Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136655/F707F4640A9811EABDCAA17CC4F9AE02/EC593848B21A11ED84E25A26C4F9AE02.roa
File: EC593848B21A11ED84E25A26C4F9AE02.roa (raw, json)
Hash identifier: nmPkILg5/McM2tcljaHselVcEA7XgOtMdv+Q1sJYsqk=
Subject key identifier: 29:8D:57:CF:9E:AF:E4:E9:C8:3C:14:55:70:4E:8A:64:0B:ED:4E:3F
Certificate issuer: /CN=A9136655/serialNumber=70579F7F5F1B21DFC9DE667C6B3C21F16F87D572
Certificate serial: 0B42
Authority key identifier: 70:57:9F:7F:5F:1B:21:DF:C9:DE:66:7C:6B:3C:21:F1:6F:87:D5:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cFeff18bId_J3mZ8azwh8W-H1XI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136655/F707F4640A9811EABDCAA17CC4F9AE02/EC593848B21A11ED84E25A26C4F9AE02.roa
Signing time: Fri 02 Feb 2024 19:37:30 +0000
ROA not before: Fri 02 Feb 2024 19:37:30 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 138541
IP address blocks: 103.132.176.0/23 maxlen: 23
103.132.176.0/24 maxlen: 24
103.132.177.0/24 maxlen: 24
103.132.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 11:58:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2882 (0xb42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136655/serialNumber=70579F7F5F1B21DFC9DE667C6B3C21F16F87D572
Validity
Not Before: Feb 2 19:37:30 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65bd447a-b11c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:12:18:92:13:c2:b8:57:68:70:18:e2:12:26:
e0:56:93:ea:3f:6e:57:90:92:6b:a3:84:8e:9e:ed:
27:86:4a:a1:8e:6a:85:eb:f2:aa:db:ec:b6:4c:f2:
94:05:b4:c8:e0:19:2b:17:7d:d9:6f:0f:a3:41:df:
f7:a3:06:43:72:65:62:e2:2e:7b:e6:6c:59:47:38:
64:9b:3b:30:b3:ea:e9:8b:2e:24:a3:3a:b9:ac:47:
50:6e:e6:d2:ef:db:0f:39:fd:2e:a9:fa:87:1a:55:
2f:e6:59:48:68:83:76:61:6c:50:a1:60:fa:e1:7a:
db:97:71:0b:57:c6:b8:f0:01:48:ed:bf:87:45:6c:
52:73:8c:8a:98:92:e0:7c:34:53:28:9e:1b:c9:eb:
dd:00:b8:48:d4:c2:81:de:be:b1:be:d7:d3:ba:0e:
d4:de:89:ba:a0:1c:7f:7c:b4:35:98:d7:7b:f9:ea:
95:a6:4b:5b:38:22:9d:71:e6:3a:74:a4:10:50:bb:
fe:99:bf:bc:31:74:af:34:51:5a:7f:f2:62:34:7f:
f0:49:84:c6:57:44:f4:46:3e:f8:02:02:21:db:8a:
b1:e5:0c:1f:14:50:61:67:13:a5:e9:13:86:84:26:
0d:1b:39:1a:9c:65:1e:5d:93:33:e3:d5:62:a4:74:
19:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8D:57:CF:9E:AF:E4:E9:C8:3C:14:55:70:4E:8A:64:0B:ED:4E:3F
X509v3 Authority Key Identifier:
keyid:70:57:9F:7F:5F:1B:21:DF:C9:DE:66:7C:6B:3C:21:F1:6F:87:D5:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136655/F707F4640A9811EABDCAA17CC4F9AE02/cFeff18bId_J3mZ8azwh8W-H1XI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cFeff18bId_J3mZ8azwh8W-H1XI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136655/F707F4640A9811EABDCAA17CC4F9AE02/EC593848B21A11ED84E25A26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.132.176.0/23
103.132.179.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:0b:e5:8c:e4:5f:06:e5:8a:19:5d:80:f2:6c:de:b9:db:e5:
8d:da:11:98:34:a2:7a:10:79:2e:30:3b:aa:c4:28:fd:12:63:
56:cd:83:f1:4a:23:5b:30:61:d8:50:c9:33:61:97:cf:36:a2:
d8:e0:5a:95:dc:76:1e:2f:e0:58:3d:bc:06:5c:41:e3:b6:1b:
db:74:72:f3:f1:cc:0d:82:bb:22:65:f9:e5:f8:34:d4:24:96:
99:6d:14:02:0a:b3:5f:38:2f:f7:01:2a:e1:59:70:ee:2a:04:
eb:f0:a9:18:60:9a:a9:f7:26:3f:68:77:19:2e:a4:04:1d:fe:
37:db:8f:36:4f:da:76:0b:69:b4:af:01:51:4c:97:dc:b2:5e:
ba:58:0c:f3:9d:d8:9e:68:b8:44:b8:79:5c:54:27:25:f7:1b:
40:70:d0:48:8b:d8:b1:8f:77:11:cc:e8:a4:7a:46:68:1c:94:
2b:fe:ba:15:0a:85:79:8d:bc:bc:b0:5b:7b:72:fa:2b:9e:b0:
79:3f:91:51:eb:64:27:cf:53:df:c2:b8:e6:65:5c:a8:3c:89:
9c:48:34:dc:0f:a8:ea:94:0c:d5:b1:1b:54:1a:e2:6e:bc:a9:
f8:7d:88:0c:31:e7:bb:bb:16:68:c5:1d:0a:9d:68:8b:e5:2c:
df:55:98:35
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzY2NTUxMTAvBgNVBAUTKDcwNTc5RjdGNUYxQjIxREZDOURFNjY3QzZCM0MyMUYx
NkY4N0Q1NzIwHhcNMjQwMjAyMTkzNzMwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJkNDQ3YS1iMTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1xIYkhPCuFdocBjiEibgVpPqP25XkJJro4SOnu0nhkqhjmqF6/Kq2+y2TPKU
BbTI4BkrF33Zbw+jQd/3owZDcmVi4i575mxZRzhkmzsws+rpiy4kozq5rEdQbubS
79sPOf0uqfqHGlUv5llIaIN2YWxQoWD64Xrbl3ELV8a48AFI7b+HRWxSc4yKmJLg
fDRTKJ4byevdALhI1MKB3r6xvtfTug7U3om6oBx/fLQ1mNd7+eqVpktbOCKdceY6
dKQQULv+mb+8MXSvNFFaf/JiNH/wSYTGV0T0Rj74AgIh24qx5QwfFFBhZxOl6ROG
hCYNGzkanGUeXZMz49VipHQZQwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCmNV8+e
r+TpyDwUVXBOimQL7U4/MB8GA1UdIwQYMBaAFHBXn39fGyHfyd5mfGs8IfFvh9Vy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjY1NS9GNzA3RjQ2NDBB
OTgxMUVBQkRDQUExN0NDNEY5QUUwMi9jRmVmZjE4YklkX0ozbVo4YXp3aDhXLUgx
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NGZWZmMThiSWRfSjNtWjhhendoOFctSDFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzY2NTUvRjcwN0Y0NjQwQTk4MTFFQUJEQ0FBMTdDQzRGOUFFMDIvRUM1OTM4NDhC
MjFBMTFFRDg0RTI1QTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnhLADBABnhLMwDQYJKoZIhvcNAQELBQADggEBAC0L5Yzk
XwblihldgPJs3rnb5Y3aEZg0onoQeS4wO6rEKP0SY1bNg/FKI1swYdhQyTNhl882
otjgWpXcdh4v4Fg9vAZcQeO2G9t0cvPxzA2CuyJl+eX4NNQklpltFAIKs184L/cB
KuFZcO4qBOvwqRhgmqn3Jj9odxkupAQd/jfbjzZP2nYLabSvAVFMl9yyXrpYDPOd
2J5ouES4eVxUJyX3G0Bw0EiL2LGPdxHM6KR6RmgclCv+uhUKhXmNvLywW3ty+iue
sHk/kVHrZCfPU9/CuOZlXKg8iZxINNwPqOqUDNWxG1Qa4m68qfh9iAwx57u7FmjF
HQqdaIvlLN9VmDU=
-----END CERTIFICATE-----
Generated at Fri May 24 15:03:45 2024 by rpki-client on console-fra.rpki-client.org