Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB2183324AED11EEA6D4F047C4F9AE02.roa
File: AB2183324AED11EEA6D4F047C4F9AE02.roa (raw, json)
Hash identifier: H0LiAg1AMu7iHjKi9OJsIDcveY0tQhcfU/iO65P4ku0=
Subject key identifier: 85:22:9A:37:6F:A1:E7:85:88:73:D3:6D:C5:59:B4:C8:54:F9:32:3D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8215
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB2183324AED11EEA6D4F047C4F9AE02.roa
Signing time: Mon 29 Jan 2024 09:00:55 +0000
ROA not before: Mon 29 Jan 2024 09:00:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132116
IP address blocks: 27.123.240.0/22 maxlen: 24
43.247.40.0/24 maxlen: 24
43.247.41.0/24 maxlen: 24
43.247.42.0/24 maxlen: 24
43.247.43.0/24 maxlen: 24
43.248.152.0/22 maxlen: 24
43.248.240.0/24 maxlen: 24
43.248.241.0/24 maxlen: 24
43.248.242.0/24 maxlen: 24
43.248.243.0/24 maxlen: 24
45.248.0.0/22 maxlen: 24
45.248.172.0/24 maxlen: 24
45.248.173.0/24 maxlen: 24
45.248.174.0/24 maxlen: 24
45.248.175.0/24 maxlen: 24
103.16.28.0/24 maxlen: 24
103.16.29.0/24 maxlen: 24
103.16.30.0/24 maxlen: 24
103.16.31.0/24 maxlen: 24
103.28.252.0/22 maxlen: 24
103.40.200.0/22 maxlen: 24
103.68.87.0/24 maxlen: 24
103.69.24.0/24 maxlen: 24
103.69.25.0/24 maxlen: 24
103.69.26.0/24 maxlen: 24
103.69.27.0/24 maxlen: 24
103.70.80.0/24 maxlen: 24
103.70.81.0/24 maxlen: 24
103.70.82.0/24 maxlen: 24
103.70.83.0/24 maxlen: 24
103.91.73.0/24 maxlen: 24
103.91.74.0/24 maxlen: 24
103.94.83.0/24 maxlen: 24
103.100.4.0/22 maxlen: 24
103.124.120.0/23 maxlen: 24
103.153.12.0/24 maxlen: 24
103.164.141.0/24 maxlen: 24
103.165.102.0/23 maxlen: 24
103.171.109.0/24 maxlen: 24
103.183.86.0/23 maxlen: 24
103.183.233.0/24 maxlen: 24
103.190.8.0/24 maxlen: 24
103.190.9.0/24 maxlen: 24
103.198.172.0/22 maxlen: 24
103.216.140.0/24 maxlen: 24
103.216.141.0/24 maxlen: 24
103.216.142.0/24 maxlen: 24
103.216.143.0/24 maxlen: 24
103.217.132.0/22 maxlen: 24
103.224.144.0/22 maxlen: 24
163.53.84.0/22 maxlen: 24
180.149.225.0/24 maxlen: 24
180.149.226.0/24 maxlen: 24
180.149.227.0/24 maxlen: 24
2001:df1:d240::/48 maxlen: 48
2405:e100::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Mar 2024 10:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33301 (0x8215)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 29 09:00:55 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65b76946-fb4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:13:08:9e:bd:39:3d:cf:28:a2:92:c7:fc:64:
4c:ed:4b:e8:66:5a:19:19:2f:b9:56:bc:a9:5c:ae:
31:26:19:96:f6:c4:51:59:51:7a:28:9d:83:6b:f6:
5c:c1:13:06:02:e4:f7:cd:fb:7c:7a:85:77:e9:3a:
4a:2c:4a:51:96:08:f8:33:cd:ce:e5:a3:48:0d:81:
c3:9d:bc:05:0a:2a:95:a3:cf:31:bc:c2:c0:19:b2:
8b:8a:41:42:27:53:17:eb:a0:04:56:76:d2:7a:58:
f0:0b:d5:4c:e8:a9:43:0c:f3:25:de:b9:f5:97:5f:
a6:c7:9a:dd:1d:0f:ad:1e:b8:4e:53:3a:1d:d1:90:
b8:51:8a:5b:b5:8c:fe:ce:0b:43:5f:b9:f6:a8:68:
04:7b:bf:62:67:8c:df:b0:4f:d9:1e:62:dc:a0:51:
17:fc:52:e0:15:55:10:a3:e9:e4:f0:8a:7a:2b:ea:
7b:cf:e3:b3:bd:54:ef:1a:6b:2a:33:77:a2:0b:74:
51:40:b8:fd:7b:33:67:1e:c1:3c:8a:67:33:b8:d4:
99:cf:e4:93:61:88:26:ca:a7:57:2c:28:cc:ac:7c:
bc:e1:cb:36:ea:fa:7e:aa:0f:87:bf:ee:9f:b0:22:
0e:aa:39:89:ac:6a:28:f0:01:8d:0f:9c:c2:74:56:
69:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:22:9A:37:6F:A1:E7:85:88:73:D3:6D:C5:59:B4:C8:54:F9:32:3D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB2183324AED11EEA6D4F047C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/22
43.247.40.0/22
43.248.152.0/22
43.248.240.0/22
45.248.0.0/22
45.248.172.0/22
103.16.28.0/22
103.28.252.0/22
103.40.200.0/22
103.68.87.0/24
103.69.24.0/22
103.70.80.0/22
103.91.73.0-103.91.74.255
103.94.83.0/24
103.100.4.0/22
103.124.120.0/23
103.153.12.0/24
103.164.141.0/24
103.165.102.0/23
103.171.109.0/24
103.183.86.0/23
103.183.233.0/24
103.190.8.0/23
103.198.172.0/22
103.216.140.0/22
103.217.132.0/22
103.224.144.0/22
163.53.84.0/22
180.149.225.0-180.149.227.255
IPv6:
2001:df1:d240::/48
2405:e100::/48
Signature Algorithm: sha256WithRSAEncryption
5b:44:aa:13:c2:ed:9e:0f:7f:d9:9f:ec:68:36:54:43:37:b0:
75:b7:af:80:51:3b:0a:da:6b:33:8d:c3:8a:a6:02:e8:dc:56:
15:e1:c5:b6:7b:3e:44:0f:63:eb:f0:14:f7:37:92:c4:e6:d2:
25:d7:26:78:c3:9a:d9:42:e6:78:b5:43:ea:b3:8f:3d:02:98:
99:b7:2e:3b:41:a8:cc:ef:a6:13:24:40:83:37:bf:9e:4b:c8:
24:51:a8:d2:74:df:0c:70:27:e8:d7:89:62:f7:c7:be:f6:3f:
77:d5:1e:51:38:4a:ca:15:c1:88:7c:a6:0d:ca:66:e0:41:9d:
c0:dd:2a:6a:04:e3:a6:51:ea:87:60:4f:59:1e:5b:f5:7a:29:
b1:da:93:91:99:fd:df:02:39:45:53:d8:47:c4:61:40:e1:0b:
09:c1:b9:5a:0a:c4:de:69:5e:15:da:f7:2e:86:80:bc:5c:d3:
3b:14:5f:0b:81:7f:5d:17:96:0d:9d:fc:56:02:a7:a3:0e:69:
bc:04:ce:ff:72:99:57:15:e3:6b:19:de:32:de:4e:66:26:17:
d4:73:b8:10:de:d1:3e:9c:b2:dc:17:e6:5d:0a:f2:45:20:1f:
00:b0:5c:4c:2d:64:c8:3c:bc:65:ee:8b:c5:47:d5:62:c3:0f:
93:f5:fc:be
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgIDAIIVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDEyOTA5MDA1NVoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjViNzY5NDYtZmI0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4TCJ69OT3PKKKSx/xkTO1L6GZaGRkvuVa8qVyuMSYZlvbEUVlReiidg2v2
XMETBgLk9837fHqFd+k6SixKUZYI+DPNzuWjSA2Bw528BQoqlaPPMbzCwBmyi4pB
QidTF+ugBFZ20npY8AvVTOipQwzzJd659Zdfpsea3R0PrR64TlM6HdGQuFGKW7WM
/s4LQ1+59qhoBHu/YmeM37BP2R5i3KBRF/xS4BVVEKPp5PCKeivqe8/js71U7xpr
KjN3ogt0UUC4/XszZx7BPIpnM7jUmc/kk2GIJsqnVywozKx8vOHLNur6fqoPh7/u
n7AiDqo5iaxqKPABjQ+cwnRWaVMCAwEAAaOCA2wwggNoMB0GA1UdDgQWBBSFIpo3
b6HnhYhz023FWbTIVPkyPTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0FCMjE4MzMy
NEFFRDExRUVBNkQ0RjA0N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIH1BggrBgEFBQcBBwEB
/wSB5TCB4jCBxQQCAAEwgb4DBAIbe/ADBAIr9ygDBAIr+JgDBAIr+PADBAIt+AAD
BAIt+KwDBAJnEBwDBAJnHPwDBAJnKMgDBABnRFcDBAJnRRgDBAJnRlAwDAMEAGdb
SQMEAGdbSgMEAGdeUwMEAmdkBAMEAWd8eAMEAGeZDAMEAGekjQMEAWelZgMEAGer
bQMEAWe3VgMEAGe36QMEAWe+CAMEAmfGrAMEAmfYjAMEAmfZhAMEAmfgkAMEAqM1
VDAMAwQAtJXhAwQCtJXgMBgEAgACMBIDBwAgAQ3x0kADBwAkBeEAAAAwDQYJKoZI
hvcNAQELBQADggEBAFtEqhPC7Z4Pf9mf7Gg2VEM3sHW3r4BROwraazONw4qmAujc
VhXhxbZ7PkQPY+vwFPc3ksTm0iXXJnjDmtlC5ni1Q+qzjz0CmJm3LjtBqMzvphMk
QIM3v55LyCRRqNJ03wxwJ+jXiWL3x772P3fVHlE4SsoVwYh8pg3KZuBBncDdKmoE
46ZR6odgT1keW/V6KbHak5GZ/d8COUVT2EfEYUDhCwnBuVoKxN5pXhXa9y6GgLxc
0zsUXwuBf10Xlg2d/FYCp6MOabwEzv9ymVcV42sZ3jLeTmYmF9RzuBDe0T6cstwX
5l0K8kUgHwCwXEwtZMg8vGXui8VH1WLDD5P1/L4=
-----END CERTIFICATE-----
Generated at Tue Mar 26 14:51:03 2024 by rpki-client on console-fra.rpki-client.org