Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/5A1AEEA0904D11EF99B44A64C4F9AE02.roa
File: 5A1AEEA0904D11EF99B44A64C4F9AE02.roa (raw, json)
Hash identifier: CohBEkwe+WcJ+GxtnUmAEAzy8N0pTuAzFF2/VMagLvo=
Subject key identifier: 06:A4:41:48:D0:D7:39:60:E7:39:A3:A8:71:56:DE:94:1E:06:5C:AB
Certificate issuer: /CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Certificate serial: 23CC
Authority key identifier: 7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/5A1AEEA0904D11EF99B44A64C4F9AE02.roa
Signing time: Tue 22 Oct 2024 08:12:17 +0000
ROA not before: Tue 22 Oct 2024 08:12:17 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45352
IP address blocks: 14.102.144.0/22 maxlen: 24
14.102.148.0/24 maxlen: 24
14.102.149.0/24 maxlen: 24
14.102.150.0/24 maxlen: 24
14.102.151.0/24 maxlen: 24
14.192.65.0/24 maxlen: 24
43.252.152.0/23 maxlen: 24
43.252.154.0/23 maxlen: 23
43.252.154.0/24 maxlen: 24
43.252.155.0/24 maxlen: 24
45.64.168.0/22 maxlen: 22
45.64.168.0/23 maxlen: 23
45.64.168.0/24 maxlen: 24
45.64.169.0/24 maxlen: 24
45.64.170.0/24 maxlen: 24
45.64.171.0/24 maxlen: 24
58.84.8.0/22 maxlen: 22
58.84.8.0/24 maxlen: 24
58.84.9.0/24 maxlen: 24
58.84.10.0/24 maxlen: 24
58.84.11.0/24 maxlen: 24
103.3.172.0/24 maxlen: 24
103.3.173.0/24 maxlen: 24
103.3.174.0/23 maxlen: 24
103.10.156.0/23 maxlen: 24
103.10.158.0/23 maxlen: 24
103.40.204.0/22 maxlen: 24
118.107.200.0/21 maxlen: 24
118.107.208.0/24 maxlen: 24
118.107.209.0/24 maxlen: 24
118.107.210.0/24 maxlen: 24
118.107.211.0/24 maxlen: 24
118.107.232.0/24 maxlen: 24
118.107.233.0/24 maxlen: 24
118.107.234.0/23 maxlen: 23
118.107.235.0/24 maxlen: 24
118.107.236.0/24 maxlen: 24
118.107.237.0/24 maxlen: 24
118.107.238.0/24 maxlen: 24
118.107.239.0/24 maxlen: 24
118.107.240.0/24 maxlen: 24
118.107.241.0/24 maxlen: 24
118.107.242.0/24 maxlen: 24
118.107.243.0/24 maxlen: 24
183.81.160.0/21 maxlen: 24
192.82.56.0/21 maxlen: 21
192.82.56.0/24 maxlen: 24
192.82.57.0/24 maxlen: 24
192.82.58.0/24 maxlen: 24
192.82.59.0/24 maxlen: 24
192.82.60.0/24 maxlen: 24
192.82.61.0/24 maxlen: 24
192.82.62.0/24 maxlen: 24
192.82.63.0/24 maxlen: 24
210.5.40.0/22 maxlen: 24
210.5.44.0/22 maxlen: 24
2401:3400::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 25 Oct 2024 03:40:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9164 (0x23cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Validity
Not Before: Oct 22 08:12:17 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67175e61-54eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:86:31:98:ef:ef:03:21:74:f6:de:fb:3c:3d:
88:fb:37:49:38:e1:7f:e5:9f:90:98:38:bf:be:91:
3e:85:33:7f:e7:f6:29:e7:15:b3:13:07:1b:99:d4:
83:47:3c:ee:11:47:da:2b:95:32:e0:22:7f:ff:d7:
ad:0c:d5:86:07:36:fb:5d:aa:17:fc:a8:e3:be:13:
ab:83:3c:1d:9d:70:f0:d5:47:26:60:e2:61:d5:0b:
f9:fc:64:d9:da:d2:c7:99:ba:39:19:f6:04:c8:ac:
1d:71:3d:be:1c:9b:65:e5:a1:09:4d:60:dd:37:26:
6d:d2:26:b0:00:ba:2e:09:99:6d:38:0b:1d:68:1f:
ef:29:40:4d:f4:6f:f8:e1:0f:8f:22:3c:f1:42:0b:
b0:d0:cc:f8:a4:4c:e8:ca:e2:d2:d3:eb:42:58:69:
3f:a8:3c:5a:64:ff:cf:33:4e:ae:0c:97:de:c3:b6:
76:b7:ef:a9:f7:47:61:99:ed:de:6b:6b:23:fb:cc:
49:d4:8a:dc:5f:c1:d3:7d:1a:8e:5d:04:88:fd:34:
bb:68:82:b1:c3:4e:66:ce:f0:62:43:05:7c:a0:92:
7d:96:50:75:c9:76:57:a7:41:a0:4c:65:0a:d5:39:
41:54:85:ac:72:56:40:74:63:d5:6b:86:6a:7b:33:
c5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A4:41:48:D0:D7:39:60:E7:39:A3:A8:71:56:DE:94:1E:06:5C:AB
X509v3 Authority Key Identifier:
keyid:7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/5A1AEEA0904D11EF99B44A64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.144.0/21
14.192.65.0/24
43.252.152.0/22
45.64.168.0/22
58.84.8.0/22
103.3.172.0/22
103.10.156.0/22
103.40.204.0/22
118.107.200.0-118.107.211.255
118.107.232.0-118.107.243.255
183.81.160.0/21
192.82.56.0/21
210.5.40.0/21
IPv6:
2401:3400::/32
Signature Algorithm: sha256WithRSAEncryption
08:89:1d:d3:3c:ab:ca:33:f9:be:43:79:29:15:b4:5f:9b:fa:
08:45:19:e5:93:a6:c2:58:1c:74:e3:f8:d0:28:88:4b:4e:37:
4b:da:ff:8f:4e:9a:f5:55:4f:25:90:d3:b7:57:50:c6:f9:ed:
61:db:b1:eb:0d:8d:c1:f7:0c:14:c6:20:cb:61:f1:8b:2e:a2:
62:1e:16:f5:2e:ca:61:17:c9:f1:fe:eb:ed:ad:a6:64:5b:5f:
7b:4d:eb:bb:85:96:83:38:fe:5f:c8:43:1b:9d:15:91:0f:18:
58:3c:fa:50:f3:1f:6b:c7:81:b6:19:12:1b:42:de:e7:30:b7:
f2:a8:a5:e6:0c:74:90:cf:27:4f:e9:53:08:cc:07:d3:95:d3:
2d:45:af:5e:44:9d:21:0d:b0:19:5e:28:f3:be:2c:99:1c:e8:
6b:e6:24:86:1a:f1:90:fd:70:9d:3a:f0:5d:ab:52:f6:14:87:
e4:d6:91:84:12:05:ca:e7:2d:18:4b:b7:7a:bd:66:90:e9:e5:
74:fd:65:3b:d6:6f:f4:5c:44:e7:42:96:03:1a:82:ca:56:d1:
74:95:c1:04:49:cf:87:5b:65:c7:08:3d:69:39:78:bb:f1:01:
2e:56:30:35:d0:ce:96:de:2f:6f:25:66:f2:ff:d5:bf:40:ba:
42:31:dc:e3
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgICI8wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2OTExMTAvBgNVBAUTKDdBQzBDMDBGMEZDQTQ3OUVFNDY1RTRGN0Y1NDVFOEM5
NDk5M0Q2MUMwHhcNMjQxMDIyMDgxMjE3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE3NWU2MS01NGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvoYxmO/vAyF09t77PD2I+zdJOOF/5Z+QmDi/vpE+hTN/5/Yp5xWzEwcbmdSD
RzzuEUfaK5Uy4CJ//9etDNWGBzb7XaoX/KjjvhOrgzwdnXDw1UcmYOJh1Qv5/GTZ
2tLHmbo5GfYEyKwdcT2+HJtl5aEJTWDdNyZt0iawALouCZltOAsdaB/vKUBN9G/4
4Q+PIjzxQguw0Mz4pEzoyuLS0+tCWGk/qDxaZP/PM06uDJfew7Z2t++p90dhme3e
a2sj+8xJ1IrcX8HTfRqOXQSI/TS7aIKxw05mzvBiQwV8oJJ9llB1yXZXp0GgTGUK
1TlBVIWsclZAdGPVa4ZqezPFWQIDAQABo4IC/TCCAvkwHQYDVR0OBBYEFAakQUjQ
1zlg5zmjqHFW3pQeBlyrMB8GA1UdIwQYMBaAFHrAwA8Pykee5GXk9/VF6MlJk9Yc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTY5MS81QUZDMjY5MjY1
MkIxMUU1OTdBODY4ODFDNEY5QUUwMi9lc0RBRHdfS1I1N2taZVQzOVVYb3lVbVQx
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VzREFEd19LUjU3a1plVDM5VVhveVVtVDFody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2OTEvNUFGQzI2OTI2NTJCMTFFNTk3QTg2ODgxQzRGOUFFMDIvNUExQUVFQTA5
MDREMTFFRjk5QjQ0QTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYYGCCsGAQUFBwEHAQH/
BHcwdTBkBAIAATBeAwQDDmaQAwQADsBBAwQCK/yYAwQCLUCoAwQCOlQIAwQCZwOs
AwQCZwqcAwQCZyjMMAwDBAN2a8gDBAJ2a9AwDAMEA3Zr6AMEAnZr8AMEA7dRoAME
A8BSOAMEA9IFKDANBAIAAjAHAwUAJAE0ADANBgkqhkiG9w0BAQsFAAOCAQEACIkd
0zyryjP5vkN5KRW0X5v6CEUZ5ZOmwlgcdOP40CiIS043S9r/j06a9VVPJZDTt1dQ
xvntYdux6w2NwfcMFMYgy2Hxiy6iYh4W9S7KYRfJ8f7r7a2mZFtfe03ru4WWgzj+
X8hDG50VkQ8YWDz6UPMfa8eBthkSG0Le5zC38qil5gx0kM8nT+lTCMwH05XTLUWv
XkSdIQ2wGV4o874smRzoa+YkhhrxkP1wnTrwXatS9hSH5NaRhBIFyuctGEu3er1m
kOnldP1lO9Zv9FxE50KWAxqCylbRdJXBBEnPh1tlxwg9aTl4u/EBLlYwNdDOlt4v
byVm8v/Vv0C6QjHc4w==
-----END CERTIFICATE-----
Generated at Fri Oct 25 06:02:24 2024 by rpki-client on console-fra.rpki-client.org