Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/BEB0F47E878211EEAE0BD437C4F9AE02.roa
File: BEB0F47E878211EEAE0BD437C4F9AE02.roa (raw, json)
Hash identifier: 7xjnntQhzIH9tL5hZtDbShWqRezsRH7E4sqB1aA3hxI=
Subject key identifier: B7:DC:32:3F:89:61:AF:33:88:17:3E:25:63:37:C7:15:F1:74:92:35
Certificate issuer: /CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Certificate serial: 23B8
Authority key identifier: 7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/BEB0F47E878211EEAE0BD437C4F9AE02.roa
Signing time: Thu 19 Sep 2024 02:31:59 +0000
ROA not before: Thu 19 Sep 2024 02:31:59 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45352
IP address blocks: 14.102.144.0/22 maxlen: 24
14.102.148.0/24 maxlen: 24
14.102.149.0/24 maxlen: 24
14.102.150.0/24 maxlen: 24
14.102.151.0/24 maxlen: 24
14.192.65.0/24 maxlen: 24
43.252.152.0/23 maxlen: 23
43.252.154.0/23 maxlen: 23
43.252.154.0/24 maxlen: 24
43.252.155.0/24 maxlen: 24
45.64.168.0/22 maxlen: 22
45.64.168.0/23 maxlen: 23
45.64.168.0/24 maxlen: 24
45.64.169.0/24 maxlen: 24
45.64.170.0/24 maxlen: 24
45.64.171.0/24 maxlen: 24
58.84.8.0/22 maxlen: 22
58.84.8.0/24 maxlen: 24
58.84.9.0/24 maxlen: 24
58.84.10.0/24 maxlen: 24
58.84.11.0/24 maxlen: 24
103.3.172.0/24 maxlen: 24
103.3.173.0/24 maxlen: 24
103.3.174.0/23 maxlen: 24
103.10.156.0/23 maxlen: 24
103.10.158.0/23 maxlen: 24
103.40.204.0/22 maxlen: 24
118.107.200.0/21 maxlen: 24
118.107.208.0/24 maxlen: 24
118.107.209.0/24 maxlen: 24
118.107.210.0/24 maxlen: 24
118.107.211.0/24 maxlen: 24
118.107.232.0/24 maxlen: 24
118.107.233.0/24 maxlen: 24
118.107.234.0/23 maxlen: 23
118.107.235.0/24 maxlen: 24
118.107.236.0/24 maxlen: 24
118.107.237.0/24 maxlen: 24
118.107.238.0/24 maxlen: 24
118.107.239.0/24 maxlen: 24
118.107.240.0/24 maxlen: 24
118.107.241.0/24 maxlen: 24
118.107.242.0/24 maxlen: 24
118.107.243.0/24 maxlen: 24
183.81.160.0/21 maxlen: 24
192.82.56.0/21 maxlen: 21
192.82.56.0/24 maxlen: 24
192.82.57.0/24 maxlen: 24
192.82.58.0/24 maxlen: 24
192.82.59.0/24 maxlen: 24
192.82.60.0/24 maxlen: 24
192.82.61.0/24 maxlen: 24
192.82.62.0/24 maxlen: 24
192.82.63.0/24 maxlen: 24
210.5.40.0/22 maxlen: 24
210.5.44.0/22 maxlen: 24
2401:3400::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 08:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9144 (0x23b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Validity
Not Before: Sep 19 02:31:59 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66eb8d1f-970e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:05:39:f4:44:de:e6:1b:7a:2f:4c:cd:14:bd:
7c:df:f6:d6:4d:3c:f3:02:3f:1e:72:2f:3f:ae:76:
38:65:f5:4d:8e:f8:a8:76:5a:ae:77:32:11:eb:1d:
29:e2:cb:41:4f:af:60:63:17:01:14:f7:63:49:8b:
2d:41:fa:25:38:12:75:5b:e8:6f:ac:f1:b5:64:d8:
43:08:c2:8e:e0:ef:04:87:98:85:9f:7e:89:40:62:
76:33:76:0f:9f:bb:69:bd:69:cb:4c:97:ee:00:19:
7d:b8:d3:3a:b0:c8:bd:ea:34:3d:61:03:73:72:a5:
b5:45:d4:40:cc:f2:0e:cd:84:40:60:c1:d6:03:32:
bc:f8:f7:d7:46:81:86:aa:a5:31:97:c8:a1:c0:c7:
e7:a5:b0:d9:53:33:d0:d6:a4:21:11:e8:9a:45:b6:
0b:9f:05:bc:6d:f1:a2:5e:eb:4b:6a:df:33:1e:21:
05:69:0e:13:8a:07:e9:54:43:6a:60:07:ef:64:bb:
06:db:ec:31:ed:af:9e:65:21:25:4f:36:0c:c8:55:
51:2c:fd:ca:4d:77:9a:76:06:a4:4c:5e:14:8a:5d:
38:10:07:0a:5c:53:57:79:fd:78:59:3a:f8:50:18:
33:5b:10:2b:31:8e:9d:72:ba:d1:de:46:8e:de:26:
1c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DC:32:3F:89:61:AF:33:88:17:3E:25:63:37:C7:15:F1:74:92:35
X509v3 Authority Key Identifier:
keyid:7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/BEB0F47E878211EEAE0BD437C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.144.0/21
14.192.65.0/24
43.252.152.0/22
45.64.168.0/22
58.84.8.0/22
103.3.172.0/22
103.10.156.0/22
103.40.204.0/22
118.107.200.0-118.107.211.255
118.107.232.0-118.107.243.255
183.81.160.0/21
192.82.56.0/21
210.5.40.0/21
IPv6:
2401:3400::/32
Signature Algorithm: sha256WithRSAEncryption
b3:36:78:01:bb:03:9e:f1:c8:53:6a:78:5e:54:46:f2:99:0a:
f9:4f:6d:b0:3f:62:0e:76:b8:20:ed:11:ac:8c:27:7d:7e:a6:
99:72:f4:1e:99:83:3d:0b:4e:62:56:b5:aa:c5:f5:c5:66:e3:
ee:aa:37:14:55:a3:4e:df:d1:d3:38:9b:24:ff:8d:3c:6c:94:
de:04:d3:73:79:d2:c1:29:5c:60:82:49:fa:fa:f1:3c:d2:a4:
e9:6e:7d:e0:c8:e0:c8:bb:d7:96:7f:2f:63:f1:3e:00:a3:58:
f8:7f:cf:9f:48:cf:97:bf:c5:b0:55:54:e0:ae:18:55:50:27:
60:a4:73:1f:2c:b5:61:41:60:12:9a:f1:40:0d:89:b4:64:ce:
fb:9b:da:f5:a6:7f:a6:5a:b3:11:3b:55:61:20:6c:1d:bd:24:
fb:47:30:3d:f9:68:00:d1:5b:86:d6:ea:78:af:70:1a:97:30:
46:4a:58:87:d1:88:20:db:85:5e:0c:f1:27:93:b5:cc:f4:e9:
eb:c0:69:76:04:38:80:77:ed:0d:47:a1:54:cc:f6:08:46:ea:
6c:62:6d:19:77:ea:d2:3f:86:1d:8e:5b:58:cf:29:2e:f5:27:
9b:87:f0:2c:5d:cd:12:8d:f3:4f:45:c0:ef:f7:10:72:70:89:
b3:95:e0:e5
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgICI7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2OTExMTAvBgNVBAUTKDdBQzBDMDBGMEZDQTQ3OUVFNDY1RTRGN0Y1NDVFOEM5
NDk5M0Q2MUMwHhcNMjQwOTE5MDIzMTU5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmViOGQxZi05NzBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyAU59ETe5ht6L0zNFL183/bWTTzzAj8eci8/rnY4ZfVNjviodlqudzIR6x0p
4stBT69gYxcBFPdjSYstQfolOBJ1W+hvrPG1ZNhDCMKO4O8Eh5iFn36JQGJ2M3YP
n7tpvWnLTJfuABl9uNM6sMi96jQ9YQNzcqW1RdRAzPIOzYRAYMHWAzK8+PfXRoGG
qqUxl8ihwMfnpbDZUzPQ1qQhEeiaRbYLnwW8bfGiXutLat8zHiEFaQ4TigfpVENq
YAfvZLsG2+wx7a+eZSElTzYMyFVRLP3KTXeadgakTF4Uil04EAcKXFNXef14WTr4
UBgzWxArMY6dcrrR3kaO3iYcRQIDAQABo4IC/TCCAvkwHQYDVR0OBBYEFLfcMj+J
Ya8ziBc+JWM3xxXxdJI1MB8GA1UdIwQYMBaAFHrAwA8Pykee5GXk9/VF6MlJk9Yc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTY5MS81QUZDMjY5MjY1
MkIxMUU1OTdBODY4ODFDNEY5QUUwMi9lc0RBRHdfS1I1N2taZVQzOVVYb3lVbVQx
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VzREFEd19LUjU3a1plVDM5VVhveVVtVDFody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2OTEvNUFGQzI2OTI2NTJCMTFFNTk3QTg2ODgxQzRGOUFFMDIvQkVCMEY0N0U4
NzgyMTFFRUFFMEJENDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYYGCCsGAQUFBwEHAQH/
BHcwdTBkBAIAATBeAwQDDmaQAwQADsBBAwQCK/yYAwQCLUCoAwQCOlQIAwQCZwOs
AwQCZwqcAwQCZyjMMAwDBAN2a8gDBAJ2a9AwDAMEA3Zr6AMEAnZr8AMEA7dRoAME
A8BSOAMEA9IFKDANBAIAAjAHAwUAJAE0ADANBgkqhkiG9w0BAQsFAAOCAQEAszZ4
AbsDnvHIU2p4XlRG8pkK+U9tsD9iDna4IO0RrIwnfX6mmXL0HpmDPQtOYla1qsX1
xWbj7qo3FFWjTt/R0zibJP+NPGyU3gTTc3nSwSlcYIJJ+vrxPNKk6W594MjgyLvX
ln8vY/E+AKNY+H/Pn0jPl7/FsFVU4K4YVVAnYKRzHyy1YUFgEprxQA2JtGTO+5va
9aZ/plqzETtVYSBsHb0k+0cwPfloANFbhtbqeK9wGpcwRkpYh9GIINuFXgzxJ5O1
zPTp68BpdgQ4gHftDUehVMz2CEbqbGJtGXfq0j+GHY5bWM8pLvUnm4fwLF3NEo3z
T0XA7/cQcnCJs5Xg5Q==
-----END CERTIFICATE-----
Generated at Tue Oct 22 11:00:16 2024 by rpki-client on console-ams.rpki-client.org