Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/959051521CE311EEA030723BC4F9AE02.roa
File: 959051521CE311EEA030723BC4F9AE02.roa (raw, json)
Hash identifier: EkgE8/k62TbsmhxlCRdp1VctNdRMNCBgT23wF9lzM1Y=
Subject key identifier: FD:1D:70:7A:35:E5:64:66:50:FB:9A:A3:3E:51:BD:C1:F2:DB:AF:D7
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 46E9
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/959051521CE311EEA030723BC4F9AE02.roa
Signing time: Mon 23 Sep 2024 02:52:15 +0000
ROA not before: Mon 23 Sep 2024 02:52:15 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135905
IP address blocks: 14.225.0.0/16 maxlen: 24
103.9.204.0/22 maxlen: 24
103.78.92.0/24 maxlen: 24
103.145.0.0/23 maxlen: 23
103.159.60.0/23 maxlen: 23
103.169.168.0/23 maxlen: 24
103.188.164.0/23 maxlen: 24
103.189.72.0/23 maxlen: 24
103.189.74.0/23 maxlen: 24
103.189.76.0/23 maxlen: 24
103.189.78.0/23 maxlen: 24
103.200.22.0/24 maxlen: 24
123.30.111.0/24 maxlen: 24
123.30.150.0/24 maxlen: 24
123.30.154.0/23 maxlen: 24
123.30.156.0/23 maxlen: 24
123.30.158.0/23 maxlen: 24
123.30.200.0/24 maxlen: 24
123.30.242.0/24 maxlen: 24
123.31.10.0/24 maxlen: 24
123.31.11.0/24 maxlen: 24
123.31.12.0/24 maxlen: 24
123.31.24.0/24 maxlen: 24
123.31.27.0/24 maxlen: 24
123.31.28.0/22 maxlen: 24
123.31.32.0/20 maxlen: 24
203.162.13.0/24 maxlen: 24
203.162.34.0/24 maxlen: 24
222.255.38.0/24 maxlen: 24
2001:df3:cbc0::/48 maxlen: 48
2001:df3:e640::/48 maxlen: 48
2001:df4:340::/48 maxlen: 48
2001:df4:2240::/48 maxlen: 48
2001:ee0:300::/40 maxlen: 48
2400:1060::/48 maxlen: 48
2401:82e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 20 Oct 2024 10:52:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18153 (0x46e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Sep 23 02:52:15 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66f0d7df-0ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f5:29:a4:6b:35:ba:77:32:ef:45:ea:22:39:
e0:38:78:f0:8c:7c:bf:a9:ca:9d:02:5d:92:35:1d:
da:c3:a9:0f:5f:4c:64:da:2c:96:39:ec:79:c2:cb:
ca:d3:ff:18:0c:3c:b5:1d:ae:cb:e2:e3:5a:1d:b3:
ec:ff:9b:3e:56:e5:9c:42:48:b0:0b:55:ad:11:57:
01:6f:6d:82:63:99:af:cf:ae:88:ae:d3:91:0f:f9:
66:16:e9:0a:91:51:4a:4c:b5:bb:85:6a:dd:57:d0:
99:6a:dd:71:12:7d:4d:2c:76:67:e9:4b:e2:1f:85:
28:51:78:db:d1:07:6d:2d:2b:0d:54:40:70:f3:7f:
fc:e7:e3:dc:51:14:e3:5d:bb:e8:ae:04:91:71:d5:
81:2c:eb:cd:97:26:79:73:0c:dd:30:8a:14:2b:e9:
dc:07:1e:0c:fd:a4:85:34:b2:c9:12:b9:59:6e:e4:
e9:70:2e:d7:c3:12:4a:5d:43:c7:95:3f:13:79:b0:
56:9e:b1:d5:d4:72:40:72:9b:1f:16:94:69:f7:4d:
5c:5f:36:89:44:05:01:95:8c:0c:07:ad:5a:34:3a:
8b:f4:d2:8c:20:9a:27:63:bd:3c:a4:46:f1:d4:15:
a4:7d:65:a2:dc:f6:33:99:a2:9b:c0:3f:b7:a6:3b:
7f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1D:70:7A:35:E5:64:66:50:FB:9A:A3:3E:51:BD:C1:F2:DB:AF:D7
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/959051521CE311EEA030723BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.225.0.0/16
103.9.204.0/22
103.78.92.0/24
103.145.0.0/23
103.159.60.0/23
103.169.168.0/23
103.188.164.0/23
103.189.72.0/21
103.200.22.0/24
123.30.111.0/24
123.30.150.0/24
123.30.154.0-123.30.159.255
123.30.200.0/24
123.30.242.0/24
123.31.10.0-123.31.12.255
123.31.24.0/24
123.31.27.0-123.31.47.255
203.162.13.0/24
203.162.34.0/24
222.255.38.0/24
IPv6:
2001:df3:cbc0::/48
2001:df3:e640::/48
2001:df4:340::/48
2001:df4:2240::/48
2001:ee0:300::/40
2400:1060::/48
2401:82e0::/48
Signature Algorithm: sha256WithRSAEncryption
03:8c:d6:96:b3:f1:39:6c:00:6e:89:0e:bb:85:dc:a6:34:c8:
32:b3:fd:50:b4:c2:f7:2b:33:36:40:59:53:72:b3:5b:c2:5d:
6f:a9:6d:62:65:90:9a:a9:a5:fa:08:31:db:8b:cd:27:9f:c2:
b0:a0:0b:5c:31:6b:c7:7d:eb:d7:17:a9:ee:9c:6f:c0:b6:f6:
88:3c:f7:69:5b:87:0e:18:f7:47:c1:83:85:ed:3e:fc:fd:e5:
2d:d0:b2:40:ac:f6:3b:0b:fe:0b:63:a3:ca:98:e8:e9:f5:38:
3d:9c:3c:48:04:d2:71:82:c9:eb:ac:83:8f:62:45:a7:fe:cb:
2b:74:00:59:8a:b3:eb:77:f8:e1:0a:ad:22:cc:b6:42:bd:43:
4b:4a:87:8d:fc:0a:99:14:54:df:19:a3:6c:33:95:b2:af:a1:
97:d6:25:37:03:cd:cf:8a:18:07:61:38:9a:cf:06:25:ce:f2:
c9:35:33:eb:1d:5a:a3:b9:11:61:e9:3e:6e:09:c9:d8:6e:7d:
3f:59:de:79:09:0c:1b:8e:64:1d:df:29:9c:75:2e:1d:48:a9:
18:c4:b7:fd:33:9e:1e:40:2a:20:f1:61:7d:99:a2:bb:68:99:
51:21:27:d2:fe:d3:61:23:f7:8a:da:35:4b:a9:f4:95:9e:46:
28:78:15:df
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgICRukwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTIzMDI1MjE1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYwZDdkZi0wZmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxPUppGs1uncy70XqIjngOHjwjHy/qcqdAl2SNR3aw6kPX0xk2iyWOex5wsvK
0/8YDDy1Ha7L4uNaHbPs/5s+VuWcQkiwC1WtEVcBb22CY5mvz66IrtORD/lmFukK
kVFKTLW7hWrdV9CZat1xEn1NLHZn6UviH4UoUXjb0QdtLSsNVEBw83/85+PcURTj
XbvorgSRcdWBLOvNlyZ5cwzdMIoUK+ncBx4M/aSFNLLJErlZbuTpcC7XwxJKXUPH
lT8TebBWnrHV1HJAcpsfFpRp901cXzaJRAUBlYwMB61aNDqL9NKMIJonY708pEbx
1BWkfWWi3PYzmaKbwD+3pjt/cwIDAQABo4IDaTCCA2UwHQYDVR0OBBYEFP0dcHo1
5WRmUPuaoz5RvcHy26/XMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvOTU5MDUxNTIx
Q0UzMTFFRUEwMzA3MjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfIGCCsGAQUFBwEHAQH/
BIHiMIHfMIGWBAIAATCBjwMDAA7hAwQCZwnMAwQAZ05cAwQBZ5EAAwQBZ588AwQB
Z6moAwQBZ7ykAwQDZ71IAwQAZ8gWAwQAex5vAwQAex6WMAwDBAF7HpoDBAV7HoAD
BAB7HsgDBAB7HvIwDAMEAXsfCgMEAHsfDAMEAHsfGDAMAwQAex8bAwQEex8gAwQA
y6INAwQAy6IiAwQA3v8mMEQEAgACMD4DBwAgAQ3zy8ADBwAgAQ3z5kADBwAgAQ30
A0ADBwAgAQ30IkADBgAgAQ7gAwMHACQAEGAAAAMHACQBguAAADANBgkqhkiG9w0B
AQsFAAOCAQEAA4zWlrPxOWwAbokOu4XcpjTIMrP9ULTC9yszNkBZU3KzW8Jdb6lt
YmWQmqml+ggx24vNJ5/CsKALXDFrx33r1xep7pxvwLb2iDz3aVuHDhj3R8GDhe0+
/P3lLdCyQKz2Owv+C2Ojypjo6fU4PZw8SATScYLJ66yDj2JFp/7LK3QAWYqz63f4
4QqtIsy2Qr1DS0qHjfwKmRRU3xmjbDOVsq+hl9YlNwPNz4oYB2E4ms8GJc7yyTUz
6x1ao7kRYek+bgnJ2G59P1neeQkMG45kHd8pnHUuHUipGMS3/TOeHkAqIPFhfZmi
u2iZUSEn0v7TYSP3ito1S6n0lZ5GKHgV3w==
-----END CERTIFICATE-----
Generated at Sun Oct 20 13:06:23 2024 by rpki-client on console-fra.rpki-client.org