Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/65B253348ED111EFBB878D2EC4F9AE02.roa
File: 65B253348ED111EFBB878D2EC4F9AE02.roa (raw, json)
Hash identifier: CzXdQS2lUhmvAIlC6/bfiilQRhfpn3+BhhW+ryl7ln8=
Subject key identifier: CF:40:4D:EE:C8:2B:AF:B1:97:03:40:9F:30:BB:9D:0A:B5:EC:05:17
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4779
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/65B253348ED111EFBB878D2EC4F9AE02.roa
Signing time: Sun 20 Oct 2024 10:52:28 +0000
ROA not before: Sun 20 Oct 2024 10:52:28 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135905
IP address blocks: 14.225.0.0/16 maxlen: 24
103.9.204.0/22 maxlen: 24
103.78.92.0/24 maxlen: 24
103.145.0.0/23 maxlen: 23
103.159.60.0/23 maxlen: 23
103.188.164.0/23 maxlen: 24
103.189.72.0/23 maxlen: 24
103.189.74.0/23 maxlen: 24
103.189.76.0/23 maxlen: 24
103.189.78.0/23 maxlen: 24
103.200.22.0/24 maxlen: 24
123.30.111.0/24 maxlen: 24
123.30.150.0/24 maxlen: 24
123.30.154.0/23 maxlen: 24
123.30.156.0/23 maxlen: 24
123.30.158.0/23 maxlen: 24
123.30.200.0/24 maxlen: 24
123.30.242.0/24 maxlen: 24
123.31.10.0/24 maxlen: 24
123.31.11.0/24 maxlen: 24
123.31.12.0/24 maxlen: 24
123.31.24.0/24 maxlen: 24
123.31.27.0/24 maxlen: 24
123.31.28.0/22 maxlen: 24
123.31.32.0/20 maxlen: 24
203.162.13.0/24 maxlen: 24
203.162.34.0/24 maxlen: 24
222.255.38.0/24 maxlen: 24
2001:df3:cbc0::/48 maxlen: 48
2001:df3:e640::/48 maxlen: 48
2001:df4:340::/48 maxlen: 48
2001:df4:2240::/48 maxlen: 48
2001:ee0:300::/40 maxlen: 48
2400:1060::/48 maxlen: 48
2401:82e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Oct 2024 09:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18297 (0x4779)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Oct 20 10:52:28 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6714e0eb-e779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cd:e0:0d:4c:bd:95:5c:54:c6:e3:81:87:a7:
d8:bf:ac:b0:87:ea:47:cb:81:6a:a8:64:b6:da:8e:
cb:b5:1a:4c:45:41:02:3d:ec:64:cf:c4:57:36:d4:
bf:79:a9:2b:ff:2e:ab:75:b6:cf:5a:2d:38:00:70:
72:f6:64:45:58:25:6e:67:1b:7a:00:57:03:bc:4a:
cc:32:11:a5:2f:01:ee:ab:ab:35:a4:a0:e9:8a:f6:
ab:55:50:5c:25:98:38:ed:41:b1:6f:5e:7d:28:3d:
de:71:c2:81:59:b4:2f:f8:63:0d:d1:7d:9d:8a:0d:
3b:c9:fc:62:bb:3f:1f:93:80:0e:84:37:5f:5c:23:
e2:98:6e:e7:9c:72:f4:e3:cb:32:fa:0e:03:8f:37:
13:68:b3:87:d3:93:15:1f:e0:c2:94:e6:ca:2a:98:
55:68:6a:e7:55:22:e7:60:64:c4:bd:dd:32:bf:fb:
7b:0f:7f:0e:a8:87:bc:3d:47:4f:ff:1f:99:30:e9:
53:03:73:99:87:a4:ca:14:e2:37:1e:53:6d:13:ad:
21:c3:5c:21:96:d0:53:1e:c7:c9:90:62:22:3b:90:
96:fb:ad:23:59:b1:90:80:e9:f1:7b:67:e9:4e:79:
f7:03:1c:88:54:a4:52:84:9b:f8:15:9a:e4:a7:ef:
51:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:40:4D:EE:C8:2B:AF:B1:97:03:40:9F:30:BB:9D:0A:B5:EC:05:17
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/65B253348ED111EFBB878D2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.225.0.0/16
103.9.204.0/22
103.78.92.0/24
103.145.0.0/23
103.159.60.0/23
103.188.164.0/23
103.189.72.0/21
103.200.22.0/24
123.30.111.0/24
123.30.150.0/24
123.30.154.0-123.30.159.255
123.30.200.0/24
123.30.242.0/24
123.31.10.0-123.31.12.255
123.31.24.0/24
123.31.27.0-123.31.47.255
203.162.13.0/24
203.162.34.0/24
222.255.38.0/24
IPv6:
2001:df3:cbc0::/48
2001:df3:e640::/48
2001:df4:340::/48
2001:df4:2240::/48
2001:ee0:300::/40
2400:1060::/48
2401:82e0::/48
Signature Algorithm: sha256WithRSAEncryption
8b:ce:23:f4:5e:6e:68:ad:10:2f:cd:fb:72:51:8f:50:62:0c:
af:52:4a:3c:6b:a4:f0:a2:20:29:1e:2a:25:1c:6c:48:56:bf:
35:0c:00:4b:7c:d5:a9:90:0e:d8:0f:3c:8b:04:45:e7:bb:2c:
e0:ef:39:11:ef:2c:09:f2:b0:03:48:4f:74:53:f2:bd:dc:76:
e7:02:d3:0a:42:03:9c:d9:80:84:83:57:46:a5:64:aa:ed:54:
07:9e:da:a0:27:05:e6:c4:20:5c:7f:a8:a9:d5:50:d9:f7:94:
5b:b5:cb:2a:70:bf:5d:e8:e4:ad:0b:86:e4:e7:e2:6d:46:bb:
37:0e:ef:41:08:0c:c9:8f:37:7c:6e:ad:b8:7c:94:c4:8c:df:
a7:7f:31:e6:3d:48:8d:27:c4:98:41:ce:07:89:4c:f5:00:d8:
57:78:c0:95:c3:4c:8f:74:9c:e9:85:5b:ea:87:0f:a0:8f:10:
82:af:56:c3:bc:78:62:a6:b5:19:7d:a3:d5:3d:b1:9e:63:57:
75:ad:fb:b8:b7:9a:d5:1f:51:03:b1:68:52:39:3e:12:3a:ae:
18:85:f2:0f:55:34:30:b8:a4:4f:68:b0:0c:c9:37:9b:ec:4b:
02:8f:ce:86:71:ad:23:f5:01:28:3f:34:8c:bb:e6:d0:b0:59:
ab:98:0d:41
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgICR3kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMDIwMTA1MjI4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE0ZTBlYi1lNzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyM3gDUy9lVxUxuOBh6fYv6ywh+pHy4FqqGS22o7LtRpMRUECPexkz8RXNtS/
eakr/y6rdbbPWi04AHBy9mRFWCVuZxt6AFcDvErMMhGlLwHuq6s1pKDpivarVVBc
JZg47UGxb159KD3eccKBWbQv+GMN0X2dig07yfxiuz8fk4AOhDdfXCPimG7nnHL0
48sy+g4DjzcTaLOH05MVH+DClObKKphVaGrnVSLnYGTEvd0yv/t7D38OqIe8PUdP
/x+ZMOlTA3OZh6TKFOI3HlNtE60hw1whltBTHsfJkGIiO5CW+60jWbGQgOnxe2fp
Tnn3AxyIVKRShJv4FZrkp+9RXQIDAQABo4IDYzCCA18wHQYDVR0OBBYEFM9ATe7I
K6+xlwNAnzC7nQq17AUXMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNjVCMjUzMzQ4
RUQxMTFFRkJCODc4RDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgewGCCsGAQUFBwEHAQH/
BIHcMIHZMIGQBAIAATCBiQMDAA7hAwQCZwnMAwQAZ05cAwQBZ5EAAwQBZ588AwQB
Z7ykAwQDZ71IAwQAZ8gWAwQAex5vAwQAex6WMAwDBAF7HpoDBAV7HoADBAB7HsgD
BAB7HvIwDAMEAXsfCgMEAHsfDAMEAHsfGDAMAwQAex8bAwQEex8gAwQAy6INAwQA
y6IiAwQA3v8mMEQEAgACMD4DBwAgAQ3zy8ADBwAgAQ3z5kADBwAgAQ30A0ADBwAg
AQ30IkADBgAgAQ7gAwMHACQAEGAAAAMHACQBguAAADANBgkqhkiG9w0BAQsFAAOC
AQEAi84j9F5uaK0QL837clGPUGIMr1JKPGuk8KIgKR4qJRxsSFa/NQwAS3zVqZAO
2A88iwRF57ss4O85Ee8sCfKwA0hPdFPyvdx25wLTCkIDnNmAhINXRqVkqu1UB57a
oCcF5sQgXH+oqdVQ2feUW7XLKnC/XejkrQuG5OfibUa7Nw7vQQgMyY83fG6tuHyU
xIzfp38x5j1IjSfEmEHOB4lM9QDYV3jAlcNMj3Sc6YVb6ocPoI8Qgq9Ww7x4Yqa1
GX2j1T2xnmNXda37uLea1R9RA7FoUjk+EjquGIXyD1U0MLikT2iwDMk3m+xLAo/O
hnGtI/UBKD80jLvm0LBZq5gNQQ==
-----END CERTIFICATE-----
Generated at Wed Oct 23 13:19:15 2024 by rpki-client on console-ams.rpki-client.org