Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/D7EED6DC038711EFBC6C1549C4F9AE02.roa
File: D7EED6DC038711EFBC6C1549C4F9AE02.roa (raw, json)
Hash identifier: y46qWbREzyPZB4Gt/WctNR6HRMcKg79rSh085fAYgbI=
Subject key identifier: AA:A0:DA:BB:2A:D4:33:E5:7C:3C:FA:A4:CF:00:DE:39:74:C8:62:1F
Certificate issuer: /CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Certificate serial: 14
Authority key identifier: BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/D7EED6DC038711EFBC6C1549C4F9AE02.roa
Signing time: Fri 26 Apr 2024 04:45:45 +0000
ROA not before: Fri 26 Apr 2024 04:45:45 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 45652
IP address blocks: 43.252.120.0/22 maxlen: 22
43.252.120.0/24 maxlen: 24
43.252.121.0/24 maxlen: 24
43.252.122.0/24 maxlen: 24
43.252.123.0/24 maxlen: 24
103.233.80.0/22 maxlen: 22
103.233.80.0/24 maxlen: 24
103.233.81.0/24 maxlen: 24
103.233.82.0/24 maxlen: 24
103.233.83.0/24 maxlen: 24
110.34.139.0/24 maxlen: 24
110.34.158.0/24 maxlen: 24
110.34.162.0/24 maxlen: 24
110.34.164.0/24 maxlen: 24
110.34.166.0/24 maxlen: 24
110.34.180.0/23 maxlen: 24
110.34.183.0/24 maxlen: 24
110.34.184.0/23 maxlen: 24
110.34.186.0/23 maxlen: 24
110.34.188.0/23 maxlen: 24
110.34.190.0/23 maxlen: 24
110.34.220.0/22 maxlen: 24
2401:4a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 May 2024 02:21:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F
Validity
Not Before: Apr 26 04:45:45 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=662b3179-377f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:68:24:db:61:cb:c9:d8:01:b2:15:8e:80:ca:
aa:81:ca:2c:6f:03:92:7a:ca:e8:f5:a7:80:55:7a:
23:41:4c:a1:d5:26:98:0a:3b:f9:35:f1:cc:2a:7a:
c7:52:c0:0a:c8:ed:f9:ec:bb:be:da:07:b0:f7:ec:
69:b3:80:7c:07:26:b8:46:b7:8f:8a:15:be:04:4b:
50:b0:d9:56:4c:66:d1:ba:96:09:10:dd:ee:7e:b9:
5b:71:8d:48:06:7c:87:ec:9e:65:99:fc:96:87:c9:
55:44:c9:0f:25:42:87:0e:1a:cf:ca:34:83:8d:74:
d2:41:33:da:fd:5e:e4:52:ab:ad:87:32:f0:ef:e1:
cc:35:f5:17:a3:ab:01:8c:96:d1:bd:27:a3:99:c1:
44:a8:da:cb:57:ba:52:79:a7:2b:cf:1b:49:73:f3:
48:a7:c7:02:c7:d6:41:67:4e:5b:11:71:71:92:6b:
88:c4:a8:d6:2f:35:5b:b9:8b:c5:11:e6:78:71:66:
b1:57:aa:83:b4:86:71:9b:8b:0d:c9:fe:18:5e:9f:
a5:a3:65:9b:f9:f1:0d:4e:bb:4c:d5:1f:4c:78:99:
59:8f:1f:ab:05:23:ff:22:29:81:d0:1a:5e:3c:cd:
f4:a4:da:ab:ea:c2:cb:57:e4:c5:4f:26:66:c0:29:
20:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A0:DA:BB:2A:D4:33:E5:7C:3C:FA:A4:CF:00:DE:39:74:C8:62:1F
X509v3 Authority Key Identifier:
keyid:BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/D7EED6DC038711EFBC6C1549C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.120.0/22
103.233.80.0/22
110.34.139.0/24
110.34.158.0/24
110.34.162.0/24
110.34.164.0/24
110.34.166.0/24
110.34.180.0/23
110.34.183.0-110.34.191.255
110.34.220.0/22
IPv6:
2401:4a40::/32
Signature Algorithm: sha256WithRSAEncryption
14:fe:96:5f:3d:95:2b:e4:a7:75:5c:70:6b:2c:56:41:9d:fd:
71:cd:40:3b:6f:4d:e8:ee:56:1a:b6:ad:e8:19:d4:14:e0:0f:
4b:f5:af:e2:fb:43:ce:ee:e4:a8:55:f1:33:fe:8e:b8:38:f1:
fa:8a:91:a3:3f:60:2f:95:16:ea:54:dd:f3:8c:1f:8b:3e:85:
54:50:d5:fe:43:00:f8:ef:c3:37:a7:30:07:b5:c0:fa:bc:fd:
e2:90:76:e7:4b:44:b7:41:7d:7b:c6:63:4a:af:13:61:4a:0e:
f8:37:2e:60:5b:58:80:67:a5:10:e0:e8:91:8a:4c:ae:4c:60:
2e:0d:16:87:d2:4f:d5:bf:c9:05:ac:cf:46:93:37:00:92:e9:
2b:2f:70:e0:1e:33:73:cb:ef:d7:16:ec:58:6e:bb:1c:f1:2b:
68:dd:e5:7a:cd:97:97:6a:cc:23:66:92:77:7d:7a:a0:24:a3:
64:2e:bc:16:93:e0:3c:03:4d:83:90:3b:39:d8:c1:3e:17:9f:
54:52:03:86:72:50:38:bb:f6:7c:84:64:4c:28:32:fe:23:bd:
75:42:94:b1:14:cf:81:42:43:b5:56:46:e1:bf:fa:1c:74:ac:
c7:c3:36:5c:80:ad:fa:e9:4e:c1:06:dd:d3:ea:ea:bc:7e:8e:
e9:16:b5:8d
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QzUzMjExMC8GA1UEBRMoQkNBQjNFNzZGODRFRDQzNzQyRjJBMDgxMjQyNzA4RTc5
OUNFMUI1RjAeFw0yNDA0MjYwNDQ1NDVaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MmIzMTc5LTM3N2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6aCTbYcvJ2AGyFY6AyqqByixvA5J6yuj1p4BVeiNBTKHVJpgKO/k18cwqesdS
wArI7fnsu77aB7D37GmzgHwHJrhGt4+KFb4ES1Cw2VZMZtG6lgkQ3e5+uVtxjUgG
fIfsnmWZ/JaHyVVEyQ8lQocOGs/KNIONdNJBM9r9XuRSq62HMvDv4cw19RejqwGM
ltG9J6OZwUSo2stXulJ5pyvPG0lz80inxwLH1kFnTlsRcXGSa4jEqNYvNVu5i8UR
5nhxZrFXqoO0hnGbiw3J/hhen6WjZZv58Q1Ou0zVH0x4mVmPH6sFI/8iKYHQGl48
zfSk2qvqwstX5MVPJmbAKSD5AgMBAAGjggLiMIIC3jAdBgNVHQ4EFgQUqqDauyrU
M+V8PPqkzwDeOXTIYh8wHwYDVR0jBBgwFoAUvKs+dvhO1DdC8qCBJCcI55nOG18w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDNTMyL0RBQTBEMEI0MDM3
RTExRUY4NTIwRTc1OEM0RjlBRTAyL3ZLcy1kdmhPMURkQzhxQ0JKQ2NJNTVuT0cx
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdktzLWR2aE8xRGRDOHFDQkpDY0k1NW5PRzE4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QzUzMi9EQUEwRDBCNDAzN0UxMUVGODUyMEU3NThDNEY5QUUwMi9EN0VFRDZEQzAz
ODcxMUVGQkM2QzE1NDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBsBggrBgEFBQcBBwEB/wRd
MFswSgQCAAEwRAMEAiv8eAMEAmfpUAMEAG4iiwMEAG4ingMEAG4iogMEAG4ipAME
AG4ipgMEAW4itDAMAwQAbiK3AwQGbiKAAwQCbiLcMA0EAgACMAcDBQAkAUpAMA0G
CSqGSIb3DQEBCwUAA4IBAQAU/pZfPZUr5Kd1XHBrLFZBnf1xzUA7b03o7lYatq3o
GdQU4A9L9a/i+0PO7uSoVfEz/o64OPH6ipGjP2AvlRbqVN3zjB+LPoVUUNX+QwD4
78M3pzAHtcD6vP3ikHbnS0S3QX17xmNKrxNhSg74Ny5gW1iAZ6UQ4OiRikyuTGAu
DRaH0k/Vv8kFrM9GkzcAkukrL3DgHjNzy+/XFuxYbrsc8Sto3eV6zZeXaswjZpJ3
fXqgJKNkLrwWk+A8A02DkDs52ME+F59UUgOGclA4u/Z8hGRMKDL+I711QpSxFM+B
QkO1Vkbhv/ocdKzHwzZcgK366U7BBt3T6uq8fo7pFrWN
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org