Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/D6AA8E7CB57211EF91A3EA1AC4F9AE02.roa
File: D6AA8E7CB57211EF91A3EA1AC4F9AE02.roa (raw, json)
Hash identifier: uZFXhq7R2Am0nf8oUWx81FpuaDtqoSNd1OaNdT7OsGY=
Subject key identifier: AA:A0:E9:4C:C2:50:F9:A2:77:D7:E4:98:08:71:DA:2F:D8:05:F7:4A
Certificate issuer: /CN=A91AEB42/serialNumber=56237928548B082F5B13C16EDC3E6A7C2F80FCF1
Certificate serial: 0197
Authority key identifier: 56:23:79:28:54:8B:08:2F:5B:13:C1:6E:DC:3E:6A:7C:2F:80:FC:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/D6AA8E7CB57211EF91A3EA1AC4F9AE02.roa
Signing time: Sun 08 Dec 2024 14:45:01 +0000
ROA not before: Sun 08 Dec 2024 14:45:01 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132839
IP address blocks: 43.229.212.0/22 maxlen: 24
43.230.168.0/22 maxlen: 22
43.240.48.0/22 maxlen: 22
43.241.44.0/24 maxlen: 24
43.241.45.0/24 maxlen: 24
43.241.46.0/24 maxlen: 24
43.241.47.0/24 maxlen: 24
43.249.24.0/22 maxlen: 22
43.251.104.0/23 maxlen: 23
43.251.106.0/24 maxlen: 24
43.251.107.0/24 maxlen: 24
45.64.108.0/22 maxlen: 24
45.114.168.0/22 maxlen: 22
45.115.124.0/22 maxlen: 22
45.120.80.0/22 maxlen: 22
45.120.80.0/24 maxlen: 24
45.120.81.0/24 maxlen: 24
45.120.82.0/24 maxlen: 24
45.120.83.0/24 maxlen: 24
45.127.36.0/22 maxlen: 22
45.127.36.0/24 maxlen: 24
45.127.124.0/22 maxlen: 22
45.250.196.0/22 maxlen: 22
103.36.20.0/22 maxlen: 24
103.37.40.0/22 maxlen: 24
103.40.112.0/22 maxlen: 22
103.40.112.0/24 maxlen: 24
103.42.176.0/24 maxlen: 24
103.42.177.0/24 maxlen: 24
103.42.178.0/24 maxlen: 24
103.42.179.0/24 maxlen: 24
103.49.8.0/22 maxlen: 22
103.49.248.0/22 maxlen: 22
103.49.248.0/24 maxlen: 24
103.54.124.0/22 maxlen: 22
103.55.128.0/22 maxlen: 22
103.60.148.0/22 maxlen: 22
103.60.150.0/24 maxlen: 24
103.75.12.0/22 maxlen: 22
103.75.44.0/22 maxlen: 22
103.80.16.0/22 maxlen: 22
103.80.18.0/24 maxlen: 24
103.80.19.0/24 maxlen: 24
103.85.188.0/22 maxlen: 22
103.195.192.0/22 maxlen: 24
103.196.60.0/22 maxlen: 24
103.200.124.0/22 maxlen: 24
103.204.76.0/22 maxlen: 24
103.214.164.0/22 maxlen: 24
103.215.212.0/22 maxlen: 24
103.219.104.0/22 maxlen: 24
103.233.248.0/22 maxlen: 24
116.193.168.0/22 maxlen: 22
117.120.60.0/22 maxlen: 22
120.89.68.0/22 maxlen: 22
121.54.160.0/22 maxlen: 22
144.48.124.0/22 maxlen: 22
157.119.92.0/22 maxlen: 22
182.161.68.0/22 maxlen: 22
202.165.120.0/22 maxlen: 22
2401:f940::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 08 Dec 2024 14:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 407 (0x197)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEB42, serialNumber=56237928548B082F5B13C16EDC3E6A7C2F80FCF1
Validity
Not Before: Dec 8 14:45:01 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6755b0ed-ee5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ad:66:f3:05:7a:36:2f:23:39:43:6d:43:e8:
bd:dc:38:f5:87:d0:70:2d:30:66:51:01:23:ad:fd:
3c:1e:4d:4b:24:bd:e0:99:9c:0b:64:c8:06:6a:e1:
d7:82:21:c1:95:35:f8:a8:04:14:c4:64:52:71:3d:
11:3d:a2:a8:0b:a9:82:49:8f:d6:18:a3:2f:d4:d3:
de:64:d1:5c:93:46:e9:10:72:3c:d8:84:3c:d8:ff:
5e:90:c5:61:47:0a:84:07:1e:8b:86:d5:ae:e8:6d:
6a:04:3f:e1:58:13:2c:3e:97:0d:d2:96:91:e6:09:
c4:49:1c:70:65:1e:12:f0:5f:cf:05:b3:ae:bf:49:
58:6d:ad:67:c4:fd:8b:cc:59:17:fa:3a:13:77:af:
36:d9:a0:a9:1f:9d:71:88:2d:18:68:da:2a:2a:20:
2d:70:99:c1:e8:10:ff:73:96:6c:20:e5:e2:82:ab:
7f:a1:3d:d6:b8:11:c6:fd:04:d7:8b:e8:1c:c1:f5:
1e:d9:0d:a7:6d:5c:06:2f:d3:af:07:62:37:9d:b5:
29:14:9f:61:70:bb:ab:7f:29:17:1c:8a:b0:ad:14:
3e:f4:0b:21:69:43:4a:9b:c3:32:fd:86:09:fa:23:
e1:97:cf:96:5b:bf:30:52:39:8b:71:40:aa:e2:36:
2d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A0:E9:4C:C2:50:F9:A2:77:D7:E4:98:08:71:DA:2F:D8:05:F7:4A
X509v3 Authority Key Identifier:
keyid:56:23:79:28:54:8B:08:2F:5B:13:C1:6E:DC:3E:6A:7C:2F:80:FC:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/D6AA8E7CB57211EF91A3EA1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.212.0/22
43.230.168.0/22
43.240.48.0/22
43.241.44.0/22
43.249.24.0/22
43.251.104.0/22
45.64.108.0/22
45.114.168.0/22
45.115.124.0/22
45.120.80.0/22
45.127.36.0/22
45.127.124.0/22
45.250.196.0/22
103.36.20.0/22
103.37.40.0/22
103.40.112.0/22
103.42.176.0/22
103.49.8.0/22
103.49.248.0/22
103.54.124.0/22
103.55.128.0/22
103.60.148.0/22
103.75.12.0/22
103.75.44.0/22
103.80.16.0/22
103.85.188.0/22
103.195.192.0/22
103.196.60.0/22
103.200.124.0/22
103.204.76.0/22
103.214.164.0/22
103.215.212.0/22
103.219.104.0/22
103.233.248.0/22
116.193.168.0/22
117.120.60.0/22
120.89.68.0/22
121.54.160.0/22
144.48.124.0/22
157.119.92.0/22
182.161.68.0/22
202.165.120.0/22
IPv6:
2401:f940::/32
Signature Algorithm: sha256WithRSAEncryption
38:fb:f2:e6:eb:3c:d9:10:e4:52:59:71:d0:d5:27:73:08:ad:
f5:7b:c1:34:46:1d:55:bc:c2:83:e4:46:17:e3:4e:2c:80:e1:
56:c9:35:c0:44:88:aa:0e:0e:53:9f:36:54:cb:25:b8:30:f9:
6b:1b:ea:3f:e8:6c:55:91:1b:a8:6b:0e:46:42:4c:52:a4:0e:
7b:40:30:99:b5:29:d5:99:31:68:15:21:2f:57:bf:b6:d8:20:
89:13:b9:68:18:b5:25:bf:db:c1:f7:5a:eb:51:d3:fa:93:e3:
83:84:ad:97:bf:ec:e0:d6:51:4f:20:36:48:04:4f:90:4f:5a:
a4:32:14:b8:c5:1e:87:18:b4:9c:ab:0e:4c:73:9a:3e:24:5e:
28:c9:a5:59:57:65:d8:bb:c3:ef:77:37:44:be:1f:59:cd:17:
d1:07:9e:76:7c:f8:bc:11:5f:bb:de:78:ee:02:8f:73:ac:e7:
b4:92:e9:5d:42:2c:97:33:7e:10:d4:83:ea:72:82:e0:bc:f3:
2b:98:bc:aa:20:3d:9f:03:be:f9:a4:16:51:18:29:87:7d:33:
64:bc:54:84:0f:30:cf:86:78:52:db:53:08:f7:64:56:30:6b:
e6:ad:46:28:03:da:14:4e:4e:31:14:9b:88:f2:a7:e2:a9:8b:
1a:c2:74:2b
-----BEGIN CERTIFICATE-----
MIIGfzCCBWegAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVCNDIxMTAvBgNVBAUTKDU2MjM3OTI4NTQ4QjA4MkY1QjEzQzE2RURDM0U2QTdD
MkY4MEZDRjEwHhcNMjQxMjA4MTQ0NTAxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU1YjBlZC1lZTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArK1m8wV6Ni8jOUNtQ+i93Dj1h9BwLTBmUQEjrf08Hk1LJL3gmZwLZMgGauHX
giHBlTX4qAQUxGRScT0RPaKoC6mCSY/WGKMv1NPeZNFck0bpEHI82IQ82P9ekMVh
RwqEBx6LhtWu6G1qBD/hWBMsPpcN0paR5gnESRxwZR4S8F/PBbOuv0lYba1nxP2L
zFkX+joTd6822aCpH51xiC0YaNoqKiAtcJnB6BD/c5ZsIOXigqt/oT3WuBHG/QTX
i+gcwfUe2Q2nbVwGL9OvB2I3nbUpFJ9hcLurfykXHIqwrRQ+9AshaUNKm8My/YYJ
+iPhl8+WW78wUjmLcUCq4jYtgQIDAQABo4IDozCCA58wHQYDVR0OBBYEFKqg6UzC
UPmid9fkmAhx2i/YBfdKMB8GA1UdIwQYMBaAFFYjeShUiwgvWxPBbtw+anwvgPzx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUI0Mi8xQUQ5N0I2NDZB
NkUxMUVEQkI5OTAzNjNDNEY5QUUwMi9WaU41S0ZTTENDOWJFOEZ1M0Q1cWZDLUFf
UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZpTjVLRlNMQ0M5YkU4RnUzRDVxZkMtQV9QRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVCNDIvMUFEOTdCNjQ2QTZFMTFFREJCOTkwMzYzQzRGOUFFMDIvRDZBQThFN0NC
NTcyMTFFRjkxQTNFQTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggErBggrBgEFBQcBBwEB
/wSCARowggEWMIIBAwQCAAEwgfwDBAIr5dQDBAIr5qgDBAIr8DADBAIr8SwDBAIr
+RgDBAIr+2gDBAItQGwDBAItcqgDBAItc3wDBAIteFADBAItfyQDBAItf3wDBAIt
+sQDBAJnJBQDBAJnJSgDBAJnKHADBAJnKrADBAJnMQgDBAJnMfgDBAJnNnwDBAJn
N4ADBAJnPJQDBAJnSwwDBAJnSywDBAJnUBADBAJnVbwDBAJnw8ADBAJnxDwDBAJn
yHwDBAJnzEwDBAJn1qQDBAJn19QDBAJn22gDBAJn6fgDBAJ0wagDBAJ1eDwDBAJ4
WUQDBAJ5NqADBAKQMHwDBAKdd1wDBAK2oUQDBALKpXgwDQQCAAIwBwMFACQB+UAw
DQYJKoZIhvcNAQELBQADggEBADj78ubrPNkQ5FJZcdDVJ3MIrfV7wTRGHVW8woPk
RhfjTiyA4VbJNcBEiKoODlOfNlTLJbgw+Wsb6j/obFWRG6hrDkZCTFKkDntAMJm1
KdWZMWgVIS9Xv7bYIIkTuWgYtSW/28H3WutR0/qT44OErZe/7ODWUU8gNkgET5BP
WqQyFLjFHocYtJyrDkxzmj4kXijJpVlXZdi7w+93N0S+H1nNF9EHnnZ8+LwRX7ve
eO4Cj3Os57SS6V1CLJczfhDUg+pyguC88yuYvKogPZ8DvvmkFlEYKYd9M2S8VIQP
MM+GeFLbUwj3ZFYwa+atRigD2hROTjEUm4jyp+KpixrCdCs=
-----END CERTIFICATE-----
Generated at Sat May 17 12:57:27 2025 by rpki-client