Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/D6AF3A062D5211EFB8656532C4F9AE02.roa
File: D6AF3A062D5211EFB8656532C4F9AE02.roa (raw, json)
Hash identifier: jeWuebMYQ5ZxATEqX0owWnl/0LZ6WDhS/RPUF4eV3E0=
Subject key identifier: 1E:FB:77:7E:2C:8E:35:E5:AB:7A:3B:B1:14:34:2B:3B:9C:BD:9E:03
Certificate issuer: /CN=A9117394/serialNumber=AAFAAE3C5703B39337FD3D7A9666C58CB8C3B509
Certificate serial: 3470
Authority key identifier: AA:FA:AE:3C:57:03:B3:93:37:FD:3D:7A:96:66:C5:8C:B8:C3:B5:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qvquPFcDs5M3_T16lmbFjLjDtQk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/D6AF3A062D5211EFB8656532C4F9AE02.roa
Signing time: Tue 18 Jun 2024 09:12:48 +0000
ROA not before: Tue 18 Jun 2024 09:12:48 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 37997
IP address blocks: 103.224.196.0/22 maxlen: 22
103.224.196.0/24 maxlen: 24
103.224.197.0/24 maxlen: 24
103.224.198.0/24 maxlen: 24
103.224.199.0/24 maxlen: 24
124.195.128.0/20 maxlen: 20
124.195.128.0/22 maxlen: 22
124.195.128.0/24 maxlen: 24
124.195.129.0/24 maxlen: 24
124.195.130.0/24 maxlen: 24
124.195.131.0/24 maxlen: 24
124.195.132.0/22 maxlen: 22
124.195.132.0/24 maxlen: 24
124.195.133.0/24 maxlen: 24
124.195.134.0/24 maxlen: 24
124.195.135.0/24 maxlen: 24
124.195.136.0/22 maxlen: 22
124.195.136.0/24 maxlen: 24
124.195.137.0/24 maxlen: 24
124.195.138.0/24 maxlen: 24
124.195.139.0/24 maxlen: 24
124.195.140.0/22 maxlen: 22
124.195.140.0/24 maxlen: 24
124.195.141.0/24 maxlen: 24
124.195.142.0/24 maxlen: 24
124.195.143.0/24 maxlen: 24
203.158.24.0/21 maxlen: 21
203.158.24.0/24 maxlen: 24
203.158.25.0/24 maxlen: 24
203.158.28.0/24 maxlen: 24
203.158.29.0/24 maxlen: 24
203.158.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 06:35:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13424 (0x3470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117394/serialNumber=AAFAAE3C5703B39337FD3D7A9666C58CB8C3B509
Validity
Not Before: Jun 18 09:12:48 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66714f8f-0243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7c:61:89:0a:aa:1a:4f:5e:6f:ad:7b:a8:2b:
f3:55:17:b4:0a:5e:20:2d:ca:22:5c:50:01:27:86:
88:6d:4c:14:34:1a:25:1c:c1:f5:9b:2f:b8:7e:b9:
4e:71:14:aa:86:46:67:f8:b3:6c:30:eb:cb:e8:2d:
29:5d:59:c0:9e:3d:22:bb:6f:11:85:be:d4:87:e5:
d7:05:87:bf:f0:dd:17:c8:df:61:e6:f5:b7:c4:0d:
1a:d8:58:5e:ac:55:a9:8b:11:92:97:2b:f4:9a:ae:
2e:59:27:b9:e2:67:11:4e:dd:90:90:bd:53:24:09:
78:80:df:c2:ac:05:40:4f:43:94:62:6e:97:5e:0e:
31:38:da:96:3d:b6:e9:35:77:ed:59:dd:25:a2:97:
66:03:fa:9f:a7:9e:4b:dc:88:42:e4:bd:6c:d3:82:
59:61:d8:2b:2f:62:2e:20:d5:6d:c9:d9:be:1e:a1:
6e:23:ec:3a:61:75:b1:1e:7f:72:32:7a:7e:7f:fa:
e6:dc:08:d2:3c:39:b1:3b:d0:a9:69:bb:36:d9:92:
f1:2c:17:ad:70:43:6f:f9:c6:e1:fe:8d:92:18:76:
cc:7d:13:1c:3e:c1:ce:b2:79:43:71:84:f9:5c:5a:
68:29:78:db:e5:2d:be:fa:e5:bb:d3:4e:0e:df:d9:
55:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FB:77:7E:2C:8E:35:E5:AB:7A:3B:B1:14:34:2B:3B:9C:BD:9E:03
X509v3 Authority Key Identifier:
keyid:AA:FA:AE:3C:57:03:B3:93:37:FD:3D:7A:96:66:C5:8C:B8:C3:B5:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/qvquPFcDs5M3_T16lmbFjLjDtQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qvquPFcDs5M3_T16lmbFjLjDtQk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/D6AF3A062D5211EFB8656532C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.224.196.0/22
124.195.128.0/20
203.158.24.0/21
Signature Algorithm: sha256WithRSAEncryption
18:97:cc:9a:aa:fc:d4:a7:86:7b:1b:98:31:76:a7:e2:04:70:
09:c2:b4:9d:a6:df:d5:5d:59:a5:9b:84:02:61:08:83:10:96:
9c:d9:c1:56:e9:64:63:11:85:46:b2:8a:eb:5f:02:77:ae:c3:
12:79:67:6d:ef:88:7d:c9:5c:01:8e:3b:f2:dd:38:77:85:2c:
72:af:61:f3:ef:1b:8b:66:74:7a:37:12:79:aa:1e:3d:f9:54:
eb:87:ef:d2:85:9b:71:6f:33:93:b3:6d:01:39:f8:32:db:f0:
39:99:39:91:6f:bf:9b:f5:8b:76:23:05:8e:ab:5f:23:1f:43:
47:27:59:e3:5a:e2:75:4b:71:c3:d9:f3:2e:b8:81:c5:d6:43:
b5:14:3e:f3:29:54:f6:c2:93:6b:15:67:2b:9c:89:3a:c2:03:
38:47:0f:3c:b6:d0:dc:39:48:76:7a:38:ec:28:38:2f:b2:b8:
45:02:d3:ed:83:c1:e9:16:54:f5:60:51:73:91:68:d5:74:10:
83:a7:6d:06:f4:31:83:27:e3:bb:8e:68:c8:f7:0d:22:ae:f1:
4c:8d:3a:40:31:d8:40:89:57:84:41:ca:be:7b:41:95:04:73:
cd:1e:2c:b7:b1:32:a4:7f:da:8b:6e:82:32:bc:c0:fa:de:42:
85:a7:aa:f5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICNHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczOTQxMTAvBgNVBAUTKEFBRkFBRTNDNTcwM0IzOTMzN0ZEM0Q3QTk2NjZDNThD
QjhDM0I1MDkwHhcNMjQwNjE4MDkxMjQ4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjcxNGY4Zi0wMjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuHxhiQqqGk9eb617qCvzVRe0Cl4gLcoiXFABJ4aIbUwUNBolHMH1my+4frlO
cRSqhkZn+LNsMOvL6C0pXVnAnj0iu28Rhb7Uh+XXBYe/8N0XyN9h5vW3xA0a2Fhe
rFWpixGSlyv0mq4uWSe54mcRTt2QkL1TJAl4gN/CrAVAT0OUYm6XXg4xONqWPbbp
NXftWd0lopdmA/qfp55L3IhC5L1s04JZYdgrL2IuINVtydm+HqFuI+w6YXWxHn9y
Mnp+f/rm3AjSPDmxO9Cpabs22ZLxLBetcENv+cbh/o2SGHbMfRMcPsHOsnlDcYT5
XFpoKXjb5S2++uW7004O39lVjwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFB77d34s
jjXlq3o7sRQ0KzucvZ4DMB8GA1UdIwQYMBaAFKr6rjxXA7OTN/09epZmxYy4w7UJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM5NC80RjU5MTg2QTFE
NkYxMUUyOUI1NDQ2QjEwOEIwMkNEMi9xdnF1UEZjRHM1TTNfVDE2bG1iRmpMakR0
UWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3F2cXVQRmNEczVNM19UMTZsbWJGakxqRHRRay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczOTQvNEY1OTE4NkExRDZGMTFFMjlCNTQ0NkIxMDhCMDJDRDIvRDZBRjNBMDYy
RDUyMTFFRkI4NjU2NTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJn4MQDBAR8w4ADBAPLnhgwDQYJKoZIhvcNAQELBQADggEB
ABiXzJqq/NSnhnsbmDF2p+IEcAnCtJ2m39VdWaWbhAJhCIMQlpzZwVbpZGMRhUay
iutfAneuwxJ5Z23viH3JXAGOO/LdOHeFLHKvYfPvG4tmdHo3EnmqHj35VOuH79KF
m3FvM5OzbQE5+DLb8DmZOZFvv5v1i3YjBY6rXyMfQ0cnWeNa4nVLccPZ8y64gcXW
Q7UUPvMpVPbCk2sVZyuciTrCAzhHDzy20Nw5SHZ6OOwoOC+yuEUC0+2DwekWVPVg
UXORaNV0EIOnbQb0MYMn47uOaMj3DSKu8UyNOkAx2ECJV4RByr57QZUEc80eLLex
MqR/2otugjK8wPreQoWnqvU=
-----END CERTIFICATE-----
Generated at Tue Aug 20 09:33:11 2024 by rpki-client on console-fra.rpki-client.org