Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/780C5BC61A0311EF9E31D727C4F9AE02.roa
File: 780C5BC61A0311EF9E31D727C4F9AE02.roa (raw, json)
Hash identifier: dSsPdwjl2Dfkc3kWZbN+9l0zANUn52+wFbJRDLTnlmc=
Subject key identifier: 66:79:CD:6F:67:A1:D6:B6:83:4F:20:B3:24:B3:BF:49:DF:42:AC:FB
Certificate issuer: /CN=A91F4FB0/serialNumber=876E6813BF2C1811CD11DE99281ACD44BEC0DE73
Certificate serial: 1A
Authority key identifier: 87:6E:68:13:BF:2C:18:11:CD:11:DE:99:28:1A:CD:44:BE:C0:DE:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/780C5BC61A0311EF9E31D727C4F9AE02.roa
Signing time: Fri 24 May 2024 19:26:07 +0000
ROA not before: Fri 24 May 2024 19:26:07 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 16509
IP address blocks: 103.177.196.0/24 maxlen: 24
103.177.197.0/24 maxlen: 24
2400:3d20:1068::/47 maxlen: 48
2400:3d20:106e::/47 maxlen: 48
2400:3d20:10c8::/46 maxlen: 46
2400:3d20:10f0::/47 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 May 2024 19:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F4FB0/serialNumber=876E6813BF2C1811CD11DE99281ACD44BEC0DE73
Validity
Not Before: May 24 19:26:07 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6650e9cf-f80e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ef:6f:b6:90:39:cb:cb:2f:d1:d4:65:7c:51:
c0:57:56:8a:2e:2b:73:2e:d3:77:0b:2c:0f:45:43:
80:67:f7:9f:4e:65:eb:ad:d4:a1:63:60:9c:cc:2a:
1a:dd:11:1f:4e:9a:72:cd:21:ba:f8:8a:bb:fc:6c:
21:0d:9e:01:7b:92:55:56:53:fe:f1:23:b1:42:5c:
06:13:75:ce:40:84:4e:14:54:90:ef:e3:b2:b3:08:
ce:12:91:1d:95:10:12:35:38:3a:eb:fd:ec:a3:0f:
c5:9b:5e:81:d9:8a:13:57:7b:5a:c3:6a:42:7a:6c:
78:95:ad:eb:6f:d5:c1:15:69:42:c5:69:c6:bd:b2:
05:9e:bd:0d:06:e5:36:90:ae:24:62:13:f3:cf:ca:
5b:6a:d4:d8:2e:d3:fc:b4:0c:6f:8d:bd:71:41:cb:
f7:b3:fe:b0:ad:d0:f3:be:bd:4d:1a:a5:67:50:27:
12:31:de:05:87:39:c0:c7:11:7b:d5:e2:e5:2e:1f:
47:fa:65:ba:fb:48:da:26:bb:09:26:2c:12:9d:95:
45:38:0a:d1:1f:f7:fd:81:9c:76:12:30:58:c2:8e:
11:42:e1:36:08:f4:e9:28:52:b6:f4:4d:4c:62:91:
7e:af:fd:73:2d:1b:19:1f:9a:62:1d:0a:7b:10:94:
56:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:79:CD:6F:67:A1:D6:B6:83:4F:20:B3:24:B3:BF:49:DF:42:AC:FB
X509v3 Authority Key Identifier:
keyid:87:6E:68:13:BF:2C:18:11:CD:11:DE:99:28:1A:CD:44:BE:C0:DE:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/h25oE78sGBHNEd6ZKBrNRL7A3nM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/780C5BC61A0311EF9E31D727C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.196.0/23
IPv6:
2400:3d20:1068::/47
2400:3d20:106e::/47
2400:3d20:10c8::/46
2400:3d20:10f0::/47
Signature Algorithm: sha256WithRSAEncryption
6f:3d:c9:cf:8d:a1:ca:41:38:51:4e:df:f8:5b:13:47:7a:f2:
e8:36:4c:b3:43:1e:df:8a:c6:39:d2:2f:3e:da:4c:6c:80:c6:
ea:1c:61:ce:37:b4:18:2f:6c:f5:4f:35:05:bf:ac:0c:14:fc:
81:a8:53:bf:d9:ca:d0:b9:61:3e:6d:59:fa:e6:b3:dd:08:52:
02:28:92:99:e6:d8:87:54:01:6c:8d:24:a1:b5:09:eb:52:03:
ed:a1:eb:d8:8c:ee:d5:ac:aa:0a:f3:84:ed:c6:cd:cc:f3:63:
1f:f8:7b:2f:ee:ad:ac:a5:36:84:1d:a2:9e:46:28:2a:46:e2:
ae:8a:17:a2:b1:20:11:16:2a:09:fa:97:37:9b:52:05:2b:0c:
77:9c:a7:1c:67:6c:ab:1c:c3:1f:d4:14:60:df:0c:63:eb:ac:
dc:e8:12:ef:a0:fd:1b:a3:c5:a9:55:78:92:4b:26:da:59:22:
fb:94:c1:b1:85:c4:21:e8:f9:ee:5c:f7:ca:87:46:66:b4:95:
e7:ee:50:7c:84:60:d1:b9:5c:cd:02:b0:61:06:4c:2d:65:df:
4d:36:ce:08:8f:15:83:5f:5e:c9:58:d7:8c:c9:3f:e3:b4:6c:
79:13:dd:c0:41:30:4a:9d:9d:cb:d3:fe:dd:86:62:44:da:9e:
30:57:f4:45
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIBGjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
NEZCMDExMC8GA1UEBRMoODc2RTY4MTNCRjJDMTgxMUNEMTFERTk5MjgxQUNENDRC
RUMwREU3MzAeFw0yNDA1MjQxOTI2MDdaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTBlOWNmLWY4MGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDF72+2kDnLyy/R1GV8UcBXVoouK3Mu03cLLA9FQ4Bn959OZeut1KFjYJzMKhrd
ER9OmnLNIbr4irv8bCENngF7klVWU/7xI7FCXAYTdc5AhE4UVJDv47KzCM4SkR2V
EBI1ODrr/eyjD8WbXoHZihNXe1rDakJ6bHiVretv1cEVaULFaca9sgWevQ0G5TaQ
riRiE/PPyltq1Ngu0/y0DG+NvXFBy/ez/rCt0PO+vU0apWdQJxIx3gWHOcDHEXvV
4uUuH0f6Zbr7SNomuwkmLBKdlUU4CtEf9/2BnHYSMFjCjhFC4TYI9OkoUrb0TUxi
kX6v/XMtGxkfmmIdCnsQlFYHAgMBAAGjggLBMIICvTAdBgNVHQ4EFgQUZnnNb2eh
1raDTyCzJLO/Sd9CrPswHwYDVR0jBBgwFoAUh25oE78sGBHNEd6ZKBrNRL7A3nMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY0RkIwLzA1OENFQzE0MTlC
RDExRUZCRDMzRTA4MkM0RjlBRTAyL2gyNW9FNzhzR0JITkVkNlpLQnJOUkw3QTNu
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaDI1b0U3OHNHQkhORWQ2WktCck5STDdBM25NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NEZCMC8wNThDRUMxNDE5QkQxMUVGQkQzM0UwODJDNEY5QUUwMi83ODBDNUJDNjFB
MDMxMUVGOUUzMUQ3MjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBLBggrBgEFBQcBBwEB/wQ8
MDowDAQCAAEwBgMEAWexxDAqBAIAAjAkAwcBJAA9IBBoAwcBJAA9IBBuAwcCJAA9
IBDIAwcBJAA9IBDwMA0GCSqGSIb3DQEBCwUAA4IBAQBvPcnPjaHKQThRTt/4WxNH
evLoNkyzQx7fisY50i8+2kxsgMbqHGHON7QYL2z1TzUFv6wMFPyBqFO/2crQuWE+
bVn65rPdCFICKJKZ5tiHVAFsjSShtQnrUgPtoevYjO7VrKoK84Ttxs3M82Mf+Hsv
7q2spTaEHaKeRigqRuKuiheisSARFioJ+pc3m1IFKwx3nKccZ2yrHMMf1BRg3wxj
66zc6BLvoP0bo8WpVXiSSybaWSL7lMGxhcQh6PnuXPfKh0ZmtJXn7lB8hGDRuVzN
ArBhBkwtZd9NNs4IjxWDX17JWNeMyT/jtGx5E93AQTBKnZ3L0/7dhmJE2p4wV/RF
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:48 2024 by rpki-client on console-fra.rpki-client.org