Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDBE8/9D363178152B11EB9BD4EB46C4F9AE02/AAF044AA152D11EB81442C49C4F9AE02.roa
File: AAF044AA152D11EB81442C49C4F9AE02.roa (raw, json)
Hash identifier: KZxk68bwLTW6Xlab9QwIHNBPn3rYeFaH8H4u0juo4wo=
Subject key identifier: A1:A0:7A:E2:26:BF:B8:B0:F5:C4:3E:00:1E:9D:55:41:EB:2C:B0:15
Certificate issuer: /CN=A91FDBE8/serialNumber=F35409394866FB408A0D188E0B7D00CC5A73948E
Certificate serial: 0647
Authority key identifier: F3:54:09:39:48:66:FB:40:8A:0D:18:8E:0B:7D:00:CC:5A:73:94:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/81QJOUhm-0CKDRiOC30AzFpzlI4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FDBE8/9D363178152B11EB9BD4EB46C4F9AE02/AAF044AA152D11EB81442C49C4F9AE02.roa
Signing time: Wed 06 Sep 2023 22:29:45 +0000
ROA not before: Wed 06 Sep 2023 22:29:45 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 135543
IP address blocks: 45.65.60.0/22 maxlen: 22
45.114.204.0/22 maxlen: 22
103.37.8.0/24 maxlen: 24
103.37.9.0/24 maxlen: 24
103.52.168.0/23 maxlen: 23
103.52.168.0/24 maxlen: 24
103.52.169.0/24 maxlen: 24
103.80.136.0/22 maxlen: 22
2402:3680::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 21 Feb 2024 08:21:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1607 (0x647)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FDBE8/serialNumber=F35409394866FB408A0D188E0B7D00CC5A73948E
Validity
Not Before: Sep 6 22:29:45 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64f8fd59-1369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d6:68:c5:20:64:9d:6e:58:1f:12:63:2a:0f:
1f:f7:f4:33:9e:4c:7c:67:2d:ec:f8:65:e8:fe:b2:
eb:29:d7:76:5f:21:7e:22:4b:1c:44:b3:6d:d3:69:
38:c9:ef:f6:42:95:74:3e:29:d7:2d:5e:57:6c:fc:
0b:0f:d5:8f:9f:75:94:c2:23:90:39:21:bc:91:cb:
c6:20:9c:ea:a3:72:27:50:88:19:6c:48:51:16:72:
b0:ab:8f:ee:bc:3f:7a:eb:a4:0a:d0:5f:5f:b0:28:
28:e9:c3:d8:a1:d8:28:51:9f:29:f4:60:9d:a3:cb:
4e:b4:a4:fe:ab:3a:29:2d:43:5b:9e:d8:bd:f2:4f:
00:a0:85:8c:60:9b:95:26:88:f0:07:82:45:f4:84:
18:5c:12:95:4f:cb:79:e5:68:f1:bc:0d:42:eb:8c:
61:a1:de:15:c8:4e:1f:ff:b3:2f:65:30:bd:c1:da:
1f:6b:cb:9f:fb:bb:d7:07:3c:a8:6b:1c:f9:d3:9d:
38:50:38:6e:a0:6c:e3:03:70:9a:6a:cb:fb:4c:e0:
db:7a:66:be:8d:2c:48:67:f2:7c:d9:5e:bf:45:bd:
c2:0e:ad:dc:24:e8:6e:92:0a:1b:33:7a:c0:e0:a1:
3c:fd:68:a8:30:ba:bc:74:9f:09:9d:5f:87:f2:25:
89:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A0:7A:E2:26:BF:B8:B0:F5:C4:3E:00:1E:9D:55:41:EB:2C:B0:15
X509v3 Authority Key Identifier:
keyid:F3:54:09:39:48:66:FB:40:8A:0D:18:8E:0B:7D:00:CC:5A:73:94:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FDBE8/9D363178152B11EB9BD4EB46C4F9AE02/81QJOUhm-0CKDRiOC30AzFpzlI4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/81QJOUhm-0CKDRiOC30AzFpzlI4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDBE8/9D363178152B11EB9BD4EB46C4F9AE02/AAF044AA152D11EB81442C49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.65.60.0/22
45.114.204.0/22
103.37.8.0/23
103.52.168.0/23
103.80.136.0/22
IPv6:
2402:3680::/32
Signature Algorithm: sha256WithRSAEncryption
ae:ca:89:59:e0:b6:5d:cf:b8:99:b1:16:a0:ad:37:5f:61:a0:
1a:5b:e6:53:ca:31:c8:d9:cf:a3:6c:eb:c3:e1:a4:60:05:c5:
5d:08:c8:77:79:28:dd:71:3f:76:8b:d2:2c:09:06:7a:ca:4c:
f7:f2:16:24:6e:31:3e:b3:e1:48:f1:9d:96:c5:63:99:da:bb:
35:ca:6a:b2:3a:df:e5:ce:dc:28:81:28:2b:cb:8e:f9:63:23:
76:80:d9:7c:d9:7c:33:71:2e:c3:30:79:a5:2d:f4:90:f0:a2:
0e:c1:56:03:16:b1:a8:7b:59:2e:05:ee:b8:70:54:3f:34:b3:
d2:46:54:9a:dd:ba:e9:de:dd:1c:f6:5c:08:d7:e5:e3:4f:ca:
39:84:14:b2:d1:b9:aa:9b:4b:9d:1f:85:39:8f:59:62:e5:83:
54:7e:2b:b3:2a:96:e3:55:52:c7:26:5c:ec:f8:34:88:65:54:
d4:ac:77:17:f8:d4:42:40:f8:45:b3:30:ac:80:4e:bc:28:bd:
1d:fe:69:3a:bd:72:74:5e:8e:ff:1f:fa:d2:a1:61:3a:d2:94:
d9:84:1c:d8:e4:b8:2a:2b:cd:0f:df:00:75:8f:35:85:cb:f1:
0a:e1:12:35:fd:79:c3:e6:7e:07:20:67:b2:3c:37:ec:35:1b:
57:89:99:e6
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBkcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRCRTgxMTAvBgNVBAUTKEYzNTQwOTM5NDg2NkZCNDA4QTBEMTg4RTBCN0QwMEND
NUE3Mzk0OEUwHhcNMjMwOTA2MjIyOTQ1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY4ZmQ1OS0xMzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuNZoxSBknW5YHxJjKg8f9/Qznkx8Zy3s+GXo/rLrKdd2XyF+IkscRLNt02k4
ye/2QpV0PinXLV5XbPwLD9WPn3WUwiOQOSG8kcvGIJzqo3InUIgZbEhRFnKwq4/u
vD9666QK0F9fsCgo6cPYodgoUZ8p9GCdo8tOtKT+qzopLUNbnti98k8AoIWMYJuV
JojwB4JF9IQYXBKVT8t55WjxvA1C64xhod4VyE4f/7MvZTC9wdofa8uf+7vXBzyo
axz50504UDhuoGzjA3Caasv7TODbema+jSxIZ/J82V6/Rb3CDq3cJOhukgobM3rA
4KE8/WioMLq8dJ8JnV+H8iWJtQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFKGgeuIm
v7iw9cQ+AB6dVUHrLLAVMB8GA1UdIwQYMBaAFPNUCTlIZvtAig0Yjgt9AMxac5SO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREJFOC85RDM2MzE3ODE1
MkIxMUVCOUJENEVCNDZDNEY5QUUwMi84MVFKT1VobS0wQ0tEUmlPQzMwQXpGcHps
STQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzgxUUpPVWhtLTBDS0RSaU9DMzBBekZwemxJNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRCRTgvOUQzNjMxNzgxNTJCMTFFQjlCRDRFQjQ2QzRGOUFFMDIvQUFGMDQ0QUEx
NTJEMTFFQjgxNDQyQzQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAItQTwDBAItcswDBAFnJQgDBAFnNKgDBAJnUIgwDQQCAAIw
BwMFACQCNoAwDQYJKoZIhvcNAQELBQADggEBAK7KiVngtl3PuJmxFqCtN19hoBpb
5lPKMcjZz6Ns68PhpGAFxV0IyHd5KN1xP3aL0iwJBnrKTPfyFiRuMT6z4UjxnZbF
Y5nauzXKarI63+XO3CiBKCvLjvljI3aA2XzZfDNxLsMweaUt9JDwog7BVgMWsah7
WS4F7rhwVD80s9JGVJrduune3Rz2XAjX5eNPyjmEFLLRuaqbS50fhTmPWWLlg1R+
K7MqluNVUscmXOz4NIhlVNSsdxf41EJA+EWzMKyATrwovR3+aTq9cnRejv8f+tKh
YTrSlNmEHNjkuCorzQ/fAHWPNYXL8QrhEjX9ecPmfgcgZ7I8N+w1G1eJmeY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org