Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913367F/A2219058128B11EBBFA2C47EC4F9AE02/A994D7B2128D11EB8538DC84C4F9AE02.roa
File: A994D7B2128D11EB8538DC84C4F9AE02.roa (raw, json)
Hash identifier: hRwZC1oJXqbGtYl0T1dGj14964mtJLEARM6MORRMFe8=
Subject key identifier: B9:71:A5:05:FA:0D:C6:0B:B8:07:9D:2E:12:88:41:17:E1:BA:FD:A5
Certificate issuer: /CN=A913367F/serialNumber=D4EA9464F322B26D7D2128DC3752F228880016DA
Certificate serial: 0653
Authority key identifier: D4:EA:94:64:F3:22:B2:6D:7D:21:28:DC:37:52:F2:28:88:00:16:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OqUZPMism19ISjcN1LyKIgAFto.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913367F/A2219058128B11EBBFA2C47EC4F9AE02/A994D7B2128D11EB8538DC84C4F9AE02.roa
Signing time: Sat 14 Oct 2023 15:01:08 +0000
ROA not before: Sat 14 Oct 2023 15:01:08 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 132480
IP address blocks: 103.104.212.0/24 maxlen: 24
103.104.213.0/24 maxlen: 24
103.104.214.0/24 maxlen: 24
103.104.215.0/24 maxlen: 24
103.153.14.0/24 maxlen: 24
103.153.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 02:42:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1619 (0x653)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913367F/serialNumber=D4EA9464F322B26D7D2128DC3752F228880016DA
Validity
Not Before: Oct 14 15:01:08 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=652aad33-59e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ed:9a:26:12:24:60:e0:87:24:08:48:2b:e2:
c9:5b:bc:25:c9:2b:2b:7f:23:ee:d9:77:fd:20:52:
f2:23:94:4f:0e:fc:3d:4f:5b:79:a9:ef:29:0b:4e:
a4:0d:90:25:89:f1:19:cd:80:cf:dd:c5:e9:aa:71:
a2:d9:31:8f:de:cf:4d:ba:a8:3f:bd:b4:1c:56:79:
a7:58:aa:47:ec:fc:7b:b9:89:df:ce:c2:85:bc:32:
29:0e:01:d7:4f:d3:3c:7e:ca:42:e3:fd:e9:0f:25:
c6:93:8a:24:de:e6:cb:b9:ba:25:1e:d4:6c:92:e4:
4a:b0:bf:72:ec:44:04:d3:cf:3b:4b:8a:58:df:2d:
cc:e5:10:9c:cf:b2:92:66:07:2e:59:8c:aa:2b:03:
07:44:04:86:d1:18:80:b4:5a:01:f2:ff:48:dc:25:
75:37:e9:e0:cd:b0:1f:84:d0:a2:89:13:21:b7:81:
1c:e9:56:0c:c7:41:69:7f:b2:a0:61:9a:11:12:0a:
13:34:08:13:a3:65:b6:7f:91:b9:2a:61:db:cb:36:
88:de:64:60:5f:60:86:7d:b8:9b:5f:09:0d:ba:e6:
27:55:a5:99:9e:41:e9:e2:89:4c:29:b7:63:94:c1:
39:6b:9d:4b:39:32:25:6a:36:ad:44:52:e9:cd:d6:
c9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:71:A5:05:FA:0D:C6:0B:B8:07:9D:2E:12:88:41:17:E1:BA:FD:A5
X509v3 Authority Key Identifier:
keyid:D4:EA:94:64:F3:22:B2:6D:7D:21:28:DC:37:52:F2:28:88:00:16:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913367F/A2219058128B11EBBFA2C47EC4F9AE02/1OqUZPMism19ISjcN1LyKIgAFto.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OqUZPMism19ISjcN1LyKIgAFto.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913367F/A2219058128B11EBBFA2C47EC4F9AE02/A994D7B2128D11EB8538DC84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.212.0/22
103.153.14.0/23
Signature Algorithm: sha256WithRSAEncryption
57:de:7d:74:db:79:f7:5a:9a:5b:eb:5f:94:40:aa:dc:26:77:
2c:91:28:f0:85:88:cf:2a:36:af:5a:47:04:0f:b1:3a:12:2d:
3a:cf:0f:5b:20:77:6f:ff:a9:8b:42:9d:32:a4:0a:1b:bf:92:
4c:55:4e:7f:98:9d:76:86:c9:6d:18:75:a3:f5:27:0c:b5:68:
6d:86:30:24:3b:d9:6d:f2:c6:65:bf:06:ed:86:c3:f4:22:7b:
9b:bf:97:a1:79:1d:13:b2:21:52:1d:6f:d6:a6:0a:3e:78:b3:
86:c7:44:a7:8c:29:79:89:f6:2c:98:d0:e5:c5:cb:63:f5:f8:
e0:6a:7d:9e:cd:4a:c8:5a:96:f6:cf:ea:4b:6e:42:59:97:f3:
9d:68:2e:7b:60:69:44:fa:48:68:6c:78:70:e4:53:82:39:e0:
3d:6f:52:27:3f:44:37:35:d0:11:22:90:4e:60:b6:fc:57:73:
de:8a:f2:07:9e:f6:62:ca:d2:7d:3a:5d:61:ba:3d:1c:47:d4:
02:7a:91:50:b0:c7:6b:de:0b:0b:b5:21:da:1b:42:eb:8b:2d:
ff:b7:b4:eb:bc:11:6f:2b:71:b8:f7:63:cd:d5:d2:29:6d:2c:
c2:40:4b:90:a7:df:68:a3:80:b5:b4:87:04:5a:22:ab:29:2d:
c3:5d:83:b6
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBlMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzM2N0YxMTAvBgNVBAUTKEQ0RUE5NDY0RjMyMkIyNkQ3RDIxMjhEQzM3NTJGMjI4
ODgwMDE2REEwHhcNMjMxMDE0MTUwMTA4WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTJhYWQzMy01OWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1O2aJhIkYOCHJAhIK+LJW7wlySsrfyPu2Xf9IFLyI5RPDvw9T1t5qe8pC06k
DZAlifEZzYDP3cXpqnGi2TGP3s9Nuqg/vbQcVnmnWKpH7Px7uYnfzsKFvDIpDgHX
T9M8fspC4/3pDyXGk4ok3ubLubolHtRskuRKsL9y7EQE0887S4pY3y3M5RCcz7KS
ZgcuWYyqKwMHRASG0RiAtFoB8v9I3CV1N+ngzbAfhNCiiRMht4Ec6VYMx0Fpf7Kg
YZoREgoTNAgTo2W2f5G5KmHbyzaI3mRgX2CGfbibXwkNuuYnVaWZnkHp4olMKbdj
lME5a51LOTIlajatRFLpzdbJswIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLlxpQX6
DcYLuAedLhKIQRfhuv2lMB8GA1UdIwQYMBaAFNTqlGTzIrJtfSEo3DdS8iiIABba
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMzY3Ri9BMjIxOTA1ODEy
OEIxMUVCQkZBMkM0N0VDNEY5QUUwMi8xT3FVWlBNaXNtMTlJU2pjTjFMeUtJZ0FG
dG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFPcVVaUE1pc20xOUlTamNOMUx5S0lnQUZ0by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzM2N0YvQTIyMTkwNTgxMjhCMTFFQkJGQTJDNDdFQzRGOUFFMDIvQTk5NEQ3QjIx
MjhEMTFFQjg1MzhEQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnaNQDBAFnmQ4wDQYJKoZIhvcNAQELBQADggEBAFfefXTb
efdamlvrX5RAqtwmdyyRKPCFiM8qNq9aRwQPsToSLTrPD1sgd2//qYtCnTKkChu/
kkxVTn+YnXaGyW0YdaP1Jwy1aG2GMCQ72W3yxmW/Bu2Gw/Qie5u/l6F5HROyIVId
b9amCj54s4bHRKeMKXmJ9iyY0OXFy2P1+OBqfZ7NSshalvbP6ktuQlmX851oLntg
aUT6SGhseHDkU4I54D1vUic/RDc10BEikE5gtvxXc96K8gee9mLK0n06XWG6PRxH
1AJ6kVCwx2veCwu1IdobQuuLLf+3tOu8EW8rcbj3Y83V0iltLMJAS5Cn32ijgLW0
hwRaIqspLcNdg7Y=
-----END CERTIFICATE-----
Generated at Mon Aug 19 05:25:49 2024 by rpki-client on console-fra.rpki-client.org