Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182F75/3C8CF63EFCBD11E688D3125EC4F9AE02/B350D2D4BC9111EB89AFBA66C4F9AE02.roa
File: B350D2D4BC9111EB89AFBA66C4F9AE02.roa (raw, json)
Hash identifier: qX6JNWUXeDVot4OLAg5+Q0IkA64ym1MzHRy9yworaHI=
Subject key identifier: A2:B5:59:C1:B3:6A:91:04:F4:E7:20:A0:E1:62:46:0A:DF:CC:B3:CC
Certificate issuer: /CN=A9182F75/serialNumber=420D8C2EC3D2479C5423ABFF74782B8A8A4B7DEA
Certificate serial: 1A38
Authority key identifier: 42:0D:8C:2E:C3:D2:47:9C:54:23:AB:FF:74:78:2B:8A:8A:4B:7D:EA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qg2MLsPSR5xUI6v_dHgriopLfeo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182F75/3C8CF63EFCBD11E688D3125EC4F9AE02/B350D2D4BC9111EB89AFBA66C4F9AE02.roa
Signing time: Sun 30 Apr 2023 17:13:54 +0000
ROA not before: Sun 30 Apr 2023 17:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132220
IP address blocks: 45.125.152.0/22 maxlen: 22
45.125.152.0/24 maxlen: 24
45.125.153.0/24 maxlen: 24
45.125.154.0/24 maxlen: 24
45.125.155.0/24 maxlen: 24
45.250.232.0/22 maxlen: 22
45.250.232.0/24 maxlen: 24
45.250.233.0/24 maxlen: 24
45.250.234.0/24 maxlen: 24
45.250.235.0/24 maxlen: 24
103.7.148.0/22 maxlen: 22
103.7.148.0/24 maxlen: 24
103.7.149.0/24 maxlen: 24
103.7.150.0/24 maxlen: 24
103.7.151.0/24 maxlen: 24
183.87.160.0/19 maxlen: 19
183.87.160.0/20 maxlen: 20
183.87.160.0/24 maxlen: 24
183.87.161.0/24 maxlen: 24
183.87.162.0/24 maxlen: 24
183.87.163.0/24 maxlen: 24
183.87.164.0/24 maxlen: 24
183.87.165.0/24 maxlen: 24
183.87.166.0/24 maxlen: 24
183.87.167.0/24 maxlen: 24
183.87.168.0/24 maxlen: 24
183.87.169.0/24 maxlen: 24
183.87.170.0/24 maxlen: 24
183.87.171.0/24 maxlen: 24
183.87.172.0/24 maxlen: 24
183.87.173.0/24 maxlen: 24
183.87.174.0/24 maxlen: 24
183.87.175.0/24 maxlen: 24
183.87.176.0/24 maxlen: 24
183.87.177.0/24 maxlen: 24
183.87.178.0/24 maxlen: 24
183.87.179.0/24 maxlen: 24
183.87.180.0/24 maxlen: 24
183.87.181.0/24 maxlen: 24
183.87.182.0/24 maxlen: 24
183.87.183.0/24 maxlen: 24
183.87.184.0/24 maxlen: 24
183.87.185.0/24 maxlen: 24
183.87.186.0/24 maxlen: 24
183.87.187.0/24 maxlen: 24
183.87.188.0/24 maxlen: 24
183.87.189.0/24 maxlen: 24
183.87.190.0/24 maxlen: 24
183.87.191.0/24 maxlen: 24
183.87.193.0/24 maxlen: 24
183.87.194.0/23 maxlen: 24
183.87.196.0/22 maxlen: 22
183.87.196.0/24 maxlen: 24
183.87.197.0/24 maxlen: 24
183.87.198.0/24 maxlen: 24
183.87.199.0/24 maxlen: 24
183.87.200.0/21 maxlen: 21
183.87.200.0/24 maxlen: 24
183.87.201.0/24 maxlen: 24
183.87.202.0/24 maxlen: 24
183.87.203.0/24 maxlen: 24
183.87.204.0/24 maxlen: 24
183.87.205.0/24 maxlen: 24
183.87.206.0/24 maxlen: 24
183.87.207.0/24 maxlen: 24
183.87.208.0/22 maxlen: 22
183.87.208.0/24 maxlen: 24
183.87.209.0/24 maxlen: 24
183.87.210.0/24 maxlen: 24
183.87.211.0/24 maxlen: 24
2403:7100::/32 maxlen: 32
2403:7100::/48 maxlen: 48
2403:7100:1::/48 maxlen: 48
2403:7100:2::/48 maxlen: 48
2403:7100:3::/48 maxlen: 48
2403:7100:4::/48 maxlen: 48
2403:7100:5::/48 maxlen: 48
2403:7100:6::/48 maxlen: 48
2403:7100:7::/48 maxlen: 48
2403:7100:8::/48 maxlen: 48
2403:7100:9::/48 maxlen: 48
2403:7100:10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6712 (0x1a38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182F75/serialNumber=420D8C2EC3D2479C5423ABFF74782B8A8A4B7DEA
Validity
Not Before: Apr 30 17:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=644ea1d1-ffac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3e:9d:9b:25:4d:19:b4:65:69:25:ea:93:c2:
49:29:4b:6a:eb:39:4d:a2:31:a7:70:45:30:29:bd:
22:89:8c:77:c4:77:e8:29:c2:0f:29:b2:46:2a:3f:
30:3d:eb:45:2c:65:0e:16:7e:bd:96:fa:9a:fb:c7:
79:f8:18:77:79:11:9d:4d:47:b8:c6:54:19:2e:74:
d8:cb:82:ff:07:74:a2:ad:5a:0a:ce:e0:23:87:21:
44:d9:da:78:69:eb:56:3f:82:ef:21:e9:3b:15:0b:
30:d9:a3:0d:81:92:3a:e1:c1:0e:1e:aa:d9:b2:69:
da:9c:38:af:f3:a7:da:81:16:b7:8a:35:c4:53:41:
5c:b3:4c:09:e9:e5:22:14:48:aa:7c:09:03:3f:a7:
4b:bd:10:70:5f:46:10:72:9c:12:e1:cf:d9:18:89:
8c:29:4e:d2:96:2c:73:9d:2b:6e:00:95:48:85:40:
6d:52:8d:c7:b7:65:c8:23:4f:f7:88:0a:9c:62:99:
36:45:3b:57:a5:49:e1:b9:ab:b9:17:c9:64:94:39:
5b:bf:88:1c:fe:fe:5d:a7:f3:9a:f9:22:6a:e7:6b:
0c:8c:7a:bd:96:a4:f6:00:af:61:d0:64:d6:9c:0f:
14:eb:94:e9:1e:02:6c:6d:b1:c7:95:a8:ce:bc:be:
15:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B5:59:C1:B3:6A:91:04:F4:E7:20:A0:E1:62:46:0A:DF:CC:B3:CC
X509v3 Authority Key Identifier:
keyid:42:0D:8C:2E:C3:D2:47:9C:54:23:AB:FF:74:78:2B:8A:8A:4B:7D:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182F75/3C8CF63EFCBD11E688D3125EC4F9AE02/Qg2MLsPSR5xUI6v_dHgriopLfeo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qg2MLsPSR5xUI6v_dHgriopLfeo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182F75/3C8CF63EFCBD11E688D3125EC4F9AE02/B350D2D4BC9111EB89AFBA66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.152.0/22
45.250.232.0/22
103.7.148.0/22
183.87.160.0/19
183.87.193.0-183.87.211.255
IPv6:
2403:7100::/32
Signature Algorithm: sha256WithRSAEncryption
84:de:a9:19:83:34:41:dc:0c:3f:f4:4b:68:06:af:44:db:c4:
29:0b:0f:39:40:fe:f4:7c:a4:9c:ae:20:2e:70:51:be:b4:36:
0f:fe:a6:e0:37:c5:cd:b5:60:43:0d:94:9a:a9:53:42:fc:dd:
f1:03:54:ab:21:f4:b5:52:f7:12:30:b2:72:8e:6d:7e:5a:b6:
22:c3:3f:54:36:9a:22:d6:b8:59:14:6c:81:30:9e:3d:b9:dc:
f8:5d:bf:51:7e:bf:26:f3:50:7e:6d:b6:e1:57:de:38:61:bd:
b9:83:fd:01:32:64:f5:eb:d7:af:d8:57:a6:d0:b5:28:3a:99:
de:95:a2:ef:59:28:c5:c5:2f:8b:b3:6d:45:e8:5a:43:7c:99:
55:f3:d0:01:a8:d0:9b:ca:da:4d:a0:0f:bf:87:c2:af:f4:6d:
8c:33:89:7a:a3:b4:7e:86:07:58:2c:ed:45:44:9a:5a:93:91:
a1:6f:d6:56:19:d5:f7:cc:df:4d:9f:ae:8e:23:a1:aa:a1:f4:
42:f0:02:52:c1:20:4c:e0:33:0f:99:ab:ad:c2:08:5a:cb:9a:
cc:5f:11:85:76:9a:52:5a:bd:3b:53:c6:40:39:29:e3:87:ba:
34:79:76:92:b9:4d:de:7d:2d:d4:f6:04:13:76:1b:c9:77:23:
50:53:76:c6
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICGjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODJGNzUxMTAvBgNVBAUTKDQyMEQ4QzJFQzNEMjQ3OUM1NDIzQUJGRjc0NzgyQjhB
OEE0QjdERUEwHhcNMjMwNDMwMTcxMzU0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDRlYTFkMS1mZmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoD6dmyVNGbRlaSXqk8JJKUtq6zlNojGncEUwKb0iiYx3xHfoKcIPKbJGKj8w
PetFLGUOFn69lvqa+8d5+Bh3eRGdTUe4xlQZLnTYy4L/B3SirVoKzuAjhyFE2dp4
aetWP4LvIek7FQsw2aMNgZI64cEOHqrZsmnanDiv86fagRa3ijXEU0Fcs0wJ6eUi
FEiqfAkDP6dLvRBwX0YQcpwS4c/ZGImMKU7SlixznStuAJVIhUBtUo3Ht2XII0/3
iAqcYpk2RTtXpUnhuau5F8lklDlbv4gc/v5dp/Oa+SJq52sMjHq9lqT2AK9h0GTW
nA8U65TpHgJsbbHHlajOvL4VIwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFKK1WcGz
apEE9OcgoOFiRgrfzLPMMB8GA1UdIwQYMBaAFEINjC7D0kecVCOr/3R4K4qKS33q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MkY3NS8zQzhDRjYzRUZD
QkQxMUU2ODhEMzEyNUVDNEY5QUUwMi9RZzJNTHNQU1I1eFVJNnZfZEhncmlvcExm
ZW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FnMk1Mc1BTUjV4VUk2dl9kSGdyaW9wTGZlby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODJGNzUvM0M4Q0Y2M0VGQ0JEMTFFNjg4RDMxMjVFQzRGOUFFMDIvQjM1MEQyRDRC
QzkxMTFFQjg5QUZCQTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E
PzA9MCwEAgABMCYDBAItfZgDBAIt+ugDBAJnB5QDBAW3V6AwDAMEALdXwQMEArdX
0DANBAIAAjAHAwUAJANxADANBgkqhkiG9w0BAQsFAAOCAQEAhN6pGYM0QdwMP/RL
aAavRNvEKQsPOUD+9HyknK4gLnBRvrQ2D/6m4DfFzbVgQw2UmqlTQvzd8QNUqyH0
tVL3EjCyco5tflq2IsM/VDaaIta4WRRsgTCePbnc+F2/UX6/JvNQfm224VfeOGG9
uYP9ATJk9evXr9hXptC1KDqZ3pWi71koxcUvi7NtRehaQ3yZVfPQAajQm8raTaAP
v4fCr/RtjDOJeqO0foYHWCztRUSaWpORoW/WVhnV98zfTZ+ujiOhqqH0QvACUsEg
TOAzD5mrrcIIWsuazF8RhXaaUlq9O1PGQDkp44e6NHl2krlN3n0t1PYEE3YbyXcj
UFN2xg==
-----END CERTIFICATE-----
Generated at Tue Nov 7 04:43:56 2023 by rpki-client on console-ams.rpki-client.org