0/24 maxlen: 24
113.203.192.0/24 maxlen: 24
113.203.193.0/24 maxlen: 24
113.203.195.0/24 maxlen: 24
113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
113.203.204.0/24 maxlen: 24
113.203.205.0/24 maxlen: 24
113.203.207.0/24 maxlen: 24
115.42.64.0/24 maxlen: 24
115.42.65.0/24 maxlen: 24
115.42.66.0/24 maxlen: 24
115.42.67.0/24 maxlen: 24
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
115.42.71.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
118.103.233.0/24 maxlen: 24
118.103.234.0/24 maxlen: 24
118.103.235.0/24 maxlen: 24
118.103.236.0/24 maxlen: 24
118.103.237.0/24 maxlen: 24
118.103.238.0/24 maxlen: 24
118.103.239.0/24 maxlen: 24
2406:d00::/48 maxlen: 48
2406:d00:2222::/48 maxlen: 48
2406:d00:5555::/48 maxlen: 48
2406:d00:aaaa::/48 maxlen: 48
2406:d00:bbbb::/48 maxlen: 48
2406:d00:ccaa::/47 maxlen: 48
2406:d00:ccc0::/46 maxlen: 48
2406:d00:cccc::/46 maxlen: 48
2406:d00:cce0::/48 maxlen: 48
2406:d00:ccea::/48 maxlen: 48
2406:d00:ddc1::/48 maxlen: 48
2406:d00:ddcc::/48 maxlen: 48
2406:d00:ddd1::/48 maxlen: 48
2406:d00:dddd::/48 maxlen: 48
2406:d00:ddf1::/48 maxlen: 48
2406:d00:ddff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Sep 2024 12:58:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7006 (0x1b5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Sep 28 16:33:58 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6515aaf6-be6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1c:c6:31:81:40:25:d3:3c:24:61:05:d7:a7:
5b:66:13:25:e8:fc:c2:07:ed:98:da:cc:ba:31:6a:
9d:18:12:a2:9e:5b:55:0b:af:1d:9d:f6:a7:30:06:
42:cd:5d:89:a1:71:28:ee:c7:21:a1:e3:a5:d2:f5:
27:dc:60:ea:d0:b8:2b:4b:8b:5f:1c:61:a0:e3:04:
84:f2:b2:31:26:80:5e:b6:4b:90:82:56:6b:d8:05:
2b:6e:bf:86:95:be:93:15:90:9d:5b:ac:ef:50:f5:
73:f3:c1:5f:b4:b8:af:32:6e:af:59:dc:ed:21:2d:
55:7d:cf:c3:84:8b:18:3f:07:e0:3c:db:1f:f0:4f:
96:5e:23:75:fa:02:f7:61:54:46:15:23:7a:5e:c7:
ec:58:17:14:45:d9:e2:5d:3a:72:86:4d:39:ed:07:
34:9c:0b:83:46:9d:b1:ed:0d:f9:0f:8a:f7:77:fe:
f8:18:1a:20:e6:fe:ee:25:96:14:e0:51:8a:5c:ef:
fe:ef:fb:e3:eb:0e:93:eb:27:33:7a:ec:c8:4d:80:
fd:79:04:10:09:ad:56:00:e4:08:8f:7f:c3:93:c9:
4d:28:ff:3e:33:93:c3:55:a9:42:17:1e:f3:df:21:
ee:69:5f:a9:aa:a0:23:fb:0f:ef:91:ce:38:f2:10:
30:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:37:BE:71:6F:51:E8:52:07:F0:F0:C1:0A:BD:4B:A8:F5:73:F2:B0
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/9C4FABA09B8911EC826E9357C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.128.0/22
103.12.120.0/22
111.119.160.0/21
113.203.192.0/23
113.203.195.0/24
113.203.200.0-113.203.205.255
113.203.207.0/24
115.42.64.0/21
118.103.226.0-118.103.239.255
IPv6:
2406:d00::/48
2406:d00:2222::/48
2406:d00:5555::/48
2406:d00:aaaa::/48
2406:d00:bbbb::/48
2406:d00:ccaa::/47
2406:d00:ccc0::/46
2406:d00:cccc::/46
2406:d00:cce0::/48
2406:d00:ccea::/48
2406:d00:ddc1::/48
2406:d00:ddcc::/48
2406:d00:ddd1::/48
2406:d00:dddd::/48
2406:d00:ddf1::/48
2406:d00:ddff::/48
Signature Algorithm: sha256WithRSAEncryption
b4:71:53:01:e1:ba:3e:63:01:a2:f2:b6:2e:56:34:18:1f:17:
22:70:eb:dc:96:7b:82:20:6c:60:49:56:c7:10:8f:80:85:ec:
48:6a:68:a8:a9:d7:1c:cb:98:61:e4:96:6e:96:3a:9e:ee:13:
3c:7f:22:af:c7:e4:2e:20:f0:4b:14:8d:20:0c:fb:44:88:86:
d2:e3:4b:47:bd:e4:8d:86:b3:94:80:4f:19:0a:d3:a6:46:a2:
ca:a3:05:18:c7:f6:e9:bc:08:41:af:09:28:be:f7:6a:83:6d:
97:a5:29:f5:36:63:6b:61:b7:f9:b5:34:7f:4f:13:16:18:20:
11:96:97:04:a0:3f:ee:71:5d:01:a3:72:4e:45:2a:c7:54:79:
84:21:d3:e9:7f:59:aa:37:07:7a:f6:ce:b8:24:9d:30:71:96:
7a:24:20:c0:d3:73:6f:cb:dc:74:bc:b7:59:79:a3:62:ca:b9:
38:54:eb:34:1d:f7:de:80:ea:66:ea:9c:22:41:66:e1:d0:1f:
5d:90:7a:aa:83:c0:d8:59:1d:8e:90:f9:c1:2b:4d:49:29:1e:
cb:00:76:d6:eb:78:74:3d:1a:b9:48:e8:32:37:a4:32:09:7f:
f7:e8:3f:6a:60:14:13:99:9c:2b:70:db:18:12:48:9b:8b:02:
2f:d9:ec:9e
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgICG14wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjMwOTI4MTYzMzU4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE1YWFmNi1iZTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwxzGMYFAJdM8JGEF16dbZhMl6PzCB+2Y2sy6MWqdGBKinltVC68dnfanMAZC
zV2JoXEo7schoeOl0vUn3GDq0LgrS4tfHGGg4wSE8rIxJoBetkuQglZr2AUrbr+G
lb6TFZCdW6zvUPVz88FftLivMm6vWdztIS1Vfc/DhIsYPwfgPNsf8E+WXiN1+gL3
YVRGFSN6XsfsWBcURdniXTpyhk057Qc0nAuDRp2x7Q35D4r3d/74GBog5v7uJZYU
4FGKXO/+7/vj6w6T6yczeuzITYD9eQQQCa1WAOQIj3/Dk8lNKP8+M5PDValCFx7z
3yHuaV+pqqAj+w/vkc448hAwhwIDAQABo4IDcjCCA24wHQYDVR0OBBYEFMg3vnFv
UehSB/DwwQq9S6j1c/KwMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvOUM0RkFCQTA5
Qjg5MTFFQzgyNkU5MzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfsGCCsGAQUFBwEHAQH/
BIHrMIHoMEwEAgABMEYDBAIr9YADBAJnDHgDBANvd6ADBAFxy8ADBABxy8MwDAME
A3HLyAMEAXHLzAMEAHHLzwMEA3MqQDAMAwQBdmfiAwQEdmfgMIGXBAIAAjCBkAMH
ACQGDQAAAAMHACQGDQAiIgMHACQGDQBVVQMHACQGDQCqqgMHACQGDQC7uwMHASQG
DQDMqgMHAiQGDQDMwAMHAiQGDQDMzAMHACQGDQDM4AMHACQGDQDM6gMHACQGDQDd
wQMHACQGDQDdzAMHACQGDQDd0QMHACQGDQDd3QMHACQGDQDd8QMHACQGDQDd/zAN
BgkqhkiG9w0BAQsFAAOCAQEAtHFTAeG6PmMBovK2LlY0GB8XInDr3JZ7giBsYElW
xxCPgIXsSGpoqKnXHMuYYeSWbpY6nu4TPH8ir8fkLiDwSxSNIAz7RIiG0uNLR73k
jYazlIBPGQrTpkaiyqMFGMf26bwIQa8JKL73aoNtl6Up9TZja2G3+bU0f08TFhgg
EZaXBKA/7nFdAaNyTkUqx1R5hCHT6X9ZqjcHevbOuCSdMHGWeiQgwNNzb8vcdLy3
WXmjYsq5OFTrNB333oDqZuqcIkFm4dAfXZB6qoPA2FkdjpD5wStNSSkeywB21ut4
dD0auUjoMjekMgl/9+g/amAUE5mcK3DbGBJIm4sCL9nsng==
-----END CERTIFICATE-----
Generated at Wed Sep 4 15:47:27 2024 by rpki-client on console-ams.rpki-client.org