Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/7F20314C70C211EF91897D53C4F9AE02.roa
File: 7F20314C70C211EF91897D53C4F9AE02.roa (raw, json)
Hash identifier: 9LPus+xYfsyoZHSP6vI2mzUOLNCCI5jgPBfYNjMqj7M=
Subject key identifier: E7:9F:0F:A7:77:E4:50:FB:DA:EF:BE:CF:B7:5B:00:D3:DB:74:11:8D
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 0AF0
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/7F20314C70C211EF91897D53C4F9AE02.roa
Signing time: Thu 12 Sep 2024 04:50:13 +0000
ROA not before: Thu 12 Sep 2024 04:50:13 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 17408
IP address blocks: 43.230.52.0/24 maxlen: 24
43.230.53.0/24 maxlen: 24
43.230.54.0/24 maxlen: 24
43.230.55.0/24 maxlen: 24
43.231.189.0/24 maxlen: 24
43.231.191.0/24 maxlen: 24
43.246.129.0/24 maxlen: 24
43.246.131.0/24 maxlen: 24
43.246.197.0/24 maxlen: 24
43.246.199.0/24 maxlen: 24
43.251.185.0/24 maxlen: 24
43.251.187.0/24 maxlen: 24
45.115.33.0/24 maxlen: 24
45.115.35.0/24 maxlen: 24
45.124.60.0/24 maxlen: 24
45.124.61.0/24 maxlen: 24
45.124.62.0/24 maxlen: 24
45.124.63.0/24 maxlen: 24
103.8.87.0/24 maxlen: 24
103.12.53.0/24 maxlen: 24
103.12.55.0/24 maxlen: 24
103.13.17.0/24 maxlen: 24
103.13.19.0/24 maxlen: 24
103.15.33.0/24 maxlen: 24
103.15.34.0/24 maxlen: 24
103.15.35.0/24 maxlen: 24
103.15.76.0/24 maxlen: 24
103.15.77.0/24 maxlen: 24
103.15.78.0/24 maxlen: 24
103.21.105.0/24 maxlen: 24
103.21.107.0/24 maxlen: 24
103.248.148.0/24 maxlen: 24
103.248.149.0/24 maxlen: 24
103.248.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 07:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2800 (0xaf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Validity
Not Before: Sep 12 04:50:13 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66e27305-d81b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b8:48:71:97:69:a3:3c:7c:be:4a:c8:0f:d2:
92:6e:13:14:b4:47:62:a9:6a:64:37:ba:14:a1:9e:
7b:df:62:63:22:a1:37:84:0a:a6:92:98:f9:2e:1e:
5d:d9:df:9d:dc:d6:f6:bd:aa:b3:19:23:dc:5b:45:
a8:3e:78:bb:e3:04:b8:26:54:cf:18:7d:17:b9:5c:
52:08:48:7f:ff:4f:cb:39:49:04:e6:70:53:83:5d:
90:f7:c4:a2:a8:33:bc:7e:92:74:b7:91:38:6f:37:
1c:79:57:ee:2a:b3:c3:48:4f:90:ba:9f:88:99:62:
3f:a8:76:e3:cd:b9:15:12:41:08:55:b3:9a:11:bb:
c2:0c:b5:1c:b8:58:a2:6d:07:d4:3f:b7:d2:d1:a2:
49:a2:b9:67:41:05:9d:0c:53:c3:68:1e:95:4b:0b:
94:94:a6:6c:a1:76:53:c4:5c:82:db:94:1d:a8:e7:
5c:3f:d8:9f:4a:23:7f:26:d4:48:ce:ce:91:f0:46:
f6:b7:75:5f:6e:6f:e3:11:11:d6:c4:f4:62:0d:53:
e9:81:69:40:fe:76:cf:11:4d:69:d5:77:cd:00:26:
87:4a:63:96:f4:2d:d4:b0:bf:f2:2d:b8:c1:e6:f9:
dd:fd:6c:ca:96:61:99:22:5b:0c:e4:6f:bb:be:f8:
88:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:9F:0F:A7:77:E4:50:FB:DA:EF:BE:CF:B7:5B:00:D3:DB:74:11:8D
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/7F20314C70C211EF91897D53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.52.0/22
43.231.189.0/24
43.231.191.0/24
43.246.129.0/24
43.246.131.0/24
43.246.197.0/24
43.246.199.0/24
43.251.185.0/24
43.251.187.0/24
45.115.33.0/24
45.115.35.0/24
45.124.60.0/22
103.8.87.0/24
103.12.53.0/24
103.12.55.0/24
103.13.17.0/24
103.13.19.0/24
103.15.33.0-103.15.35.255
103.15.76.0-103.15.78.255
103.21.105.0/24
103.21.107.0/24
103.248.148.0/23
103.248.151.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:e7:09:91:6a:12:22:12:e0:9d:e6:fb:1e:9e:8b:3f:8e:ec:
70:5c:8b:10:71:eb:de:87:98:6b:32:a9:8c:7e:e3:f0:43:2a:
90:16:d8:c4:4a:0b:be:fd:4b:4c:42:c4:d7:9d:91:85:ff:26:
71:4b:e2:49:76:82:e3:0a:b2:30:d7:6d:45:e5:9c:b9:69:37:
1a:97:0d:dc:82:65:8f:03:db:37:74:d6:fe:d5:81:7d:c3:9d:
55:1a:ef:3c:36:cf:84:c0:36:aa:d6:ae:0f:95:87:3b:0c:f4:
09:88:d6:d7:80:c9:b2:b9:72:8d:3a:06:42:de:0c:5f:c7:e7:
ed:c5:df:25:0a:e2:88:94:e8:87:9e:1f:cc:a4:aa:3e:66:80:
bf:62:b7:a1:78:2c:be:79:3f:2e:69:98:a2:bb:07:c5:df:78:
1f:72:f7:c0:60:08:62:45:01:07:ef:71:9e:56:b9:7a:e4:2e:
a6:7b:51:dd:d7:14:16:ec:1d:af:77:ad:71:5d:81:b6:c4:d2:
e2:8d:2e:ca:c3:3a:09:3f:21:ac:93:46:b8:ad:32:5d:8a:60:
4d:16:bd:74:28:ba:89:3d:78:fe:8d:7e:f9:3e:5b:ac:33:90:
4c:70:f1:c7:c3:d4:e7:ce:5a:6a:60:cf:43:c1:c1:d3:cd:3c:
e4:22:d5:4b
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgICCvAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjQwOTEyMDQ1MDEzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUyNzMwNS1kODFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAubhIcZdpozx8vkrID9KSbhMUtEdiqWpkN7oUoZ5732JjIqE3hAqmkpj5Lh5d
2d+d3Nb2vaqzGSPcW0WoPni74wS4JlTPGH0XuVxSCEh//0/LOUkE5nBTg12Q98Si
qDO8fpJ0t5E4bzcceVfuKrPDSE+Qup+ImWI/qHbjzbkVEkEIVbOaEbvCDLUcuFii
bQfUP7fS0aJJorlnQQWdDFPDaB6VSwuUlKZsoXZTxFyC25QdqOdcP9ifSiN/JtRI
zs6R8Eb2t3Vfbm/jERHWxPRiDVPpgWlA/nbPEU1p1XfNACaHSmOW9C3UsL/yLbjB
5vnd/WzKlmGZIlsM5G+7vviILwIDAQABo4IDLjCCAyowHQYDVR0OBBYEFOefD6d3
5FD72u++z7dbANPbdBGNMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvN0YyMDMxNEM3
MEMyMTFFRjkxODk3RDUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbcGCCsGAQUFBwEHAQH/
BIGnMIGkMIGhBAIAATCBmgMEAivmNAMEACvnvQMEACvnvwMEACv2gQMEACv2gwME
ACv2xQMEACv2xwMEACv7uQMEACv7uwMEAC1zIQMEAC1zIwMEAi18PAMEAGcIVwME
AGcMNQMEAGcMNwMEAGcNEQMEAGcNEzAMAwQAZw8hAwQCZw8gMAwDBAJnD0wDBABn
D04DBABnFWkDBABnFWsDBAFn+JQDBABn+JcwDQYJKoZIhvcNAQELBQADggEBADzn
CZFqEiIS4J3m+x6eiz+O7HBcixBx696HmGsyqYx+4/BDKpAW2MRKC779S0xCxNed
kYX/JnFL4kl2guMKsjDXbUXlnLlpNxqXDdyCZY8D2zd01v7VgX3DnVUa7zw2z4TA
NqrWrg+VhzsM9AmI1teAybK5co06BkLeDF/H5+3F3yUK4oiU6IeeH8ykqj5mgL9i
t6F4LL55Py5pmKK7B8XfeB9y98BgCGJFAQfvcZ5WuXrkLqZ7Ud3XFBbsHa93rXFd
gbbE0uKNLsrDOgk/IayTRritMl2KYE0WvXQouok9eP6Nfvk+W6wzkExw8cfD1OfO
Wmpgz0PBwdPNPOQi1Us=
-----END CERTIFICATE-----
Generated at Fri Sep 27 09:46:38 2024 by rpki-client on console-fra.rpki-client.org