Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F9AF331AD53911EE962AB675C4F9AE02.roa
File: F9AF331AD53911EE962AB675C4F9AE02.roa (raw, json)
Hash identifier: Htx9ZljBQaz9chVXrrwf32BhIYBc3n7vzYVnSwlzlkM=
Subject key identifier: 93:77:60:E3:BE:79:CF:F8:D1:A6:CA:85:EB:7C:91:A4:4E:91:4C:F0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8555
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F9AF331AD53911EE962AB675C4F9AE02.roa
Signing time: Tue 26 Mar 2024 10:54:24 +0000
ROA not before: Tue 26 Mar 2024 10:54:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137085
IP address blocks: 27.123.240.0/23 maxlen: 24
43.225.248.0/22 maxlen: 24
43.228.164.0/23 maxlen: 24
103.37.98.0/23 maxlen: 24
103.52.32.0/24 maxlen: 24
103.68.140.0/23 maxlen: 24
103.69.239.0/24 maxlen: 24
103.72.196.0/24 maxlen: 24
103.91.72.0/24 maxlen: 24
103.91.73.0/24 maxlen: 24
103.91.74.0/24 maxlen: 24
103.91.75.0/24 maxlen: 24
103.91.76.0/22 maxlen: 24
103.92.107.0/24 maxlen: 24
103.93.39.0/24 maxlen: 24
103.101.112.0/22 maxlen: 24
103.113.110.0/23 maxlen: 24
103.115.128.0/24 maxlen: 24
103.115.129.0/24 maxlen: 24
103.115.130.0/24 maxlen: 24
103.115.131.0/24 maxlen: 24
103.120.152.0/24 maxlen: 24
103.120.153.0/24 maxlen: 24
103.124.174.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.146.232.0/24 maxlen: 24
103.154.8.0/23 maxlen: 24
103.158.41.0/24 maxlen: 24
103.159.104.0/23 maxlen: 24
103.160.25.0/24 maxlen: 24
103.160.222.0/24 maxlen: 24
103.163.14.0/24 maxlen: 24
103.163.15.0/24 maxlen: 24
103.170.48.0/23 maxlen: 24
103.171.76.0/24 maxlen: 24
103.173.238.0/23 maxlen: 24
103.174.28.0/24 maxlen: 24
103.174.29.0/24 maxlen: 24
103.178.117.0/24 maxlen: 24
103.181.119.0/24 maxlen: 24
103.184.41.0/24 maxlen: 24
103.184.205.0/24 maxlen: 24
103.204.70.0/24 maxlen: 24
103.206.51.0/24 maxlen: 24
103.206.96.0/23 maxlen: 24
103.216.141.0/24 maxlen: 24
103.225.70.0/24 maxlen: 24
103.232.232.0/22 maxlen: 24
202.4.169.0/24 maxlen: 24
2001:df1:d240::/48 maxlen: 48
2001:df1:ed40::/48 maxlen: 48
2001:df2:3ac0::/48 maxlen: 48
2001:df2:3f40::/48 maxlen: 48
2001:df2:9640::/48 maxlen: 48
2001:df3:1340::/48 maxlen: 48
2400:d660::/32 maxlen: 32
2405:e100:1d::/48 maxlen: 48
2405:e100:1e::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Apr 2024 11:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34133 (0x8555)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 26 10:54:24 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6602a960-3005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:61:e0:ae:c2:ff:d7:43:63:1f:8a:2a:fb:b1:
25:2e:38:7b:e6:ee:bd:1c:d9:39:1c:27:36:a2:16:
19:e3:b3:0e:6c:ee:e1:df:9c:cb:d1:f2:62:9e:91:
c1:f5:66:d6:62:1a:23:87:1f:62:3a:52:58:5f:01:
d7:2f:11:78:fc:4d:9c:07:dd:a8:3b:10:bb:12:95:
d7:30:99:84:5f:02:c9:5f:1c:02:f8:58:d9:1d:bb:
0b:4d:64:18:3f:8e:2c:7c:bb:b7:35:1b:8c:b2:10:
2e:cb:68:32:9e:77:27:7d:71:95:ea:4f:75:4f:27:
f4:86:c9:15:f3:92:97:f9:1f:64:21:71:93:a6:17:
d1:fd:cb:29:12:82:dd:d7:1c:49:08:ed:c2:73:df:
49:ef:34:9b:4e:fe:8f:fc:fb:dd:ad:f3:2d:70:a1:
bd:41:37:03:04:10:a1:b8:48:14:3a:ed:1e:40:6a:
a9:57:1d:e7:7f:11:d3:c3:3a:f6:b8:99:b1:78:95:
68:1c:ba:3c:b5:9f:40:85:0e:ee:d0:8e:6a:14:a2:
14:c3:7f:34:19:33:5d:cf:15:3d:ce:99:fa:8c:1b:
fd:67:63:08:10:7f:88:a6:4f:0b:6d:16:7a:ff:7f:
dd:67:f8:56:54:bb:1e:fd:fe:c0:e8:d2:95:4e:17:
b3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:77:60:E3:BE:79:CF:F8:D1:A6:CA:85:EB:7C:91:A4:4E:91:4C:F0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F9AF331AD53911EE962AB675C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/23
43.225.248.0/22
43.228.164.0/23
103.37.98.0/23
103.52.32.0/24
103.68.140.0/23
103.69.239.0/24
103.72.196.0/24
103.91.72.0/21
103.92.107.0/24
103.93.39.0/24
103.101.112.0/22
103.113.110.0/23
103.115.128.0/22
103.120.152.0/23
103.124.174.0/24
103.138.9.0/24
103.146.232.0/24
103.154.8.0/23
103.158.41.0/24
103.159.104.0/23
103.160.25.0/24
103.160.222.0/24
103.163.14.0/23
103.170.48.0/23
103.171.76.0/24
103.173.238.0/23
103.174.28.0/23
103.178.117.0/24
103.181.119.0/24
103.184.41.0/24
103.184.205.0/24
103.204.70.0/24
103.206.51.0/24
103.206.96.0/23
103.216.141.0/24
103.225.70.0/24
103.232.232.0/22
202.4.169.0/24
IPv6:
2001:df1:d240::/48
2001:df1:ed40::/48
2001:df2:3ac0::/48
2001:df2:3f40::/48
2001:df2:9640::/48
2001:df3:1340::/48
2400:d660::/32
2405:e100:1d::-2405:e100:1e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
73:7c:14:16:26:47:ab:d6:7a:de:5a:31:60:ff:55:a9:0f:2b:
b4:9e:ef:f8:bc:ae:29:9e:46:e8:ae:b5:6d:34:36:4d:34:84:
41:4b:14:8c:a1:9b:fa:4a:dd:7b:d8:27:bf:17:a2:5d:18:fa:
a0:5b:6b:c5:f6:0c:ec:d8:eb:9a:0f:1a:3e:70:1c:d6:d0:4f:
86:a4:05:b4:45:a8:2a:01:41:00:5c:d6:27:2b:67:0e:f6:e7:
a3:ec:f6:b6:b2:41:23:1f:3c:79:6e:27:45:dc:10:23:fb:97:
86:81:03:65:75:7c:06:ae:45:73:5b:b5:87:b1:18:af:9b:e9:
94:6a:d8:ed:8e:c8:1a:67:b3:0e:1b:4e:75:e8:df:20:a2:11:
2b:35:77:83:2b:5b:2a:b1:e5:da:79:f3:ad:5f:5b:d6:1c:34:
a5:e2:04:56:a1:46:5d:2c:c3:b2:da:e3:dc:c8:1c:f6:7f:68:
aa:d0:28:b1:aa:71:dc:15:bf:ac:0a:8c:93:8c:5d:cf:04:3b:
aa:2b:3d:7f:b9:37:25:a2:15:24:81:99:4e:2c:ab:6f:10:d8:
2b:fc:92:b1:e8:ea:ac:87:55:19:fa:6b:0c:27:88:4e:60:70:
bd:09:1f:25:d9:3c:21:b5:cd:ac:62:0e:17:52:56:32:5f:d0:
99:a4:ba:07
-----BEGIN CERTIFICATE-----
MIIGtzCCBZ+gAwIBAgIDAIVVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDMyNjEwNTQyNFoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjYwMmE5NjAtMzAwNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFh4K7C/9dDYx+KKvuxJS44e+buvRzZORwnNqIWGeOzDmzu4d+cy9HyYp6R
wfVm1mIaI4cfYjpSWF8B1y8RePxNnAfdqDsQuxKV1zCZhF8CyV8cAvhY2R27C01k
GD+OLHy7tzUbjLIQLstoMp53J31xlepPdU8n9IbJFfOSl/kfZCFxk6YX0f3LKRKC
3dccSQjtwnPfSe80m07+j/z73a3zLXChvUE3AwQQobhIFDrtHkBqqVcd538R08M6
9riZsXiVaBy6PLWfQIUO7tCOahSiFMN/NBkzXc8VPc6Z+owb/WdjCBB/iKZPC20W
ev9/3Wf4VlS7Hv3+wOjSlU4Xs28CAwEAAaOCA9owggPWMB0GA1UdDgQWBBSTd2Dj
vnnP+NGmyoXrfJGkTpFM8DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y5QUYzMzFB
RDUzOTExRUU5NjJBQjY3NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBYgYIKwYBBQUHAQcB
Af8EggFRMIIBTTCB8QQCAAEwgeoDBAEbe/ADBAIr4fgDBAEr5KQDBAFnJWIDBABn
NCADBAFnRIwDBABnRe8DBABnSMQDBANnW0gDBABnXGsDBABnXScDBAJnZXADBAFn
cW4DBAJnc4ADBAFneJgDBABnfK4DBABnigkDBABnkugDBAFnmggDBABnnikDBAFn
n2gDBABnoBkDBABnoN4DBAFnow4DBAFnqjADBABnq0wDBAFnre4DBAFnrhwDBABn
snUDBABntXcDBABnuCkDBABnuM0DBABnzEYDBABnzjMDBAFnzmADBABn2I0DBABn
4UYDBAJn6OgDBADKBKkwVwQCAAIwUQMHACABDfHSQAMHACABDfHtQAMHACABDfI6
wAMHACABDfI/QAMHACABDfKWQAMHACABDfMTQAMFACQA1mAwEgMHACQF4QAAHQMH
ACQF4QAAHjANBgkqhkiG9w0BAQsFAAOCAQEAc3wUFiZHq9Z63loxYP9VqQ8rtJ7v
+LyuKZ5G6K61bTQ2TTSEQUsUjKGb+krde9gnvxeiXRj6oFtrxfYM7Njrmg8aPnAc
1tBPhqQFtEWoKgFBAFzWJytnDvbno+z2trJBIx88eW4nRdwQI/uXhoEDZXV8Bq5F
c1u1h7EYr5vplGrY7Y7IGmezDhtOdejfIKIRKzV3gytbKrHl2nnzrV9b1hw0peIE
VqFGXSzDstrj3Mgc9n9oqtAosapx3BW/rAqMk4xdzwQ7qis9f7k3JaIVJIGZTiyr
bxDYK/ySsejqrIdVGfprDCeITmBwvQkfJdk8IbXNrGIOF1JWMl/QmaS6Bw==
-----END CERTIFICATE-----
Generated at Thu Apr 25 15:37:20 2024 by rpki-client on console-ams.rpki-client.org