Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/158452F2D30711EAB97DCF1CC4F9AE02.roa
File: 158452F2D30711EAB97DCF1CC4F9AE02.roa (raw, json)
Hash identifier: KqO29ZKPILKnhKQI8wKotmZ16WK57HBNH2VHizbgsII=
Subject key identifier: 5E:37:5F:A5:F5:A2:84:01:95:16:6E:4A:AB:AC:99:FA:D2:7F:79:CF
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 183E
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/158452F2D30711EAB97DCF1CC4F9AE02.roa
Signing time: Wed 16 Oct 2024 23:19:45 +0000
ROA not before: Wed 16 Oct 2024 23:19:45 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 38809
IP address blocks: 121.200.224.0/20 maxlen: 20
121.200.228.0/23 maxlen: 23
121.200.230.0/24 maxlen: 24
121.200.231.0/24 maxlen: 24
121.200.232.0/23 maxlen: 23
121.200.234.0/24 maxlen: 24
121.200.235.0/24 maxlen: 24
121.200.236.0/23 maxlen: 23
121.200.238.0/24 maxlen: 24
121.200.239.0/24 maxlen: 24
150.207.0.0/16 maxlen: 16
150.207.134.0/23 maxlen: 23
150.207.136.0/23 maxlen: 23
150.207.138.0/23 maxlen: 23
150.207.144.0/22 maxlen: 22
150.207.150.0/23 maxlen: 23
150.207.152.0/22 maxlen: 22
150.207.156.0/22 maxlen: 22
150.207.168.0/21 maxlen: 21
203.19.141.0/24 maxlen: 24
203.55.250.0/24 maxlen: 24
203.161.8.0/21 maxlen: 21
203.161.8.0/24 maxlen: 24
203.161.9.0/24 maxlen: 24
203.161.10.0/23 maxlen: 23
203.161.12.0/24 maxlen: 24
203.161.13.0/24 maxlen: 24
203.161.14.0/24 maxlen: 24
203.161.15.0/24 maxlen: 24
203.176.96.0/20 maxlen: 20
203.176.98.0/24 maxlen: 24
203.176.99.0/24 maxlen: 24
203.176.100.0/24 maxlen: 24
203.176.102.0/24 maxlen: 24
203.176.103.0/24 maxlen: 24
203.176.104.0/24 maxlen: 24
203.176.105.0/24 maxlen: 24
203.176.106.0/23 maxlen: 23
203.176.108.0/24 maxlen: 24
203.176.111.0/24 maxlen: 24
2401:1c00::/32 maxlen: 32
2401:1c00:2000::/40 maxlen: 40
2401:1c00:3000::/40 maxlen: 40
2401:1c00:4000::/40 maxlen: 40
2401:1c00:5000::/40 maxlen: 40
2401:1c00:6000::/40 maxlen: 40
2401:1c00:7000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 22 Oct 2024 22:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6206 (0x183e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Oct 16 23:19:45 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=67104a11-612a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ee:59:e4:ec:dd:22:be:81:69:ca:45:70:c9:
ab:1b:26:e0:d7:fd:1d:71:45:11:ff:32:7e:a1:de:
4e:a7:03:af:ec:a7:21:8b:35:c9:87:54:d9:6f:a8:
3d:40:ae:e7:06:36:8e:23:09:bd:a4:a0:45:30:fa:
97:b3:e0:e9:6c:d7:3f:e3:42:a7:e8:18:4a:6c:0d:
d9:64:41:2b:22:22:a6:85:9f:16:5c:4c:92:82:2c:
1a:fe:a2:18:dd:7c:71:9b:4f:26:75:47:29:5b:25:
fa:27:33:b3:b7:4d:49:90:94:2c:62:7c:fe:4d:44:
00:81:d2:bc:3d:1a:ea:25:66:3e:3d:19:1d:eb:b3:
1e:2b:78:d9:09:13:46:35:81:35:8d:1d:c8:6f:03:
cf:c8:a4:33:f1:ca:29:2f:4d:74:e0:98:7f:bf:27:
ae:ff:c0:b0:a8:d3:5d:4b:22:df:99:cd:29:3b:94:
34:84:33:2b:c9:46:03:ab:f3:4c:dd:b2:b2:75:a6:
89:da:52:d0:ab:30:33:ea:6f:1a:61:4e:d3:c9:9d:
be:31:51:30:4a:7b:76:4f:9f:91:7f:17:1e:7f:29:
d4:2b:e4:37:cc:98:f0:62:9a:32:5b:2b:41:c8:73:
51:e0:25:a9:0c:19:06:e7:3f:7c:08:ea:44:bc:13:
af:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:37:5F:A5:F5:A2:84:01:95:16:6E:4A:AB:AC:99:FA:D2:7F:79:CF
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/158452F2D30711EAB97DCF1CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.200.224.0/20
150.207.0.0/16
203.19.141.0/24
203.55.250.0/24
203.161.8.0/21
203.176.96.0/20
IPv6:
2401:1c00::/32
Signature Algorithm: sha256WithRSAEncryption
17:62:fc:65:1e:0c:55:8f:b5:9d:aa:66:c9:53:18:f6:83:f5:
c1:c1:6c:20:67:0a:36:87:94:7c:56:61:dc:85:f1:c1:50:a9:
ad:82:ab:67:85:d3:77:fc:1e:cb:10:42:e6:63:f2:df:de:7d:
3d:5b:39:33:da:40:0f:63:a2:2d:ce:fa:1b:88:74:c6:1e:d6:
04:57:d2:3a:84:14:f1:bb:71:4b:d2:08:1d:ab:2b:2d:fa:27:
70:49:b6:d4:d4:07:de:9a:1f:c8:b4:21:5c:dd:33:a7:1f:1a:
cb:26:32:20:a6:a6:ef:fa:c2:cf:2b:d0:e3:89:86:5b:fe:27:
c6:85:b0:63:f5:72:ed:06:d9:5a:3f:8e:1b:11:df:1f:e4:4c:
5e:00:58:ff:fa:33:8f:38:f7:cd:e9:be:d9:ba:ff:97:b1:3f:
b8:91:90:a6:89:ed:af:cd:e6:56:52:0c:ec:f1:6e:b3:a7:e7:
73:70:c3:b7:4a:9d:3b:44:e7:36:63:0e:f8:96:bf:ad:99:96:
83:dd:52:ca:e8:48:53:3c:8f:b8:e5:5f:d1:be:b7:58:fa:e1:
c0:a6:8e:f3:67:7a:08:e4:29:da:5a:5c:e9:37:18:0c:60:62:
88:f0:06:c5:da:7c:a6:c9:cf:a8:67:be:a7:ef:c2:16:c7:37:
f5:51:d7:64
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICGD4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjQxMDE2MjMxOTQ1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzEwNGExMS02MTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7u5Z5OzdIr6BacpFcMmrGybg1/0dcUUR/zJ+od5OpwOv7KchizXJh1TZb6g9
QK7nBjaOIwm9pKBFMPqXs+DpbNc/40Kn6BhKbA3ZZEErIiKmhZ8WXEySgiwa/qIY
3Xxxm08mdUcpWyX6JzOzt01JkJQsYnz+TUQAgdK8PRrqJWY+PRkd67MeK3jZCRNG
NYE1jR3IbwPPyKQz8copL0104Jh/vyeu/8CwqNNdSyLfmc0pO5Q0hDMryUYDq/NM
3bKydaaJ2lLQqzAz6m8aYU7TyZ2+MVEwSnt2T5+RfxcefynUK+Q3zJjwYpoyWytB
yHNR4CWpDBkG5z98COpEvBOvzQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFF43X6X1
ooQBlRZuSqusmfrSf3nPMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvMTU4NDUyRjJE
MzA3MTFFQUI5N0RDRjFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MCkEAgABMCMDBAR5yOADAwCWzwMEAMsTjQMEAMs3+gMEA8uhCAMEBMuwYDAN
BAIAAjAHAwUAJAEcADANBgkqhkiG9w0BAQsFAAOCAQEAF2L8ZR4MVY+1napmyVMY
9oP1wcFsIGcKNoeUfFZh3IXxwVCprYKrZ4XTd/weyxBC5mPy3959PVs5M9pAD2Oi
Lc76G4h0xh7WBFfSOoQU8btxS9IIHasrLfoncEm21NQH3pofyLQhXN0zpx8ayyYy
IKam7/rCzyvQ44mGW/4nxoWwY/Vy7QbZWj+OGxHfH+RMXgBY//ozjzj3zem+2br/
l7E/uJGQpontr83mVlIM7PFus6fnc3DDt0qdO0TnNmMO+Ja/rZmWg91SyuhIUzyP
uOVf0b63WPrhwKaO82d6COQp2lpc6TcYDGBiiPAGxdp8psnPqGe+p+/CFsc39VHX
ZA==
-----END CERTIFICATE-----
Generated at Wed Oct 23 00:45:20 2024 by rpki-client on console-ams.rpki-client.org