Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/4235AE44DE6A11EB868CD437C4F9AE02.roa
File: 4235AE44DE6A11EB868CD437C4F9AE02.roa (raw, json)
Hash identifier: o2WJ8vF0wu61HLtWl3sXS5huFogrGdMo6CZj8pI7iSA=
Subject key identifier: 7F:F8:17:E3:7F:63:DA:16:4C:0C:E3:B9:49:45:D2:35:C9:55:8F:DE
Certificate issuer: /CN=A91C93EE/serialNumber=FC56E7E076F7FD0A84BECC9C3E229142A0901FEC
Certificate serial: 0BAA
Authority key identifier: FC:56:E7:E0:76:F7:FD:0A:84:BE:CC:9C:3E:22:91:42:A0:90:1F:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/4235AE44DE6A11EB868CD437C4F9AE02.roa
Signing time: Fri 05 Jul 2024 23:21:55 +0000
ROA not before: Fri 05 Jul 2024 23:21:55 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 138636
IP address blocks: 103.135.76.0/22 maxlen: 22
103.135.76.0/23 maxlen: 23
103.135.76.0/24 maxlen: 24
103.135.77.0/24 maxlen: 24
103.135.78.0/23 maxlen: 23
103.135.78.0/24 maxlen: 24
103.135.79.0/24 maxlen: 24
2404:76c0::/32 maxlen: 32
2404:76c0::/48 maxlen: 48
2404:76c0:1::/48 maxlen: 48
2404:76c0:2::/48 maxlen: 48
2404:76c0:3::/48 maxlen: 48
2404:76c0:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 17 Nov 2024 14:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2986 (0xbaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C93EE/serialNumber=FC56E7E076F7FD0A84BECC9C3E229142A0901FEC
Validity
Not Before: Jul 5 23:21:55 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66888013-de69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:08:49:7c:e8:bd:b0:fb:16:e0:67:a3:54:18:
dd:39:d1:8b:ef:b4:e3:86:8d:00:fc:00:80:e5:85:
b8:a3:88:70:06:ef:19:07:d2:6b:90:2b:00:e0:90:
2a:aa:63:8f:34:aa:25:6c:3d:35:92:f0:cd:4b:de:
ed:26:3b:2b:f2:0d:7c:8b:b4:18:eb:5b:0e:47:70:
e4:c4:4d:0d:85:62:de:00:86:f3:db:ea:d6:f7:4d:
ea:47:25:d6:0d:90:94:2e:51:d3:28:00:20:fa:54:
b6:24:87:2c:52:cd:7e:0d:2c:9e:a2:44:e5:53:53:
43:85:78:25:f9:0f:bd:09:b7:e3:27:0d:a7:bb:d0:
46:78:f4:a4:09:b4:4a:d1:a0:08:8d:47:00:77:fb:
fe:35:e9:06:5f:1c:45:2b:57:20:fa:93:1f:04:1e:
25:d4:2b:10:23:13:2d:fb:a0:ea:f7:58:d1:c9:f3:
94:5d:5f:83:bd:af:11:f8:97:98:a2:d4:a8:d5:91:
23:c9:ec:75:fc:2a:77:6e:3e:50:ae:8d:28:d4:51:
e0:59:b7:e5:f9:a8:c1:b0:0e:cc:ad:0b:2a:93:3e:
b8:48:aa:f3:4e:de:7d:9f:81:87:38:42:88:a9:f5:
c5:f8:32:e6:d3:f0:a8:d2:5f:a5:ed:07:e7:ce:f9:
45:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F8:17:E3:7F:63:DA:16:4C:0C:E3:B9:49:45:D2:35:C9:55:8F:DE
X509v3 Authority Key Identifier:
keyid:FC:56:E7:E0:76:F7:FD:0A:84:BE:CC:9C:3E:22:91:42:A0:90:1F:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/4235AE44DE6A11EB868CD437C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.76.0/22
IPv6:
2404:76c0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:5e:fc:55:5d:86:f1:94:92:81:34:d0:a5:e1:dc:a4:c0:aa:
87:8d:04:e0:d9:28:73:03:30:23:b5:f0:d2:00:35:0f:b0:58:
3a:cf:86:3f:5e:07:43:f5:bc:f1:16:af:f8:c9:3b:a8:39:2e:
01:b5:d6:d8:06:70:65:0c:69:ee:07:47:82:02:b6:de:58:b5:
72:e0:08:8c:93:12:94:21:72:bb:a3:26:73:50:65:83:07:e2:
8e:3c:d7:50:c8:12:0e:38:46:43:50:c7:9d:bc:23:47:b3:79:
e2:6e:9c:ab:6d:47:a3:36:79:72:bd:3d:7d:3f:21:56:77:02:
d2:67:e0:51:7b:ad:61:c8:af:39:c1:40:f1:9d:3e:6d:8e:85:
75:9f:1e:56:8f:22:51:55:48:96:45:b8:6f:4e:4b:ee:30:a8:
22:3f:a3:f7:b1:73:9a:13:39:10:65:45:b9:08:0d:d0:b4:e5:
19:1d:c5:a5:29:39:c1:26:13:a4:ef:86:ee:87:6c:69:6b:55:
58:9c:52:1e:21:9e:93:93:8e:78:14:5c:12:a8:95:31:0c:0d:
f5:ca:45:93:f7:8d:ba:e1:d2:97:a0:ad:2e:ed:20:57:0b:d8:
69:17:51:dc:af:d1:40:be:c7:47:de:f4:7e:97:17:3a:24:f8:
cb:d0:d0:b5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzkzRUUxMTAvBgNVBAUTKEZDNTZFN0UwNzZGN0ZEMEE4NEJFQ0M5QzNFMjI5MTQy
QTA5MDFGRUMwHhcNMjQwNzA1MjMyMTU1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg4ODAxMy1kZTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0whJfOi9sPsW4GejVBjdOdGL77Tjho0A/ACA5YW4o4hwBu8ZB9JrkCsA4JAq
qmOPNKolbD01kvDNS97tJjsr8g18i7QY61sOR3DkxE0NhWLeAIbz2+rW903qRyXW
DZCULlHTKAAg+lS2JIcsUs1+DSyeokTlU1NDhXgl+Q+9CbfjJw2nu9BGePSkCbRK
0aAIjUcAd/v+NekGXxxFK1cg+pMfBB4l1CsQIxMt+6Dq91jRyfOUXV+Dva8R+JeY
otSo1ZEjyex1/Cp3bj5Qro0o1FHgWbfl+ajBsA7MrQsqkz64SKrzTt59n4GHOEKI
qfXF+DLm0/Co0l+l7QfnzvlF6wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFH/4F+N/
Y9oWTAzjuUlF0jXJVY/eMB8GA1UdIwQYMBaAFPxW5+B29/0KhL7MnD4ikUKgkB/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTNFRS82ODU4RjY4ODBF
MDIxMUVBQTlCMURCNjVDNEY5QUUwMi9fRmJuNEhiM19RcUV2c3ljUGlLUlFxQ1FI
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19GYm40SGIzX1FxRXZzeWNQaUtSUXFDUUgtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzkzRUUvNjg1OEY2ODgwRTAyMTFFQUE5QjFEQjY1QzRGOUFFMDIvNDIzNUFFNDRE
RTZBMTFFQjg2OENENDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnh0wwDQQCAAIwBwMFACQEdsAwDQYJKoZIhvcNAQELBQAD
ggEBAI1e/FVdhvGUkoE00KXh3KTAqoeNBODZKHMDMCO18NIANQ+wWDrPhj9eB0P1
vPEWr/jJO6g5LgG11tgGcGUMae4HR4ICtt5YtXLgCIyTEpQhcrujJnNQZYMH4o48
11DIEg44RkNQx528I0ezeeJunKttR6M2eXK9PX0/IVZ3AtJn4FF7rWHIrznBQPGd
Pm2OhXWfHlaPIlFVSJZFuG9OS+4wqCI/o/exc5oTORBlRbkIDdC05RkdxaUpOcEm
E6Tvhu6HbGlrVVicUh4hnpOTjngUXBKolTEMDfXKRZP3jbrh0pegrS7tIFcL2GkX
Udyv0UC+x0fe9H6XFzok+MvQ0LU=
-----END CERTIFICATE-----
Generated at Sun Nov 17 17:26:27 2024 by rpki-client on console-ams.rpki-client.org