Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129AD6/D677DC94DFD011E393DB795F5911EA32/AF7C950855CF11EC835D253FC4F9AE02.roa
File: AF7C950855CF11EC835D253FC4F9AE02.roa (raw, json)
Hash identifier: +JsTEpNHehOhyLtgb3qcKbmqW25UbYQG8PPBpcSk0/I=
Subject key identifier: 05:5A:83:40:3F:4B:C7:A8:24:3F:7C:0F:1B:34:A3:97:16:15:A7:40
Certificate issuer: /CN=A9129AD6/serialNumber=A5A6A9EAC1ACF76E552C78BDD78BA74FEDDD3FF9
Certificate serial: 2A2D
Authority key identifier: A5:A6:A9:EA:C1:AC:F7:6E:55:2C:78:BD:D7:8B:A7:4F:ED:DD:3F:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/paap6sGs925VLHi914unT-3dP_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129AD6/D677DC94DFD011E393DB795F5911EA32/AF7C950855CF11EC835D253FC4F9AE02.roa
Signing time: Wed 24 May 2023 16:12:50 +0000
ROA not before: Wed 24 May 2023 16:12:50 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 59365
IP address blocks: 103.231.228.0/24 maxlen: 24
103.231.229.0/24 maxlen: 24
103.231.230.0/24 maxlen: 24
103.231.231.0/24 maxlen: 24
157.119.48.0/22 maxlen: 24
2404:4b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 27 Feb 2024 16:09:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10797 (0x2a2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129AD6/serialNumber=A5A6A9EAC1ACF76E552C78BDD78BA74FEDDD3FF9
Validity
Not Before: May 24 16:12:50 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=646e3782-5ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:41:5a:ed:0a:d5:38:6a:65:7f:cb:e4:a8:5d:
51:65:da:0f:fb:2d:11:a8:0b:c1:b4:a7:b2:f4:94:
70:4f:8a:d0:43:c1:30:63:c5:62:38:6b:3e:3b:0f:
3a:2e:bc:35:89:2d:64:6e:a6:cf:c2:00:88:d8:df:
5c:72:63:30:f8:8e:90:78:6f:28:b9:de:4a:be:bf:
8a:11:62:06:8b:99:1e:1d:08:ca:ea:02:17:7b:81:
c9:53:86:cc:40:8d:33:5f:93:3d:fb:9e:22:e7:42:
ad:7e:e5:57:4d:c5:da:41:44:c0:c6:93:a7:43:8a:
42:96:ef:c7:11:0a:f6:3f:98:b9:d4:88:21:7f:3c:
db:85:d1:1a:1c:46:07:49:0e:38:63:37:40:b4:57:
a8:3f:f5:b5:47:4d:63:5a:dc:92:cf:a2:4b:c7:43:
aa:c8:8a:1e:fc:f8:ee:c7:50:6d:49:4e:40:52:cc:
47:46:0a:16:de:e0:57:05:7f:3c:bf:e2:ef:0d:44:
a5:d0:36:dd:2f:a4:09:59:56:fe:05:66:5d:85:62:
f6:0d:27:43:82:f0:3a:d4:af:21:f3:d2:1b:81:fd:
44:7c:34:34:e1:a3:1e:f8:d1:eb:39:82:b2:fb:1b:
e2:18:3d:d1:81:9e:03:18:4d:0b:67:68:3a:65:53:
4a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:5A:83:40:3F:4B:C7:A8:24:3F:7C:0F:1B:34:A3:97:16:15:A7:40
X509v3 Authority Key Identifier:
keyid:A5:A6:A9:EA:C1:AC:F7:6E:55:2C:78:BD:D7:8B:A7:4F:ED:DD:3F:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129AD6/D677DC94DFD011E393DB795F5911EA32/paap6sGs925VLHi914unT-3dP_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/paap6sGs925VLHi914unT-3dP_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129AD6/D677DC94DFD011E393DB795F5911EA32/AF7C950855CF11EC835D253FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.231.228.0/22
157.119.48.0/22
IPv6:
2404:4b80::/32
Signature Algorithm: sha256WithRSAEncryption
18:74:f7:38:49:f4:dc:55:eb:64:e9:f1:46:50:11:3d:47:b5:
d2:54:d9:ab:01:c2:af:d0:8e:45:87:f7:92:f0:c4:d5:77:8a:
b7:46:f0:61:7e:91:f3:40:c7:ec:4d:5e:6b:fc:a4:4e:80:9f:
a6:45:c3:f8:7b:bd:49:9b:46:e8:21:55:c6:b5:ba:58:7a:f2:
d8:ca:d5:fc:89:4c:cb:4f:92:68:5f:4f:94:18:a1:89:86:ad:
f1:f9:ad:e4:42:4c:e5:a5:ae:e9:a2:a6:80:90:a4:60:a4:fc:
e3:02:ab:c5:ac:bc:5d:e6:f1:4b:26:8e:87:06:a3:61:84:89:
c6:18:ec:92:82:1d:42:40:80:89:07:5f:00:58:cc:5d:4f:d9:
af:4e:7e:1f:12:a1:03:e0:8f:80:a9:0f:89:06:8d:c0:44:82:
ec:a1:c4:3d:2f:61:5c:a3:b3:ef:9c:51:eb:34:4a:3b:48:0b:
52:99:4a:4b:f1:1d:75:4f:dc:60:58:36:ed:a3:f0:51:b2:58:
42:15:91:2d:3b:37:91:88:04:5e:7b:2d:99:a1:c9:52:a6:d1:
d4:b1:3c:18:eb:70:48:f1:f1:2a:84:68:5c:51:ac:af:5c:72:
74:20:ce:b3:f9:d7:25:ab:44:d8:82:2a:ea:98:f6:ea:6f:14:
78:0f:b6:28
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICKi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjlBRDYxMTAvBgNVBAUTKEE1QTZBOUVBQzFBQ0Y3NkU1NTJDNzhCREQ3OEJBNzRG
RURERDNGRjkwHhcNMjMwNTI0MTYxMjUwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZlMzc4Mi01ZWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvkFa7QrVOGplf8vkqF1RZdoP+y0RqAvBtKey9JRwT4rQQ8EwY8ViOGs+Ow86
Lrw1iS1kbqbPwgCI2N9ccmMw+I6QeG8oud5Kvr+KEWIGi5keHQjK6gIXe4HJU4bM
QI0zX5M9+54i50KtfuVXTcXaQUTAxpOnQ4pClu/HEQr2P5i51IghfzzbhdEaHEYH
SQ44YzdAtFeoP/W1R01jWtySz6JLx0OqyIoe/Pjux1BtSU5AUsxHRgoW3uBXBX88
v+LvDUSl0DbdL6QJWVb+BWZdhWL2DSdDgvA61K8h89Ibgf1EfDQ04aMe+NHrOYKy
+xviGD3RgZ4DGE0LZ2g6ZVNKswIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAVag0A/
S8eoJD98Dxs0o5cWFadAMB8GA1UdIwQYMBaAFKWmqerBrPduVSx4vdeLp0/t3T/5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUFENi9ENjc3REM5NERG
RDAxMUUzOTNEQjc5NUY1OTExRUEzMi9wYWFwNnNHczkyNVZMSGk5MTR1blQtM2RQ
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BhYXA2c0dzOTI1VkxIaTkxNHVuVC0zZFBfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjlBRDYvRDY3N0RDOTRERkQwMTFFMzkzREI3OTVGNTkxMUVBMzIvQUY3Qzk1MDg1
NUNGMTFFQzgzNUQyNTNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJn5+QDBAKddzAwDQQCAAIwBwMFACQES4AwDQYJKoZIhvcN
AQELBQADggEBABh09zhJ9NxV62Tp8UZQET1HtdJU2asBwq/QjkWH95LwxNV3irdG
8GF+kfNAx+xNXmv8pE6An6ZFw/h7vUmbRughVca1ulh68tjK1fyJTMtPkmhfT5QY
oYmGrfH5reRCTOWlrumipoCQpGCk/OMCq8WsvF3m8UsmjocGo2GEicYY7JKCHUJA
gIkHXwBYzF1P2a9Ofh8SoQPgj4CpD4kGjcBEguyhxD0vYVyjs++cUes0SjtIC1KZ
SkvxHXVP3GBYNu2j8FGyWEIVkS07N5GIBF57LZmhyVKm0dSxPBjrcEjx8SqEaFxR
rK9ccnQgzrP51yWrRNiCKuqY9upvFHgPtig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org