Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/425832460EB611EFB9CD4F47C4F9AE02.roa
File: 425832460EB611EFB9CD4F47C4F9AE02.roa (raw, json)
Hash identifier: UVr4MlwQdJgC8gyeMBOOgrsLr9mrLl2mB2MB9VmqE04=
Subject key identifier: CB:0D:7F:8E:73:4A:91:4A:E1:A3:0F:A3:31:0A:38:B4:FA:32:4B:77
Certificate issuer: /CN=A91697FA/serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Certificate serial: 34F1
Authority key identifier: 9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/425832460EB611EFB9CD4F47C4F9AE02.roa
Signing time: Mon 22 Jul 2024 14:40:44 +0000
ROA not before: Mon 22 Jul 2024 14:40:44 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 7693
IP address blocks: 58.181.128.0/17 maxlen: 17
58.181.128.0/20 maxlen: 20
58.181.144.0/20 maxlen: 20
58.181.146.0/23 maxlen: 23
58.181.160.0/20 maxlen: 20
58.181.176.0/20 maxlen: 20
58.181.192.0/20 maxlen: 20
58.181.200.0/24 maxlen: 24
58.181.208.0/20 maxlen: 20
58.181.212.0/24 maxlen: 24
58.181.224.0/20 maxlen: 20
58.181.225.0/24 maxlen: 24
58.181.240.0/20 maxlen: 20
58.181.248.0/23 maxlen: 23
58.181.252.0/22 maxlen: 22
103.19.104.0/22 maxlen: 22
202.44.144.0/24 maxlen: 24
202.149.96.0/19 maxlen: 19
202.149.96.0/20 maxlen: 20
202.149.112.0/20 maxlen: 20
203.107.128.0/17 maxlen: 17
203.107.128.0/20 maxlen: 20
203.107.129.0/24 maxlen: 24
203.107.130.0/24 maxlen: 24
203.107.144.0/20 maxlen: 20
203.107.160.0/20 maxlen: 20
203.107.176.0/20 maxlen: 20
203.107.192.0/20 maxlen: 20
203.107.192.0/24 maxlen: 24
203.107.208.0/20 maxlen: 20
203.107.224.0/20 maxlen: 20
203.107.231.0/24 maxlen: 24
203.107.240.0/20 maxlen: 20
203.107.255.0/24 maxlen: 24
203.155.0.0/16 maxlen: 16
203.155.0.0/20 maxlen: 20
203.155.0.0/23 maxlen: 23
203.155.16.0/20 maxlen: 20
203.155.32.0/20 maxlen: 20
203.155.42.0/24 maxlen: 24
203.155.48.0/20 maxlen: 20
203.155.54.0/23 maxlen: 23
203.155.64.0/20 maxlen: 20
203.155.66.0/24 maxlen: 24
203.155.80.0/20 maxlen: 20
203.155.96.0/20 maxlen: 20
203.155.112.0/20 maxlen: 20
203.155.128.0/20 maxlen: 20
203.155.144.0/20 maxlen: 20
203.155.160.0/20 maxlen: 20
203.155.176.0/20 maxlen: 20
203.155.192.0/20 maxlen: 20
203.155.208.0/20 maxlen: 20
203.155.219.0/24 maxlen: 24
203.155.224.0/20 maxlen: 20
203.155.240.0/20 maxlen: 20
203.155.253.0/24 maxlen: 24
203.155.255.0/24 maxlen: 24
203.188.0.0/18 maxlen: 18
203.188.0.0/20 maxlen: 24
203.188.32.0/20 maxlen: 24
203.195.96.0/20 maxlen: 20
203.195.105.0/24 maxlen: 24
203.209.0.0/18 maxlen: 18
203.209.0.0/20 maxlen: 20
203.209.16.0/20 maxlen: 20
203.209.32.0/20 maxlen: 20
203.209.48.0/20 maxlen: 20
203.209.64.0/18 maxlen: 18
203.209.64.0/20 maxlen: 20
203.209.80.0/20 maxlen: 20
203.209.93.0/24 maxlen: 24
203.209.96.0/20 maxlen: 20
203.209.112.0/20 maxlen: 20
203.209.122.0/24 maxlen: 24
203.209.123.0/24 maxlen: 24
203.209.125.0/24 maxlen: 24
2405:a000::/32 maxlen: 32
2405:a000::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 05 Sep 2024 12:20:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13553 (0x34f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91697FA, serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Validity
Not Before: Jul 22 14:40:44 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=669e6f6b-dcf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a2:f2:51:b1:44:47:a6:b1:cb:b1:7d:db:b3:
04:0c:08:02:68:6e:d8:76:ba:be:11:38:b9:f3:01:
69:83:f8:94:4a:8f:5a:c5:dc:23:18:2e:06:15:3a:
cb:3d:ef:fa:b1:f5:72:4a:02:8d:85:6a:3e:0f:0c:
a7:65:97:b6:bd:f9:34:d6:35:2e:1c:d2:5e:36:ba:
3c:a5:f8:df:f4:2a:2e:a3:fc:59:01:e5:a1:a4:c6:
61:8e:d4:d9:06:23:ba:84:32:7c:8f:78:da:25:00:
40:76:c7:97:ff:7e:cc:d3:80:de:0e:29:8f:34:82:
db:b6:a1:a9:87:a6:ea:a4:39:40:54:b2:f4:87:fa:
19:3c:84:c1:6a:06:11:66:ac:af:ac:e5:17:82:15:
a1:ff:52:bc:c2:1d:4f:2b:f5:e1:44:12:9c:4b:5b:
45:c9:c1:9c:ec:88:8a:52:c1:86:86:f9:cb:7e:3c:
1e:fe:ac:9f:1c:ea:71:b6:37:a1:f2:e8:43:31:8b:
97:41:d9:00:97:3f:a5:e1:9f:06:83:5e:ae:21:2e:
0e:53:b7:ec:7d:dc:00:9f:26:ee:88:f0:64:87:fa:
bb:0f:86:da:25:b5:a8:f5:4f:e0:ce:77:11:b9:8b:
98:70:9a:37:f5:ba:4f:38:85:ff:5d:9e:18:0f:25:
36:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0D:7F:8E:73:4A:91:4A:E1:A3:0F:A3:31:0A:38:B4:FA:32:4B:77
X509v3 Authority Key Identifier:
keyid:9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/425832460EB611EFB9CD4F47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.181.128.0/17
103.19.104.0/22
202.44.144.0/24
202.149.96.0/19
203.107.128.0/17
203.155.0.0/16
203.188.0.0/18
203.195.96.0/20
203.209.0.0/17
IPv6:
2405:a000::/32
Signature Algorithm: sha256WithRSAEncryption
2f:ef:b2:64:6b:d6:7f:29:40:db:7a:ef:e6:12:6c:65:52:d6:
b9:8c:9b:d1:1b:6a:56:66:93:8a:83:c3:f4:e9:24:e9:16:72:
60:f3:dc:c4:8d:9f:75:0b:13:62:be:83:81:90:cd:8a:e7:c4:
22:3e:56:fa:52:5c:0e:0b:90:57:89:3e:ce:8c:f0:6e:08:d7:
ca:b1:02:5e:d6:78:b7:9b:3d:90:17:c0:e6:37:aa:a0:df:6a:
37:89:a6:44:e9:be:b9:73:36:3f:cd:60:80:85:9b:e0:6e:fc:
c1:99:0c:fe:07:c5:f4:bc:17:fc:3e:81:fd:3b:0c:73:46:7a:
97:55:3d:1b:bd:0b:e0:e3:00:6c:c9:d5:e0:40:dc:f6:d6:20:
66:12:c5:b6:3f:d0:eb:fc:b2:8b:87:63:2b:f1:98:b5:63:50:
25:40:2b:5f:c0:c5:df:93:2c:a8:a7:87:72:4d:fc:43:17:00:
a3:57:48:38:44:43:ab:e9:11:c8:01:39:0f:7b:69:f9:f9:b9:
b4:bd:d0:94:b0:7c:b3:fb:39:8a:b2:3d:93:69:c3:e4:72:e1:
b5:d3:74:d0:cd:97:97:f9:ae:1c:f4:fa:e6:d4:6c:e6:a9:b2:
9d:c3:ac:1f:d2:29:83:e7:9a:26:9c:bf:e2:05:54:24:98:d3:
49:10:ea:d7
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICNPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk3RkExMTAvBgNVBAUTKDlGODJEQkM5NDY2MzEyQzVCQTJFOTIxMjc5MzAyNDAw
OTU2QTk4MkEwHhcNMjQwNzIyMTQ0MDQ0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjllNmY2Yi1kY2YzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkaLyUbFER6axy7F927MEDAgCaG7Ydrq+ETi58wFpg/iUSo9axdwjGC4GFTrL
Pe/6sfVySgKNhWo+DwynZZe2vfk01jUuHNJeNro8pfjf9Couo/xZAeWhpMZhjtTZ
BiO6hDJ8j3jaJQBAdseX/37M04DeDimPNILbtqGph6bqpDlAVLL0h/oZPITBagYR
ZqyvrOUXghWh/1K8wh1PK/XhRBKcS1tFycGc7IiKUsGGhvnLfjwe/qyfHOpxtjeh
8uhDMYuXQdkAlz+l4Z8Gg16uIS4OU7fsfdwAnybuiPBkh/q7D4baJbWo9U/gzncR
uYuYcJo39bpPOIX/XZ4YDyU2YwIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFMsNf45z
SpFK4aMPozEKOLT6Mkt3MB8GA1UdIwQYMBaAFJ+C28lGYxLFui6SEnkwJACVapgq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTdGQS8yN0Y4M0I3MDFE
ODMxMUUyOTMyOTIxRDgwOEIwMkNEMi9uNExieVVaakVzVzZMcElTZVRBa0FKVnFt
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL240TGJ5VVpqRXNXNkxwSVNlVEFrQUpWcW1Dby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk3RkEvMjdGODNCNzAxRDgzMTFFMjkzMjkyMUQ4MDhCMDJDRDIvNDI1ODMyNDYw
RUI2MTFFRkI5Q0Q0RjQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMDsEAgABMDUDBAc6tYADBAJnE2gDBADKLJADBAXKlWADBAfLa4ADAwDLmwME
Bsu8AAMEBMvDYAMEB8vRADANBAIAAjAHAwUAJAWgADANBgkqhkiG9w0BAQsFAAOC
AQEAL++yZGvWfylA23rv5hJsZVLWuYyb0RtqVmaTioPD9Okk6RZyYPPcxI2fdQsT
Yr6DgZDNiufEIj5W+lJcDguQV4k+zozwbgjXyrECXtZ4t5s9kBfA5jeqoN9qN4mm
ROm+uXM2P81ggIWb4G78wZkM/gfF9LwX/D6B/TsMc0Z6l1U9G70L4OMAbMnV4EDc
9tYgZhLFtj/Q6/yyi4djK/GYtWNQJUArX8DF35MsqKeHck38QxcAo1dIOERDq+kR
yAE5D3tp+fm5tL3QlLB8s/s5irI9k2nD5HLhtdN00M2Xl/muHPT65tRs5qmyncOs
H9Ipg+eaJpy/4gVUJJjTSRDq1w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:19:08 2025 by rpki-client