Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D1EB0EB8197711EEACD4D479C4F9AE02.roa
File: D1EB0EB8197711EEACD4D479C4F9AE02.roa (raw, json)
Hash identifier: F1K2wYmhLpOq2s0wE+xalBHlo4eCwvk2YHPNMybEagU=
Subject key identifier: EA:F7:FD:D1:C2:36:6C:D7:2D:4C:9A:93:01:14:F0:23:28:34:08:99
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 74C6
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D1EB0EB8197711EEACD4D479C4F9AE02.roa
Signing time: Mon 03 Jul 2023 08:01:31 +0000
ROA not before: Mon 03 Jul 2023 08:01:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133982
IP address blocks: 45.118.156.0/24 maxlen: 24
45.118.157.0/24 maxlen: 24
45.118.158.0/24 maxlen: 24
45.118.159.0/24 maxlen: 24
103.46.200.0/24 maxlen: 24
103.46.201.0/24 maxlen: 24
103.46.202.0/24 maxlen: 24
103.46.203.0/24 maxlen: 24
103.48.196.0/24 maxlen: 24
103.48.197.0/24 maxlen: 24
103.48.198.0/24 maxlen: 24
103.48.199.0/24 maxlen: 24
103.56.228.0/24 maxlen: 24
103.56.229.0/24 maxlen: 24
103.56.230.0/24 maxlen: 24
103.56.231.0/24 maxlen: 24
103.57.84.0/22 maxlen: 24
103.60.215.0/24 maxlen: 24
103.85.143.0/24 maxlen: 24
103.87.56.0/24 maxlen: 24
103.87.57.0/24 maxlen: 24
103.87.58.0/24 maxlen: 24
103.87.59.0/24 maxlen: 24
103.92.40.0/22 maxlen: 24
103.95.80.0/24 maxlen: 24
103.95.81.0/24 maxlen: 24
103.95.82.0/24 maxlen: 24
103.95.83.0/24 maxlen: 24
103.108.4.0/24 maxlen: 24
103.108.5.0/24 maxlen: 24
103.108.6.0/24 maxlen: 24
103.108.7.0/24 maxlen: 24
103.110.48.0/24 maxlen: 24
103.110.49.0/24 maxlen: 24
103.110.144.0/24 maxlen: 24
103.110.145.0/24 maxlen: 24
103.110.146.0/24 maxlen: 24
103.110.147.0/24 maxlen: 24
103.120.50.0/24 maxlen: 24
103.120.51.0/24 maxlen: 24
103.139.56.0/24 maxlen: 24
103.157.227.0/24 maxlen: 24
103.160.26.0/23 maxlen: 24
103.161.56.0/23 maxlen: 24
103.164.188.0/24 maxlen: 24
103.170.80.0/23 maxlen: 24
103.172.72.0/23 maxlen: 24
103.177.120.0/23 maxlen: 24
103.181.166.0/24 maxlen: 24
103.205.146.0/24 maxlen: 24
103.211.12.0/24 maxlen: 24
103.211.13.0/24 maxlen: 24
103.211.14.0/24 maxlen: 24
103.211.15.0/24 maxlen: 24
103.211.16.0/24 maxlen: 24
103.211.17.0/24 maxlen: 24
103.211.18.0/24 maxlen: 24
103.211.19.0/24 maxlen: 24
103.211.52.0/24 maxlen: 24
103.211.53.0/24 maxlen: 24
103.211.54.0/24 maxlen: 24
103.211.55.0/24 maxlen: 24
103.212.144.0/24 maxlen: 24
103.212.145.0/24 maxlen: 24
103.212.146.0/24 maxlen: 24
103.212.147.0/24 maxlen: 24
103.212.156.0/24 maxlen: 24
103.212.157.0/24 maxlen: 24
103.212.158.0/24 maxlen: 24
103.212.159.0/24 maxlen: 24
103.214.60.0/24 maxlen: 24
103.214.61.0/24 maxlen: 24
103.214.62.0/24 maxlen: 24
103.214.63.0/24 maxlen: 24
110.235.216.0/22 maxlen: 24
110.235.224.0/24 maxlen: 24
110.235.225.0/24 maxlen: 24
110.235.226.0/24 maxlen: 24
110.235.227.0/24 maxlen: 24
110.235.228.0/24 maxlen: 24
110.235.229.0/24 maxlen: 24
110.235.230.0/24 maxlen: 24
110.235.231.0/24 maxlen: 24
110.235.232.0/24 maxlen: 24
110.235.233.0/24 maxlen: 24
110.235.234.0/24 maxlen: 24
110.235.235.0/24 maxlen: 24
110.235.236.0/24 maxlen: 24
110.235.237.0/24 maxlen: 24
110.235.238.0/24 maxlen: 24
110.235.239.0/24 maxlen: 24
139.5.240.0/24 maxlen: 24
139.5.241.0/24 maxlen: 24
139.5.242.0/24 maxlen: 24
139.5.243.0/24 maxlen: 24
139.5.248.0/24 maxlen: 24
139.5.249.0/24 maxlen: 24
139.5.250.0/24 maxlen: 24
139.5.251.0/24 maxlen: 24
139.5.252.0/22 maxlen: 24
144.48.72.0/22 maxlen: 24
146.196.32.0/22 maxlen: 24
146.196.36.0/24 maxlen: 24
146.196.37.0/24 maxlen: 24
146.196.38.0/24 maxlen: 24
146.196.39.0/24 maxlen: 24
160.202.36.0/22 maxlen: 24
192.140.152.0/24 maxlen: 24
192.140.153.0/24 maxlen: 24
192.140.154.0/24 maxlen: 24
192.140.155.0/24 maxlen: 24
202.173.124.0/22 maxlen: 24
2401:9640::/32 maxlen: 32
2407:aec0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29894 (0x74c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 3 08:01:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64a2805b-d6e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:8f:c7:e9:05:a4:a8:d7:d9:18:f6:ff:71:
c5:16:0f:14:91:d8:ec:96:b1:97:0e:da:7b:c5:14:
17:02:1e:81:5e:7e:f2:22:1e:a8:35:33:51:6e:3b:
20:86:85:40:3c:99:40:cb:00:db:a3:e0:c5:1a:d8:
e9:96:97:0e:82:f9:b6:c7:fd:ff:46:54:aa:3f:5d:
e3:54:73:77:18:d9:a0:76:1b:43:1d:75:5d:d7:78:
95:72:5a:5a:e7:9d:36:7c:22:10:c0:b5:9d:b1:26:
e5:45:1b:1c:3c:25:4a:f0:93:00:ad:87:35:04:e9:
f6:2b:1c:6d:d9:79:1d:e6:5b:ae:8a:b5:2b:76:be:
1b:da:2c:1a:1f:b1:96:07:23:16:3e:d0:6c:27:29:
27:84:5b:2f:2a:a7:e2:b2:32:1c:2a:84:e2:61:4a:
40:13:56:53:8c:83:36:7c:fa:0c:ca:ea:4f:08:d8:
bb:dd:de:ad:67:d7:04:c1:db:7d:4b:8e:0c:33:50:
b5:38:91:e1:7a:c3:dc:36:ed:f9:1b:02:e2:77:fe:
03:c8:ac:f0:2f:fd:41:8d:fe:b4:c3:13:a2:da:26:
5d:c4:b2:f8:ef:25:4d:55:b3:68:c2:3d:55:60:37:
73:87:14:c0:63:28:24:ec:80:7f:9b:d6:11:8d:a8:
c8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F7:FD:D1:C2:36:6C:D7:2D:4C:9A:93:01:14:F0:23:28:34:08:99
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D1EB0EB8197711EEACD4D479C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.156.0/22
103.46.200.0/22
103.48.196.0/22
103.56.228.0/22
103.57.84.0/22
103.60.215.0/24
103.85.143.0/24
103.87.56.0/22
103.92.40.0/22
103.95.80.0/22
103.108.4.0/22
103.110.48.0/23
103.110.144.0/22
103.120.50.0/23
103.139.56.0/24
103.157.227.0/24
103.160.26.0/23
103.161.56.0/23
103.164.188.0/24
103.170.80.0/23
103.172.72.0/23
103.177.120.0/23
103.181.166.0/24
103.205.146.0/24
103.211.12.0-103.211.19.255
103.211.52.0/22
103.212.144.0/22
103.212.156.0/22
103.214.60.0/22
110.235.216.0/22
110.235.224.0/20
139.5.240.0/22
139.5.248.0/21
144.48.72.0/22
146.196.32.0/21
160.202.36.0/22
192.140.152.0/22
202.173.124.0/22
IPv6:
2401:9640::/32
2407:aec0::/32
Signature Algorithm: sha256WithRSAEncryption
7d:40:4b:b7:b1:fd:c9:17:f2:59:46:1f:8b:82:bb:31:1b:6b:
98:9f:c9:15:83:20:76:c3:59:ce:4a:14:34:6b:20:e8:ad:17:
d5:5a:b6:cb:b0:a3:ba:c0:70:2d:91:da:86:33:26:ee:d4:e7:
08:ce:32:ed:b7:ef:13:eb:32:6c:84:42:e7:0b:86:e8:71:68:
ef:22:80:9f:c7:e4:b8:11:26:4c:35:6c:05:ef:7e:fb:cf:1b:
09:ba:fa:1b:8b:d9:ed:00:bc:81:01:fe:be:75:66:c5:64:83:
0e:2e:14:a8:df:33:1c:86:ec:5e:7a:fb:33:90:67:8d:f5:4b:
98:a3:93:32:20:46:31:10:68:5e:3e:eb:de:41:bc:9e:ee:63:
81:be:e7:dc:e9:59:7a:ab:7a:68:69:48:4f:6d:72:c5:b2:e5:
2a:b1:d5:71:1f:a4:6d:a5:4a:35:02:3c:a2:ad:ee:02:22:b4:
43:b5:b5:0c:9e:41:70:20:e7:39:4d:fd:d3:02:35:8b:7a:fe:
7d:2f:c7:5d:ac:36:38:37:9e:7a:1b:ec:f4:c6:de:58:b1:b2:
0f:4d:e9:40:e4:4f:79:50:a0:56:18:08:fe:61:01:57:75:d8:
d6:05:3f:95:50:ac:0b:2f:4b:a0:6b:24:fb:73:67:6b:c5:7d:
6b:94:8e:5c
-----BEGIN CERTIFICATE-----
MIIGdTCCBV2gAwIBAgICdMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNzAzMDgwMTMxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGEyODA1Yi1kNmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoEKPx+kFpKjX2Rj2/3HFFg8UkdjslrGXDtp7xRQXAh6BXn7yIh6oNTNRbjsg
hoVAPJlAywDbo+DFGtjplpcOgvm2x/3/RlSqP13jVHN3GNmgdhtDHXVd13iVclpa
5502fCIQwLWdsSblRRscPCVK8JMArYc1BOn2Kxxt2Xkd5luuirUrdr4b2iwaH7GW
ByMWPtBsJyknhFsvKqfisjIcKoTiYUpAE1ZTjIM2fPoMyupPCNi73d6tZ9cEwdt9
S44MM1C1OJHhesPcNu35GwLid/4DyKzwL/1Bjf60wxOi2iZdxLL47yVNVbNowj1V
YDdzhxTAYygk7IB/m9YRjajIEwIDAQABo4IDmTCCA5UwHQYDVR0OBBYEFOr3/dHC
NmzXLUyakwEU8CMoNAiZMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDFFQjBFQjgx
OTc3MTFFRUFDRDRENDc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEhBggrBgEFBQcBBwEB
/wSCARAwggEMMIHzBAIAATCB7AMEAi12nAMEAmcuyAMEAmcwxAMEAmc45AMEAmc5
VAMEAGc81wMEAGdVjwMEAmdXOAMEAmdcKAMEAmdfUAMEAmdsBAMEAWduMAMEAmdu
kAMEAWd4MgMEAGeLOAMEAGed4wMEAWegGgMEAWehOAMEAGekvAMEAWeqUAMEAWes
SAMEAWexeAMEAGe1pgMEAGfNkjAMAwQCZ9MMAwQCZ9MQAwQCZ9M0AwQCZ9SQAwQC
Z9ScAwQCZ9Y8AwQCbuvYAwQEbuvgAwQCiwXwAwQDiwX4AwQCkDBIAwQDksQgAwQC
oMokAwQCwIyYAwQCyq18MBQEAgACMA4DBQAkAZZAAwUAJAeuwDANBgkqhkiG9w0B
AQsFAAOCAQEAfUBLt7H9yRfyWUYfi4K7MRtrmJ/JFYMgdsNZzkoUNGsg6K0X1Vq2
y7CjusBwLZHahjMm7tTnCM4y7bfvE+sybIRC5wuG6HFo7yKAn8fkuBEmTDVsBe9+
+88bCbr6G4vZ7QC8gQH+vnVmxWSDDi4UqN8zHIbsXnr7M5BnjfVLmKOTMiBGMRBo
Xj7r3kG8nu5jgb7n3OlZeqt6aGlIT21yxbLlKrHVcR+kbaVKNQI8oq3uAiK0Q7W1
DJ5BcCDnOU390wI1i3r+fS/HXaw2ODeeehvs9MbeWLGyD03pQORPeVCgVhgI/mEB
V3XY1gU/lVCsCy9LoGsk+3Nna8V9a5SOXA==
-----END CERTIFICATE-----
Generated at Thu Nov 23 07:05:20 2023 by rpki-client on console-fra.rpki-client.org