Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/8BA87150D10711EE8A757976C4F9AE02.roa
File: 8BA87150D10711EE8A757976C4F9AE02.roa (raw, json)
Hash identifier: Yug2cNzcRnEnMOSctHrKqA9krnQGMVmbzFLP0lv/cPg=
Subject key identifier: 5C:1D:5D:91:66:4A:70:FF:08:44:07:94:CA:FE:29:C1:F7:CE:BB:D7
Certificate issuer: /CN=A91D0C8E/serialNumber=9535D76110B3C029C5855B4C174505AF6119F30C
Certificate serial: 0375
Authority key identifier: 95:35:D7:61:10:B3:C0:29:C5:85:5B:4C:17:45:05:AF:61:19:F3:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lTXXYRCzwCnFhVtMF0UFr2EZ8ww.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/8BA87150D10711EE8A757976C4F9AE02.roa
Signing time: Sun 07 Jul 2024 11:22:00 +0000
ROA not before: Sun 07 Jul 2024 11:22:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133894
IP address blocks: 103.88.192.0/24 maxlen: 24
103.88.193.0/24 maxlen: 24
103.88.194.0/24 maxlen: 24
103.88.195.0/24 maxlen: 24
116.204.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 22:57:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 885 (0x375)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D0C8E/serialNumber=9535D76110B3C029C5855B4C174505AF6119F30C
Validity
Not Before: Jul 7 11:22:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=668a7a58-8cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a1:18:17:17:d7:5e:b4:f6:c0:65:85:58:4e:
32:81:08:c1:b7:62:2c:2b:31:6a:bb:1d:04:19:df:
be:94:84:8f:7c:28:60:97:01:9e:ee:ec:07:5e:84:
ce:d0:a3:49:25:8d:f2:45:ed:37:be:07:75:32:49:
3b:bc:76:75:7c:89:c2:f0:90:85:78:ec:12:18:67:
36:c5:fc:5c:8a:fe:f7:ac:f4:4a:dd:9b:5b:9c:5b:
e1:eb:fd:0f:92:48:23:b2:cf:53:15:c4:28:84:dc:
3d:02:59:a7:23:c2:f1:a8:d9:17:47:08:f7:c5:75:
c9:33:44:e0:ce:43:06:e5:af:5f:47:36:84:6d:13:
c9:f1:7e:50:44:7c:51:d4:82:4b:f8:17:4b:f4:4c:
56:c1:3d:24:ac:e6:f0:8c:10:e7:22:da:88:24:82:
03:77:34:f0:6a:29:c8:6f:13:88:20:c9:03:8d:6f:
e4:af:38:59:b4:02:6f:7d:12:8f:a5:7e:3e:f2:ef:
ce:77:2f:c4:96:07:d9:63:ec:b9:68:7f:b9:c3:98:
c1:e1:d7:9d:c1:a8:5a:03:f0:8e:29:ce:90:06:20:
d7:52:80:cc:d9:99:45:f6:d5:23:75:f0:9e:73:a4:
4b:b1:e0:3a:ce:dd:f6:58:6d:f8:14:fd:c8:51:7b:
b3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1D:5D:91:66:4A:70:FF:08:44:07:94:CA:FE:29:C1:F7:CE:BB:D7
X509v3 Authority Key Identifier:
keyid:95:35:D7:61:10:B3:C0:29:C5:85:5B:4C:17:45:05:AF:61:19:F3:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/lTXXYRCzwCnFhVtMF0UFr2EZ8ww.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lTXXYRCzwCnFhVtMF0UFr2EZ8ww.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/8BA87150D10711EE8A757976C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.192.0/22
116.204.240.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:d4:00:b1:27:a1:fd:c9:81:86:b7:f7:36:31:22:ba:e7:a9:
25:45:f7:66:0b:a9:9f:ff:58:9b:67:ed:f3:b3:f3:85:0e:3f:
22:71:ed:51:69:5e:d2:22:08:c5:ba:16:04:de:4f:a1:05:ba:
35:56:47:24:07:be:d8:35:b8:6e:c9:e4:7e:c6:e5:cf:94:e4:
e9:ea:10:a4:00:56:7b:ac:f3:8e:db:8e:17:ed:fb:7f:c1:c0:
73:a3:e1:a9:f9:61:01:01:8f:ab:a3:8f:66:47:47:b8:00:8c:
b9:12:a0:38:f4:c3:c8:4c:2f:14:8c:24:7a:b4:9e:da:a9:e1:
b4:7e:b0:df:58:ef:2d:8a:f8:a4:0b:48:04:e8:19:ac:d3:1d:
56:d7:b1:3f:d6:b3:ed:69:61:34:b7:ed:be:cc:9f:f2:68:67:
54:fd:ff:d2:94:1b:a7:f3:7c:8a:3c:20:b8:e7:a3:6a:b5:b3:
f4:16:14:aa:13:86:80:c8:bd:a7:c4:e9:99:4b:42:80:a2:6a:
b3:67:af:b2:08:f2:f9:a0:8f:fc:d0:cc:2b:f6:a1:7a:50:dc:
dd:a0:ba:19:2a:2d:3c:53:74:7d:99:0c:d8:a8:cc:72:6c:6c:
35:0c:3f:81:7e:4f:27:7a:2a:06:3f:25:b6:1e:2d:d3:0f:60:
e3:bc:0a:42
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDBDOEUxMTAvBgNVBAUTKDk1MzVENzYxMTBCM0MwMjlDNTg1NUI0QzE3NDUwNUFG
NjExOUYzMEMwHhcNMjQwNzA3MTEyMjAwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhhN2E1OC04Y2IzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn6EYFxfXXrT2wGWFWE4ygQjBt2IsKzFqux0EGd++lISPfChglwGe7uwHXoTO
0KNJJY3yRe03vgd1Mkk7vHZ1fInC8JCFeOwSGGc2xfxciv73rPRK3ZtbnFvh6/0P
kkgjss9TFcQohNw9AlmnI8LxqNkXRwj3xXXJM0TgzkMG5a9fRzaEbRPJ8X5QRHxR
1IJL+BdL9ExWwT0krObwjBDnItqIJIIDdzTwainIbxOIIMkDjW/krzhZtAJvfRKP
pX4+8u/Ody/ElgfZY+y5aH+5w5jB4dedwahaA/COKc6QBiDXUoDM2ZlF9tUjdfCe
c6RLseA6zt32WG34FP3IUXuzPwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFwdXZFm
SnD/CEQHlMr+KcH3zrvXMB8GA1UdIwQYMBaAFJU112EQs8ApxYVbTBdFBa9hGfMM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMEM4RS8wMzJFNTdCODc0
MzkxMUVDQjU1NzIzNkZDNEY5QUUwMi9sVFhYWVJDendDbkZoVnRNRjBVRnIyRVo4
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xUWFhZUkN6d0NuRmhWdE1GMFVGcjJFWjh3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDBDOEUvMDMyRTU3Qjg3NDM5MTFFQ0I1NTcyMzZGQzRGOUFFMDIvOEJBODcxNTBE
MTA3MTFFRThBNzU3OTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnWMADBAB0zPAwDQYJKoZIhvcNAQELBQADggEBAE7UALEn
of3JgYa39zYxIrrnqSVF92YLqZ//WJtn7fOz84UOPyJx7VFpXtIiCMW6FgTeT6EF
ujVWRyQHvtg1uG7J5H7G5c+U5OnqEKQAVnus847bjhft+3/BwHOj4an5YQEBj6uj
j2ZHR7gAjLkSoDj0w8hMLxSMJHq0ntqp4bR+sN9Y7y2K+KQLSAToGazTHVbXsT/W
s+1pYTS37b7Mn/JoZ1T9/9KUG6fzfIo8ILjno2q1s/QWFKoThoDIvafE6ZlLQoCi
arNnr7II8vmgj/zQzCv2oXpQ3N2guhkqLTxTdH2ZDNiozHJsbDUMP4F+Tyd6KgY/
JbYeLdMPYOO8CkI=
-----END CERTIFICATE-----
Generated at Fri Jul 12 01:37:23 2024 by rpki-client on console-fra.rpki-client.org