Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/B04A4C3E694911EEB9C62773C4F9AE02.roa
File: B04A4C3E694911EEB9C62773C4F9AE02.roa (raw, json)
Hash identifier: P3GJD8dlJ47yEznAWtCLyfF7T4Axv1xdE5c8K8fcBFQ=
Subject key identifier: D9:94:47:5A:67:1A:22:A1:EC:74:84:DE:38:D6:96:15:08:B0:C0:5A
Certificate issuer: /CN=A91A4B9D/serialNumber=EF68BDBC072CAB455B6DA3160EDF8FB6C488DD15
Certificate serial: 337B
Authority key identifier: EF:68:BD:BC:07:2C:AB:45:5B:6D:A3:16:0E:DF:8F:B6:C4:88:DD:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72i9vAcsq0VbbaMWDt-PtsSI3RU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/B04A4C3E694911EEB9C62773C4F9AE02.roa
Signing time: Wed 08 Nov 2023 02:55:22 +0000
ROA not before: Wed 08 Nov 2023 02:55:22 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 133159
IP address blocks: 45.124.52.0/22 maxlen: 22
103.1.184.0/22 maxlen: 22
103.16.128.0/22 maxlen: 22
103.17.56.0/24 maxlen: 24
103.17.57.0/24 maxlen: 24
103.100.36.0/22 maxlen: 22
110.232.112.0/22 maxlen: 22
112.213.32.0/21 maxlen: 21
119.42.52.0/23 maxlen: 23
119.42.54.0/23 maxlen: 23
150.107.72.0/22 maxlen: 22
150.107.75.0/24 maxlen: 24
175.45.180.0/22 maxlen: 23
203.18.30.0/24 maxlen: 24
203.29.240.0/22 maxlen: 22
203.57.50.0/23 maxlen: 23
203.57.114.0/23 maxlen: 23
2404:9400::/48 maxlen: 48
2404:9400:1::/48 maxlen: 48
2404:9400:2::/48 maxlen: 48
2404:9400:3::/48 maxlen: 48
2404:9400:4::/48 maxlen: 48
2404:9400:5::/48 maxlen: 48
2404:9400:e::/48 maxlen: 48
2404:9400:f::/48 maxlen: 48
2404:9400:1000::/36 maxlen: 36
2404:9400:2000::/36 maxlen: 36
2404:9400:3000::/36 maxlen: 36
2404:9400:4000::/36 maxlen: 36
2404:9400:5000::/36 maxlen: 36
2404:9400:e000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 07 Dec 2023 05:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13179 (0x337b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4B9D/serialNumber=EF68BDBC072CAB455B6DA3160EDF8FB6C488DD15
Validity
Not Before: Nov 8 02:55:22 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=654af89a-8d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b3:3f:62:e3:9b:21:24:67:5f:ec:00:ad:9e:
e1:72:5d:f2:59:2f:fa:23:27:24:92:72:2d:a9:44:
c6:90:c5:e7:06:fd:a3:c8:a7:0d:f0:34:64:ad:3c:
ec:c9:fd:e4:7a:dc:c8:17:54:86:1e:be:b9:9c:ee:
94:2c:33:41:11:65:6e:cc:08:a5:28:a8:c2:0a:92:
7e:43:3c:6e:a7:b1:a1:47:52:9a:f1:44:a2:20:a8:
2a:48:18:a8:9a:51:a7:95:32:c2:f8:20:b7:72:a5:
e7:9c:e4:a2:8a:12:8d:06:a7:4b:8d:23:e7:3d:20:
d0:5c:ba:d2:19:89:ac:5f:c5:b2:71:5e:3d:68:be:
87:4b:48:bc:5b:f4:71:fe:70:04:85:29:78:d7:c0:
cc:f0:44:6b:76:dc:e4:c2:40:91:42:36:b3:61:8a:
40:38:29:36:c3:5f:e3:e9:e5:cb:4e:88:e4:28:3e:
d3:92:7c:2a:27:e1:89:4f:ca:b2:03:92:46:ee:71:
61:9f:e4:7d:3a:b4:82:ab:03:c2:f0:50:64:66:28:
2d:16:e8:1b:94:64:de:f3:84:bb:b4:67:60:35:75:
0f:91:a5:fc:38:5a:b9:fc:ce:f4:87:dd:65:4b:12:
60:b3:06:b2:e9:98:81:a4:1e:20:77:bb:80:04:e2:
fb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:94:47:5A:67:1A:22:A1:EC:74:84:DE:38:D6:96:15:08:B0:C0:5A
X509v3 Authority Key Identifier:
keyid:EF:68:BD:BC:07:2C:AB:45:5B:6D:A3:16:0E:DF:8F:B6:C4:88:DD:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/72i9vAcsq0VbbaMWDt-PtsSI3RU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72i9vAcsq0VbbaMWDt-PtsSI3RU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/B04A4C3E694911EEB9C62773C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.52.0/22
103.1.184.0/22
103.16.128.0/22
103.17.56.0/23
103.100.36.0/22
110.232.112.0/22
112.213.32.0/21
119.42.52.0/22
150.107.72.0/22
175.45.180.0/22
203.18.30.0/24
203.29.240.0/22
203.57.50.0/23
203.57.114.0/23
IPv6:
2404:9400::-2404:9400:5:ffff:ffff:ffff:ffff:ffff
2404:9400:e::/47
2404:9400:1000::-2404:9400:5fff:ffff:ffff:ffff:ffff:ffff
2404:9400:e000::/36
Signature Algorithm: sha256WithRSAEncryption
2d:24:33:b2:08:92:ae:ae:f5:1b:34:a2:fd:16:f3:93:fc:8f:
ca:a1:fd:5b:ed:64:6e:83:64:b0:06:c0:4e:a0:99:20:1a:fb:
35:fc:c2:78:08:5a:60:80:29:6e:23:d9:b9:45:39:19:93:24:
49:e4:1f:3a:2d:1f:22:4e:2a:61:ec:7f:31:4a:19:4b:01:45:
d4:d5:02:49:2d:e1:19:26:73:fc:d0:1a:98:1f:95:c0:82:1d:
13:c2:44:39:ce:41:52:ba:a1:2c:76:c6:53:fa:f8:fc:c1:f6:
73:ea:f1:96:1e:85:f1:93:27:3c:bc:03:74:3e:24:4f:0d:2e:
c3:a9:c0:d6:d9:44:9a:df:64:15:50:81:c4:5c:36:0a:51:85:
89:30:5a:46:65:31:63:99:bd:80:9c:b8:c2:28:ec:48:0c:d3:
4b:03:68:bb:6e:a1:de:7b:e8:9b:ba:23:de:d7:53:82:ab:a5:
1a:98:f4:cd:7d:c5:b9:43:39:71:3f:39:a7:19:3b:aa:2d:ef:
d6:5b:c9:34:8a:09:a3:b5:da:4f:0f:29:e3:dd:8c:a6:9d:2b:
9b:fe:23:b9:ce:4e:91:2b:12:db:b5:de:b6:27:13:ef:a6:45:
e2:a7:9d:2a:f5:70:50:59:af:01:28:ed:ce:e1:fd:e8:fe:92:
12:3b:21:fa
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgICM3swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCOUQxMTAvBgNVBAUTKEVGNjhCREJDMDcyQ0FCNDU1QjZEQTMxNjBFREY4RkI2
QzQ4OEREMTUwHhcNMjMxMTA4MDI1NTIyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRhZjg5YS04ZDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwbM/YuObISRnX+wArZ7hcl3yWS/6IyckknItqUTGkMXnBv2jyKcN8DRkrTzs
yf3ketzIF1SGHr65nO6ULDNBEWVuzAilKKjCCpJ+Qzxup7GhR1Ka8USiIKgqSBio
mlGnlTLC+CC3cqXnnOSiihKNBqdLjSPnPSDQXLrSGYmsX8WycV49aL6HS0i8W/Rx
/nAEhSl418DM8ERrdtzkwkCRQjazYYpAOCk2w1/j6eXLTojkKD7TknwqJ+GJT8qy
A5JG7nFhn+R9OrSCqwPC8FBkZigtFugblGTe84S7tGdgNXUPkaX8OFq5/M70h91l
SxJgsway6ZiBpB4gd7uABOL7RQIDAQABo4IDIjCCAx4wHQYDVR0OBBYEFNmUR1pn
GiKh7HSE3jjWlhUIsMBaMB8GA1UdIwQYMBaAFO9ovbwHLKtFW22jFg7fj7bEiN0V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEI5RC85NUFEMDM4ODFE
OUUxMUUyODgwRTg2OEUwOEIwMkNEMi83Mmk5dkFjc3EwVmJiYU1XRHQtUHRzU0kz
UlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcyaTl2QWNzcTBWYmJhTVdEdC1QdHNTSTNSVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCOUQvOTVBRDAzODgxRDlFMTFFMjg4MEU4NjhFMDhCMDJDRDIvQjA0QTRDM0U2
OTQ5MTFFRUI5QzYyNzczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgasGCCsGAQUFBwEHAQH/
BIGbMIGYMFoEAgABMFQDBAItfDQDBAJnAbgDBAJnEIADBAFnETgDBAJnZCQDBAJu
6HADBANw1SADBAJ3KjQDBAKWa0gDBAKvLbQDBADLEh4DBALLHfADBAHLOTIDBAHL
OXIwOgQCAAIwNDAPAwQCJASUAwcBJASUAAAEAwcBJASUAAAOMBADBgQkBJQAEAMG
BSQElABAAwYEJASUAOAwDQYJKoZIhvcNAQELBQADggEBAC0kM7IIkq6u9Rs0ov0W
85P8j8qh/VvtZG6DZLAGwE6gmSAa+zX8wngIWmCAKW4j2blFORmTJEnkHzotHyJO
KmHsfzFKGUsBRdTVAkkt4Rkmc/zQGpgflcCCHRPCRDnOQVK6oSx2xlP6+PzB9nPq
8ZYehfGTJzy8A3Q+JE8NLsOpwNbZRJrfZBVQgcRcNgpRhYkwWkZlMWOZvYCcuMIo
7EgM00sDaLtuod576Ju6I97XU4KrpRqY9M19xblDOXE/OacZO6ot79ZbyTSKCaO1
2k8PKePdjKadK5v+I7nOTpErEtu13rYnE++mReKnnSr1cFBZrwEo7c7h/ej+khI7
Ifo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org