Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/76F467E67CA111EF9C3F7C81C4F9AE02.roa
File: 76F467E67CA111EF9C3F7C81C4F9AE02.roa (raw, json)
Hash identifier: NMgnBoEoC4IzRKjGRZvWqKEdIYzOrLttOWIF7eeZVgk=
Subject key identifier: 91:9D:35:06:80:76:9F:53:32:76:51:82:A9:51:20:44:B9:AA:B7:D8
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 0AFF
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/76F467E67CA111EF9C3F7C81C4F9AE02.roa
Signing time: Fri 27 Sep 2024 07:24:00 +0000
ROA not before: Fri 27 Sep 2024 07:24:00 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 17408
IP address blocks: 43.230.52.0/24 maxlen: 24
43.230.53.0/24 maxlen: 24
43.230.54.0/24 maxlen: 24
43.230.55.0/24 maxlen: 24
43.231.189.0/24 maxlen: 24
43.231.191.0/24 maxlen: 24
43.246.129.0/24 maxlen: 24
43.246.131.0/24 maxlen: 24
43.246.197.0/24 maxlen: 24
43.246.199.0/24 maxlen: 24
43.251.185.0/24 maxlen: 24
43.251.187.0/24 maxlen: 24
45.115.33.0/24 maxlen: 24
45.115.35.0/24 maxlen: 24
103.8.87.0/24 maxlen: 24
103.12.53.0/24 maxlen: 24
103.12.55.0/24 maxlen: 24
103.13.17.0/24 maxlen: 24
103.13.19.0/24 maxlen: 24
103.15.33.0/24 maxlen: 24
103.15.34.0/24 maxlen: 24
103.15.35.0/24 maxlen: 24
103.15.76.0/24 maxlen: 24
103.15.77.0/24 maxlen: 24
103.15.78.0/24 maxlen: 24
103.21.105.0/24 maxlen: 24
103.21.107.0/24 maxlen: 24
103.248.148.0/24 maxlen: 24
103.248.149.0/24 maxlen: 24
103.248.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 01:45:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2815 (0xaff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Validity
Not Before: Sep 27 07:24:00 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66f65d90-9919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:82:51:85:62:5d:a5:08:4d:0d:ea:d0:cc:3d:
3f:fe:88:4e:24:95:b5:86:30:4a:b1:26:b9:a8:c5:
26:d2:db:0c:7b:00:71:e1:e4:30:4f:1e:db:3b:3c:
31:d1:2e:e9:0e:91:c9:4e:03:e5:62:e5:37:d8:46:
b8:a6:e2:65:92:d7:ea:47:27:eb:03:b7:69:c7:56:
30:b1:7b:1c:6e:4f:25:0f:c4:47:e3:2e:83:fd:96:
1f:23:d8:05:93:52:01:55:5a:df:66:47:83:00:95:
9a:d5:c7:37:96:63:92:dc:e9:76:a3:51:0b:39:7a:
6c:b8:88:3e:f2:f2:e7:1d:a9:17:7b:b3:a8:66:9a:
09:ed:13:96:25:cc:6a:84:96:08:be:bb:a5:fc:94:
d0:29:ac:cb:85:ab:91:a0:c3:7f:17:61:80:5e:45:
aa:4d:0b:93:9c:7b:9f:46:4f:3c:d3:0f:13:59:47:
2a:28:97:a7:d1:fb:20:c6:27:24:14:14:e2:a3:cc:
0c:44:54:4e:93:88:f5:ed:12:bd:c4:8e:67:8f:56:
18:8d:eb:16:5b:64:e7:6e:0b:29:ac:90:d8:8d:43:
ea:d3:22:1f:b2:44:9d:7e:ab:83:a3:8d:6d:ac:11:
6e:12:3b:d8:d7:85:70:b5:7a:f0:83:f4:ad:db:50:
64:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9D:35:06:80:76:9F:53:32:76:51:82:A9:51:20:44:B9:AA:B7:D8
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/76F467E67CA111EF9C3F7C81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.52.0/22
43.231.189.0/24
43.231.191.0/24
43.246.129.0/24
43.246.131.0/24
43.246.197.0/24
43.246.199.0/24
43.251.185.0/24
43.251.187.0/24
45.115.33.0/24
45.115.35.0/24
103.8.87.0/24
103.12.53.0/24
103.12.55.0/24
103.13.17.0/24
103.13.19.0/24
103.15.33.0-103.15.35.255
103.15.76.0-103.15.78.255
103.21.105.0/24
103.21.107.0/24
103.248.148.0/23
103.248.151.0/24
Signature Algorithm: sha256WithRSAEncryption
78:83:29:ba:d8:fb:a1:d0:bb:ac:d0:c6:53:ad:23:96:d6:37:
b2:a7:e1:a4:2e:09:f2:4b:b9:bb:a0:3e:43:32:ff:5a:b4:5f:
29:bb:c0:e6:70:fd:ad:53:03:98:29:92:d6:f4:ce:36:d8:26:
65:6f:bf:20:86:d6:a7:64:5a:5d:b5:8a:54:a0:bf:cc:7b:fa:
e0:09:78:e5:10:a1:1d:76:81:20:4b:76:95:3e:33:62:7b:dc:
8a:0b:08:65:90:59:05:63:99:40:89:7f:b7:05:e9:d6:75:09:
fe:4b:ff:d6:e6:6b:92:e0:f3:2b:01:b7:77:7e:2e:a8:91:52:
15:c5:75:e9:c7:8a:e4:76:53:1e:3f:e1:a4:04:7f:f4:87:e9:
3c:0a:d1:66:59:d1:89:3d:b1:6f:5c:9e:a1:42:5f:6c:fd:7b:
e9:41:06:81:75:65:b7:b8:0d:7b:d0:61:45:cf:bf:ec:e0:c5:
a6:5b:51:19:6c:3a:94:94:6a:34:5d:6c:92:0a:50:eb:4f:4f:
5d:1a:a5:5b:a5:ea:80:2e:01:b4:44:8e:9e:21:5e:f3:9f:ab:
30:cb:4e:66:03:ba:a1:88:19:76:fd:ac:ae:89:91:a8:ed:93:
f5:cf:f3:4e:fd:0f:b7:59:b1:aa:ac:0f:5e:9b:b3:18:28:9e:
ec:78:db:6a
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICCv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjQwOTI3MDcyNDAwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2NWQ5MC05OTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxYJRhWJdpQhNDerQzD0//ohOJJW1hjBKsSa5qMUm0tsMewBx4eQwTx7bOzwx
0S7pDpHJTgPlYuU32Ea4puJlktfqRyfrA7dpx1YwsXscbk8lD8RH4y6D/ZYfI9gF
k1IBVVrfZkeDAJWa1cc3lmOS3Ol2o1ELOXpsuIg+8vLnHakXe7OoZpoJ7ROWJcxq
hJYIvrul/JTQKazLhauRoMN/F2GAXkWqTQuTnHufRk880w8TWUcqKJen0fsgxick
FBTio8wMRFROk4j17RK9xI5nj1YYjesWW2TnbgsprJDYjUPq0yIfskSdfquDo41t
rBFuEjvY14VwtXrwg/St21BkOwIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFJGdNQaA
dp9TMnZRgqlRIES5qrfYMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvNzZGNDY3RTY3
Q0ExMTFFRjlDM0Y3QzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbEGCCsGAQUFBwEHAQH/
BIGhMIGeMIGbBAIAATCBlAMEAivmNAMEACvnvQMEACvnvwMEACv2gQMEACv2gwME
ACv2xQMEACv2xwMEACv7uQMEACv7uwMEAC1zIQMEAC1zIwMEAGcIVwMEAGcMNQME
AGcMNwMEAGcNEQMEAGcNEzAMAwQAZw8hAwQCZw8gMAwDBAJnD0wDBABnD04DBABn
FWkDBABnFWsDBAFn+JQDBABn+JcwDQYJKoZIhvcNAQELBQADggEBAHiDKbrY+6HQ
u6zQxlOtI5bWN7Kn4aQuCfJLubugPkMy/1q0Xym7wOZw/a1TA5gpktb0zjbYJmVv
vyCG1qdkWl21ilSgv8x7+uAJeOUQoR12gSBLdpU+M2J73IoLCGWQWQVjmUCJf7cF
6dZ1Cf5L/9bma5Lg8ysBt3d+LqiRUhXFdenHiuR2Ux4/4aQEf/SH6TwK0WZZ0Yk9
sW9cnqFCX2z9e+lBBoF1Zbe4DXvQYUXPv+zgxaZbURlsOpSUajRdbJIKUOtPT10a
pVul6oAuAbREjp4hXvOfqzDLTmYDuqGIGXb9rK6Jkajtk/XP8079D7dZsaqsD16b
sxgonux422o=
-----END CERTIFICATE-----
Generated at Thu Nov 14 03:49:17 2024 by rpki-client on console-fra.rpki-client.org