Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/77342D0A3B6511EEBD7EDC20C4F9AE02.roa
File: 77342D0A3B6511EEBD7EDC20C4F9AE02.roa (raw, json)
Hash identifier: omHP9L9wbowUasOQUagOBoERSTbR/tngtk0W7dsoGtA=
Subject key identifier: 34:F8:AA:A6:E0:B0:99:A2:BA:EE:F8:D5:B3:DE:E6:06:AD:04:89:68
Certificate issuer: /CN=A91B5486/serialNumber=2E304A3D92499D9D7D338A3EA02F7C5348425B17
Certificate serial: 085E
Authority key identifier: 2E:30:4A:3D:92:49:9D:9D:7D:33:8A:3E:A0:2F:7C:53:48:42:5B:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LjBKPZJJnZ19M4o-oC98U0hCWxc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/77342D0A3B6511EEBD7EDC20C4F9AE02.roa
Signing time: Tue 26 Mar 2024 21:40:36 +0000
ROA not before: Tue 26 Mar 2024 21:40:36 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 41095
IP address blocks: 45.248.200.0/22 maxlen: 24
103.6.128.0/22 maxlen: 23
103.6.130.0/23 maxlen: 24
103.23.168.0/22 maxlen: 22
103.23.168.0/24 maxlen: 24
103.23.169.0/24 maxlen: 24
103.23.170.0/24 maxlen: 24
103.23.171.0/24 maxlen: 24
103.217.160.0/22 maxlen: 22
103.217.160.0/24 maxlen: 24
103.217.161.0/24 maxlen: 24
103.217.162.0/24 maxlen: 24
103.217.163.0/24 maxlen: 24
103.242.72.0/22 maxlen: 24
220.158.132.0/22 maxlen: 24
2401:47c0::/32 maxlen: 32
2401:47c0:1000::/36 maxlen: 36
2401:47c0:1000::/40 maxlen: 40
2401:47c0:1100::/40 maxlen: 40
2401:47c0:1200::/40 maxlen: 40
2401:47c0:1300::/40 maxlen: 40
2401:47c0:1400::/40 maxlen: 40
2401:47c0:1500::/40 maxlen: 40
2401:47c0:1600::/40 maxlen: 40
2401:47c0:1700::/40 maxlen: 40
2401:47c0:1800::/40 maxlen: 40
2401:47c0:1a00::/40 maxlen: 40
2401:47c0:1b00::/40 maxlen: 40
2401:47c0:1c00::/40 maxlen: 40
2401:47c0:1d00::/40 maxlen: 40
2401:47c0:f000::/36 maxlen: 40
Validation: Failed, certificate revoked on Tue 09 Apr 2024 01:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2142 (0x85e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5486/serialNumber=2E304A3D92499D9D7D338A3EA02F7C5348425B17
Validity
Not Before: Mar 26 21:40:36 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660340d4-4720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:8e:99:28:0e:77:34:d8:d6:97:47:3c:86:96:
c2:d3:8f:26:23:dd:3d:11:cb:92:d2:ee:74:93:91:
86:de:91:73:b2:5b:b4:97:93:c8:85:c4:a7:dd:bd:
cc:3c:43:7c:a7:86:57:27:d6:aa:05:55:90:75:a3:
97:2f:19:6d:88:a9:b9:43:ef:b6:89:84:00:10:f6:
2f:f2:e1:60:08:ac:04:66:28:52:44:0b:d9:df:f7:
c7:ab:f6:6b:2c:c1:47:17:e6:95:63:09:0f:83:ad:
08:eb:88:df:fa:1f:5d:d7:06:e7:a3:79:38:42:2e:
9d:5d:26:d1:92:6a:38:7e:47:7e:a9:85:84:16:83:
d1:cf:d4:bb:10:41:f8:32:11:38:2c:d4:50:df:f1:
3c:ed:1d:e4:0c:65:8f:38:e8:67:e0:8c:06:d8:6d:
d2:c0:1e:58:59:00:d0:f5:a3:8b:dd:d8:66:53:e0:
ac:37:ad:0a:f8:71:70:f7:e6:7e:1a:3f:fa:b8:02:
a0:a7:1f:c3:40:c4:4a:b4:0e:ad:af:2f:ca:79:f5:
af:a0:41:45:ce:de:72:8d:28:fe:0b:16:26:70:3a:
a1:ef:fe:7f:85:bf:69:94:44:aa:a8:80:d6:f7:89:
75:97:b5:44:cf:83:37:7f:5b:bd:73:84:88:e2:18:
d9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F8:AA:A6:E0:B0:99:A2:BA:EE:F8:D5:B3:DE:E6:06:AD:04:89:68
X509v3 Authority Key Identifier:
keyid:2E:30:4A:3D:92:49:9D:9D:7D:33:8A:3E:A0:2F:7C:53:48:42:5B:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/LjBKPZJJnZ19M4o-oC98U0hCWxc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LjBKPZJJnZ19M4o-oC98U0hCWxc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/77342D0A3B6511EEBD7EDC20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.200.0/22
103.6.128.0/22
103.23.168.0/22
103.217.160.0/22
103.242.72.0/22
220.158.132.0/22
IPv6:
2401:47c0::/32
Signature Algorithm: sha256WithRSAEncryption
59:3c:1f:28:9c:c7:e6:01:aa:36:48:d9:18:64:36:0f:3d:92:
d1:2d:af:f4:6c:f7:3b:a3:0a:51:1c:6d:6e:22:76:28:1b:db:
92:af:2e:ff:af:b0:44:c8:ac:96:4f:bf:e3:ec:2d:26:95:2e:
72:ac:2c:9d:b8:f9:8d:59:17:b0:50:f2:40:10:62:e8:f7:83:
f2:e7:7a:4e:37:1b:c5:b8:9f:13:99:d4:73:e4:ef:45:d6:f5:
22:f0:18:33:d2:d4:db:7c:f1:f8:da:17:04:1a:1a:5b:4a:44:
7f:fb:c2:02:fd:df:81:0a:74:fb:d3:1f:50:8e:01:d5:43:02:
6b:33:28:50:78:88:ea:f6:ae:7c:76:d6:f5:ee:f5:5a:35:4e:
4f:25:e3:1c:61:d3:60:2f:06:89:77:2e:ae:cf:04:f4:d2:ae:
c2:76:8b:ab:0c:3c:f6:1a:8e:6b:81:5e:9a:9b:ef:3d:03:68:
b3:4b:51:7c:d1:14:52:91:84:2c:d0:17:8b:b8:b3:a5:dc:95:
db:10:7b:6b:7d:28:28:7e:ce:6c:db:6a:5d:e4:dc:87:7d:2f:
47:6e:5d:9f:ce:cd:7a:d5:81:24:5a:87:06:9e:b4:08:89:3b:
bf:a3:c8:93:b5:45:96:80:8f:6d:eb:ef:42:df:95:f9:1e:7a:
22:4f:62:25
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICCF4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU0ODYxMTAvBgNVBAUTKDJFMzA0QTNEOTI0OTlEOUQ3RDMzOEEzRUEwMkY3QzUz
NDg0MjVCMTcwHhcNMjQwMzI2MjE0MDM2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzNDBkNC00NzIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3I6ZKA53NNjWl0c8hpbC048mI909EcuS0u50k5GG3pFzslu0l5PIhcSn3b3M
PEN8p4ZXJ9aqBVWQdaOXLxltiKm5Q++2iYQAEPYv8uFgCKwEZihSRAvZ3/fHq/Zr
LMFHF+aVYwkPg60I64jf+h9d1wbno3k4Qi6dXSbRkmo4fkd+qYWEFoPRz9S7EEH4
MhE4LNRQ3/E87R3kDGWPOOhn4IwG2G3SwB5YWQDQ9aOL3dhmU+CsN60K+HFw9+Z+
Gj/6uAKgpx/DQMRKtA6try/KefWvoEFFzt5yjSj+CxYmcDqh7/5/hb9plESqqIDW
94l1l7VEz4M3f1u9c4SI4hjZcwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFDT4qqbg
sJmiuu741bPe5gatBIloMB8GA1UdIwQYMBaAFC4wSj2SSZ2dfTOKPqAvfFNIQlsX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTQ4Ni84NTZBMjQ5Q0E5
ODIxMUVBOTMyREVDNTRDNEY5QUUwMi9MakJLUFpKSm5aMTlNNG8tb0M5OFUwaENX
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xqQktQWkpKbloxOU00by1vQzk4VTBoQ1d4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU0ODYvODU2QTI0OUNBOTgyMTFFQTkzMkRFQzU0QzRGOUFFMDIvNzczNDJEMEEz
QjY1MTFFRUJEN0VEQzIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAIt+MgDBAJnBoADBAJnF6gDBAJn2aADBAJn8kgDBALcnoQw
DQQCAAIwBwMFACQBR8AwDQYJKoZIhvcNAQELBQADggEBAFk8Hyicx+YBqjZI2Rhk
Ng89ktEtr/Rs9zujClEcbW4idigb25KvLv+vsETIrJZPv+PsLSaVLnKsLJ24+Y1Z
F7BQ8kAQYuj3g/Lnek43G8W4nxOZ1HPk70XW9SLwGDPS1Nt88fjaFwQaGltKRH/7
wgL934EKdPvTH1COAdVDAmszKFB4iOr2rnx21vXu9Vo1Tk8l4xxh02AvBol3Lq7P
BPTSrsJ2i6sMPPYajmuBXpqb7z0DaLNLUXzRFFKRhCzQF4u4s6XcldsQe2t9KCh+
zmzbal3k3Id9L0duXZ/OzXrVgSRahwaetAiJO7+jyJO1RZaAj23r70LflfkeeiJP
YiU=
-----END CERTIFICATE-----
Generated at Tue Apr 9 02:35:13 2024 by rpki-client on console-fra.rpki-client.org