Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/9A8EDB32864B11EBA888881DC4F9AE02.roa
File: 9A8EDB32864B11EBA888881DC4F9AE02.roa (raw, json)
Hash identifier: ICJHaTSonKHG1kHaIl2qfDtx4Th0WjNw9BxPhzw8sCc=
Subject key identifier: A7:73:F6:DD:50:CD:A9:39:D3:02:6A:0C:29:CB:42:A0:0C:38:BE:26
Certificate issuer: /CN=A913F6DE/serialNumber=5D428682E89E9FED962BE9C4432B34C45E2E09C9
Certificate serial: 0B78
Authority key identifier: 5D:42:86:82:E8:9E:9F:ED:96:2B:E9:C4:43:2B:34:C4:5E:2E:09:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/9A8EDB32864B11EBA888881DC4F9AE02.roa
Signing time: Sat 07 Sep 2024 23:18:07 +0000
ROA not before: Sat 07 Sep 2024 23:18:07 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 131464
IP address blocks: 103.69.148.0/22 maxlen: 22
103.69.148.0/23 maxlen: 23
103.69.148.0/24 maxlen: 24
103.69.149.0/24 maxlen: 24
103.69.150.0/23 maxlen: 23
103.69.150.0/24 maxlen: 24
103.69.151.0/24 maxlen: 24
180.149.232.0/22 maxlen: 22
180.149.232.0/23 maxlen: 23
180.149.232.0/24 maxlen: 24
180.149.233.0/24 maxlen: 24
180.149.234.0/23 maxlen: 23
180.149.234.0/24 maxlen: 24
180.149.235.0/24 maxlen: 24
2405:f280::/32 maxlen: 32
2405:f280::/33 maxlen: 33
2405:f280::/34 maxlen: 34
2405:f280::/35 maxlen: 35
2405:f280::/36 maxlen: 36
2405:f280:1::/48 maxlen: 48
2405:f280:3::/48 maxlen: 48
2405:f280:14::/48 maxlen: 48
2405:f280:34::/48 maxlen: 48
2405:f280:5c::/48 maxlen: 48
2405:f280:1000::/36 maxlen: 36
2405:f280:1000::/48 maxlen: 48
2405:f280:1001::/48 maxlen: 48
2405:f280:1038::/48 maxlen: 48
2405:f280:1039::/48 maxlen: 48
2405:f280:2000::/35 maxlen: 35
2405:f280:2000::/36 maxlen: 36
2405:f280:3000::/36 maxlen: 36
2405:f280:4000::/34 maxlen: 34
2405:f280:4000::/35 maxlen: 35
2405:f280:4000::/36 maxlen: 36
2405:f280:5000::/36 maxlen: 36
2405:f280:6000::/35 maxlen: 35
2405:f280:6000::/36 maxlen: 36
2405:f280:7000::/36 maxlen: 36
2405:f280:8000::/33 maxlen: 33
2405:f280:8000::/34 maxlen: 34
2405:f280:8000::/35 maxlen: 35
2405:f280:8000::/36 maxlen: 36
2405:f280:9000::/36 maxlen: 36
2405:f280:9000::/48 maxlen: 48
2405:f280:9001::/48 maxlen: 48
2405:f280:a000::/35 maxlen: 35
2405:f280:a000::/36 maxlen: 36
2405:f280:b000::/36 maxlen: 36
2405:f280:c000::/34 maxlen: 34
2405:f280:c000::/35 maxlen: 35
2405:f280:c000::/36 maxlen: 36
2405:f280:d000::/36 maxlen: 36
2405:f280:e000::/35 maxlen: 35
2405:f280:e000::/36 maxlen: 36
2405:f280:e004::/48 maxlen: 48
2405:f280:e005::/48 maxlen: 48
2405:f280:e006::/48 maxlen: 48
2405:f280:e007::/48 maxlen: 48
2405:f280:e008::/48 maxlen: 48
2405:f280:e009::/48 maxlen: 48
2405:f280:e00a::/48 maxlen: 48
2405:f280:e00b::/48 maxlen: 48
2405:f280:e00c::/48 maxlen: 48
2405:f280:e00d::/48 maxlen: 48
2405:f280:e034::/48 maxlen: 48
2405:f280:ef00::/48 maxlen: 48
2405:f280:f000::/36 maxlen: 36
2405:f280:ff00::/40 maxlen: 40
2405:f280:ff00::/48 maxlen: 48
2405:f280:ff01::/48 maxlen: 48
2405:f280:ff02::/48 maxlen: 48
2405:f280:ff03::/48 maxlen: 48
2405:f280:ff04::/48 maxlen: 48
2405:f280:ff05::/48 maxlen: 48
2405:f280:ff06::/48 maxlen: 48
2405:f280:ff07::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Oct 2024 07:58:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2936 (0xb78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913F6DE/serialNumber=5D428682E89E9FED962BE9C4432B34C45E2E09C9
Validity
Not Before: Sep 7 23:18:07 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66dcdf2f-6dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2e:ef:3b:4c:4b:5c:49:7c:72:f8:2b:b7:17:
d2:3f:f0:99:e7:55:ff:88:af:dc:0f:03:1f:0a:bf:
f1:a6:92:15:f6:d2:85:48:61:3c:71:ac:ff:62:42:
6e:94:79:75:5f:d9:58:c2:82:e9:ef:f0:00:ea:52:
cc:67:ce:9b:3f:49:52:3e:3f:21:73:ae:6c:fd:b4:
bf:61:c1:44:05:d8:e8:34:f4:40:a7:97:62:f6:97:
9e:59:ef:87:27:cf:38:1b:74:25:15:2f:c7:01:dc:
48:8d:bc:cd:b5:69:10:9f:d0:55:0c:3e:b0:d2:be:
70:a8:e0:50:0a:c0:2c:d3:a2:d8:6d:8e:b0:f3:d5:
1b:bd:bd:12:d1:2d:5b:90:f7:1f:b7:af:ce:29:50:
60:be:e1:16:bb:3e:92:37:70:d5:4d:74:b5:bf:ce:
c7:72:56:ae:00:30:f6:05:de:20:c7:3d:a8:a4:de:
d2:32:6a:15:a5:6a:2a:4f:66:6a:e8:37:6d:ee:8b:
ce:b4:78:0e:52:31:f6:bc:1f:34:ee:a1:ac:b2:dd:
5b:34:9b:08:a4:9f:9c:bb:12:4a:96:75:1c:ee:dd:
05:e7:4d:38:16:9b:d8:5c:25:36:5f:d9:9d:f5:5a:
da:13:f1:3c:cb:1b:7e:7c:37:b3:fe:e8:71:97:4b:
7a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:73:F6:DD:50:CD:A9:39:D3:02:6A:0C:29:CB:42:A0:0C:38:BE:26
X509v3 Authority Key Identifier:
keyid:5D:42:86:82:E8:9E:9F:ED:96:2B:E9:C4:43:2B:34:C4:5E:2E:09:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/XUKGguien-2WK-nEQys0xF4uCck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/9A8EDB32864B11EBA888881DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.148.0/22
180.149.232.0/22
IPv6:
2405:f280::/32
Signature Algorithm: sha256WithRSAEncryption
8a:fa:41:3f:fe:66:dc:f0:16:64:a9:25:08:45:c5:a4:38:15:
78:7d:1a:ff:a0:92:8f:08:aa:dd:b5:c5:23:dd:b0:6a:f0:36:
3c:12:dc:06:48:0e:14:69:2e:32:76:6e:e9:81:c8:ce:c7:9a:
07:6b:f8:5a:64:61:aa:db:73:88:01:4f:48:65:eb:19:ca:96:
cc:db:39:36:78:f0:d8:d7:d0:28:f7:ff:c2:d7:04:d3:57:e7:
10:e7:ee:e5:88:c5:25:7d:7f:16:d1:e9:69:27:a8:1b:37:c4:
60:11:1c:ad:22:4f:85:07:49:2b:9b:21:a1:ab:3e:1a:ae:fa:
e2:df:31:b5:10:c8:79:32:0a:10:ef:ef:62:f3:2a:2b:62:c1:
7b:44:03:27:df:d8:37:9a:e7:b4:54:54:15:52:dc:fd:e5:81:
24:98:15:8c:e6:3d:76:1a:e8:84:b3:a4:fb:88:0f:36:f4:3f:
f2:de:c2:57:49:24:c4:91:f0:8b:84:8a:b4:43:74:92:a1:22:
eb:6d:a2:0b:91:19:49:a0:28:4c:42:a1:28:2f:d6:dd:ed:92:
80:0c:e8:29:9d:4d:ec:c5:8a:59:55:26:a7:42:81:94:ba:58:
fa:de:17:a2:4a:66:85:df:ae:22:5e:5b:5c:42:4e:71:c3:df:
bd:d1:02:88
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICC3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Y2REUxMTAvBgNVBAUTKDVENDI4NjgyRTg5RTlGRUQ5NjJCRTlDNDQzMkIzNEM0
NUUyRTA5QzkwHhcNMjQwOTA3MjMxODA3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmRjZGYyZi02ZGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuS7vO0xLXEl8cvgrtxfSP/CZ51X/iK/cDwMfCr/xppIV9tKFSGE8caz/YkJu
lHl1X9lYwoLp7/AA6lLMZ86bP0lSPj8hc65s/bS/YcFEBdjoNPRAp5di9peeWe+H
J884G3QlFS/HAdxIjbzNtWkQn9BVDD6w0r5wqOBQCsAs06LYbY6w89Ubvb0S0S1b
kPcft6/OKVBgvuEWuz6SN3DVTXS1v87HclauADD2Bd4gxz2opN7SMmoVpWoqT2Zq
6Ddt7ovOtHgOUjH2vB807qGsst1bNJsIpJ+cuxJKlnUc7t0F5004FpvYXCU2X9md
9VraE/E8yxt+fDez/uhxl0t6gwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKdz9t1Q
zak50wJqDCnLQqAMOL4mMB8GA1UdIwQYMBaAFF1ChoLonp/tlivpxEMrNMReLgnJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjZERS84N0FBRTc0QTFC
M0ExMUVBQjRDREM2NTlDNEY5QUUwMi9YVUtHZ3VpZW4tMldLLW5FUXlzMHhGNHVD
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hVS0dndWllbi0yV0stbkVReXMweEY0dUNjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0Y2REUvODdBQUU3NEExQjNBMTFFQUI0Q0RDNjU5QzRGOUFFMDIvOUE4RURCMzI4
NjRCMTFFQkE4ODg4ODFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnRZQDBAK0legwDQQCAAIwBwMFACQF8oAwDQYJKoZIhvcN
AQELBQADggEBAIr6QT/+ZtzwFmSpJQhFxaQ4FXh9Gv+gko8Iqt21xSPdsGrwNjwS
3AZIDhRpLjJ2bumByM7Hmgdr+FpkYarbc4gBT0hl6xnKlszbOTZ48NjX0Cj3/8LX
BNNX5xDn7uWIxSV9fxbR6WknqBs3xGARHK0iT4UHSSubIaGrPhqu+uLfMbUQyHky
ChDv72LzKitiwXtEAyff2Dea57RUVBVS3P3lgSSYFYzmPXYa6ISzpPuIDzb0P/Le
wldJJMSR8IuEirRDdJKhIuttoguRGUmgKExCoSgv1t3tkoAM6CmdTezFillVJqdC
gZS6WPreF6JKZoXfriJeW1xCTnHD373RAog=
-----END CERTIFICATE-----
Generated at Wed Oct 23 09:52:13 2024 by rpki-client on console-fra.rpki-client.org