Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/3296FCF8643411ED95F93424C4F9AE02.roa
File: 3296FCF8643411ED95F93424C4F9AE02.roa (raw, json)
Hash identifier: te7r/VTeDo8DGvV79qnfB7MYFbcqU9BrMkZBWQ4oURc=
Subject key identifier: 6D:0F:7D:C3:1C:69:53:42:45:98:B6:6A:51:59:52:42:77:B6:CC:F3
Certificate issuer: /CN=A91A46B0/serialNumber=FF682DF8D44864B341D9CB7B6C0659BFFAACC9C7
Certificate serial: 0530
Authority key identifier: FF:68:2D:F8:D4:48:64:B3:41:D9:CB:7B:6C:06:59:BF:FA:AC:C9:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2gt-NRIZLNB2ct7bAZZv_qsycc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/3296FCF8643411ED95F93424C4F9AE02.roa
Signing time: Thu 02 May 2024 03:42:43 +0000
ROA not before: Thu 02 May 2024 03:42:43 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 58955
IP address blocks: 43.239.251.0/24 maxlen: 24
43.249.35.0/24 maxlen: 24
45.64.184.0/24 maxlen: 24
45.64.185.0/24 maxlen: 24
45.64.186.0/24 maxlen: 24
45.64.187.0/24 maxlen: 24
103.27.200.0/24 maxlen: 24
103.27.201.0/24 maxlen: 24
103.27.202.0/24 maxlen: 24
103.27.203.0/24 maxlen: 24
103.70.4.0/24 maxlen: 24
103.70.5.0/24 maxlen: 24
103.70.7.0/24 maxlen: 24
103.86.48.0/24 maxlen: 24
103.86.49.0/24 maxlen: 24
103.86.50.0/24 maxlen: 24
103.86.51.0/24 maxlen: 24
103.230.120.0/24 maxlen: 24
103.230.121.0/24 maxlen: 24
103.230.122.0/24 maxlen: 24
103.245.165.0/24 maxlen: 24
103.245.166.0/24 maxlen: 24
116.204.180.0/24 maxlen: 24
116.204.181.0/24 maxlen: 24
116.204.182.0/24 maxlen: 24
116.204.183.0/24 maxlen: 24
2407:7900:1000::/40 maxlen: 40
2407:7900:2000::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 May 2024 07:27:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1328 (0x530)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A46B0/serialNumber=FF682DF8D44864B341D9CB7B6C0659BFFAACC9C7
Validity
Not Before: May 2 03:42:43 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=66330bb2-d408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:dc:cc:b9:1f:95:1c:45:aa:4f:59:62:56:df:
e7:98:23:7a:88:ab:b7:d7:4b:df:99:25:23:9a:e6:
05:96:de:0f:c0:03:f8:73:6c:48:28:17:29:ee:8f:
19:67:77:a7:95:e8:42:2f:2e:6a:1a:01:b6:9d:c2:
6d:bd:17:34:84:08:4a:68:b8:43:cd:4a:3e:9e:8f:
97:4f:5b:89:38:bd:cc:f6:aa:d2:16:0e:92:16:ce:
5f:8a:22:f4:5c:43:30:f0:e6:ca:90:21:44:4d:79:
58:b3:8f:19:2d:7a:e2:ef:7b:7f:72:9e:6d:87:e0:
e1:18:be:b2:1e:b8:c6:43:16:cf:f1:9d:dd:c6:cb:
27:15:a1:41:29:7b:cf:82:8c:94:8a:0b:4f:0f:0c:
1a:81:fb:5b:d3:31:fa:93:41:db:60:31:d1:e8:94:
7d:92:4d:0e:23:11:46:55:65:5c:0e:10:88:0a:c4:
92:48:00:3a:a5:8a:dc:e0:28:dd:ac:44:e7:1b:71:
66:77:82:6b:40:c0:27:cd:67:57:aa:e4:1f:3a:f7:
63:3b:fa:72:fb:40:d5:2d:57:4a:0d:14:a1:c2:a7:
42:20:59:dd:ee:ca:79:47:62:1e:5d:0f:82:1a:0d:
51:88:51:67:7d:d9:1f:41:a8:9e:f8:5d:a9:68:af:
1a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0F:7D:C3:1C:69:53:42:45:98:B6:6A:51:59:52:42:77:B6:CC:F3
X509v3 Authority Key Identifier:
keyid:FF:68:2D:F8:D4:48:64:B3:41:D9:CB:7B:6C:06:59:BF:FA:AC:C9:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/_2gt-NRIZLNB2ct7bAZZv_qsycc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2gt-NRIZLNB2ct7bAZZv_qsycc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/3296FCF8643411ED95F93424C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.251.0/24
43.249.35.0/24
45.64.184.0/22
103.27.200.0/22
103.70.4.0/23
103.70.7.0/24
103.86.48.0/22
103.230.120.0-103.230.122.255
103.245.165.0-103.245.166.255
116.204.180.0/22
IPv6:
2407:7900:1000::/40
2407:7900:2000::/40
Signature Algorithm: sha256WithRSAEncryption
25:16:b3:26:02:f1:d9:5f:a5:38:4c:19:cc:bc:d2:37:07:f3:
cb:b7:09:2b:e0:ba:92:65:2e:89:71:58:c3:4a:1b:3b:3f:34:
85:46:e5:45:26:bf:dd:30:d1:0c:51:d2:09:00:4b:ff:ab:be:
e6:1a:0d:c9:c3:c6:81:82:1c:5a:49:f3:a4:8b:e5:75:eb:d7:
19:ea:1f:6a:26:92:f9:ed:54:62:be:20:ec:31:40:a6:29:f2:
f6:ff:2f:f8:3d:b8:a9:b3:6a:99:49:0f:c4:f2:dd:d0:f8:c9:
2b:ba:1c:60:14:dd:50:03:d3:82:cf:75:1e:d6:75:84:8e:d8:
ae:7f:d1:e1:41:5c:a4:ed:5d:79:67:32:e3:c3:5a:60:07:57:
31:8d:ce:ac:e2:9f:f5:c3:40:4b:21:1c:2a:4a:4e:5e:25:e3:
44:37:16:8e:e4:13:f1:85:d4:fd:e0:62:31:4b:4c:0f:97:a3:
81:09:65:f2:da:ef:b5:f1:4a:4a:7a:fe:83:03:a3:9d:92:ee:
7a:5e:33:c8:8c:7f:14:53:af:bd:2e:76:70:ae:68:d0:ea:0a:
a2:37:e1:ae:8e:83:67:e2:0d:cc:15:6f:b7:98:c4:2d:ef:3c:
97:91:d9:37:24:3f:0b:a5:b2:d9:fe:8c:a3:29:e8:2e:3e:96:
ac:ea:e7:8b
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgICBTAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ2QjAxMTAvBgNVBAUTKEZGNjgyREY4RDQ0ODY0QjM0MUQ5Q0I3QjZDMDY1OUJG
RkFBQ0M5QzcwHhcNMjQwNTAyMDM0MjQzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMzMGJiMi1kNDA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1NzMuR+VHEWqT1liVt/nmCN6iKu310vfmSUjmuYFlt4PwAP4c2xIKBcp7o8Z
Z3enlehCLy5qGgG2ncJtvRc0hAhKaLhDzUo+no+XT1uJOL3M9qrSFg6SFs5fiiL0
XEMw8ObKkCFETXlYs48ZLXri73t/cp5th+DhGL6yHrjGQxbP8Z3dxssnFaFBKXvP
goyUigtPDwwagftb0zH6k0HbYDHR6JR9kk0OIxFGVWVcDhCICsSSSAA6pYrc4Cjd
rETnG3Fmd4JrQMAnzWdXquQfOvdjO/py+0DVLVdKDRShwqdCIFnd7sp5R2IeXQ+C
Gg1RiFFnfdkfQaie+F2paK8aIwIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFG0PfcMc
aVNCRZi2alFZUkJ3tszzMB8GA1UdIwQYMBaAFP9oLfjUSGSzQdnLe2wGWb/6rMnH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDZCMC8zMkU5ODczQ0JG
QzgxMUVCQjlFNEVCNkVDNEY5QUUwMi9fMmd0LU5SSVpMTkIyY3Q3YkFaWnZfcXN5
Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18yZ3QtTlJJWkxOQjJjdDdiQVpadl9xc3ljYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ2QjAvMzJFOTg3M0NCRkM4MTFFQkI5RTRFQjZFQzRGOUFFMDIvMzI5NkZDRjg2
NDM0MTFFRDk1RjkzNDI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfQYIKwYBBQUHAQcBAf8E
bjBsMFIEAgABMEwDBAAr7/sDBAAr+SMDBAItQLgDBAJnG8gDBAFnRgQDBABnRgcD
BAJnVjAwDAMEA2fmeAMEAGfmejAMAwQAZ/WlAwQAZ/WmAwQCdMy0MBYEAgACMBAD
BgAkB3kAEAMGACQHeQAgMA0GCSqGSIb3DQEBCwUAA4IBAQAlFrMmAvHZX6U4TBnM
vNI3B/PLtwkr4LqSZS6JcVjDShs7PzSFRuVFJr/dMNEMUdIJAEv/q77mGg3Jw8aB
ghxaSfOki+V169cZ6h9qJpL57VRiviDsMUCmKfL2/y/4Pbips2qZSQ/E8t3Q+Mkr
uhxgFN1QA9OCz3Ue1nWEjtiuf9HhQVyk7V15ZzLjw1pgB1cxjc6s4p/1w0BLIRwq
Sk5eJeNENxaO5BPxhdT94GIxS0wPl6OBCWXy2u+18UpKev6DA6Odku56XjPIjH8U
U6+9LnZwrmjQ6gqiN+GujoNn4g3MFW+3mMQt7zyXkdk3JD8LpbLZ/oyjKeguPpas
6ueL
-----END CERTIFICATE-----
Generated at Thu May 2 10:53:09 2024 by rpki-client on console-fra.rpki-client.org