Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/EA5D7A46037211EE9E15EE32C4F9AE02.roa
File: EA5D7A46037211EE9E15EE32C4F9AE02.roa (raw, json)
Hash identifier: fLLmb5M/URnjhsDvUJiV2NHee20e3X3bGrMpjo2KXJM=
Subject key identifier: 17:2C:5F:F5:AE:FB:20:4F:F4:CB:DF:27:63:07:6C:DA:2B:81:DE:A2
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 0156
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/EA5D7A46037211EE9E15EE32C4F9AE02.roa
Signing time: Fri 05 Jan 2024 06:34:47 +0000
ROA not before: Fri 05 Jan 2024 06:34:47 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 134450
IP address blocks: 45.125.246.0/24 maxlen: 24
103.221.233.0/24 maxlen: 24
103.239.213.0/24 maxlen: 24
103.241.52.0/22 maxlen: 22
160.20.8.0/22 maxlen: 23
202.94.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 12:41:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 342 (0x156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: Jan 5 06:34:47 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6597a307-2eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b0:3b:1b:83:e3:79:15:67:b3:37:52:e1:72:
b7:bc:7e:f1:b5:79:f9:ac:72:f0:f5:80:d1:98:20:
3b:f0:f3:be:f8:ae:0e:41:6f:85:b6:6e:d0:17:c1:
7b:3e:c4:d4:0a:26:a9:ae:e6:e0:4e:cd:67:e5:43:
2c:6b:75:27:3b:25:37:a6:c8:9e:3d:93:2e:2e:41:
32:2f:9f:52:5f:91:e7:a1:c7:55:be:29:88:ec:c2:
29:4d:da:c6:cd:6a:34:02:2f:0f:4a:2f:06:69:80:
0d:fc:36:76:c8:c8:31:23:b7:9f:88:e5:cc:5f:20:
66:29:89:5a:ad:8e:4d:7f:8d:61:f2:cd:64:45:a2:
c1:ac:c6:65:4f:99:09:93:6a:b6:ce:dc:d7:78:28:
99:7a:c8:80:e0:82:db:92:2e:01:ea:b7:22:fc:d8:
2c:d7:0d:33:39:ef:3b:39:19:bd:52:41:af:16:a2:
4d:1c:9d:49:0d:ba:7a:31:c3:a1:14:74:b5:15:ca:
1a:90:fd:b9:30:59:44:50:0f:08:dd:95:55:a3:5b:
ee:48:1d:85:76:4b:0d:5b:cf:6c:91:ae:84:ea:87:
d6:c1:f7:31:d1:a7:fb:42:d9:09:b8:76:56:89:6e:
f3:a1:21:1d:1d:ce:bf:8a:c4:61:73:f0:a7:ad:7e:
57:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:2C:5F:F5:AE:FB:20:4F:F4:CB:DF:27:63:07:6C:DA:2B:81:DE:A2
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/EA5D7A46037211EE9E15EE32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.246.0/24
103.221.233.0/24
103.239.213.0/24
103.241.52.0/22
160.20.8.0/22
202.94.174.0/24
Signature Algorithm: sha256WithRSAEncryption
78:82:87:5c:07:ae:59:a6:c1:a6:8a:c5:83:7e:ec:4f:ff:ae:
f9:f1:dc:c8:c9:93:1b:6e:07:c2:30:e9:1b:5f:d6:47:ed:a6:
b3:a3:26:15:c3:e2:eb:d1:90:e9:54:87:7e:e9:03:5e:bf:04:
f7:e2:8a:9e:84:4e:d7:b5:cd:24:f3:39:dc:56:56:3c:67:dd:
11:88:27:16:50:0f:81:25:e4:4b:b2:3a:98:21:e8:a5:f5:67:
c9:aa:0d:8a:60:65:cc:b7:48:21:81:f0:cd:5c:f0:fe:2c:b2:
71:9b:6e:0a:3b:e5:5e:27:84:5a:25:c4:d4:33:82:3a:1b:cc:
4d:45:ad:90:b0:52:b8:49:e1:49:0a:ce:4a:ed:70:db:f6:f4:
f1:a8:ba:d0:0f:cb:89:75:13:45:85:78:11:86:e3:a4:c2:62:
76:18:e9:d2:7f:57:80:ce:7b:de:05:6f:4d:4f:68:22:d6:2e:
b3:0f:ac:5d:2c:06:e1:f0:16:53:e7:ce:8f:ba:0a:57:92:4a:
56:cd:82:41:42:72:79:c8:85:c9:d1:b6:85:16:37:82:c6:1c:
18:19:6d:c8:b2:e2:7b:a6:13:1e:b8:1f:7d:bf:b1:5e:88:31:
2e:d7:c6:cf:0f:fe:98:9d:0d:fa:8c:f0:9c:51:8d:04:ca:ea:
9f:e3:d6:50
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICAVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5
Njk4RkU2MzgwHhcNMjQwMTA1MDYzNDQ3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk3YTMwNy0yZWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuLA7G4PjeRVnszdS4XK3vH7xtXn5rHLw9YDRmCA78PO++K4OQW+Ftm7QF8F7
PsTUCiaprubgTs1n5UMsa3UnOyU3psiePZMuLkEyL59SX5HnocdVvimI7MIpTdrG
zWo0Ai8PSi8GaYAN/DZ2yMgxI7efiOXMXyBmKYlarY5Nf41h8s1kRaLBrMZlT5kJ
k2q2ztzXeCiZesiA4ILbki4B6rci/Ngs1w0zOe87ORm9UkGvFqJNHJ1JDbp6McOh
FHS1FcoakP25MFlEUA8I3ZVVo1vuSB2FdksNW89ska6E6ofWwfcx0af7QtkJuHZW
iW7zoSEdHc6/isRhc/CnrX5XLQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFBcsX/Wu
+yBP9MvfJ2MHbNorgd6iMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx
ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvRUE1RDdBNDYw
MzcyMTFFRTlFMTVFRTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAAtffYDBABn3ekDBABn79UDBAJn8TQDBAKgFAgDBADKXq4w
DQYJKoZIhvcNAQELBQADggEBAHiCh1wHrlmmwaaKxYN+7E//rvnx3MjJkxtuB8Iw
6Rtf1kftprOjJhXD4uvRkOlUh37pA16/BPfiip6ETte1zSTzOdxWVjxn3RGIJxZQ
D4El5EuyOpgh6KX1Z8mqDYpgZcy3SCGB8M1c8P4ssnGbbgo75V4nhFolxNQzgjob
zE1FrZCwUrhJ4UkKzkrtcNv29PGoutAPy4l1E0WFeBGG46TCYnYY6dJ/V4DOe94F
b01PaCLWLrMPrF0sBuHwFlPnzo+6CleSSlbNgkFCcnnIhcnRtoUWN4LGHBgZbciy
4numEx64H32/sV6IMS7Xxs8P/pidDfqM8JxRjQTK6p/j1lA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org