Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/FEF261E6743B11ECB2525D75C4F9AE02.roa
File: FEF261E6743B11ECB2525D75C4F9AE02.roa (raw, json)
Hash identifier: PAxtjGAwYtB0P0UMDuw5kbM+U/VXjzZKSGPU0GxglRA=
Subject key identifier: C9:14:59:9A:21:00:BE:05:A6:B5:03:4F:23:0B:6E:27:38:E0:3A:94
Certificate issuer: /CN=A91D0C8E/serialNumber=9535D76110B3C029C5855B4C174505AF6119F30C
Certificate serial: 0281
Authority key identifier: 95:35:D7:61:10:B3:C0:29:C5:85:5B:4C:17:45:05:AF:61:19:F3:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lTXXYRCzwCnFhVtMF0UFr2EZ8ww.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/FEF261E6743B11ECB2525D75C4F9AE02.roa
Signing time: Wed 19 Apr 2023 04:24:11 +0000
ROA not before: Wed 19 Apr 2023 04:24:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136454
IP address blocks: 103.88.192.0/24 maxlen: 24
103.88.193.0/24 maxlen: 24
103.88.194.0/24 maxlen: 24
103.88.195.0/24 maxlen: 24
116.204.240.0/24 maxlen: 24
116.204.241.0/24 maxlen: 24
2400:e640:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 21 Feb 2024 22:17:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 641 (0x281)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D0C8E/serialNumber=9535D76110B3C029C5855B4C174505AF6119F30C
Validity
Not Before: Apr 19 04:24:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643f6ceb-07a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f7:bb:3f:82:3b:ec:6d:ef:d2:c5:d4:19:4e:
f3:00:d4:81:b0:25:bc:ff:2e:78:9f:6f:4d:f7:6b:
68:bf:02:a7:b2:75:45:24:3a:40:14:4e:46:08:f6:
da:72:f6:94:1d:7b:1d:04:db:b4:fe:d3:4c:c5:91:
04:8d:17:ed:31:9f:10:59:04:ce:79:90:15:56:12:
ea:a9:66:e8:8a:d9:3b:af:dd:c6:70:25:2a:fb:be:
9d:7e:ff:0c:48:c8:6d:9b:49:1f:c3:3f:44:e6:04:
9b:b4:e3:21:a7:a3:ce:db:14:1a:e0:a5:89:95:26:
91:11:0b:00:7c:da:66:a1:94:59:49:77:44:ab:fa:
28:ee:5b:0b:50:ec:69:ce:2c:c7:11:ea:6f:0c:a8:
0f:4c:e1:fa:5f:cd:a3:df:40:0d:55:dd:d4:1a:10:
e6:d4:bf:74:d6:d9:c0:13:d0:af:b9:a3:06:03:5a:
11:61:13:21:3d:fe:93:da:21:16:dd:2e:5b:9f:db:
03:8c:a5:f3:aa:10:16:51:87:32:cd:6b:85:b9:35:
a6:58:d3:66:63:f9:c0:9c:d5:30:20:b6:23:a0:4d:
8a:ec:76:4c:0f:95:88:44:6b:bc:d2:56:9a:ac:32:
24:00:07:85:fd:10:ce:b2:f1:d0:f7:6a:f0:97:89:
e1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:14:59:9A:21:00:BE:05:A6:B5:03:4F:23:0B:6E:27:38:E0:3A:94
X509v3 Authority Key Identifier:
keyid:95:35:D7:61:10:B3:C0:29:C5:85:5B:4C:17:45:05:AF:61:19:F3:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/lTXXYRCzwCnFhVtMF0UFr2EZ8ww.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lTXXYRCzwCnFhVtMF0UFr2EZ8ww.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/FEF261E6743B11ECB2525D75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.192.0/22
116.204.240.0/23
IPv6:
2400:e640:1000::/36
Signature Algorithm: sha256WithRSAEncryption
5c:95:78:bf:4a:6e:f4:cd:27:5b:03:69:47:b6:61:cc:7d:17:
bb:f6:72:10:38:bb:de:ed:50:8f:42:55:ca:25:a1:b4:d1:9e:
f4:51:d4:49:79:82:be:c5:95:b1:a2:c4:04:95:63:60:0f:f0:
bb:f9:e7:7d:9c:32:2d:eb:00:55:88:5a:dd:2f:ee:b2:c3:ac:
06:9e:b2:2f:4c:2f:7c:47:ac:a1:c6:49:c5:37:98:71:6c:89:
b8:0a:59:d9:d7:4f:35:3a:7a:0e:8f:53:20:8e:52:07:55:7c:
ab:d0:2f:eb:cd:6b:39:64:99:eb:76:e1:8c:78:a4:01:c5:e1:
38:2b:aa:95:b3:b1:af:12:41:eb:be:95:ac:57:72:15:f7:15:
8e:14:3c:9a:eb:27:e9:eb:51:f0:03:64:3b:51:0e:99:0f:79:
77:57:e9:f8:d4:0a:87:9d:46:63:a3:f2:da:0a:fa:8f:c2:2b:
27:71:cf:64:c5:3d:60:f5:f6:d9:2b:44:23:71:c9:9c:a9:96:
35:e5:ee:0a:d9:54:0e:f8:23:7c:d3:b7:1e:f3:65:22:50:66:
16:e4:b3:89:ed:be:81:36:78:ce:80:7f:8d:aa:4c:08:32:5e:
81:4f:b0:96:9d:d9:19:96:76:6b:19:95:b1:8f:6e:db:61:f2:
70:f3:54:64
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICAoEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDBDOEUxMTAvBgNVBAUTKDk1MzVENzYxMTBCM0MwMjlDNTg1NUI0QzE3NDUwNUFG
NjExOUYzMEMwHhcNMjMwNDE5MDQyNDExWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNmNmNlYi0wN2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuPe7P4I77G3v0sXUGU7zANSBsCW8/y54n29N92tovwKnsnVFJDpAFE5GCPba
cvaUHXsdBNu0/tNMxZEEjRftMZ8QWQTOeZAVVhLqqWboitk7r93GcCUq+76dfv8M
SMhtm0kfwz9E5gSbtOMhp6PO2xQa4KWJlSaREQsAfNpmoZRZSXdEq/oo7lsLUOxp
zizHEepvDKgPTOH6X82j30ANVd3UGhDm1L901tnAE9CvuaMGA1oRYRMhPf6T2iEW
3S5bn9sDjKXzqhAWUYcyzWuFuTWmWNNmY/nAnNUwILYjoE2K7HZMD5WIRGu80laa
rDIkAAeF/RDOsvHQ92rwl4nhfQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMkUWZoh
AL4FprUDTyMLbic44DqUMB8GA1UdIwQYMBaAFJU112EQs8ApxYVbTBdFBa9hGfMM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMEM4RS8wMzJFNTdCODc0
MzkxMUVDQjU1NzIzNkZDNEY5QUUwMi9sVFhYWVJDendDbkZoVnRNRjBVRnIyRVo4
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xUWFhZUkN6d0NuRmhWdE1GMFVGcjJFWjh3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDBDOEUvMDMyRTU3Qjg3NDM5MTFFQ0I1NTcyMzZGQzRGOUFFMDIvRkVGMjYxRTY3
NDNCMTFFQ0IyNTI1RDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMBIEAgABMAwDBAJnWMADBAF0zPAwDgQCAAIwCAMGBCQA5kAQMA0GCSqGSIb3
DQEBCwUAA4IBAQBclXi/Sm70zSdbA2lHtmHMfRe79nIQOLve7VCPQlXKJaG00Z70
UdRJeYK+xZWxosQElWNgD/C7+ed9nDIt6wBViFrdL+6yw6wGnrIvTC98R6yhxknF
N5hxbIm4ClnZ1081OnoOj1MgjlIHVXyr0C/rzWs5ZJnrduGMeKQBxeE4K6qVs7Gv
EkHrvpWsV3IV9xWOFDya6yfp61HwA2Q7UQ6ZD3l3V+n41AqHnUZjo/LaCvqPwisn
cc9kxT1g9fbZK0QjccmcqZY15e4K2VQO+CN807ce82UiUGYW5LOJ7b6BNnjOgH+N
qkwIMl6BT7CWndkZlnZrGZWxj27bYfJw81Rk
-----END CERTIFICATE-----
Generated at Thu Feb 22 02:26:26 2024 by rpki-client on console-fra.rpki-client.org