Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/DAC5F24E9A9911E89EAD7E56C4F9AE02.roa
File: DAC5F24E9A9911E89EAD7E56C4F9AE02.roa (raw, json)
Hash identifier: cCBOZrjD7b10M1wTMvFPEmnKGXqA7pbS+bUfjPdStDU=
Subject key identifier: 82:4D:B5:D6:9F:7D:F3:7E:CF:0C:D1:BF:17:B6:D4:22:F6:F1:EF:60
Certificate issuer: /CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE
Certificate serial: 3449
Authority key identifier: 6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/DAC5F24E9A9911E89EAD7E56C4F9AE02.roa
Signing time: Tue 26 Mar 2024 01:11:33 +0000
ROA not before: Tue 26 Mar 2024 01:11:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23838
IP address blocks: 43.255.160.0/22 maxlen: 22
43.255.160.0/24 maxlen: 24
43.255.161.0/24 maxlen: 24
43.255.162.0/24 maxlen: 24
43.255.163.0/24 maxlen: 24
103.8.252.0/22 maxlen: 23
116.90.135.0/24 maxlen: 24
120.136.48.0/21 maxlen: 21
120.136.49.0/24 maxlen: 24
120.136.53.0/24 maxlen: 24
120.136.56.0/21 maxlen: 21
120.136.56.0/24 maxlen: 24
120.136.58.0/24 maxlen: 24
2401:f000:6::/48 maxlen: 48
2401:f000:8::/48 maxlen: 48
2401:f000:16::/48 maxlen: 48
2401:f000:18::/48 maxlen: 48
2402:1c00::/32 maxlen: 32
2402:1c00::/32 maxlen: 48
2402:1c00:4000::/36 maxlen: 36
2402:1c00:8000::/36 maxlen: 36
2402:1c00:9000::/37 maxlen: 37
2402:1c00:c000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Apr 2024 01:03:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13385 (0x3449)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE
Validity
Not Before: Mar 26 01:11:33 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=660220c4-9fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7d:12:c3:d2:f7:23:cf:ef:fc:09:71:02:12:
23:45:cb:ac:15:7c:1f:cc:f4:4b:da:6a:d6:14:9e:
fe:4b:71:f3:dd:9e:38:bc:54:ab:54:ea:36:0f:b2:
70:ec:2d:71:5c:b0:aa:18:02:5b:90:c7:d1:85:5d:
42:52:ef:21:e3:31:18:12:d8:1a:59:58:9d:43:ff:
2b:37:b9:05:85:d8:d8:12:65:df:49:f4:3b:10:7c:
90:64:e1:28:62:a1:85:37:16:3f:ae:99:34:86:16:
28:b2:f8:f4:9e:3b:fa:f1:11:a9:55:86:3e:6e:84:
39:de:73:47:69:90:da:ff:f5:55:c6:c8:9f:b9:34:
aa:c5:9a:8b:62:96:0f:46:3f:44:a0:a0:a3:63:ab:
d0:a2:0f:94:f4:a7:89:6e:1e:d3:6c:29:ed:f0:47:
61:a5:26:fe:f5:23:f8:a1:8c:05:5a:61:72:82:89:
2b:ba:f1:0a:7d:6a:45:89:4c:08:f6:0d:ab:0a:9b:
e9:1f:b4:38:f2:ed:8a:f6:bb:25:ec:06:ba:13:24:
c9:64:d3:2c:1c:5f:19:5c:d6:34:2f:db:1f:aa:75:
b2:99:cf:35:2b:07:cf:ef:27:03:9a:a4:15:1f:a8:
8b:12:40:ba:47:87:cf:2d:5e:26:e4:3b:eb:ba:a4:
d1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:4D:B5:D6:9F:7D:F3:7E:CF:0C:D1:BF:17:B6:D4:22:F6:F1:EF:60
X509v3 Authority Key Identifier:
keyid:6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/DAC5F24E9A9911E89EAD7E56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.160.0/22
103.8.252.0/22
116.90.135.0/24
120.136.48.0/20
IPv6:
2401:f000:6::/48
2401:f000:8::/48
2401:f000:16::/48
2401:f000:18::/48
2402:1c00::/32
Signature Algorithm: sha256WithRSAEncryption
09:67:88:5a:02:87:5e:3a:8f:73:22:ed:4c:7b:66:fb:dd:42:
94:ed:18:82:14:12:d7:53:88:4c:8f:63:a9:c1:45:e4:23:25:
a0:74:68:40:1f:13:0a:83:16:7a:b0:8d:1c:87:73:20:49:3f:
34:ae:cb:a6:c7:87:1f:b7:7c:0e:bd:93:f1:68:2c:63:7e:ee:
73:7c:b1:90:17:2c:20:ee:73:73:91:2d:a1:36:1b:f5:b5:06:
9f:1f:d5:50:eb:8a:a9:d5:e0:8d:51:73:7a:9f:0f:07:fa:af:
50:21:a6:71:68:2c:30:8b:bb:f3:13:cb:e9:4d:ec:e8:ab:4a:
c9:c8:fb:65:44:43:2e:75:75:b9:96:10:64:cd:0a:b2:74:a8:
7f:36:9e:51:b4:42:ea:ff:12:73:fd:f3:4d:17:4f:a6:01:0e:
86:0e:1a:13:f5:94:be:97:fe:8a:6f:2d:b0:5e:44:7b:36:d9:
f6:b0:82:a4:fb:be:88:23:c4:4d:d6:81:4e:8a:88:2e:8f:9a:
28:83:e0:46:43:51:f3:19:8d:b2:00:f3:4f:37:f8:02:b9:c6:
57:57:39:a3:1f:a9:c2:4a:ba:34:be:61:42:b1:6e:4a:ce:c7:
f9:62:ef:a7:f4:d0:07:7f:eb:3b:1b:dd:0e:21:b4:15:e2:44:
bc:78:ed:2d
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICNEkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U5NzgxMTAvBgNVBAUTKDZBMUU0RjcyODQ3RUIzNjk5NTIyQzkzRDI2NzczRjBE
RjgzOTZFQkUwHhcNMjQwMzI2MDExMTMzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAyMjBjNC05ZmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvX0Sw9L3I8/v/AlxAhIjRcusFXwfzPRL2mrWFJ7+S3Hz3Z44vFSrVOo2D7Jw
7C1xXLCqGAJbkMfRhV1CUu8h4zEYEtgaWVidQ/8rN7kFhdjYEmXfSfQ7EHyQZOEo
YqGFNxY/rpk0hhYosvj0njv68RGpVYY+boQ53nNHaZDa//VVxsifuTSqxZqLYpYP
Rj9EoKCjY6vQog+U9KeJbh7TbCnt8EdhpSb+9SP4oYwFWmFygokruvEKfWpFiUwI
9g2rCpvpH7Q48u2K9rsl7Aa6EyTJZNMsHF8ZXNY0L9sfqnWymc81KwfP7ycDmqQV
H6iLEkC6R4fPLV4m5DvruqTRnQIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFIJNtdaf
ffN+zwzRvxe21CL28e9gMB8GA1UdIwQYMBaAFGoeT3KEfrNplSLJPSZ3Pw34OW6+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC8zMjIzRjM1RTFE
OTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMybVZJc2s5Sm5jX0RmZzVi
cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FoNVBjb1ItczJtVklzazlKbmNfRGZnNWJyNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U5NzgvMzIyM0YzNUUxRDk4MTFFMjhBOEMyRTgyMDhCMDJDRDIvREFDNUYyNEU5
QTk5MTFFODlFQUQ3RTU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMB4EAgABMBgDBAIr/6ADBAJnCPwDBAB0WocDBAR4iDAwMQQCAAIwKwMHACQB
8AAABgMHACQB8AAACAMHACQB8AAAFgMHACQB8AAAGAMFACQCHAAwDQYJKoZIhvcN
AQELBQADggEBAAlniFoCh146j3Mi7Ux7ZvvdQpTtGIIUEtdTiEyPY6nBReQjJaB0
aEAfEwqDFnqwjRyHcyBJPzSuy6bHhx+3fA69k/FoLGN+7nN8sZAXLCDuc3ORLaE2
G/W1Bp8f1VDriqnV4I1Rc3qfDwf6r1AhpnFoLDCLu/MTy+lN7OirSsnI+2VEQy51
dbmWEGTNCrJ0qH82nlG0Qur/EnP9800XT6YBDoYOGhP1lL6X/opvLbBeRHs22faw
gqT7vogjxE3WgU6KiC6PmiiD4EZDUfMZjbIA8083+AK5xldXOaMfqcJKujS+YUKx
bkrOx/li76f00Ad/6zsb3Q4htBXiRLx47S0=
-----END CERTIFICATE-----
Generated at Tue Apr 2 04:23:00 2024 by rpki-client on console-fra.rpki-client.org