Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/629AB964182111EBBEC32F16C4F9AE02.roa
File: 629AB964182111EBBEC32F16C4F9AE02.roa (raw, json)
Hash identifier: 7wpDv6igcNsjLCFQTRXUeQNbpcCkKx1x3xg2Qd9cto8=
Subject key identifier: 2A:17:9A:EA:11:72:A3:0F:F3:4D:16:F2:49:13:A8:F4:5C:0B:9C:E4
Certificate issuer: /CN=A91ACF30/serialNumber=D3267AF9FB969089C3C12AFEBFD0FDE9BD867581
Certificate serial: 0684
Authority key identifier: D3:26:7A:F9:FB:96:90:89:C3:C1:2A:FE:BF:D0:FD:E9:BD:86:75:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0yZ6-fuWkInDwSr-v9D96b2GdYE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/629AB964182111EBBEC32F16C4F9AE02.roa
Signing time: Tue 04 Jul 2023 22:08:25 +0000
ROA not before: Tue 04 Jul 2023 22:08:25 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 38278
IP address blocks: 45.114.28.0/22 maxlen: 22
103.115.220.0/24 maxlen: 24
103.115.221.0/24 maxlen: 24
103.115.222.0/24 maxlen: 24
103.115.223.0/24 maxlen: 24
103.251.0.0/22 maxlen: 22
103.251.0.0/24 maxlen: 24
111.221.48.0/21 maxlen: 21
111.221.54.0/24 maxlen: 24
202.169.24.0/21 maxlen: 24
2402:eec0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Mar 2024 00:59:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1668 (0x684)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACF30/serialNumber=D3267AF9FB969089C3C12AFEBFD0FDE9BD867581
Validity
Not Before: Jul 4 22:08:25 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64a49859-820a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2d:22:0e:48:5c:0a:77:33:b3:a1:78:f0:bf:
1a:53:ab:61:93:3d:b0:b4:ea:64:20:52:5d:b0:1c:
e9:5e:62:da:56:c9:b5:05:83:b7:dc:bc:e4:cf:f0:
43:6f:8c:ba:f3:c7:57:d0:df:42:fb:97:47:63:af:
d7:18:e7:32:48:5b:ca:7e:2f:29:65:9e:4f:74:5c:
0a:43:bd:c3:59:aa:a5:d6:71:fc:0c:36:04:34:3f:
d1:14:a4:6c:32:e2:93:6c:e9:f4:5b:f6:bb:f5:aa:
3a:85:b3:d3:d3:6f:67:52:83:da:62:e9:61:00:17:
34:f8:88:01:b2:10:1b:09:54:97:76:0f:4f:f4:30:
d3:2f:80:00:38:09:92:e8:65:33:30:db:c3:f6:54:
9f:4f:41:b9:c7:ba:8a:61:fe:96:57:28:4f:19:1d:
1f:57:76:b9:55:2f:6f:39:05:1c:e2:f8:0b:6c:61:
db:27:f4:92:92:c8:b8:67:b1:6c:97:57:b8:f5:40:
12:7d:4a:19:18:94:8c:48:51:75:2b:15:36:ff:db:
88:aa:4d:cc:8f:6e:a8:0c:0b:67:b1:19:bb:b7:3e:
3e:58:9e:03:3f:7b:bc:8a:22:2b:c3:a3:f8:a1:07:
bd:34:b8:40:0f:1a:ab:6a:ba:c2:74:fc:56:66:7f:
c9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:17:9A:EA:11:72:A3:0F:F3:4D:16:F2:49:13:A8:F4:5C:0B:9C:E4
X509v3 Authority Key Identifier:
keyid:D3:26:7A:F9:FB:96:90:89:C3:C1:2A:FE:BF:D0:FD:E9:BD:86:75:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/0yZ6-fuWkInDwSr-v9D96b2GdYE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0yZ6-fuWkInDwSr-v9D96b2GdYE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/629AB964182111EBBEC32F16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.28.0/22
103.115.220.0/22
103.251.0.0/22
111.221.48.0/21
202.169.24.0/21
IPv6:
2402:eec0::/32
Signature Algorithm: sha256WithRSAEncryption
46:cb:df:6e:e8:8e:29:20:f7:59:0c:1a:8c:cf:14:c6:3f:44:
c0:8c:03:e5:1c:4c:1f:24:c3:7f:3b:dd:8d:4d:6c:76:f1:0e:
cb:a5:7e:31:b2:60:fb:f9:ce:9b:3f:ec:12:51:6b:d7:19:46:
60:14:8d:9b:fe:81:d4:5b:71:1a:b6:c0:4d:74:2a:99:a1:65:
c0:09:8e:ad:82:13:fc:51:ff:27:55:4b:87:ca:89:b5:8a:f2:
d2:69:ce:74:61:44:19:f9:7e:7a:82:fd:bc:fb:fb:31:f5:54:
1f:87:c8:f2:a0:6c:c3:f3:9a:52:1e:85:f8:34:cb:d0:c2:00:
e1:e5:b9:ca:b2:b2:fd:43:e5:bd:07:87:58:71:fb:1a:1d:5e:
a7:be:5d:49:98:d1:21:df:a4:f7:50:85:9d:c6:cd:b0:b9:87:
76:2b:d1:82:d7:6b:f0:d5:1f:f3:d9:9f:c1:b4:85:3c:f6:5b:
9d:6f:3c:4e:49:41:19:20:e4:a1:19:7b:c8:7b:71:bb:0f:d9:
45:51:9c:20:7c:5e:e1:b7:fa:fc:29:a3:5a:80:ae:fd:5f:be:
b7:db:04:03:da:93:54:f2:61:04:b0:69:14:8c:55:fa:01:67:
2b:a8:62:90:a5:83:17:5c:23:f1:16:9f:7b:ea:13:8d:62:54:
25:b1:22:c3
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBoQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNGMzAxMTAvBgNVBAUTKEQzMjY3QUY5RkI5NjkwODlDM0MxMkFGRUJGRDBGREU5
QkQ4Njc1ODEwHhcNMjMwNzA0MjIwODI1WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE0OTg1OS04MjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1S0iDkhcCnczs6F48L8aU6thkz2wtOpkIFJdsBzpXmLaVsm1BYO33Lzkz/BD
b4y688dX0N9C+5dHY6/XGOcySFvKfi8pZZ5PdFwKQ73DWaql1nH8DDYEND/RFKRs
MuKTbOn0W/a79ao6hbPT029nUoPaYulhABc0+IgBshAbCVSXdg9P9DDTL4AAOAmS
6GUzMNvD9lSfT0G5x7qKYf6WVyhPGR0fV3a5VS9vOQUc4vgLbGHbJ/SSksi4Z7Fs
l1e49UASfUoZGJSMSFF1KxU2/9uIqk3Mj26oDAtnsRm7tz4+WJ4DP3u8iiIrw6P4
oQe9NLhADxqrarrCdPxWZn/JjwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFCoXmuoR
cqMP800W8kkTqPRcC5zkMB8GA1UdIwQYMBaAFNMmevn7lpCJw8Eq/r/Q/em9hnWB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0YzMC8zQjkxMkYxMkYx
ODIxMUVBQTUzNzk3MEFDNEY5QUUwMi8weVo2LWZ1V2tJbkR3U3ItdjlEOTZiMkdk
WUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzB5WjYtZnVXa0luRHdTci12OUQ5NmIyR2RZRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNGMzAvM0I5MTJGMTJGMTgyMTFFQUE1Mzc5NzBBQzRGOUFFMDIvNjI5QUI5NjQx
ODIxMTFFQkJFQzMyRjE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAItchwDBAJnc9wDBAJn+wADBANv3TADBAPKqRgwDQQCAAIw
BwMFACQC7sAwDQYJKoZIhvcNAQELBQADggEBAEbL327ojikg91kMGozPFMY/RMCM
A+UcTB8kw3873Y1NbHbxDsulfjGyYPv5zps/7BJRa9cZRmAUjZv+gdRbcRq2wE10
KpmhZcAJjq2CE/xR/ydVS4fKibWK8tJpznRhRBn5fnqC/bz7+zH1VB+HyPKgbMPz
mlIehfg0y9DCAOHlucqysv1D5b0Hh1hx+xodXqe+XUmY0SHfpPdQhZ3GzbC5h3Yr
0YLXa/DVH/PZn8G0hTz2W51vPE5JQRkg5KEZe8h7cbsP2UVRnCB8XuG3+vwpo1qA
rv1fvrfbBAPak1TyYQSwaRSMVfoBZyuoYpClgxdcI/EWn3vqE41iVCWxIsM=
-----END CERTIFICATE-----
Generated at Mon Mar 25 04:10:50 2024 by rpki-client on console-fra.rpki-client.org