Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/69363188652411EEB31DFB1BC4F9AE02.roa
File: 69363188652411EEB31DFB1BC4F9AE02.roa (raw, json)
Hash identifier: ukMv1vqhTuazTN7ZWDlmw1zqPYP0IH32Lw2PCy/Rfz4=
Subject key identifier: 6C:46:D5:FA:2A:F3:A6:7E:3B:4D:3F:80:3E:60:D5:8A:FB:3C:27:43
Certificate issuer: /CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Certificate serial: 21B2
Authority key identifier: BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/69363188652411EEB31DFB1BC4F9AE02.roa
Signing time: Wed 15 May 2024 08:12:05 +0000
ROA not before: Wed 15 May 2024 08:12:05 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 133334
IP address blocks: 45.124.56.0/22 maxlen: 24
103.31.72.0/22 maxlen: 22
103.31.72.0/24 maxlen: 24
103.31.73.0/24 maxlen: 24
103.31.74.0/24 maxlen: 24
103.31.75.0/24 maxlen: 24
103.61.220.0/22 maxlen: 22
103.61.220.0/24 maxlen: 24
103.61.221.0/24 maxlen: 24
103.61.222.0/24 maxlen: 24
103.61.223.0/24 maxlen: 24
103.200.32.0/22 maxlen: 22
103.200.32.0/24 maxlen: 24
103.200.33.0/24 maxlen: 24
103.200.34.0/24 maxlen: 24
103.200.35.0/24 maxlen: 24
103.203.52.0/22 maxlen: 22
103.203.52.0/24 maxlen: 24
103.203.53.0/24 maxlen: 24
103.203.54.0/24 maxlen: 24
103.203.55.0/24 maxlen: 24
103.225.136.0/22 maxlen: 24
2401:b80::/32 maxlen: 32
2401:b80:1000::/36 maxlen: 36
2401:b80:2000::/36 maxlen: 36
2401:b80:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 21 May 2024 15:22:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8626 (0x21b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Validity
Not Before: May 15 08:12:05 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66446e54-458c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d1:41:a6:89:d4:71:ae:24:ef:02:3a:fa:76:
e8:50:bf:6d:9e:0f:53:93:d5:c2:26:35:7c:f4:2d:
49:fe:96:f8:c4:d1:7a:af:a7:aa:95:15:b2:e9:ae:
24:66:4f:a8:d7:03:14:97:04:3f:31:87:b4:b4:a9:
e9:07:7d:1e:11:0a:cc:97:8b:4f:1e:d9:23:85:a5:
d2:63:e2:76:92:06:de:ab:45:f3:e7:00:0f:a9:17:
0b:79:74:6c:a0:fd:c7:e3:55:5e:80:f1:b7:41:7b:
11:c9:cb:d3:9c:d5:d1:37:cd:3a:ed:46:3c:34:69:
dd:ad:94:d2:16:36:9d:b8:0b:3c:b9:86:b8:2a:71:
7b:3b:0a:92:ed:7f:92:2e:f2:36:dd:ed:be:a9:7a:
33:0a:29:c1:d1:14:b2:8d:f6:42:b6:b6:19:0b:d6:
7d:ce:db:68:2d:47:fd:a1:a3:dc:59:1d:4b:5f:7c:
0a:6a:51:49:e8:d7:98:00:ed:a8:90:9f:3e:cc:51:
7b:f0:db:c5:13:5b:c6:b4:e6:81:15:45:42:b8:f6:
fd:94:d6:08:d0:f8:81:7c:b4:97:64:ee:26:05:91:
0f:09:9e:6d:fe:5f:4c:dd:41:6e:33:c3:19:db:1d:
b5:44:67:f0:ec:17:a5:68:6f:af:d9:56:48:c9:2d:
b7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:46:D5:FA:2A:F3:A6:7E:3B:4D:3F:80:3E:60:D5:8A:FB:3C:27:43
X509v3 Authority Key Identifier:
keyid:BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/69363188652411EEB31DFB1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.56.0/22
103.31.72.0/22
103.61.220.0/22
103.200.32.0/22
103.203.52.0/22
103.225.136.0/22
IPv6:
2401:b80::/32
Signature Algorithm: sha256WithRSAEncryption
34:83:5c:25:03:79:99:40:8c:3e:82:b8:94:c3:4b:3f:af:01:
a4:77:23:40:c7:29:34:72:a7:ed:fa:51:5d:f0:f5:35:f3:bf:
6b:f6:ce:97:47:60:37:86:09:0f:a4:4e:00:bb:ad:63:59:d0:
94:82:7e:5d:de:ab:fc:cd:d0:ec:74:91:f5:ed:68:7c:ca:f1:
38:e2:50:84:1c:d3:13:9c:71:6f:e4:85:bc:5d:c9:6c:8b:1e:
af:e6:c1:28:97:29:0f:d1:45:f2:82:71:b6:65:c1:84:9d:85:
54:16:f8:c3:01:36:96:72:d3:88:55:f2:16:df:3a:16:1e:c2:
da:b9:52:e0:57:5c:08:51:b9:e0:2a:d1:b5:0b:67:b2:9e:d9:
e8:e2:9e:3a:54:c8:03:c9:11:4e:ec:1a:9f:cb:80:79:2f:78:
29:64:76:82:c1:a2:75:86:72:8c:2c:83:89:52:6c:bb:7e:fb:
44:1f:cc:0f:1a:c8:6f:a4:7b:cc:87:ab:ba:ec:92:ce:23:01:
78:93:51:70:1d:98:a1:a3:7d:9b:f7:bd:50:86:2b:ae:09:59:
bb:19:73:95:42:c2:7f:ec:1d:e3:5c:94:a2:b2:7c:39:98:17:
3e:cb:06:ca:c8:86:47:3d:7f:6d:73:6d:7f:3f:7f:48:6d:7c:
dd:e8:50:a0
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICIbIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURFMEExMTAvBgNVBAUTKEJFNDg4QjRFNjBBQzZBNzNBNjU2RUZEQkM1RkE2N0Ex
QThERTgxMkEwHhcNMjQwNTE1MDgxMjA1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ0NmU1NC00NThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAytFBponUca4k7wI6+nboUL9tng9Tk9XCJjV89C1J/pb4xNF6r6eqlRWy6a4k
Zk+o1wMUlwQ/MYe0tKnpB30eEQrMl4tPHtkjhaXSY+J2kgbeq0Xz5wAPqRcLeXRs
oP3H41VegPG3QXsRycvTnNXRN8067UY8NGndrZTSFjaduAs8uYa4KnF7OwqS7X+S
LvI23e2+qXozCinB0RSyjfZCtrYZC9Z9zttoLUf9oaPcWR1LX3wKalFJ6NeYAO2o
kJ8+zFF78NvFE1vGtOaBFUVCuPb9lNYI0PiBfLSXZO4mBZEPCZ5t/l9M3UFuM8MZ
2x21RGfw7BelaG+v2VZIyS23vQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFGxG1foq
86Z+O00/gD5g1Yr7PCdDMB8GA1UdIwQYMBaAFL5Ii05grGpzplbv28X6Z6Go3oEq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREUwQS8zMEQ4MDEyNkMx
MTMxMUU1QjAxQTcyNjlDNEY5QUUwMi92a2lMVG1Dc2FuT21WdV9ieGZwbm9hamVn
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZraUxUbUNzYW5PbVZ1X2J4ZnBub2FqZWdTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURFMEEvMzBEODAxMjZDMTEzMTFFNUIwMUE3MjY5QzRGOUFFMDIvNjkzNjMxODg2
NTI0MTFFRUIzMURGQjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAItfDgDBAJnH0gDBAJnPdwDBAJnyCADBAJnyzQDBAJn4Ygw
DQQCAAIwBwMFACQBC4AwDQYJKoZIhvcNAQELBQADggEBADSDXCUDeZlAjD6CuJTD
Sz+vAaR3I0DHKTRyp+36UV3w9TXzv2v2zpdHYDeGCQ+kTgC7rWNZ0JSCfl3eq/zN
0Ox0kfXtaHzK8TjiUIQc0xOccW/khbxdyWyLHq/mwSiXKQ/RRfKCcbZlwYSdhVQW
+MMBNpZy04hV8hbfOhYewtq5UuBXXAhRueAq0bULZ7Ke2ejinjpUyAPJEU7sGp/L
gHkveClkdoLBonWGcowsg4lSbLt++0QfzA8ayG+ke8yHq7rsks4jAXiTUXAdmKGj
fZv3vVCGK64JWbsZc5VCwn/sHeNclKKyfDmYFz7LBsrIhkc9f21zbX8/f0htfN3o
UKA=
-----END CERTIFICATE-----
Generated at Tue May 21 18:45:20 2024 by rpki-client on console-ams.rpki-client.org