Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D8BA/48B40A8401D411EDA92EAA2DC4F9AE02/9F393A5801D611EDA3BFA62EC4F9AE02.roa
File: 9F393A5801D611EDA3BFA62EC4F9AE02.roa (raw, json)
Hash identifier: kRKgTzeU4oBXUuqawd5VGqV5Qtd/GlMgdSFWLc37cx0=
Subject key identifier: 9E:99:67:4F:CD:36:D6:4D:96:93:99:76:88:2E:5A:8C:66:BF:79:7B
Certificate issuer: /CN=A911D8BA/serialNumber=7318DA73A0AB3DD090E6B73FC4DF0D7510185CF1
Certificate serial: 01E5
Authority key identifier: 73:18:DA:73:A0:AB:3D:D0:90:E6:B7:3F:C4:DF:0D:75:10:18:5C:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cxjac6CrPdCQ5rc_xN8NdRAYXPE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D8BA/48B40A8401D411EDA92EAA2DC4F9AE02/9F393A5801D611EDA3BFA62EC4F9AE02.roa
Signing time: Mon 03 Jun 2024 05:21:57 +0000
ROA not before: Mon 03 Jun 2024 05:21:57 +0000
ROA not after: Tue 01 Oct 2024 00:00:00 +0000
asID: 59216
IP address blocks: 103.227.236.0/24 maxlen: 24
103.227.237.0/24 maxlen: 24
103.227.238.0/24 maxlen: 24
2001:df3:f800::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jun 2024 05:03:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 485 (0x1e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D8BA/serialNumber=7318DA73A0AB3DD090E6B73FC4DF0D7510185CF1
Validity
Not Before: Jun 3 05:21:57 2024 GMT
Not After : Oct 1 00:00:00 2024 GMT
Subject: CN=665d52f5-a7a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8b:74:24:cf:c5:d4:d9:9b:aa:f2:6e:4d:7b:
24:87:48:53:33:30:b5:15:cd:97:0e:ca:97:6a:4a:
21:39:7a:1c:9e:f0:2c:70:4d:38:37:92:8f:81:7e:
4c:c4:29:eb:0d:20:88:e1:bb:72:32:da:f2:9e:21:
ab:60:08:65:32:61:5f:81:15:de:70:d9:62:ae:81:
29:5b:9b:be:b6:ed:1f:23:23:84:37:74:54:c7:b5:
2c:2c:9a:b4:a0:9e:4e:83:15:a9:af:1c:93:76:45:
bb:b4:45:6f:b2:5b:d9:7e:b1:b0:e0:7c:a2:82:4a:
2f:d5:f0:1b:c5:d7:b5:ee:02:a4:fe:14:5b:e9:1a:
76:3f:86:0b:ec:0d:8b:36:93:1d:bf:09:3c:d2:30:
f6:f1:9c:71:5c:c6:5a:75:f4:22:32:a9:0d:e0:7d:
81:b7:8e:53:a7:d2:b7:ee:57:f1:96:4b:d9:9c:7c:
cf:58:50:23:d7:d6:8e:54:7f:66:44:37:49:50:32:
eb:6a:46:3d:3f:e7:6b:06:74:ba:77:9c:d8:58:d4:
4b:12:c0:2e:92:f7:c7:4d:73:54:31:97:14:7f:fb:
88:df:c1:c9:c1:e3:60:87:b8:df:22:c3:92:56:cd:
a9:c4:ad:4b:a8:25:fb:88:03:96:ee:80:33:55:00:
a2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:99:67:4F:CD:36:D6:4D:96:93:99:76:88:2E:5A:8C:66:BF:79:7B
X509v3 Authority Key Identifier:
keyid:73:18:DA:73:A0:AB:3D:D0:90:E6:B7:3F:C4:DF:0D:75:10:18:5C:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D8BA/48B40A8401D411EDA92EAA2DC4F9AE02/cxjac6CrPdCQ5rc_xN8NdRAYXPE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cxjac6CrPdCQ5rc_xN8NdRAYXPE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D8BA/48B40A8401D411EDA92EAA2DC4F9AE02/9F393A5801D611EDA3BFA62EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.227.236.0-103.227.238.255
IPv6:
2001:df3:f800::/48
Signature Algorithm: sha256WithRSAEncryption
3e:b4:54:6d:e3:40:98:1b:ac:b7:20:bc:5c:71:b6:8b:28:60:
f0:96:ec:92:ab:ba:77:ee:d3:79:a9:e8:f9:ff:a4:59:3b:18:
a2:32:26:a5:48:be:a4:82:3f:3a:ae:aa:dc:2d:5f:4f:a8:17:
c9:09:e0:23:48:31:b6:e1:b4:b7:73:1a:ce:ee:94:49:78:91:
73:a8:67:ed:bf:12:f5:8f:55:99:cd:41:bb:5e:b5:09:0a:d0:
2c:26:25:92:3b:08:fe:2b:e8:e7:72:e7:c0:94:c3:d6:69:89:
be:c7:d9:60:75:19:71:af:3a:29:d8:2f:29:a5:26:8b:d4:41:
9e:85:a5:f5:3a:e9:60:d4:3a:72:65:93:6b:99:8f:f0:dc:64:
41:fb:31:99:82:d2:5b:eb:5e:f7:f0:13:61:45:80:e5:32:49:
57:1e:16:11:de:98:df:24:a2:8f:b3:cb:fe:8e:ad:cf:e5:8b:
8e:3c:1d:5d:af:98:54:00:1c:b4:0d:dc:cd:be:86:7e:de:35:
5f:44:54:65:c4:8c:09:4f:9f:1d:5e:45:0d:56:2c:1d:2f:99:
11:a6:2f:5b:5a:a9:7b:4d:69:7e:5d:a1:5b:a6:9d:08:a9:c1:
c3:ab:d4:37:36:73:44:dd:d1:9c:8e:03:1b:91:76:ad:d6:37:
8a:3f:58:a1
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICAeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ4QkExMTAvBgNVBAUTKDczMThEQTczQTBBQjNERDA5MEU2QjczRkM0REYwRDc1
MTAxODVDRjEwHhcNMjQwNjAzMDUyMTU3WhcNMjQxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkNTJmNS1hN2E5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvot0JM/F1NmbqvJuTXskh0hTMzC1Fc2XDsqXakohOXocnvAscE04N5KPgX5M
xCnrDSCI4btyMtryniGrYAhlMmFfgRXecNliroEpW5u+tu0fIyOEN3RUx7UsLJq0
oJ5OgxWprxyTdkW7tEVvslvZfrGw4Hyigkov1fAbxde17gKk/hRb6Rp2P4YL7A2L
NpMdvwk80jD28ZxxXMZadfQiMqkN4H2Bt45Tp9K37lfxlkvZnHzPWFAj19aOVH9m
RDdJUDLrakY9P+drBnS6d5zYWNRLEsAukvfHTXNUMZcUf/uI38HJweNgh7jfIsOS
Vs2pxK1LqCX7iAOW7oAzVQCihwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFJ6ZZ0/N
NtZNlpOZdoguWoxmv3l7MB8GA1UdIwQYMBaAFHMY2nOgqz3QkOa3P8TfDXUQGFzx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDhCQS80OEI0MEE4NDAx
RDQxMUVEQTkyRUFBMkRDNEY5QUUwMi9jeGphYzZDclBkQ1E1cmNfeE44TmRSQVlY
UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2N4amFjNkNyUGRDUTVyY194TjhOZFJBWVhQRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ4QkEvNDhCNDBBODQwMUQ0MTFFREE5MkVBQTJEQzRGOUFFMDIvOUYzOTNBNTgw
MUQ2MTFFREEzQkZBNjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMBQEAgABMA4wDAMEAmfj7AMEAGfj7jAPBAIAAjAJAwcAIAEN8/gAMA0GCSqG
SIb3DQEBCwUAA4IBAQA+tFRt40CYG6y3ILxccbaLKGDwluySq7p37tN5qej5/6RZ
OxiiMialSL6kgj86rqrcLV9PqBfJCeAjSDG24bS3cxrO7pRJeJFzqGftvxL1j1WZ
zUG7XrUJCtAsJiWSOwj+K+jncufAlMPWaYm+x9lgdRlxrzop2C8ppSaL1EGehaX1
Oulg1DpyZZNrmY/w3GRB+zGZgtJb61738BNhRYDlMklXHhYR3pjfJKKPs8v+jq3P
5YuOPB1dr5hUABy0DdzNvoZ+3jVfRFRlxIwJT58dXkUNViwdL5kRpi9bWql7TWl+
XaFbpp0IqcHDq9Q3NnNE3dGcjgMbkXat1jeKP1ih
-----END CERTIFICATE-----
Generated at Fri Jun 21 08:54:26 2024 by rpki-client on console-fra.rpki-client.org