Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/3C96A4267C9511EFA93F4E5CC4F9AE02.roa
File: 3C96A4267C9511EFA93F4E5CC4F9AE02.roa (raw, json)
Hash identifier: Vxc87IPV37V2IXw0fty8s9LX9HY0LXUWsBr317TeAxA=
Subject key identifier: A7:19:43:A6:98:1A:7C:67:41:C5:62:EA:61:BB:DF:14:36:BC:F0:23
Certificate issuer: /CN=A918F550/serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF
Certificate serial: 34A0
Authority key identifier: A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/3C96A4267C9511EFA93F4E5CC4F9AE02.roa
Signing time: Fri 27 Sep 2024 05:56:28 +0000
ROA not before: Fri 27 Sep 2024 05:56:28 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45845
IP address blocks: 45.117.152.0/22 maxlen: 22
45.117.152.0/23 maxlen: 24
103.235.196.0/22 maxlen: 24
103.250.132.0/22 maxlen: 22
103.250.132.0/23 maxlen: 23
103.250.132.0/24 maxlen: 24
103.250.133.0/24 maxlen: 24
103.250.135.0/24 maxlen: 24
163.53.24.0/22 maxlen: 24
2405:6600::/32 maxlen: 32
2405:6600:201::/48 maxlen: 48
2405:6600:600::/48 maxlen: 48
2405:6600:701::/48 maxlen: 48
2405:6600:702::/48 maxlen: 48
2405:6600:703::/48 maxlen: 48
2405:6600:709::/48 maxlen: 48
2405:6600:c00::/48 maxlen: 48
2405:6600:c43::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 27 Sep 2024 11:21:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13472 (0x34a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F550/serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF
Validity
Not Before: Sep 27 05:56:28 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66f6490c-eb45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:31:2b:cb:b8:5f:8d:12:19:d9:8a:9d:3b:a9:
eb:5f:d3:43:b3:25:36:19:f3:33:7d:5e:89:f8:e1:
37:e1:ee:85:d3:b8:36:eb:5c:85:cb:d1:ba:fc:cb:
65:db:78:31:d9:65:b5:27:b7:91:b1:f9:6e:ac:3e:
7c:22:5a:f5:eb:9d:8a:3d:ba:99:1f:7a:2b:f7:db:
c9:ac:41:52:e2:73:24:ac:25:10:03:5c:2a:f2:6a:
03:64:93:fa:86:81:e4:c0:95:ec:de:6b:36:63:93:
de:80:a5:e2:f2:13:b2:c5:c9:25:3e:b8:76:cc:5a:
ea:b6:d2:17:8d:ce:2b:31:00:ee:3b:ca:c6:24:a7:
03:71:46:6e:ef:47:6e:6b:76:66:97:b4:f1:8d:d2:
2b:cf:95:08:97:e8:e4:1b:73:23:d7:2a:ea:df:4f:
8f:10:6b:b9:46:64:95:95:bb:e4:b2:8a:b3:c6:b1:
74:30:11:80:8b:02:3f:5b:ce:e3:a3:49:eb:5f:36:
9b:b1:f1:34:69:58:13:a1:51:20:68:84:c3:da:d1:
41:22:84:33:1b:b5:60:7c:14:d6:84:73:30:2d:bc:
e6:4b:8c:2e:61:2c:69:9c:fd:c0:52:ad:54:af:18:
81:a6:a4:2e:c5:5b:a0:d5:8f:d1:0c:e5:25:15:a7:
ba:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:19:43:A6:98:1A:7C:67:41:C5:62:EA:61:BB:DF:14:36:BC:F0:23
X509v3 Authority Key Identifier:
keyid:A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/3C96A4267C9511EFA93F4E5CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.152.0/22
103.235.196.0/22
103.250.132.0/22
163.53.24.0/22
IPv6:
2405:6600::/32
Signature Algorithm: sha256WithRSAEncryption
76:01:9b:cc:3d:00:19:5b:87:3f:dc:2c:c1:92:6b:c5:6c:4d:
3f:2e:2b:96:76:83:b6:d2:80:a1:e9:c8:17:39:be:c4:2d:e5:
3c:ff:7c:78:51:40:32:bc:44:07:b0:b8:9e:05:2e:3f:44:f5:
73:41:24:71:c5:92:40:9d:3a:98:3a:59:cb:89:ac:9a:ce:93:
73:8e:72:94:4d:27:e5:80:c9:42:08:d0:b2:f6:91:fa:4f:e3:
58:5e:1e:a0:67:7c:84:2f:69:97:81:5e:53:59:3e:3b:9a:b7:
33:1b:0f:e2:3f:8a:08:90:9c:f9:64:6e:0e:c8:f0:bb:89:c5:
5c:07:d0:8b:05:7e:94:7e:8f:b6:4c:f1:e8:2b:28:2d:64:ea:
64:10:3c:77:68:32:de:ea:02:83:96:38:0b:d0:64:b0:2b:ff:
01:bc:0e:c8:d2:98:0d:88:1e:31:5b:cc:e8:36:0b:76:6a:d4:
9c:30:01:d0:80:6f:19:b1:77:c7:e0:bd:e1:fc:73:e0:65:45:
a9:4d:7c:74:15:7b:d1:85:05:4c:ce:3f:34:df:6a:88:a0:49:
dc:0d:da:42:6e:f3:a7:5c:5e:f6:37:4e:88:cd:f5:e9:0a:a2:
ec:23:1b:ec:bd:d4:e7:06:09:55:39:e3:01:09:15:f9:8a:6c:
ac:0b:59:17
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEY1NTAxMTAvBgNVBAUTKEEyNEI2QTYyMDQ0QjcwMDY1RjA1MDYzODg0NjBFNEFG
MkYxN0YzRkYwHhcNMjQwOTI3MDU1NjI4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2NDkwYy1lYjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnzEry7hfjRIZ2YqdO6nrX9NDsyU2GfMzfV6J+OE34e6F07g261yFy9G6/Mtl
23gx2WW1J7eRsflurD58Ilr1652KPbqZH3or99vJrEFS4nMkrCUQA1wq8moDZJP6
hoHkwJXs3ms2Y5PegKXi8hOyxcklPrh2zFrqttIXjc4rMQDuO8rGJKcDcUZu70du
a3Zml7TxjdIrz5UIl+jkG3Mj1yrq30+PEGu5RmSVlbvksoqzxrF0MBGAiwI/W87j
o0nrXzabsfE0aVgToVEgaITD2tFBIoQzG7VgfBTWhHMwLbzmS4wuYSxpnP3AUq1U
rxiBpqQuxVug1Y/RDOUlFae6wQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFKcZQ6aY
GnxnQcVi6mG73xQ2vPAjMB8GA1UdIwQYMBaAFKJLamIES3AGXwUGOIRg5K8vF/P/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjU1MC84QjlCRDIwMjFE
ODUxMUUyQjQxMjMwREMwOEIwMkNEMi9va3RxWWdSTGNBWmZCUVk0aEdEa3J5OFg4
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29rdHFZZ1JMY0FaZkJRWTRoR0Rrcnk4WDhfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEY1NTAvOEI5QkQyMDIxRDg1MTFFMkI0MTIzMERDMDhCMDJDRDIvM0M5NkE0MjY3
Qzk1MTFFRkE5M0Y0RTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAItdZgDBAJn68QDBAJn+oQDBAKjNRgwDQQCAAIwBwMFACQF
ZgAwDQYJKoZIhvcNAQELBQADggEBAHYBm8w9ABlbhz/cLMGSa8VsTT8uK5Z2g7bS
gKHpyBc5vsQt5Tz/fHhRQDK8RAewuJ4FLj9E9XNBJHHFkkCdOpg6WcuJrJrOk3OO
cpRNJ+WAyUII0LL2kfpP41heHqBnfIQvaZeBXlNZPjuatzMbD+I/igiQnPlkbg7I
8LuJxVwH0IsFfpR+j7ZM8egrKC1k6mQQPHdoMt7qAoOWOAvQZLAr/wG8DsjSmA2I
HjFbzOg2C3Zq1JwwAdCAbxmxd8fgveH8c+BlRalNfHQVe9GFBUzOPzTfaoigSdwN
2kJu86dcXvY3TojN9ekKouwjG+y91OcGCVU54wEJFfmKbKwLWRc=
-----END CERTIFICATE-----
Generated at Fri Sep 27 14:05:17 2024 by rpki-client on console-ams.rpki-client.org