Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91317E5/DB00F802A0FA11EBBC09943AC4F9AE02/DDC3F76E39F511EFA0D43F41C4F9AE02.roa
File: DDC3F76E39F511EFA0D43F41C4F9AE02.roa (raw, json)
Hash identifier: MvPWqUvb43lbkwycoS+plOHEyDNVgS7oV7ivbx2Vr5k=
Subject key identifier: 8D:4F:D8:5D:DF:FC:B6:7E:0D:DD:D5:4C:3F:90:CA:23:C5:2E:AD:DE
Certificate issuer: /CN=A91317E5/serialNumber=45258841F7F04FB39D91DA3E3FABB529E8528F49
Certificate serial: 0572
Authority key identifier: 45:25:88:41:F7:F0:4F:B3:9D:91:DA:3E:3F:AB:B5:29:E8:52:8F:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RSWIQffwT7Odkdo-P6u1KehSj0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91317E5/DB00F802A0FA11EBBC09943AC4F9AE02/DDC3F76E39F511EFA0D43F41C4F9AE02.roa
Signing time: Thu 04 Jul 2024 11:09:22 +0000
ROA not before: Thu 04 Jul 2024 11:09:22 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 134740
IP address blocks: 103.198.252.0/22 maxlen: 22
103.198.252.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jul 2024 08:37:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1394 (0x572)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91317E5/serialNumber=45258841F7F04FB39D91DA3E3FABB529E8528F49
Validity
Not Before: Jul 4 11:09:22 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=668682e2-fbe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d7:2a:b8:f6:d2:86:2c:10:be:90:76:78:94:
13:a1:8e:1b:44:ba:6f:6c:ef:6b:76:01:80:63:e0:
03:2b:e6:3b:e8:e8:9e:e4:01:2d:03:3c:12:c9:f5:
54:80:70:b8:47:f7:1b:ce:95:38:cd:8b:af:19:ad:
4d:6d:c4:e2:dd:de:a8:de:be:8f:33:4f:c7:b2:3b:
b3:0a:21:d1:b7:65:7b:90:e3:52:9a:2c:78:eb:91:
1f:72:7f:d7:01:ca:fc:b5:71:06:66:d0:06:a0:fe:
a8:1f:e1:a6:c7:e7:25:84:68:de:f8:01:6c:c3:d2:
59:7d:5a:83:4e:30:49:1e:06:23:4e:18:ba:a0:f0:
90:d5:12:8a:b6:e0:84:83:c7:19:ea:1a:11:51:b2:
17:d1:bc:d4:4e:9d:da:1d:e9:a6:d4:6f:c3:71:e8:
dc:1c:5a:db:98:66:14:fe:74:53:27:f1:65:2d:4b:
46:7d:29:08:8e:da:32:81:13:76:f8:8e:59:e6:8d:
d2:0b:39:92:8e:e6:84:27:10:be:a5:b9:0c:b6:10:
b1:74:40:ac:88:89:88:f4:c5:1d:b6:ca:3f:00:16:
39:b3:25:d3:2d:f1:ee:34:d4:9a:41:ea:6f:ab:63:
e7:ad:ad:2f:43:81:a9:38:61:83:6f:e2:af:5d:27:
af:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:4F:D8:5D:DF:FC:B6:7E:0D:DD:D5:4C:3F:90:CA:23:C5:2E:AD:DE
X509v3 Authority Key Identifier:
keyid:45:25:88:41:F7:F0:4F:B3:9D:91:DA:3E:3F:AB:B5:29:E8:52:8F:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91317E5/DB00F802A0FA11EBBC09943AC4F9AE02/RSWIQffwT7Odkdo-P6u1KehSj0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RSWIQffwT7Odkdo-P6u1KehSj0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91317E5/DB00F802A0FA11EBBC09943AC4F9AE02/DDC3F76E39F511EFA0D43F41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.198.252.0/22
Signature Algorithm: sha256WithRSAEncryption
98:21:e6:6c:03:92:b1:39:6f:c2:52:40:c0:04:34:80:45:b6:
2c:bc:9a:0b:2a:29:61:5d:d6:74:23:1c:72:d0:2d:bc:2b:56:
4d:cd:5f:f2:7f:93:11:d2:ee:7f:8d:a5:02:2a:13:3d:86:55:
00:38:1c:13:f6:67:a1:a2:ee:3f:60:82:63:31:86:39:95:e9:
22:4b:0d:49:2b:c9:4e:6f:e4:67:db:7b:25:bf:5b:96:87:48:
46:c8:81:54:60:dd:2f:1e:01:d3:11:ba:d0:59:15:3b:e7:f8:
21:7d:5e:d6:80:3b:fa:1c:a4:e6:d6:fe:21:8f:a4:49:5c:36:
64:36:fa:de:b0:7b:e3:6f:2f:9f:56:d1:39:dd:1a:10:98:ce:
42:33:93:19:5b:3f:f6:de:d0:95:6d:46:e8:c6:7e:a3:c7:dc:
13:ae:e5:f1:f3:e4:fc:e0:65:c2:1d:d5:2f:ba:8c:ee:20:e5:
a3:a2:04:0e:04:81:31:09:64:dd:63:3e:ec:29:59:72:13:b3:
5e:7b:cf:d7:54:e2:8a:b1:d2:cb:f8:a4:70:46:53:c5:18:69:
e3:fc:d7:bd:dd:57:32:9e:e3:96:40:56:83:54:e4:57:d0:9b:
c8:ba:e5:1c:0c:33:a3:a8:10:3d:42:3a:f8:1d:c1:12:90:c1:
31:c5:ad:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzE3RTUxMTAvBgNVBAUTKDQ1MjU4ODQxRjdGMDRGQjM5RDkxREEzRTNGQUJCNTI5
RTg1MjhGNDkwHhcNMjQwNzA0MTEwOTIyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg2ODJlMi1mYmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxNcquPbShiwQvpB2eJQToY4bRLpvbO9rdgGAY+ADK+Y76Oie5AEtAzwSyfVU
gHC4R/cbzpU4zYuvGa1NbcTi3d6o3r6PM0/HsjuzCiHRt2V7kONSmix465Efcn/X
Acr8tXEGZtAGoP6oH+Gmx+clhGje+AFsw9JZfVqDTjBJHgYjThi6oPCQ1RKKtuCE
g8cZ6hoRUbIX0bzUTp3aHemm1G/DcejcHFrbmGYU/nRTJ/FlLUtGfSkIjtoygRN2
+I5Z5o3SCzmSjuaEJxC+pbkMthCxdECsiImI9MUdtso/ABY5syXTLfHuNNSaQepv
q2Pnra0vQ4GpOGGDb+KvXSevSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFI1P2F3f
/LZ+Dd3VTD+QyiPFLq3eMB8GA1UdIwQYMBaAFEUliEH38E+znZHaPj+rtSnoUo9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTdFNS9EQjAwRjgwMkEw
RkExMUVCQkMwOTk0M0FDNEY5QUUwMi9SU1dJUWZmd1Q3T2RrZG8tUDZ1MUtlaFNq
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JTV0lRZmZ3VDdPZGtkby1QNnUxS2VoU2oway5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzE3RTUvREIwMEY4MDJBMEZBMTFFQkJDMDk5NDNBQzRGOUFFMDIvRERDM0Y3NkUz
OUY1MTFFRkEwRDQzRjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnxvwwDQYJKoZIhvcNAQELBQADggEBAJgh5mwDkrE5b8JS
QMAENIBFtiy8mgsqKWFd1nQjHHLQLbwrVk3NX/J/kxHS7n+NpQIqEz2GVQA4HBP2
Z6Gi7j9ggmMxhjmV6SJLDUkryU5v5GfbeyW/W5aHSEbIgVRg3S8eAdMRutBZFTvn
+CF9XtaAO/ocpObW/iGPpElcNmQ2+t6we+NvL59W0TndGhCYzkIzkxlbP/be0JVt
RujGfqPH3BOu5fHz5PzgZcId1S+6jO4g5aOiBA4EgTEJZN1jPuwpWXITs157z9dU
4oqx0sv4pHBGU8UYaeP8173dVzKe45ZAVoNU5FfQm8i65RwMM6OoED1COvgdwRKQ
wTHFrZg=
-----END CERTIFICATE-----
Generated at Mon Jul 8 10:02:27 2024 by rpki-client on console-fra.rpki-client.org