Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/C0E67C68082A11EFB9840230C4F9AE02.roa
File: C0E67C68082A11EFB9840230C4F9AE02.roa (raw, json)
Hash identifier: HQc7jd3jjazAdJFFDGDT+B21ia1efQYPFROVP6x+uTQ=
Subject key identifier: 80:4D:6F:ED:C8:9B:11:A0:28:87:8A:34:2D:09:A9:EC:A7:80:D9:36
Certificate issuer: /CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Certificate serial: 1C
Authority key identifier: BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/C0E67C68082A11EFB9840230C4F9AE02.roa
Signing time: Thu 02 May 2024 02:21:59 +0000
ROA not before: Thu 02 May 2024 02:21:59 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 45652
IP address blocks: 43.252.120.0/22 maxlen: 22
43.252.120.0/24 maxlen: 24
43.252.121.0/24 maxlen: 24
43.252.122.0/24 maxlen: 24
43.252.123.0/24 maxlen: 24
103.233.80.0/22 maxlen: 22
103.233.80.0/24 maxlen: 24
103.233.81.0/24 maxlen: 24
103.233.82.0/24 maxlen: 24
103.233.83.0/24 maxlen: 24
110.34.139.0/24 maxlen: 24
110.34.158.0/24 maxlen: 24
110.34.162.0/24 maxlen: 24
110.34.164.0/24 maxlen: 24
110.34.166.0/24 maxlen: 24
110.34.180.0/23 maxlen: 24
110.34.183.0/24 maxlen: 24
110.34.184.0/23 maxlen: 24
110.34.186.0/23 maxlen: 24
110.34.188.0/23 maxlen: 24
110.34.190.0/23 maxlen: 24
110.34.220.0/22 maxlen: 24
2401:4a40::/32 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 May 2024 03:03:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Validity
Not Before: May 2 02:21:59 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6632f8c7-a406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:82:b9:e1:11:35:a4:5f:fd:f1:98:4b:d4:ba:
43:df:38:27:79:75:08:cb:6f:ec:3c:83:5b:48:68:
96:f2:97:15:ef:0b:a1:c1:3e:3d:63:41:74:5a:ef:
a8:29:8a:a6:97:42:fe:65:61:39:9f:8d:c0:2f:31:
ee:12:42:50:14:fd:32:95:34:79:27:06:1b:47:0c:
e7:a8:8d:9e:a3:c0:28:88:c0:65:2e:37:3e:1a:83:
82:6e:80:b8:65:fa:57:ea:e4:5b:b5:55:7a:2c:46:
f6:42:cc:dc:11:42:4c:f2:67:e7:69:7a:c5:e2:b2:
c6:46:9f:82:4a:3f:11:90:85:11:ce:65:dd:9e:69:
17:28:32:9f:7c:f9:1c:08:f3:cf:c9:73:ff:40:66:
cf:bd:9a:ae:46:16:5f:3b:a4:6b:1a:57:cc:70:c5:
a7:6c:71:86:f3:4c:3e:b0:21:89:11:b7:43:f8:3d:
8c:56:7d:71:2d:84:f1:6d:96:2f:ad:af:d4:4f:2f:
18:7b:29:72:a0:09:88:27:49:65:4f:96:c7:7e:38:
d0:87:7f:3d:4d:62:5e:1e:c6:db:b1:c7:5b:44:74:
4d:4b:73:f2:6b:ce:24:a3:73:8c:88:c5:92:c4:99:
36:94:75:bb:e1:f4:6d:3a:46:e2:95:db:e0:9d:5c:
44:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4D:6F:ED:C8:9B:11:A0:28:87:8A:34:2D:09:A9:EC:A7:80:D9:36
X509v3 Authority Key Identifier:
keyid:BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/C0E67C68082A11EFB9840230C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.120.0/22
103.233.80.0/22
110.34.139.0/24
110.34.158.0/24
110.34.162.0/24
110.34.164.0/24
110.34.166.0/24
110.34.180.0/23
110.34.183.0-110.34.191.255
110.34.220.0/22
IPv6:
2401:4a40::/32
Signature Algorithm: sha256WithRSAEncryption
40:03:d1:85:2d:4b:45:76:0a:e5:64:8c:32:1d:7c:fb:32:e3:
67:03:bd:b3:21:2f:1d:74:6c:b1:6e:1c:a9:62:87:25:85:c0:
46:c8:e3:4c:55:83:5a:ac:cf:2a:0f:3b:4a:65:70:3a:d9:c1:
e4:74:6f:43:aa:ff:fe:c4:46:d1:10:45:6f:f4:f7:2a:10:c4:
14:78:c0:0f:98:9a:a0:6b:2d:fe:41:23:c7:6e:9e:05:39:c5:
42:ce:7e:02:d6:19:5a:d0:ce:31:c7:71:78:32:8a:89:32:39:
35:c7:d9:f8:6d:77:7a:4c:2f:91:ef:47:57:6e:cd:5b:a2:b7:
7d:c0:43:91:a3:79:5e:3c:42:8f:10:c3:c5:11:36:96:f9:86:
cc:f3:2b:c5:56:07:97:db:c6:d7:35:36:aa:0d:da:79:f9:71:
a2:78:b0:0d:85:0d:c0:10:67:80:44:7b:9f:38:2a:b1:17:7b:
72:8a:29:96:9e:30:52:23:c9:22:a6:88:0f:18:fb:cc:d3:bf:
8d:89:5a:4a:6b:e0:4a:76:61:42:a7:6a:96:d9:07:78:3c:ac:
55:0d:41:69:81:12:5d:a4:ae:9f:36:a7:23:a0:5f:db:ff:41:
c9:cc:84:12:19:0a:84:a2:de:d9:26:1e:f5:66:be:53:ff:8d:
b2:ed:a7:dc
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QzUzMjExMC8GA1UEBRMoQkNBQjNFNzZGODRFRDQzNzQyRjJBMDgxMjQyNzA4RTc5
OUNFMUI1RjAeFw0yNDA1MDIwMjIxNTlaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzJmOGM3LWE0MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDbgrnhETWkX/3xmEvUukPfOCd5dQjLb+w8g1tIaJbylxXvC6HBPj1jQXRa76gp
iqaXQv5lYTmfjcAvMe4SQlAU/TKVNHknBhtHDOeojZ6jwCiIwGUuNz4ag4JugLhl
+lfq5Fu1VXosRvZCzNwRQkzyZ+dpesXissZGn4JKPxGQhRHOZd2eaRcoMp98+RwI
88/Jc/9AZs+9mq5GFl87pGsaV8xwxadscYbzTD6wIYkRt0P4PYxWfXEthPFtli+t
r9RPLxh7KXKgCYgnSWVPlsd+ONCHfz1NYl4extuxx1tEdE1Lc/JrziSjc4yIxZLE
mTaUdbvh9G06RuKV2+CdXETjAgMBAAGjggLiMIIC3jAdBgNVHQ4EFgQUgE1v7cib
EaAoh4o0LQmp7KeA2TYwHwYDVR0jBBgwFoAUvKs+dvhO1DdC8qCBJCcI55nOG18w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDNTMyL0RBQTBEMEI0MDM3
RTExRUY4NTIwRTc1OEM0RjlBRTAyL3ZLcy1kdmhPMURkQzhxQ0JKQ2NJNTVuT0cx
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdktzLWR2aE8xRGRDOHFDQkpDY0k1NW5PRzE4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QzUzMi9EQUEwRDBCNDAzN0UxMUVGODUyMEU3NThDNEY5QUUwMi9DMEU2N0M2ODA4
MkExMUVGQjk4NDAyMzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBsBggrBgEFBQcBBwEB/wRd
MFswSgQCAAEwRAMEAiv8eAMEAmfpUAMEAG4iiwMEAG4ingMEAG4iogMEAG4ipAME
AG4ipgMEAW4itDAMAwQAbiK3AwQGbiKAAwQCbiLcMA0EAgACMAcDBQAkAUpAMA0G
CSqGSIb3DQEBCwUAA4IBAQBAA9GFLUtFdgrlZIwyHXz7MuNnA72zIS8ddGyxbhyp
YoclhcBGyONMVYNarM8qDztKZXA62cHkdG9Dqv/+xEbREEVv9PcqEMQUeMAPmJqg
ay3+QSPHbp4FOcVCzn4C1hla0M4xx3F4MoqJMjk1x9n4bXd6TC+R70dXbs1bord9
wEORo3lePEKPEMPFETaW+YbM8yvFVgeX28bXNTaqDdp5+XGieLANhQ3AEGeARHuf
OCqxF3tyiimWnjBSI8kipogPGPvM07+NiVpKa+BKdmFCp2qW2Qd4PKxVDUFpgRJd
pK6fNqcjoF/b/0HJzIQSGQqEot7ZJh71Zr5T/42y7afc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org