Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/895BDB780F4F11EEB585645CC4F9AE02.roa
File: 895BDB780F4F11EEB585645CC4F9AE02.roa (raw, json)
Hash identifier: CwJ0ZmBmp+XqDmtyZdnF9pHT2NrkJHthHLld7ax9fv4=
Subject key identifier: 2C:9E:58:16:93:DB:3B:3D:04:C9:3C:1F:B4:68:E8:09:20:F6:4F:F3
Certificate issuer: /CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Certificate serial: 13
Authority key identifier: 10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/895BDB780F4F11EEB585645CC4F9AE02.roa
Signing time: Tue 20 Jun 2023 09:47:58 +0000
ROA not before: Tue 20 Jun 2023 09:47:58 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 151403
IP address blocks: 103.221.67.0/24 maxlen: 24
2401:aa0::/32 maxlen: 32
2401:aa0::/34 maxlen: 34
2401:aa0::/48 maxlen: 48
2401:aa0:1::/48 maxlen: 48
2401:aa0:2::/48 maxlen: 48
2401:aa0:3::/48 maxlen: 48
2401:aa0:4::/48 maxlen: 48
2401:aa0:5::/48 maxlen: 48
2401:aa0:6::/48 maxlen: 48
2401:aa0:7::/48 maxlen: 48
2401:aa0:8::/48 maxlen: 48
2401:aa0:4000::/34 maxlen: 34
2401:aa0:8000::/34 maxlen: 34
2401:aa0:c000::/34 maxlen: 34
Validation: Failed, certificate revoked on Sun 18 Feb 2024 05:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Validity
Not Before: Jun 20 09:47:58 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=649175cd-ef20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ab:a8:ef:7d:bb:23:ed:03:22:3e:21:09:9c:
25:2b:cc:c5:37:70:f4:f5:ce:66:be:c6:d7:94:4d:
eb:31:2d:ff:01:a8:81:79:6e:b9:47:63:5d:3e:45:
99:9a:27:a4:89:0b:74:ba:05:16:2b:3f:1b:17:fb:
03:dd:db:9b:da:ac:1c:fd:81:a5:e3:c1:c8:30:6a:
55:57:ca:52:c3:1b:52:23:a5:b5:ff:bf:5b:28:3b:
8b:2f:78:69:dd:4c:81:7d:c9:b8:25:5b:ed:55:a8:
3a:04:8c:a1:af:af:24:f4:9c:17:33:76:79:77:7a:
cd:9e:f4:1c:b2:78:0d:d7:51:7e:81:e1:31:38:62:
8d:f7:d4:37:fc:3c:bc:b7:12:be:00:0e:87:c0:62:
cc:8c:df:0d:81:d2:90:ac:85:4f:51:b7:79:89:86:
9f:43:c3:73:be:09:8f:68:d2:cf:d3:7e:ae:72:c4:
f6:8c:8b:08:20:3b:74:ac:c2:8e:6b:4f:a4:cc:74:
f5:d4:ec:b4:b7:0a:eb:96:b3:b4:9f:3a:f4:21:6f:
eb:35:62:ec:4e:af:d6:3a:30:15:fc:79:74:2d:b3:
ad:4c:5e:71:9a:c4:86:87:79:3d:88:5e:14:aa:ba:
82:d7:f1:ea:1f:3f:f4:f7:be:2f:e9:b2:26:e2:db:
b9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:9E:58:16:93:DB:3B:3D:04:C9:3C:1F:B4:68:E8:09:20:F6:4F:F3
X509v3 Authority Key Identifier:
keyid:10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/895BDB780F4F11EEB585645CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.67.0/24
IPv6:
2401:aa0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:1c:51:45:3f:65:d8:e0:43:30:c6:85:e4:2e:42:ca:0b:57:
39:c0:2c:2d:b4:b9:d5:9e:0d:07:60:85:b2:79:d6:e6:fe:d0:
5d:0a:57:39:3d:7c:47:c2:9b:ac:6a:34:ac:84:c0:5d:77:b0:
7e:c8:3e:86:e5:d0:a8:cd:8f:d5:e6:0f:e3:69:c7:63:b1:3e:
50:3f:18:46:0a:fb:73:53:de:92:c5:7d:8d:37:25:bf:1b:74:
d5:f9:19:24:bb:f6:a8:54:70:71:58:06:02:28:f0:64:08:c8:
6a:ef:38:ad:8a:fd:90:4b:f3:2b:c3:b0:9a:45:3b:d4:a6:d3:
38:4e:40:16:9d:ac:a4:ca:92:b6:71:98:ae:8e:aa:ee:10:20:
57:6a:4f:1e:8a:b3:4f:b5:a2:36:72:9a:cb:0b:ce:55:00:25:
0c:4a:1a:89:f8:10:2a:4a:29:16:c4:13:51:6d:0b:59:9f:91:
d9:5f:f8:40:d1:51:13:3b:58:fb:d8:5f:ba:13:9c:30:c8:a4:
14:d8:bf:66:c0:3d:d4:ae:63:cd:28:1d:e3:30:ee:51:5e:06:
b3:80:c8:0f:b7:71:48:06:42:a1:a0:39:e3:9e:cc:e2:e8:50:
bd:09:dc:7d:63:e4:c2:5d:ba:b0:db:2e:09:47:6e:23:65:cf:
04:de:e5:f2
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
ODNGMDExMC8GA1UEBRMoMTAzNkMxRTBGRkUxQ0ZDMzdENjU1RDg5RkE2NUQ2NUZF
MjJFMUY3QTAeFw0yMzA2MjAwOTQ3NThaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OTE3NWNkLWVmMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuq6jvfbsj7QMiPiEJnCUrzMU3cPT1zma+xteUTesxLf8BqIF5brlHY10+RZma
J6SJC3S6BRYrPxsX+wPd25varBz9gaXjwcgwalVXylLDG1IjpbX/v1soO4sveGnd
TIF9ybglW+1VqDoEjKGvryT0nBczdnl3es2e9ByyeA3XUX6B4TE4Yo331Df8PLy3
Er4ADofAYsyM3w2B0pCshU9Rt3mJhp9Dw3O+CY9o0s/Tfq5yxPaMiwggO3Sswo5r
T6TMdPXU7LS3CuuWs7SfOvQhb+s1YuxOr9Y6MBX8eXQts61MXnGaxIaHeT2IXhSq
uoLX8eofP/T3vi/psibi27lRAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQULJ5YFpPb
Oz0EyTwftGjoCSD2T/MwHwYDVR0jBBgwFoAUEDbB4P/hz8N9ZV2J+mXWX+IuH3ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4M0YwL0RDRkNBNkEyMEE4
MzExRUU5RTZBOTI1MEM0RjlBRTAyL0VEYkI0UF9oejhOOVpWMkotbVhXWC1JdUgz
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRURiQjRQX2h6OE45WlYySi1tWFdYLUl1SDNvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
ODNGMC9EQ0ZDQTZBMjBBODMxMUVFOUU2QTkyNTBDNEY5QUUwMi84OTVCREI3ODBG
NEYxMUVFQjU4NTY0NUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAGfdQzANBAIAAjAHAwUAJAEKoDANBgkqhkiG9w0BAQsFAAOC
AQEAShxRRT9l2OBDMMaF5C5CygtXOcAsLbS51Z4NB2CFsnnW5v7QXQpXOT18R8Kb
rGo0rITAXXewfsg+huXQqM2P1eYP42nHY7E+UD8YRgr7c1PeksV9jTclvxt01fkZ
JLv2qFRwcVgGAijwZAjIau84rYr9kEvzK8OwmkU71KbTOE5AFp2spMqStnGYro6q
7hAgV2pPHoqzT7WiNnKaywvOVQAlDEoaifgQKkopFsQTUW0LWZ+R2V/4QNFREztY
+9hfuhOcMMikFNi/ZsA91K5jzSgd4zDuUV4Gs4DID7dxSAZCoaA5457M4uhQvQnc
fWPkwl26sNsuCUduI2XPBN7l8g==
-----END CERTIFICATE-----
Generated at Sun Feb 18 05:53:02 2024 by rpki-client on console-ams.rpki-client.org