Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7C843FDE68BE11EF9A903550C4F9AE02.roa
File: 7C843FDE68BE11EF9A903550C4F9AE02.roa (raw, json)
Hash identifier: Q4Yh36q3DhJ1YzSuqC3gS2DzFMFRtYgS88R6K01+I9s=
Subject key identifier: 4D:AD:C2:96:94:8B:2B:45:1D:5D:9F:8B:47:95:E8:3E:92:F3:06:75
Certificate issuer: /CN=A91DA0AA/serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD
Certificate serial: 0104
Authority key identifier: ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7C843FDE68BE11EF9A903550C4F9AE02.roa
Signing time: Mon 02 Sep 2024 00:03:16 +0000
ROA not before: Mon 02 Sep 2024 00:03:16 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 17828
IP address blocks: 103.20.76.0/22 maxlen: 22
202.58.128.0/22 maxlen: 22
202.58.131.0/24 maxlen: 24
202.165.192.0/20 maxlen: 20
2001:c60::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Sep 2024 05:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 260 (0x104)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA0AA/serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD
Validity
Not Before: Sep 2 00:03:16 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66d500c4-f3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:bf:5f:5d:65:8c:14:66:d8:ca:71:ec:09:ef:
e4:f5:90:2c:0b:a0:23:92:7b:51:71:42:04:cc:1f:
37:d7:fb:b7:8a:3a:b4:d1:4c:5e:64:51:1c:34:17:
e8:01:93:e9:d8:d2:4d:dc:5a:9a:6b:6b:f0:6b:47:
eb:60:43:d3:5b:18:91:11:45:13:5e:cd:10:49:38:
f8:f3:8c:55:88:ec:05:73:15:b9:45:56:e9:81:23:
90:d1:ab:df:89:b4:10:53:7f:1e:6b:3b:e1:7c:fd:
b1:bc:e6:de:f2:70:b9:6d:33:6d:79:91:ed:35:fb:
ed:cf:08:de:53:c0:25:1d:fb:99:9e:2c:76:f0:cf:
8d:82:20:54:95:e9:75:16:85:b8:43:42:8c:a7:c4:
b2:6a:ae:4f:62:5b:72:c8:72:f1:60:67:90:5d:33:
4f:c0:b6:d0:40:52:48:04:ec:78:37:bb:b0:9b:62:
9e:f2:b6:20:81:cb:25:e3:61:b1:c5:5b:ec:55:91:
8c:7f:c3:04:8a:7c:4b:25:74:fe:2f:b5:ce:73:11:
8b:bb:f7:c3:fb:c8:e3:27:4f:41:16:7e:01:2e:08:
11:e8:9f:27:e4:a7:7f:ef:c3:13:73:be:1b:b3:fc:
74:e6:8c:fb:53:b1:74:c1:b4:73:61:ac:48:ab:01:
a0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AD:C2:96:94:8B:2B:45:1D:5D:9F:8B:47:95:E8:3E:92:F3:06:75
X509v3 Authority Key Identifier:
keyid:ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7Y9dbJv8FI96u3CMUpHThHgcYf0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7C843FDE68BE11EF9A903550C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.76.0/22
202.58.128.0/22
202.165.192.0/20
IPv6:
2001:c60::/32
Signature Algorithm: sha256WithRSAEncryption
b4:6e:60:2b:f0:39:86:9b:10:b2:aa:19:a1:5b:bd:46:e4:e2:
57:92:8b:e0:0b:6c:4f:58:d5:98:b5:e0:4d:d5:fc:72:18:27:
ca:4f:9e:bd:d8:fd:3f:c7:38:ce:5f:af:e2:69:cd:f4:c2:03:
77:67:20:7a:f5:cb:e2:9f:c9:a8:63:f1:e9:d7:42:20:af:8b:
cb:db:03:1e:7c:8a:79:ad:f5:88:a6:db:8f:63:36:da:1f:82:
d8:af:7b:2c:b2:a6:72:92:c2:a4:8b:8c:40:b1:14:35:8b:35:
9a:4b:81:16:0b:0a:df:c6:fa:fa:e2:d2:cf:0b:85:cc:14:cc:
e9:e5:96:9d:32:f3:d6:07:9c:bc:97:f9:0a:f5:a6:2d:9e:64:
cd:e6:ce:74:58:4f:fe:01:b1:79:6d:06:f0:ce:47:a0:b9:05:
ca:6b:36:c0:b1:a4:4d:d3:9e:bd:fa:9b:3b:5b:03:21:8f:07:
19:ac:75:9a:d9:6d:ae:88:0f:26:3a:ba:67:fe:73:1f:47:58:
da:bc:ec:50:aa:7f:43:20:f2:d8:b7:98:f4:23:59:1b:4d:f3:
d3:ce:ec:80:0f:78:b5:d5:1d:7f:25:53:6f:58:d3:74:61:6f:
2b:da:36:ce:05:51:fe:4b:9e:d8:e6:17:38:33:dd:c5:25:06:
14:6a:38:c4
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICAQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEwQUExMTAvBgNVBAUTKEVEOEY1RDZDOUJGQzE0OEY3QUJCNzA4QzUyOTFEMzg0
NzgxQzYxRkQwHhcNMjQwOTAyMDAwMzE2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1MDBjNC1mM2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4b9fXWWMFGbYynHsCe/k9ZAsC6AjkntRcUIEzB831/u3ijq00UxeZFEcNBfo
AZPp2NJN3Fqaa2vwa0frYEPTWxiREUUTXs0QSTj484xViOwFcxW5RVbpgSOQ0avf
ibQQU38eazvhfP2xvObe8nC5bTNteZHtNfvtzwjeU8AlHfuZnix28M+NgiBUlel1
FoW4Q0KMp8Syaq5PYltyyHLxYGeQXTNPwLbQQFJIBOx4N7uwm2Ke8rYggcsl42Gx
xVvsVZGMf8MEinxLJXT+L7XOcxGLu/fD+8jjJ09BFn4BLggR6J8n5Kd/78MTc74b
s/x05oz7U7F0wbRzYaxIqwGgLwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFE2twpaU
iytFHV2fi0eV6D6S8wZ1MB8GA1UdIwQYMBaAFO2PXWyb/BSPertwjFKR04R4HGH9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTBBQS84MkJCQjU1MjAw
M0QxMUVFOTYwOEYxNDdDNEY5QUUwMi83WTlkYkp2OEZJOTZ1M0NNVXBIVGhIZ2NZ
ZjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdZOWRiSnY4Rkk5NnUzQ01VcEhUaEhnY1lmMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REEwQUEvODJCQkI1NTIwMDNEMTFFRTk2MDhGMTQ3QzRGOUFFMDIvN0M4NDNGREU2
OEJFMTFFRjlBOTAzNTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnFEwDBALKOoADBATKpcAwDQQCAAIwBwMFACABDGAwDQYJ
KoZIhvcNAQELBQADggEBALRuYCvwOYabELKqGaFbvUbk4leSi+ALbE9Y1Zi14E3V
/HIYJ8pPnr3Y/T/HOM5fr+JpzfTCA3dnIHr1y+Kfyahj8enXQiCvi8vbAx58inmt
9Yim249jNtofgtiveyyypnKSwqSLjECxFDWLNZpLgRYLCt/G+vri0s8LhcwUzOnl
lp0y89YHnLyX+Qr1pi2eZM3mznRYT/4BsXltBvDOR6C5BcprNsCxpE3Tnr36mztb
AyGPBxmsdZrZba6IDyY6umf+cx9HWNq87FCqf0Mg8ti3mPQjWRtN89PO7IAPeLXV
HX8lU29Y03RhbyvaNs4FUf5LntjmFzgz3cUlBhRqOMQ=
-----END CERTIFICATE-----
Generated at Mon Sep 2 05:50:27 2024 by rpki-client on console-fra.rpki-client.org