Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/A936C6DCCB0C11EE9544076FC4F9AE02.roa
File: A936C6DCCB0C11EE9544076FC4F9AE02.roa (raw, json)
Hash identifier: YGB7yGXGIjq7RkyYYqAANwp1TItttaNMFv3gw6G/TP4=
Subject key identifier: 1B:4F:32:B6:9E:2E:26:C3:D5:7B:47:B4:39:BF:02:6F:1F:19:5E:9F
Certificate issuer: /CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Certificate serial: 20DA
Authority key identifier: 13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/A936C6DCCB0C11EE9544076FC4F9AE02.roa
Signing time: Wed 14 Feb 2024 07:42:53 +0000
ROA not before: Wed 14 Feb 2024 07:42:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18196
IP address blocks: 45.117.128.0/22 maxlen: 22
45.117.128.0/24 maxlen: 24
45.117.129.0/24 maxlen: 24
45.117.130.0/24 maxlen: 24
45.117.131.0/24 maxlen: 24
103.255.112.0/24 maxlen: 24
103.255.113.0/24 maxlen: 24
103.255.114.0/24 maxlen: 24
202.134.151.0/24 maxlen: 24
202.134.154.0/24 maxlen: 24
202.134.155.0/24 maxlen: 24
202.134.156.0/24 maxlen: 24
202.134.157.0/24 maxlen: 24
202.134.160.0/24 maxlen: 24
202.134.161.0/24 maxlen: 24
202.134.162.0/24 maxlen: 24
202.134.163.0/24 maxlen: 24
202.134.164.0/24 maxlen: 24
202.134.165.0/24 maxlen: 24
202.134.166.0/24 maxlen: 24
202.134.167.0/24 maxlen: 24
202.134.168.0/24 maxlen: 24
202.134.169.0/24 maxlen: 24
202.134.170.0/24 maxlen: 24
202.134.171.0/24 maxlen: 24
202.134.172.0/24 maxlen: 24
202.134.173.0/24 maxlen: 24
202.134.174.0/24 maxlen: 24
202.134.175.0/24 maxlen: 24
202.134.176.0/24 maxlen: 24
202.134.177.0/24 maxlen: 24
202.134.178.0/24 maxlen: 24
202.134.179.0/24 maxlen: 24
202.134.180.0/24 maxlen: 24
202.134.181.0/24 maxlen: 24
202.134.182.0/24 maxlen: 24
202.134.183.0/24 maxlen: 24
202.134.184.0/24 maxlen: 24
202.134.185.0/24 maxlen: 24
202.134.186.0/24 maxlen: 24
202.134.187.0/24 maxlen: 24
202.134.188.0/24 maxlen: 24
202.134.189.0/24 maxlen: 24
202.134.190.0/24 maxlen: 24
202.134.191.0/24 maxlen: 24
2402:f200::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 14 Mar 2024 09:31:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8410 (0x20da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Validity
Not Before: Feb 14 07:42:53 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65cc6efd-968f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b4:04:f3:d8:30:67:54:94:8d:c4:a6:21:af:
28:28:01:ad:55:00:0a:d4:55:78:dd:28:62:26:2d:
67:b6:89:57:23:6b:e1:b4:f3:a4:5a:7d:f0:b4:4b:
e9:67:e8:ff:9b:dd:91:6e:19:1b:7d:63:5c:2e:97:
a8:38:65:b9:ee:d1:a1:af:5f:86:5d:8d:35:92:5e:
09:6b:0a:87:91:f6:3b:e9:6f:e0:61:4c:b5:14:34:
c6:a3:97:93:70:52:5e:8c:35:e5:95:5f:31:c9:91:
1a:a6:c6:c4:73:27:c0:7f:d7:6c:52:59:dc:19:72:
86:d7:8e:da:ca:76:5f:b7:ee:ec:88:5c:d3:6e:2d:
dd:67:58:83:cd:ea:79:b9:47:f2:99:fc:44:b0:86:
a4:1a:c7:7d:65:3d:81:f5:fd:dc:cc:95:03:ed:a9:
6e:4c:ad:70:e1:d3:87:52:b3:f2:c7:dd:cb:50:3a:
ae:ac:78:8b:62:ac:6f:14:41:d3:b2:e7:31:b3:ed:
e4:09:53:b7:fd:c7:75:df:01:03:46:50:87:62:c2:
7a:e2:4c:bf:40:dc:d0:64:ce:29:81:5a:b9:59:9d:
0b:b8:22:bc:93:46:d6:0f:e3:d6:2b:c5:ac:81:a5:
c5:9f:fc:d7:34:18:40:cb:15:46:d8:85:2b:69:22:
ec:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:4F:32:B6:9E:2E:26:C3:D5:7B:47:B4:39:BF:02:6F:1F:19:5E:9F
X509v3 Authority Key Identifier:
keyid:13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/A936C6DCCB0C11EE9544076FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.128.0/22
103.255.112.0-103.255.114.255
202.134.151.0/24
202.134.154.0-202.134.157.255
202.134.160.0/19
IPv6:
2402:f200::/32
Signature Algorithm: sha256WithRSAEncryption
8f:5e:11:67:ac:78:17:66:de:d3:22:26:26:74:f3:f2:1a:0b:
c4:1a:21:d9:3f:77:3b:79:df:bb:7f:f0:1a:e0:db:b3:1f:a0:
25:d4:8f:3f:ed:8e:a2:6a:67:be:d9:2c:07:44:67:46:7a:c8:
31:16:7f:69:48:e5:bf:d8:7b:6b:d8:d6:7a:36:f6:45:67:d5:
ca:e4:6b:fa:44:15:83:55:aa:7e:7d:df:9b:a0:58:3f:57:ae:
b5:9b:07:84:09:ff:d1:14:3f:ea:e9:5f:c4:15:f9:64:03:f9:
03:ad:24:fd:4d:b5:1a:6a:b6:82:65:d0:17:34:a2:2b:97:20:
a8:05:ab:f8:0f:b6:3d:d3:95:85:1e:ea:3d:01:54:85:b1:ae:
87:ae:7e:01:22:0f:c4:67:bd:e2:d7:e7:03:1f:40:b6:09:0f:
12:87:be:75:04:de:6f:2d:19:40:6a:e3:6c:58:a4:4d:57:dc:
57:98:af:b7:9c:e7:06:08:32:71:63:f2:bc:57:c3:77:23:37:
e9:84:59:b3:43:e2:19:e0:b9:be:24:11:82:86:73:84:b5:f3:
8f:2e:6d:c7:00:7d:11:d8:05:1e:bc:77:eb:56:5a:e7:fb:c9:
58:b5:6f:06:1b:de:2c:fb:6c:44:d5:94:a4:05:4c:6e:4a:78:
f1:a5:f9:c4
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgICINowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OURBRjIxMTAvBgNVBAUTKDEzOUNDMURCNkI5RDI0QjkzQjE0OTI4QTc1MThEMDRF
QjNCMjZBM0EwHhcNMjQwMjE0MDc0MjUzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNjNmVmZC05NjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyLQE89gwZ1SUjcSmIa8oKAGtVQAK1FV43ShiJi1ntolXI2vhtPOkWn3wtEvp
Z+j/m92RbhkbfWNcLpeoOGW57tGhr1+GXY01kl4JawqHkfY76W/gYUy1FDTGo5eT
cFJejDXllV8xyZEapsbEcyfAf9dsUlncGXKG147aynZft+7siFzTbi3dZ1iDzep5
uUfymfxEsIakGsd9ZT2B9f3czJUD7aluTK1w4dOHUrPyx93LUDqurHiLYqxvFEHT
sucxs+3kCVO3/cd13wEDRlCHYsJ64ky/QNzQZM4pgVq5WZ0LuCK8k0bWD+PWK8Ws
gaXFn/zXNBhAyxVG2IUraSLsbwIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFBtPMrae
LibD1XtHtDm/Am8fGV6fMB8GA1UdIwQYMBaAFBOcwdtrnSS5OxSSinUY0E6zsmo6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REFGMi8yNkVDNkREQUQz
REExMUU1OEM1Q0Q0MEZDNEY5QUUwMi9FNXpCMjJ1ZEpMazdGSktLZFJqUVRyT3lh
am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U1ekIyMnVkSkxrN0ZKS0tkUmpRVHJPeWFqby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OURBRjIvMjZFQzZEREFEM0RBMTFFNThDNUNENDBGQzRGOUFFMDIvQTkzNkM2REND
QjBDMTFFRTk1NDQwNzZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E
RzBFMDQEAgABMC4DBAItdYAwDAMEBGf/cAMEAGf/cgMEAMqGlzAMAwQByoaaAwQB
yoacAwQFyoagMA0EAgACMAcDBQAkAvIAMA0GCSqGSIb3DQEBCwUAA4IBAQCPXhFn
rHgXZt7TIiYmdPPyGgvEGiHZP3c7ed+7f/Aa4NuzH6Al1I8/7Y6iame+2SwHRGdG
esgxFn9pSOW/2Htr2NZ6NvZFZ9XK5Gv6RBWDVap+fd+boFg/V661mweECf/RFD/q
6V/EFflkA/kDrST9TbUaaraCZdAXNKIrlyCoBav4D7Y905WFHuo9AVSFsa6Hrn4B
Ig/EZ73i1+cDH0C2CQ8Sh751BN5vLRlAauNsWKRNV9xXmK+3nOcGCDJxY/K8V8N3
IzfphFmzQ+IZ4Lm+JBGChnOEtfOPLm3HAH0R2AUevHfrVlrn+8lYtW8GG94s+2xE
1ZSkBUxuSnjxpfnE
-----END CERTIFICATE-----
Generated at Thu Mar 14 14:48:42 2024 by rpki-client on console-ams.rpki-client.org