Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91478E2/4C908A22E0B611E7B2D0FD80C4F9AE02/53DBE23CBCF011EEA888906BC4F9AE02.roa
File: 53DBE23CBCF011EEA888906BC4F9AE02.roa (raw, json)
Hash identifier: Q7ZmL3gKbJ1vPQRIVSkuoK9e4l2f28IhjHpejnKOHUI=
Subject key identifier: 7F:44:4C:61:A8:8C:91:DE:CB:F0:37:8C:D7:3F:96:B2:A3:6A:7A:42
Certificate issuer: /CN=A91478E2/serialNumber=C14853D9BD3F78F6480C63352076943BC79B9FC2
Certificate serial: 168B
Authority key identifier: C1:48:53:D9:BD:3F:78:F6:48:0C:63:35:20:76:94:3B:C7:9B:9F:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUhT2b0_ePZIDGM1IHaUO8ebn8I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91478E2/4C908A22E0B611E7B2D0FD80C4F9AE02/53DBE23CBCF011EEA888906BC4F9AE02.roa
Signing time: Sat 27 Jan 2024 08:44:48 +0000
ROA not before: Sat 27 Jan 2024 08:44:48 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 38193
IP address blocks: 103.103.42.0/24 maxlen: 24
103.103.43.0/24 maxlen: 24
103.120.70.0/24 maxlen: 24
103.120.71.0/24 maxlen: 24
2402:2ec0::/34 maxlen: 34
2402:2ec0:4000::/34 maxlen: 34
2402:2ec0:8000::/34 maxlen: 34
2402:2ec0:c000::/34 maxlen: 34
Validation: Failed, certificate revoked on Fri 19 Apr 2024 11:11:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5771 (0x168b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91478E2/serialNumber=C14853D9BD3F78F6480C63352076943BC79B9FC2
Validity
Not Before: Jan 27 08:44:48 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65b4c280-322d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d2:a8:84:cb:24:e6:ed:0a:ee:a8:ce:24:b8:
d9:05:d4:18:ee:f4:ac:42:26:48:ab:8b:68:e8:c7:
b0:fb:4f:c5:53:82:ae:c8:5e:5e:37:15:d1:1c:cd:
ab:91:88:f7:46:d8:c1:35:1b:ef:0d:c3:33:3c:76:
00:67:b8:2d:df:20:39:0f:86:a2:8b:89:fa:6e:94:
ff:3c:05:ee:7b:46:2e:a2:02:c7:83:ae:78:a2:77:
8c:fc:04:24:51:b0:47:09:50:53:f7:24:7a:e1:4f:
fc:77:a4:af:6f:36:15:97:d9:ca:4c:48:8e:1e:e1:
54:5c:22:cb:c0:ba:50:b5:a0:3a:81:1c:af:7c:a5:
dc:e3:d5:fc:07:f4:18:90:01:1f:30:6e:c2:28:de:
81:60:fc:9b:90:30:77:a4:6e:b9:cb:ba:2f:aa:4f:
0d:8f:35:31:fb:e3:11:13:bc:fc:49:e3:95:b3:4d:
dc:f8:f3:28:2e:5f:8d:f0:3a:d0:2d:43:eb:bd:37:
05:36:1a:d8:c5:69:87:33:37:95:0a:0e:e1:77:86:
73:40:3c:02:27:73:5f:e5:7a:85:b0:b3:da:99:8d:
0e:1f:95:0b:5d:dd:e3:cb:ff:d0:2a:99:58:8e:29:
79:3c:11:8f:8d:58:fd:e1:e8:d1:01:02:f0:29:1d:
b3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:44:4C:61:A8:8C:91:DE:CB:F0:37:8C:D7:3F:96:B2:A3:6A:7A:42
X509v3 Authority Key Identifier:
keyid:C1:48:53:D9:BD:3F:78:F6:48:0C:63:35:20:76:94:3B:C7:9B:9F:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91478E2/4C908A22E0B611E7B2D0FD80C4F9AE02/wUhT2b0_ePZIDGM1IHaUO8ebn8I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUhT2b0_ePZIDGM1IHaUO8ebn8I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478E2/4C908A22E0B611E7B2D0FD80C4F9AE02/53DBE23CBCF011EEA888906BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.103.42.0/23
103.120.70.0/23
IPv6:
2402:2ec0::/32
Signature Algorithm: sha256WithRSAEncryption
bb:55:6d:8d:46:47:58:dd:57:ab:c3:a1:e3:98:c2:4e:bb:31:
9f:1d:c4:02:cc:67:8a:9a:e6:78:54:aa:5f:05:d3:26:61:c3:
4b:81:c1:9c:0b:b9:77:73:4a:09:9e:61:67:c7:56:32:bd:a4:
6b:b1:82:24:ac:c6:7e:14:a8:6b:c3:6a:6d:e5:5d:53:8e:3b:
48:eb:fb:ad:eb:93:9b:4e:ab:33:2b:88:03:70:af:0f:7c:38:
94:9f:54:f2:09:1f:0c:a3:81:d9:c5:07:21:17:89:60:55:ee:
11:0e:55:05:0b:ae:ba:be:70:17:73:7f:f6:4c:b3:f6:b1:48:
27:f9:24:f8:bd:fa:f2:c2:89:19:26:32:aa:f2:18:79:32:e6:
52:38:d0:0e:bb:ee:de:44:5b:35:72:e0:26:54:76:c6:08:72:
1a:12:67:cf:f3:17:f4:e5:37:d1:03:4b:c1:bb:fe:21:af:2e:
cd:85:53:e6:d6:1d:c0:19:ad:a2:37:67:08:85:57:8f:f4:38:
37:64:54:be:4a:5a:07:c8:3f:19:5e:27:df:1a:b7:02:28:f0:
e7:43:9c:fb:0f:76:fe:68:3e:37:d3:1d:89:96:35:4c:44:8c:
46:f5:78:53:7a:44:68:ea:3b:32:d7:72:4a:5c:a6:73:91:34:
49:6e:0b:53
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICFoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4RTIxMTAvBgNVBAUTKEMxNDg1M0Q5QkQzRjc4RjY0ODBDNjMzNTIwNzY5NDNC
Qzc5QjlGQzIwHhcNMjQwMTI3MDg0NDQ4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI0YzI4MC0zMjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0tKohMsk5u0K7qjOJLjZBdQY7vSsQiZIq4to6Mew+0/FU4KuyF5eNxXRHM2r
kYj3RtjBNRvvDcMzPHYAZ7gt3yA5D4aii4n6bpT/PAXue0YuogLHg654oneM/AQk
UbBHCVBT9yR64U/8d6SvbzYVl9nKTEiOHuFUXCLLwLpQtaA6gRyvfKXc49X8B/QY
kAEfMG7CKN6BYPybkDB3pG65y7ovqk8NjzUx++MRE7z8SeOVs03c+PMoLl+N8DrQ
LUPrvTcFNhrYxWmHMzeVCg7hd4ZzQDwCJ3Nf5XqFsLPamY0OH5ULXd3jy//QKplY
jil5PBGPjVj94ejRAQLwKR2zyQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFH9ETGGo
jJHey/A3jNc/lrKjanpCMB8GA1UdIwQYMBaAFMFIU9m9P3j2SAxjNSB2lDvHm5/C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhFMi80QzkwOEEyMkUw
QjYxMUU3QjJEMEZEODBDNEY5QUUwMi93VWhUMmIwX2VQWklER00xSUhhVU84ZWJu
OEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dVaFQyYjBfZVBaSURHTTFJSGFVTzhlYm44SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc4RTIvNEM5MDhBMjJFMEI2MTFFN0IyRDBGRDgwQzRGOUFFMDIvNTNEQkUyM0NC
Q0YwMTFFRUE4ODg5MDZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAFnZyoDBAFneEYwDQQCAAIwBwMFACQCLsAwDQYJKoZIhvcN
AQELBQADggEBALtVbY1GR1jdV6vDoeOYwk67MZ8dxALMZ4qa5nhUql8F0yZhw0uB
wZwLuXdzSgmeYWfHVjK9pGuxgiSsxn4UqGvDam3lXVOOO0jr+63rk5tOqzMriANw
rw98OJSfVPIJHwyjgdnFByEXiWBV7hEOVQULrrq+cBdzf/ZMs/axSCf5JPi9+vLC
iRkmMqryGHky5lI40A677t5EWzVy4CZUdsYIchoSZ8/zF/TlN9EDS8G7/iGvLs2F
U+bWHcAZraI3ZwiFV4/0ODdkVL5KWgfIPxleJ98atwIo8OdDnPsPdv5oPjfTHYmW
NUxEjEb1eFN6RGjqOzLXckpcpnORNEluC1M=
-----END CERTIFICATE-----
Generated at Fri Apr 19 14:35:16 2024 by rpki-client on console-fra.rpki-client.org