Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/45E0BC4C7D1511EC82856B42C4F9AE02.roa
File: 45E0BC4C7D1511EC82856B42C4F9AE02.roa (raw, json)
Hash identifier: mXEk/yQPZZQKkDGM6vT1xhSCDkylk8BRBUz3xFLo5V8=
Subject key identifier: D3:B2:CA:92:79:CC:6D:41:5B:62:A4:E1:F1:60:1C:8F:44:9C:22:76
Certificate issuer: /CN=A91B2C43/serialNumber=CA0CE2CBA99CDE0D9027FCE4864F26C913D419E3
Certificate serial: 0A6E
Authority key identifier: CA:0C:E2:CB:A9:9C:DE:0D:90:27:FC:E4:86:4F:26:C9:13:D4:19:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygziy6mc3g2QJ_zkhk8myRPUGeM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/45E0BC4C7D1511EC82856B42C4F9AE02.roa
Signing time: Mon 11 Mar 2024 11:09:46 +0000
ROA not before: Mon 11 Mar 2024 11:09:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55501
IP address blocks: 103.225.220.0/22 maxlen: 22
103.225.220.0/24 maxlen: 24
103.225.221.0/24 maxlen: 24
103.225.222.0/24 maxlen: 24
103.225.223.0/24 maxlen: 24
202.166.160.0/23 maxlen: 23
202.166.160.0/24 maxlen: 24
202.166.161.0/24 maxlen: 24
202.166.162.0/23 maxlen: 23
202.166.162.0/24 maxlen: 24
202.166.163.0/24 maxlen: 24
202.166.164.0/23 maxlen: 24
202.166.166.0/24 maxlen: 24
202.166.167.0/24 maxlen: 24
202.166.168.0/24 maxlen: 24
202.166.169.0/24 maxlen: 24
202.166.170.0/23 maxlen: 23
202.166.170.0/24 maxlen: 24
202.166.171.0/24 maxlen: 24
202.166.172.0/23 maxlen: 23
202.166.173.0/24 maxlen: 24
202.166.174.0/24 maxlen: 24
202.166.175.0/24 maxlen: 24
2401:ea00::/48 maxlen: 48
2401:ea00:1::/48 maxlen: 48
2401:ea00:2::/48 maxlen: 48
2401:ea00:3::/48 maxlen: 48
2401:ea00:4::/48 maxlen: 48
2401:ea00:5::/48 maxlen: 48
2401:ea00:6::/48 maxlen: 48
2401:ea00:7::/48 maxlen: 48
2401:ea00:8::/48 maxlen: 48
2401:ea00:9::/48 maxlen: 48
2401:ea00:a::/48 maxlen: 48
2401:ea00:b::/48 maxlen: 48
2401:ea00:c::/48 maxlen: 48
2401:ea00:d::/48 maxlen: 48
2401:ea00:e::/48 maxlen: 48
2401:ea00:f::/48 maxlen: 48
2401:ea00:20::/48 maxlen: 48
2401:ea00:25::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 12 Mar 2024 09:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2670 (0xa6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B2C43/serialNumber=CA0CE2CBA99CDE0D9027FCE4864F26C913D419E3
Validity
Not Before: Mar 11 11:09:46 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65eee679-f8f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9a:ac:d9:96:75:2e:c6:56:c1:61:39:ce:02:
36:85:a5:6b:75:1e:e4:a7:f2:50:ea:fb:ff:61:43:
7d:d1:3d:6c:e6:f5:fa:a0:e4:4c:a7:2d:50:53:07:
f3:4b:56:1f:e8:fb:4e:f8:2a:1f:31:b7:bd:cd:3a:
c0:77:e1:6a:db:6f:cf:d6:86:7b:cb:da:42:b3:4f:
25:a8:d8:55:5b:6e:b3:44:ba:eb:00:d5:c4:0f:1a:
27:32:66:a2:37:d8:1a:fa:db:0d:fe:5f:15:44:13:
f8:91:c2:78:b2:d5:f2:23:10:e6:04:42:1d:3c:8d:
c0:6d:2d:f0:02:b6:1d:34:4a:7e:7b:da:56:96:bf:
a6:40:fc:86:a0:0c:c6:95:57:7d:0e:76:50:eb:80:
41:9f:7e:26:79:2a:9e:f6:c5:30:f3:97:94:6b:67:
87:bf:69:e8:11:85:61:47:0c:50:e1:ea:58:5d:5a:
28:cb:0f:82:40:19:38:de:16:bf:51:26:f1:f1:b3:
a6:b0:3a:4e:ea:54:43:48:97:e1:e5:86:10:3a:68:
b5:be:e7:c6:85:ce:46:a7:15:f8:9d:25:59:05:d9:
87:d8:d5:a1:d8:1c:49:bb:5e:24:9e:c4:42:26:a7:
39:ac:54:7e:96:90:8d:c9:9f:d1:17:d9:23:ef:86:
b7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B2:CA:92:79:CC:6D:41:5B:62:A4:E1:F1:60:1C:8F:44:9C:22:76
X509v3 Authority Key Identifier:
keyid:CA:0C:E2:CB:A9:9C:DE:0D:90:27:FC:E4:86:4F:26:C9:13:D4:19:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/ygziy6mc3g2QJ_zkhk8myRPUGeM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygziy6mc3g2QJ_zkhk8myRPUGeM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/45E0BC4C7D1511EC82856B42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.225.220.0/22
202.166.160.0/20
IPv6:
2401:ea00::/44
2401:ea00:20::/48
2401:ea00:25::/48
Signature Algorithm: sha256WithRSAEncryption
31:93:2a:7c:1b:98:c1:f3:42:2f:90:47:81:66:ff:f4:b1:31:
9d:99:d6:29:0f:68:0d:69:d7:51:82:83:7b:fc:08:bf:71:68:
fc:1a:11:66:9d:29:17:a0:e3:4c:99:c8:18:01:52:f6:c8:94:
d5:9a:f9:5b:c1:96:20:15:de:7a:e9:f9:6e:01:0e:9a:a9:a4:
03:72:54:59:9c:b1:8b:d2:87:8c:d2:8a:31:5b:e1:de:d2:cf:
a9:a7:5c:51:51:92:17:4d:c5:bc:bd:ee:45:62:0d:1e:66:03:
22:98:93:85:96:ec:a5:0b:cf:9b:4d:23:bd:f1:d9:96:c4:58:
69:b4:d5:d0:0e:e6:ec:7f:4c:3f:dd:04:2a:1a:ed:48:17:01:
5d:4c:93:ff:bc:14:c7:b8:9e:b6:93:9c:13:8e:e1:23:18:e2:
86:32:ce:2f:7e:2b:f4:eb:16:19:da:97:2f:02:8a:27:84:42:
c9:b5:e4:eb:05:36:c8:5d:dd:bc:ed:ce:44:de:43:2b:6b:bb:
4f:ca:b7:13:33:4f:e1:e7:d5:e2:ae:03:9b:0d:e9:87:0e:83:
7e:da:b1:22:22:57:45:35:8c:78:87:49:a3:f1:4b:14:f4:f0:
1a:13:f8:e2:94:ff:dd:73:67:4a:8b:7d:da:27:e0:d1:b4:53:
37:2b:b2:25
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICCm4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjJDNDMxMTAvBgNVBAUTKENBMENFMkNCQTk5Q0RFMEQ5MDI3RkNFNDg2NEYyNkM5
MTNENDE5RTMwHhcNMjQwMzExMTEwOTQ2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWVlZTY3OS1mOGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Zqs2ZZ1LsZWwWE5zgI2haVrdR7kp/JQ6vv/YUN90T1s5vX6oORMpy1QUwfz
S1Yf6PtO+CofMbe9zTrAd+Fq22/P1oZ7y9pCs08lqNhVW26zRLrrANXEDxonMmai
N9ga+tsN/l8VRBP4kcJ4stXyIxDmBEIdPI3AbS3wArYdNEp+e9pWlr+mQPyGoAzG
lVd9DnZQ64BBn34meSqe9sUw85eUa2eHv2noEYVhRwxQ4epYXVooyw+CQBk43ha/
USbx8bOmsDpO6lRDSJfh5YYQOmi1vufGhc5GpxX4nSVZBdmH2NWh2BxJu14knsRC
Jqc5rFR+lpCNyZ/RF9kj74a3iwIDAQABo4ICvjCCArowHQYDVR0OBBYEFNOyypJ5
zG1BW2Kk4fFgHI9EnCJ2MB8GA1UdIwQYMBaAFMoM4supnN4NkCf85IZPJskT1Bnj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkM0My9EQzJGNTQ2ODM5
RTQxMUVBOTYxNzMzNzRDNEY5QUUwMi95Z3ppeTZtYzNnMlFKX3praGs4bXlSUFVH
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lneml5Nm1jM2cyUUpfemtoazhteVJQVUdlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjJDNDMvREMyRjU0NjgzOUU0MTFFQTk2MTczMzc0QzRGOUFFMDIvNDVFMEJDNEM3
RDE1MTFFQzgyODU2QjQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MBIEAgABMAwDBAJn4dwDBATKpqAwIQQCAAIwGwMHBCQB6gAAAAMHACQB6gAA
IAMHACQB6gAAJTANBgkqhkiG9w0BAQsFAAOCAQEAMZMqfBuYwfNCL5BHgWb/9LEx
nZnWKQ9oDWnXUYKDe/wIv3Fo/BoRZp0pF6DjTJnIGAFS9siU1Zr5W8GWIBXeeun5
bgEOmqmkA3JUWZyxi9KHjNKKMVvh3tLPqadcUVGSF03FvL3uRWINHmYDIpiThZbs
pQvPm00jvfHZlsRYabTV0A7m7H9MP90EKhrtSBcBXUyT/7wUx7ietpOcE47hIxji
hjLOL34r9OsWGdqXLwKKJ4RCybXk6wU2yF3dvO3ORN5DK2u7T8q3EzNP4efV4q4D
mw3phw6DftqxIiJXRTWMeIdJo/FLFPTwGhP44pT/3XNnSot92ifg0bRTNyuyJQ==
-----END CERTIFICATE-----
Generated at Tue Mar 12 14:23:31 2024 by rpki-client on console-fra.rpki-client.org