Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/EFB8152894BD11EE8FBBBC54C4F9AE02.roa
File: EFB8152894BD11EE8FBBBC54C4F9AE02.roa (raw, json)
Hash identifier: xv7hkrRQVG1qYR0ye4m8C3YoPFH3EpglAMU+zyFiM3Q=
Subject key identifier: 17:E0:11:83:B0:9C:84:75:10:28:75:38:78:47:89:A2:42:73:4E:70
Certificate issuer: /CN=A91A4B9D/serialNumber=EF68BDBC072CAB455B6DA3160EDF8FB6C488DD15
Certificate serial: 338F
Authority key identifier: EF:68:BD:BC:07:2C:AB:45:5B:6D:A3:16:0E:DF:8F:B6:C4:88:DD:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72i9vAcsq0VbbaMWDt-PtsSI3RU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/EFB8152894BD11EE8FBBBC54C4F9AE02.roa
Signing time: Thu 07 Dec 2023 05:03:19 +0000
ROA not before: Thu 07 Dec 2023 05:03:19 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 133159
IP address blocks: 45.124.52.0/22 maxlen: 22
103.1.184.0/22 maxlen: 22
103.16.128.0/22 maxlen: 22
103.17.56.0/24 maxlen: 24
103.17.57.0/24 maxlen: 24
103.100.36.0/22 maxlen: 22
110.232.112.0/22 maxlen: 22
112.213.32.0/21 maxlen: 21
119.42.52.0/23 maxlen: 23
119.42.54.0/23 maxlen: 23
150.107.72.0/22 maxlen: 22
150.107.75.0/24 maxlen: 24
175.45.180.0/22 maxlen: 23
175.45.182.0/23 maxlen: 24
203.18.30.0/24 maxlen: 24
203.29.240.0/22 maxlen: 22
203.57.50.0/23 maxlen: 23
203.57.114.0/23 maxlen: 23
2404:9400::/48 maxlen: 48
2404:9400:1::/48 maxlen: 48
2404:9400:2::/48 maxlen: 48
2404:9400:3::/48 maxlen: 48
2404:9400:4::/48 maxlen: 48
2404:9400:5::/48 maxlen: 48
2404:9400:e::/48 maxlen: 48
2404:9400:f::/48 maxlen: 48
2404:9400:1000::/36 maxlen: 36
2404:9400:2000::/36 maxlen: 36
2404:9400:3000::/36 maxlen: 36
2404:9400:4000::/36 maxlen: 36
2404:9400:5000::/36 maxlen: 36
2404:9400:e000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 09 Feb 2024 03:21:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13199 (0x338f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4B9D/serialNumber=EF68BDBC072CAB455B6DA3160EDF8FB6C488DD15
Validity
Not Before: Dec 7 05:03:19 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65715216-80aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d7:6c:a3:29:af:71:4c:6c:5f:12:32:30:f8:
83:e8:e4:2a:a0:55:79:2b:94:f6:66:e7:8e:f4:a3:
3e:f0:59:6e:5d:b8:5a:65:15:83:3b:31:1d:3e:2a:
c8:07:af:ad:55:72:cf:18:f8:38:99:2a:52:12:23:
9a:ed:36:e4:ff:5a:c8:f7:9c:a1:ca:c3:f5:cb:c5:
32:3a:39:b4:f6:d9:a4:e5:4b:18:b5:a9:91:7d:ec:
fc:e6:1f:31:16:63:18:e3:c8:20:5f:5e:c5:94:a2:
a1:f6:31:ce:3d:d2:f9:9c:e2:23:36:cb:85:a7:a3:
52:1e:ef:b9:e8:d2:af:a5:83:80:a9:ee:28:f0:4e:
a1:ce:b7:20:9b:7f:12:a9:4d:16:cb:0d:cc:36:ff:
b7:99:e0:e2:c0:7b:05:20:b5:0e:bd:93:1a:99:6b:
97:30:f4:34:c3:cc:13:52:0b:f1:ca:87:d1:d1:32:
a1:97:f6:6d:e8:fc:3a:6d:e8:0b:a7:5a:2c:38:51:
fa:e6:e5:27:96:b3:d7:f7:6d:61:f7:6f:42:45:6d:
2f:71:60:f3:06:c0:9c:d6:03:c0:a9:2a:05:44:9b:
34:cf:f5:0e:a0:5d:e6:2d:86:dd:82:7c:fd:c5:ad:
c9:cf:81:f7:2e:0c:ff:1b:27:29:99:ae:c7:5f:f1:
3f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E0:11:83:B0:9C:84:75:10:28:75:38:78:47:89:A2:42:73:4E:70
X509v3 Authority Key Identifier:
keyid:EF:68:BD:BC:07:2C:AB:45:5B:6D:A3:16:0E:DF:8F:B6:C4:88:DD:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/72i9vAcsq0VbbaMWDt-PtsSI3RU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72i9vAcsq0VbbaMWDt-PtsSI3RU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/EFB8152894BD11EE8FBBBC54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.52.0/22
103.1.184.0/22
103.16.128.0/22
103.17.56.0/23
103.100.36.0/22
110.232.112.0/22
112.213.32.0/21
119.42.52.0/22
150.107.72.0/22
175.45.180.0/22
203.18.30.0/24
203.29.240.0/22
203.57.50.0/23
203.57.114.0/23
IPv6:
2404:9400::-2404:9400:5:ffff:ffff:ffff:ffff:ffff
2404:9400:e::/47
2404:9400:1000::-2404:9400:5fff:ffff:ffff:ffff:ffff:ffff
2404:9400:e000::/36
Signature Algorithm: sha256WithRSAEncryption
47:be:62:72:76:86:61:2a:11:3a:42:3a:0b:c6:ea:07:7a:c4:
96:51:30:65:c1:99:80:11:b2:54:f8:19:1c:6b:39:d0:2e:58:
20:07:fe:4f:8d:f6:ae:dd:7e:d0:a3:3e:01:61:fa:f8:6a:df:
67:28:34:b7:0b:44:4d:97:5b:26:02:91:72:10:a2:ff:a6:27:
ef:77:7d:5a:ea:21:c4:b7:34:62:ac:0f:83:52:67:74:e6:12:
e9:64:50:62:b2:03:27:ea:d1:cb:2b:45:dc:b6:af:3c:7f:77:
86:cf:66:90:19:d4:b8:ca:22:6c:75:56:b5:d3:17:00:79:3b:
eb:fc:b5:63:5a:71:10:4e:f3:dc:c9:25:5a:61:03:36:40:d4:
a8:67:ae:b6:31:07:e1:1d:b6:ee:f9:9f:1c:0d:f5:af:94:54:
60:bf:83:29:b2:e1:38:68:ea:17:e4:54:8f:64:88:50:78:91:
29:84:20:a9:95:2e:a9:bb:16:4c:cf:6f:3e:5b:0e:8c:80:f7:
b2:51:90:31:2a:fb:ed:8b:f5:5c:0c:3f:6f:5c:00:eb:9a:4f:
2f:3c:ff:21:cf:4e:ea:a1:a7:9c:05:f6:59:a9:3d:ba:57:9e:
85:8f:3c:d7:24:fa:c1:ce:9a:4a:57:57:fc:9c:e1:49:97:02:
8d:a8:9b:2f
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgICM48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCOUQxMTAvBgNVBAUTKEVGNjhCREJDMDcyQ0FCNDU1QjZEQTMxNjBFREY4RkI2
QzQ4OEREMTUwHhcNMjMxMjA3MDUwMzE5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcxNTIxNi04MGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAutdsoymvcUxsXxIyMPiD6OQqoFV5K5T2ZueO9KM+8FluXbhaZRWDOzEdPirI
B6+tVXLPGPg4mSpSEiOa7Tbk/1rI95yhysP1y8UyOjm09tmk5UsYtamRfez85h8x
FmMY48ggX17FlKKh9jHOPdL5nOIjNsuFp6NSHu+56NKvpYOAqe4o8E6hzrcgm38S
qU0Wyw3MNv+3meDiwHsFILUOvZMamWuXMPQ0w8wTUgvxyofR0TKhl/Zt6Pw6begL
p1osOFH65uUnlrPX921h929CRW0vcWDzBsCc1gPAqSoFRJs0z/UOoF3mLYbdgnz9
xa3Jz4H3Lgz/Gycpma7HX/E/bwIDAQABo4IDIjCCAx4wHQYDVR0OBBYEFBfgEYOw
nIR1ECh1OHhHiaJCc05wMB8GA1UdIwQYMBaAFO9ovbwHLKtFW22jFg7fj7bEiN0V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEI5RC85NUFEMDM4ODFE
OUUxMUUyODgwRTg2OEUwOEIwMkNEMi83Mmk5dkFjc3EwVmJiYU1XRHQtUHRzU0kz
UlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcyaTl2QWNzcTBWYmJhTVdEdC1QdHNTSTNSVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCOUQvOTVBRDAzODgxRDlFMTFFMjg4MEU4NjhFMDhCMDJDRDIvRUZCODE1Mjg5
NEJEMTFFRThGQkJCQzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgasGCCsGAQUFBwEHAQH/
BIGbMIGYMFoEAgABMFQDBAItfDQDBAJnAbgDBAJnEIADBAFnETgDBAJnZCQDBAJu
6HADBANw1SADBAJ3KjQDBAKWa0gDBAKvLbQDBADLEh4DBALLHfADBAHLOTIDBAHL
OXIwOgQCAAIwNDAPAwQCJASUAwcBJASUAAAEAwcBJASUAAAOMBADBgQkBJQAEAMG
BSQElABAAwYEJASUAOAwDQYJKoZIhvcNAQELBQADggEBAEe+YnJ2hmEqETpCOgvG
6gd6xJZRMGXBmYARslT4GRxrOdAuWCAH/k+N9q7dftCjPgFh+vhq32coNLcLRE2X
WyYCkXIQov+mJ+93fVrqIcS3NGKsD4NSZ3TmEulkUGKyAyfq0csrRdy2rzx/d4bP
ZpAZ1LjKImx1VrXTFwB5O+v8tWNacRBO89zJJVphAzZA1KhnrrYxB+Edtu75nxwN
9a+UVGC/gymy4Tho6hfkVI9kiFB4kSmEIKmVLqm7FkzPbz5bDoyA97JRkDEq++2L
9VwMP29cAOuaTy88/yHPTuqhp5wF9lmpPbpXnoWPPNck+sHOmkpXV/yc4UmXAo2o
my8=
-----END CERTIFICATE-----
Generated at Fri Feb 9 04:46:54 2024 by rpki-client on console-fra.rpki-client.org