Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6B21A3B6D1DF11ED94859E7CC4F9AE02.roa
File: 6B21A3B6D1DF11ED94859E7CC4F9AE02.roa (raw, json)
Hash identifier: ydVe5cjMN9lVNpcLrfUHYDE+WsGsBcgo47Ci5WvEHb8=
Subject key identifier: C6:1A:35:AC:0A:11:20:32:31:C9:67:4B:35:B3:07:CE:2C:C0:F4:E3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7278
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6B21A3B6D1DF11ED94859E7CC4F9AE02.roa
Signing time: Mon 22 May 2023 04:32:04 +0000
ROA not before: Mon 22 May 2023 04:32:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59162
IP address blocks: 43.225.68.0/22 maxlen: 24
43.225.212.0/22 maxlen: 24
45.114.152.0/24 maxlen: 24
45.114.153.0/24 maxlen: 24
45.114.154.0/24 maxlen: 24
45.114.155.0/24 maxlen: 24
45.115.168.0/22 maxlen: 24
45.117.112.0/24 maxlen: 24
45.117.113.0/24 maxlen: 24
45.117.114.0/24 maxlen: 24
45.117.115.0/24 maxlen: 24
45.119.236.0/24 maxlen: 24
45.119.237.0/24 maxlen: 24
45.119.238.0/24 maxlen: 24
45.119.239.0/24 maxlen: 24
45.123.8.0/22 maxlen: 22
45.123.8.0/24 maxlen: 24
45.123.9.0/24 maxlen: 24
45.123.10.0/24 maxlen: 24
45.123.11.0/24 maxlen: 24
45.248.12.0/22 maxlen: 24
45.251.40.0/22 maxlen: 24
103.17.48.0/22 maxlen: 24
103.38.200.0/22 maxlen: 22
103.38.200.0/24 maxlen: 24
103.38.201.0/24 maxlen: 24
103.38.202.0/24 maxlen: 24
103.38.203.0/24 maxlen: 24
103.40.64.0/24 maxlen: 24
103.40.65.0/24 maxlen: 24
103.40.66.0/24 maxlen: 24
103.40.67.0/24 maxlen: 24
103.57.176.0/24 maxlen: 24
103.57.177.0/24 maxlen: 24
103.57.178.0/24 maxlen: 24
103.57.179.0/24 maxlen: 24
103.106.152.0/24 maxlen: 24
103.106.153.0/24 maxlen: 24
103.106.154.0/24 maxlen: 24
103.106.155.0/24 maxlen: 24
103.117.152.0/22 maxlen: 24
103.134.112.0/24 maxlen: 24
103.134.113.0/24 maxlen: 24
103.146.233.0/24 maxlen: 24
103.193.200.0/22 maxlen: 24
103.211.59.0/24 maxlen: 24
103.219.216.0/22 maxlen: 24
103.239.140.0/24 maxlen: 24
103.239.141.0/24 maxlen: 24
103.239.142.0/24 maxlen: 24
103.239.143.0/24 maxlen: 24
103.253.208.0/22 maxlen: 24
103.254.206.0/24 maxlen: 24
103.254.207.0/24 maxlen: 24
103.255.72.0/22 maxlen: 24
114.134.20.0/24 maxlen: 24
114.134.21.0/24 maxlen: 24
114.134.22.0/24 maxlen: 24
114.134.23.0/24 maxlen: 24
2001:df2:59c0::/48 maxlen: 48
2001:df7::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29304 (0x7278)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 22 04:32:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=646af044-b815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:da:e6:7e:e4:a6:b6:98:6f:9c:18:1d:16:a1:
a8:5b:14:1a:f1:dd:4e:34:c7:20:a2:56:69:bc:cd:
9b:da:d7:55:81:0c:37:27:14:58:cc:ba:61:31:f1:
37:b8:db:93:3c:ff:95:40:63:40:ae:75:2b:f9:24:
ee:16:62:94:43:90:ff:0b:8f:1b:20:b8:4c:77:5d:
40:97:e4:8f:28:8c:a0:22:e6:f9:c7:8b:28:d2:8d:
0b:53:cd:d0:41:d5:3f:9c:6b:b1:bc:04:97:79:db:
87:66:17:b2:56:4f:75:5b:69:92:c1:7e:67:9c:fd:
c2:0a:93:35:c0:50:c6:8b:9d:58:13:87:7a:7f:c5:
a3:e0:b7:50:38:c0:68:76:dd:f2:55:ca:80:ce:24:
f9:88:b9:2b:2a:fd:78:52:65:41:3a:ea:48:fb:1b:
9d:13:c8:ad:c2:b4:2d:c2:a6:0e:4d:1f:61:c7:a4:
4d:ed:98:a9:e3:0d:ec:65:cb:98:43:b6:2c:fb:88:
84:50:5d:0f:c2:ec:4a:6a:c8:ff:39:e2:09:7d:3a:
15:65:05:4a:df:61:ce:e4:4b:b0:9d:15:a6:eb:d8:
73:a3:9f:3e:90:86:ee:4d:7d:96:32:53:57:6d:57:
fd:b2:b8:10:4b:77:c6:d7:57:e6:cf:9b:d9:5e:22:
a4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1A:35:AC:0A:11:20:32:31:C9:67:4B:35:B3:07:CE:2C:C0:F4:E3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6B21A3B6D1DF11ED94859E7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.68.0/22
43.225.212.0/22
45.114.152.0/22
45.115.168.0/22
45.117.112.0/22
45.119.236.0/22
45.123.8.0/22
45.248.12.0/22
45.251.40.0/22
103.17.48.0/22
103.38.200.0/22
103.40.64.0/22
103.57.176.0/22
103.106.152.0/22
103.117.152.0/22
103.134.112.0/23
103.146.233.0/24
103.193.200.0/22
103.211.59.0/24
103.219.216.0/22
103.239.140.0/22
103.253.208.0/22
103.254.206.0/23
103.255.72.0/22
114.134.20.0/22
IPv6:
2001:df2:59c0::/48
2001:df7::/48
Signature Algorithm: sha256WithRSAEncryption
28:5b:f9:f4:3b:79:91:14:8f:fb:71:c9:79:c1:0f:fd:19:d6:
1a:73:26:78:8a:05:c5:3d:1e:24:06:3a:3c:f2:6e:03:d2:40:
18:75:3b:71:b7:37:8d:c7:e0:43:ce:25:da:c5:02:f9:33:b3:
45:e6:72:eb:94:4f:62:eb:c3:1b:eb:88:99:fa:4d:e0:91:01:
4a:5f:a2:27:35:ae:e5:e7:07:76:78:f7:7f:28:91:ee:da:1f:
f4:67:a8:5e:db:b7:c4:41:9e:6b:ad:45:75:3d:09:bb:92:bd:
02:68:6f:8d:97:d7:42:29:d9:5a:8b:b4:60:04:6c:ac:c6:20:
db:39:6e:5e:3d:f9:6c:3d:c6:2b:e2:e0:2b:f6:05:37:8e:aa:
40:84:f4:8a:f5:b4:16:a4:ca:70:db:67:e2:81:47:12:4a:d8:
51:a4:25:46:92:cc:f1:45:ad:43:cf:7a:3b:a3:c7:6d:be:de:
dd:2d:11:1c:19:c2:82:ac:d9:21:2c:b2:2e:02:71:18:47:c2:
7e:e4:41:19:a4:cb:55:c5:99:8f:49:f4:4a:b1:2d:42:87:0e:
cf:36:ec:a9:4d:85:82:a6:ae:5f:97:fc:b7:74:9c:4d:20:b1:
0c:33:58:ab:d9:b4:51:6f:66:ef:3e:51:c3:14:93:be:ec:fa:
aa:c2:a5:b7
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgICcngwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTIyMDQzMjA0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZhZjA0NC1iODE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5drmfuSmtphvnBgdFqGoWxQa8d1ONMcgolZpvM2b2tdVgQw3JxRYzLphMfE3
uNuTPP+VQGNArnUr+STuFmKUQ5D/C48bILhMd11Al+SPKIygIub5x4so0o0LU83Q
QdU/nGuxvASXeduHZheyVk91W2mSwX5nnP3CCpM1wFDGi51YE4d6f8Wj4LdQOMBo
dt3yVcqAziT5iLkrKv14UmVBOupI+xudE8itwrQtwqYOTR9hx6RN7Zip4w3sZcuY
Q7Ys+4iEUF0PwuxKasj/OeIJfToVZQVK32HO5EuwnRWm69hzo58+kIbuTX2WMlNX
bVf9srgQS3fG11fmz5vZXiKkjwIDAQABo4IDRDCCA0AwHQYDVR0OBBYEFMYaNawK
ESAyMclnSzWzB84swPTjMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkIyMUEzQjZE
MURGMTFFRDk0ODU5RTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgc0GCCsGAQUFBwEHAQH/
BIG9MIG6MIGdBAIAATCBlgMEAivhRAMEAivh1AMEAi1ymAMEAi1zqAMEAi11cAME
Ai137AMEAi17CAMEAi34DAMEAi37KAMEAmcRMAMEAmcmyAMEAmcoQAMEAmc5sAME
AmdqmAMEAmd1mAMEAWeGcAMEAGeS6QMEAmfByAMEAGfTOwMEAmfb2AMEAmfvjAME
Amf90AMEAWf+zgMEAmf/SAMEAnKGFDAYBAIAAjASAwcAIAEN8lnAAwcAIAEN9wAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAoW/n0O3mRFI/7ccl5wQ/9GdYacyZ4igXFPR4k
Bjo88m4D0kAYdTtxtzeNx+BDziXaxQL5M7NF5nLrlE9i68Mb64iZ+k3gkQFKX6In
Na7l5wd2ePd/KJHu2h/0Z6he27fEQZ5rrUV1PQm7kr0CaG+Nl9dCKdlai7RgBGys
xiDbOW5ePflsPcYr4uAr9gU3jqpAhPSK9bQWpMpw22figUcSSthRpCVGkszxRa1D
z3o7o8dtvt7dLREcGcKCrNkhLLIuAnEYR8J+5EEZpMtVxZmPSfRKsS1Chw7PNuyp
TYWCpq5fl/y3dJxNILEMM1ir2bRRb2bvPlHDFJO+7PqqwqW3
-----END CERTIFICATE-----
Generated at Thu Aug 10 13:24:46 2023 by rpki-client on console-fra.rpki-client.org