Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/BA9051DC896211EEB71C5F41C4F9AE02.roa
File: BA9051DC896211EEB71C5F41C4F9AE02.roa (raw, json)
Hash identifier: nfUQ0FY/xPLbkgIHJetxMdd/08b2NlkGv3fMt4fzS3o=
Subject key identifier: 09:82:5E:61:2D:F6:CA:DC:56:5B:C7:46:49:4D:AA:59:84:3B:E2:D7
Certificate issuer: /CN=A918404E/serialNumber=9C7C776F6BF6003283F0CAB43E2DC61494997162
Certificate serial: 06E6
Authority key identifier: 9C:7C:77:6F:6B:F6:00:32:83:F0:CA:B4:3E:2D:C6:14:94:99:71:62
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/BA9051DC896211EEB71C5F41C4F9AE02.roa
Signing time: Wed 22 Nov 2023 18:13:05 +0000
ROA not before: Wed 22 Nov 2023 18:13:05 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 17747
IP address blocks: 45.117.200.0/24 maxlen: 24
45.117.201.0/24 maxlen: 24
45.117.202.0/24 maxlen: 24
45.117.203.0/24 maxlen: 24
45.117.204.0/24 maxlen: 24
45.117.205.0/24 maxlen: 24
45.117.206.0/24 maxlen: 24
45.117.207.0/24 maxlen: 24
45.126.160.0/24 maxlen: 24
45.126.161.0/24 maxlen: 24
45.126.162.0/24 maxlen: 24
45.126.163.0/24 maxlen: 24
103.24.188.0/24 maxlen: 24
103.24.189.0/24 maxlen: 24
103.24.190.0/24 maxlen: 24
103.24.191.0/24 maxlen: 24
103.57.236.0/24 maxlen: 24
103.57.237.0/24 maxlen: 24
103.57.238.0/24 maxlen: 24
103.57.239.0/24 maxlen: 24
103.57.240.0/24 maxlen: 24
103.57.241.0/24 maxlen: 24
103.57.242.0/24 maxlen: 24
103.57.243.0/24 maxlen: 24
103.57.244.0/24 maxlen: 24
103.57.245.0/24 maxlen: 24
103.57.246.0/24 maxlen: 24
103.57.247.0/24 maxlen: 24
103.70.208.0/24 maxlen: 24
103.70.209.0/24 maxlen: 24
103.70.210.0/24 maxlen: 24
103.70.211.0/24 maxlen: 24
103.225.176.0/24 maxlen: 24
103.225.177.0/24 maxlen: 24
103.225.178.0/24 maxlen: 24
103.225.179.0/24 maxlen: 24
103.244.4.0/24 maxlen: 24
103.244.5.0/24 maxlen: 24
103.244.6.0/24 maxlen: 24
103.244.7.0/24 maxlen: 24
150.107.10.0/24 maxlen: 24
150.107.11.0/24 maxlen: 24
150.129.124.0/24 maxlen: 24
150.129.125.0/24 maxlen: 24
150.129.126.0/24 maxlen: 24
150.129.127.0/24 maxlen: 24
202.142.64.0/24 maxlen: 24
202.142.65.0/24 maxlen: 24
202.142.66.0/24 maxlen: 24
202.142.67.0/24 maxlen: 24
202.142.68.0/24 maxlen: 24
202.142.69.0/24 maxlen: 24
202.142.70.0/24 maxlen: 24
202.142.71.0/24 maxlen: 24
202.142.72.0/24 maxlen: 24
202.142.73.0/24 maxlen: 24
202.142.74.0/24 maxlen: 24
202.142.75.0/24 maxlen: 24
202.142.76.0/24 maxlen: 24
202.142.77.0/24 maxlen: 24
202.142.78.0/24 maxlen: 24
202.142.79.0/24 maxlen: 24
202.142.81.0/24 maxlen: 24
202.142.83.0/24 maxlen: 24
202.142.85.0/24 maxlen: 24
202.142.86.0/24 maxlen: 24
202.142.87.0/24 maxlen: 24
202.142.89.0/24 maxlen: 24
202.142.90.0/24 maxlen: 24
202.142.91.0/24 maxlen: 24
202.142.92.0/24 maxlen: 24
202.142.93.0/24 maxlen: 24
202.142.95.0/24 maxlen: 24
202.142.96.0/24 maxlen: 24
202.142.97.0/24 maxlen: 24
202.142.98.0/24 maxlen: 24
202.142.99.0/24 maxlen: 24
202.142.100.0/24 maxlen: 24
202.142.101.0/24 maxlen: 24
202.142.102.0/24 maxlen: 24
202.142.103.0/24 maxlen: 24
202.142.104.0/24 maxlen: 24
202.142.105.0/24 maxlen: 24
202.142.106.0/24 maxlen: 24
202.142.107.0/24 maxlen: 24
202.142.110.0/24 maxlen: 24
202.142.112.0/24 maxlen: 24
202.142.113.0/24 maxlen: 24
202.142.114.0/24 maxlen: 24
202.142.115.0/24 maxlen: 24
202.142.118.0/24 maxlen: 24
202.142.119.0/24 maxlen: 24
202.142.120.0/24 maxlen: 24
202.142.123.0/24 maxlen: 24
202.142.124.0/24 maxlen: 24
202.142.125.0/24 maxlen: 24
202.142.126.0/24 maxlen: 24
202.142.127.0/24 maxlen: 24
2406:3c80::/48 maxlen: 48
2406:3c80:1::/48 maxlen: 48
2406:3c80:2::/48 maxlen: 48
2406:3c80:3::/48 maxlen: 48
2406:3c80:4::/48 maxlen: 48
2406:3c80:5::/48 maxlen: 48
2406:3c80:6::/48 maxlen: 48
2406:3c80:7::/48 maxlen: 48
2406:3c80:8::/48 maxlen: 48
2406:3c80:400::/48 maxlen: 48
2406:3c80:401::/48 maxlen: 48
2406:3c80:402::/48 maxlen: 48
2406:3c80:403::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1766 (0x6e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918404E/serialNumber=9C7C776F6BF6003283F0CAB43E2DC61494997162
Validity
Not Before: Nov 22 18:13:05 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=655e44b1-7b8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:9a:0c:75:10:57:79:e1:8b:fa:8e:e5:bf:a1:
c8:13:29:87:d7:49:ed:b5:c3:00:fe:80:84:e9:66:
c8:f0:e3:1a:47:e8:ad:e1:87:a9:f9:f8:47:c1:e4:
e5:61:23:bc:1c:fc:b0:8f:74:36:68:e4:e0:c1:f0:
e1:55:fe:14:c1:b8:f3:87:f6:c5:34:46:b3:5d:40:
43:74:fe:dc:d2:e3:0c:07:a2:37:b8:34:68:88:e8:
aa:c1:9b:28:4b:a3:e1:9b:81:68:24:2f:f9:ae:4e:
d2:d8:d1:f1:57:be:58:f1:2d:53:a0:4a:c0:4c:16:
3c:c3:b0:66:df:5b:4a:be:d6:ce:18:39:22:39:1a:
85:3d:75:e0:4d:1d:d0:9f:3d:83:a8:ac:fb:ec:af:
0e:ee:c2:90:94:b8:70:ce:48:98:78:c7:f9:fe:b1:
ec:a4:27:37:a5:d3:9f:3f:9b:c7:fd:4d:8b:e8:ec:
5e:6f:c6:3b:9e:ab:d0:91:7e:af:12:30:ea:1c:a5:
23:ec:68:c1:f2:91:50:c5:b9:57:ed:bf:2e:87:a4:
9d:ed:32:e2:b7:9e:6c:a9:66:13:7f:e0:c2:21:d9:
10:1b:f2:47:61:31:0c:d5:88:c2:92:0a:09:23:a2:
a9:07:3c:64:9d:f3:0b:48:3e:f3:65:91:ee:e7:48:
e9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:82:5E:61:2D:F6:CA:DC:56:5B:C7:46:49:4D:AA:59:84:3B:E2:D7
X509v3 Authority Key Identifier:
keyid:9C:7C:77:6F:6B:F6:00:32:83:F0:CA:B4:3E:2D:C6:14:94:99:71:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/BA9051DC896211EEB71C5F41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.200.0/21
45.126.160.0/22
103.24.188.0/22
103.57.236.0-103.57.247.255
103.70.208.0/22
103.225.176.0/22
103.244.4.0/22
150.107.10.0/23
150.129.124.0/22
202.142.64.0/20
202.142.81.0/24
202.142.83.0/24
202.142.85.0-202.142.87.255
202.142.89.0-202.142.93.255
202.142.95.0-202.142.107.255
202.142.110.0/24
202.142.112.0/22
202.142.118.0-202.142.120.255
202.142.123.0-202.142.127.255
IPv6:
2406:3c80::-2406:3c80:8:ffff:ffff:ffff:ffff:ffff
2406:3c80:400::/46
Signature Algorithm: sha256WithRSAEncryption
9f:21:a9:a3:02:31:0d:4c:37:cc:da:2d:27:30:16:f5:91:da:
c4:6c:53:8b:58:cf:d6:98:c5:e1:4e:a5:fc:f9:75:99:f8:97:
71:b1:c2:74:13:88:61:f5:11:a6:5b:16:6f:e9:2f:dc:2f:d0:
d1:25:2c:38:b9:df:1c:f0:97:15:b1:e9:cd:15:9e:43:59:39:
75:a3:d1:4d:9e:37:6f:fd:a4:93:12:d3:ad:18:9c:d5:34:de:
87:b3:1b:fb:50:75:d6:42:e7:98:ce:0c:73:c2:10:bd:3d:54:
9a:9e:9a:3e:f1:15:18:9d:a2:68:9e:9f:5f:13:2b:ee:9e:b7:
47:30:b1:32:fb:4a:86:d5:77:6d:df:04:41:63:c9:f3:a3:1b:
dc:a4:ce:54:9a:f2:b5:f5:7c:a1:54:c1:d9:4d:80:20:a4:bc:
44:e7:da:87:12:73:c6:85:ea:f2:96:39:63:0c:02:d1:61:eb:
8e:4e:e2:a8:89:28:4d:78:55:61:77:81:c0:8c:ee:36:a2:00:
08:dd:0e:cb:73:f9:f7:b0:f5:14:e8:77:2e:2c:3c:01:5d:6e:
b4:fa:c0:b4:0b:e3:ba:ad:0f:5c:ce:0a:31:01:46:29:c3:7a:
47:e5:73:84:34:5a:24:9e:0b:a2:0e:44:ac:a2:2c:1f:22:37:
f2:5b:5f:a1
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgICBuYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQwNEUxMTAvBgNVBAUTKDlDN0M3NzZGNkJGNjAwMzI4M0YwQ0FCNDNFMkRDNjE0
OTQ5OTcxNjIwHhcNMjMxMTIyMTgxMzA1WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVlNDRiMS03YjhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8JoMdRBXeeGL+o7lv6HIEymH10nttcMA/oCE6WbI8OMaR+it4Yep+fhHweTl
YSO8HPywj3Q2aOTgwfDhVf4Uwbjzh/bFNEazXUBDdP7c0uMMB6I3uDRoiOiqwZso
S6Phm4FoJC/5rk7S2NHxV75Y8S1ToErATBY8w7Bm31tKvtbOGDkiORqFPXXgTR3Q
nz2DqKz77K8O7sKQlLhwzkiYeMf5/rHspCc3pdOfP5vH/U2L6Oxeb8Y7nqvQkX6v
EjDqHKUj7GjB8pFQxblX7b8uh6Sd7TLit55sqWYTf+DCIdkQG/JHYTEM1YjCkgoJ
I6KpBzxknfMLSD7zZZHu50jpnQIDAQABo4IDWTCCA1UwHQYDVR0OBBYEFAmCXmEt
9srcVlvHRklNqlmEO+LXMB8GA1UdIwQYMBaAFJx8d29r9gAyg/DKtD4txhSUmXFi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDA0RS9CQzAzMEM3NkYx
REExMUVBQUZDNkM3MEFDNEY5QUUwMi9uSHgzYjJ2MkFES0Q4TXEwUGkzR0ZKU1pj
V0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25IeDNiMnYyQURLRDhNcTBQaTNHRkpTWmNXSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQwNEUvQkMwMzBDNzZGMURBMTFFQUFGQzZDNzBBQzRGOUFFMDIvQkE5MDUxREM4
OTYyMTFFRUI3MUM1RjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeIGCCsGAQUFBwEHAQH/
BIHSMIHPMIGpBAIAATCBogMEAy11yAMEAi1+oAMEAmcYvDAMAwQCZznsAwQDZznw
AwQCZ0bQAwQCZ+GwAwQCZ/QEAwQBlmsKAwQCloF8AwQEyo5AAwQAyo5RAwQAyo5T
MAwDBADKjlUDBAPKjlAwDAMEAMqOWQMEAcqOXDAMAwQAyo5fAwQCyo5oAwQAyo5u
AwQCyo5wMAwDBAHKjnYDBADKjngwDAMEAMqOewMEB8qOADAhBAIAAjAbMBADBQck
BjyAAwcAJAY8gAAIAwcCJAY8gAQAMA0GCSqGSIb3DQEBCwUAA4IBAQCfIamjAjEN
TDfM2i0nMBb1kdrEbFOLWM/WmMXhTqX8+XWZ+JdxscJ0E4hh9RGmWxZv6S/cL9DR
JSw4ud8c8JcVsenNFZ5DWTl1o9FNnjdv/aSTEtOtGJzVNN6Hsxv7UHXWQueYzgxz
whC9PVSanpo+8RUYnaJonp9fEyvunrdHMLEy+0qG1Xdt3wRBY8nzoxvcpM5UmvK1
9XyhVMHZTYAgpLxE59qHEnPGheryljljDALRYeuOTuKoiShNeFVhd4HAjO42ogAI
3Q7Lc/n3sPUU6HcuLDwBXW60+sC0C+O6rQ9czgoxAUYpw3pH5XOENFoknguiDkSs
oiwfIjfyW1+h
-----END CERTIFICATE-----
Generated at Tue Nov 28 07:15:25 2023 by rpki-client on console-fra.rpki-client.org