Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9154376/A357D796208B11EEA8B58934C4F9AE02/474AF384209011EEA2831069C4F9AE02.roa
File: 474AF384209011EEA2831069C4F9AE02.roa (raw, json)
Hash identifier: +9ZSqBf3XtNfFUJAbXcclUwxf+SY7R/E08y8tnVUopk=
Subject key identifier: 1B:71:A3:32:92:E8:68:EA:81:06:CD:92:3C:88:7B:26:8D:D6:A4:19
Certificate issuer: /CN=A9154376/serialNumber=8A581655C922A7A5121E00FB7A427E019AC7307B
Certificate serial: 1C
Authority key identifier: 8A:58:16:55:C9:22:A7:A5:12:1E:00:FB:7A:42:7E:01:9A:C7:30:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ilgWVckip6USHgD7ekJ-AZrHMHs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9154376/A357D796208B11EEA8B58934C4F9AE02/474AF384209011EEA2831069C4F9AE02.roa
Signing time: Tue 29 Aug 2023 21:56:36 +0000
ROA not before: Tue 29 Aug 2023 21:56:36 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 151608
IP address blocks: 103.36.88.0/23 maxlen: 23
103.36.88.0/24 maxlen: 24
103.36.88.0/25 maxlen: 25
103.36.88.128/25 maxlen: 25
103.36.89.0/24 maxlen: 24
103.36.89.0/25 maxlen: 25
103.36.89.128/25 maxlen: 25
2001:df2:ae40::/48 maxlen: 48
2001:df2:ae40::/49 maxlen: 49
2001:df2:ae40:8000::/49 maxlen: 49
Validation: Failed, certificate revoked on Fri 26 Jan 2024 06:09:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9154376/serialNumber=8A581655C922A7A5121E00FB7A427E019AC7307B
Validity
Not Before: Aug 29 21:56:36 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64ee6994-78e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:28:90:5e:bf:18:63:c2:89:4c:85:f8:b3:31:
88:85:63:d3:72:09:7c:37:31:57:44:8d:95:23:c5:
4b:d7:48:f1:f3:52:fc:ba:ba:27:20:a3:79:a4:30:
1d:01:ec:e5:49:0e:90:79:76:25:be:23:b4:75:36:
70:a4:dd:9e:0e:68:0b:9d:25:23:0e:c2:3d:6d:31:
a7:99:2a:fb:e8:eb:fd:7e:af:8c:52:8e:75:b1:7b:
f5:ca:4a:23:b0:cf:e0:da:d6:6b:78:c9:08:a1:bb:
15:cd:78:1e:f9:35:09:f4:3e:f5:9e:a6:58:84:76:
b8:02:91:54:d4:bf:84:63:8a:2c:b3:b3:d7:f9:af:
8e:c2:ad:84:f6:ff:a4:2a:c3:93:60:e3:b6:af:63:
70:cb:d3:1d:39:f6:26:6e:49:a3:38:82:74:b9:13:
75:0f:51:01:65:19:d9:7d:a0:b9:71:e5:25:1c:04:
f9:fe:41:db:d1:9e:2d:ad:51:b0:10:78:ec:25:4c:
0b:9c:4c:d8:80:34:c3:7b:20:8c:eb:78:a6:75:e8:
03:0f:84:c7:f4:13:e6:4b:3c:4b:b6:8b:f5:11:22:
e3:73:59:b2:f4:0e:dd:af:af:48:f3:ab:6d:cf:73:
4a:06:49:6d:29:e9:9b:b5:a6:e7:39:5e:58:f0:2c:
1b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:71:A3:32:92:E8:68:EA:81:06:CD:92:3C:88:7B:26:8D:D6:A4:19
X509v3 Authority Key Identifier:
keyid:8A:58:16:55:C9:22:A7:A5:12:1E:00:FB:7A:42:7E:01:9A:C7:30:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9154376/A357D796208B11EEA8B58934C4F9AE02/ilgWVckip6USHgD7ekJ-AZrHMHs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ilgWVckip6USHgD7ekJ-AZrHMHs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154376/A357D796208B11EEA8B58934C4F9AE02/474AF384209011EEA2831069C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.36.88.0/23
IPv6:
2001:df2:ae40::/48
Signature Algorithm: sha256WithRSAEncryption
6a:e4:ac:3f:22:c6:32:78:69:e1:c5:4c:6a:07:4a:13:a2:44:
fc:1a:df:96:5a:8e:21:28:5f:d5:13:e4:dc:44:13:31:45:83:
19:a3:a0:0b:90:93:85:6d:61:90:46:0d:9c:00:3e:20:12:e0:
f4:56:b6:c1:ca:a4:9c:6a:ed:29:5b:b3:fd:99:fa:83:b1:b8:
c5:71:7b:c6:3c:68:9c:76:82:0c:ea:35:3a:a1:f5:30:2f:39:
14:0f:05:d1:72:9b:2b:0c:21:aa:2b:0f:3e:bc:83:c9:29:b7:
a1:be:a2:bf:18:83:4a:1a:47:31:c6:e8:b7:15:29:26:74:6a:
af:2b:a6:59:3f:d7:96:7f:e7:7f:d9:dc:0d:bc:9e:32:70:b8:
aa:69:7c:28:7f:25:17:3b:5a:97:e1:8d:fc:b8:f7:bc:2f:19:
09:cf:07:cd:b3:3d:fc:1f:1a:5d:50:4c:ba:f2:c5:b8:48:1e:
44:a0:49:4e:a4:7b:a8:84:51:ac:2f:e9:af:ec:ae:64:9c:80:
e3:de:28:03:3b:81:78:9c:89:94:f1:ed:a2:06:4e:da:dd:92:
0e:b1:08:32:fc:52:0a:a2:7d:b4:99:24:63:f4:4d:b6:30:76:
29:82:2f:82:95:ad:80:e9:b7:44:cd:0e:66:15:c3:b5:b2:0f:
fd:4d:62:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NDM3NjExMC8GA1UEBRMoOEE1ODE2NTVDOTIyQTdBNTEyMUUwMEZCN0E0MjdFMDE5
QUM3MzA3QjAeFw0yMzA4MjkyMTU2MzZaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZWU2OTk0LTc4ZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMKJBevxhjwolMhfizMYiFY9NyCXw3MVdEjZUjxUvXSPHzUvy6uicgo3mkMB0B
7OVJDpB5diW+I7R1NnCk3Z4OaAudJSMOwj1tMaeZKvvo6/1+r4xSjnWxe/XKSiOw
z+Da1mt4yQihuxXNeB75NQn0PvWepliEdrgCkVTUv4Rjiiyzs9f5r47CrYT2/6Qq
w5Ng47avY3DL0x059iZuSaM4gnS5E3UPUQFlGdl9oLlx5SUcBPn+QdvRni2tUbAQ
eOwlTAucTNiANMN7IIzreKZ16AMPhMf0E+ZLPEu2i/URIuNzWbL0Dt2vr0jzq23P
c0oGSW0p6Zu1puc5XljwLBs7AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUG3GjMpLo
aOqBBs2SPIh7Jo3WpBkwHwYDVR0jBBgwFoAUilgWVckip6USHgD7ekJ+AZrHMHsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU0Mzc2L0EzNTdENzk2MjA4
QjExRUVBOEI1ODkzNEM0RjlBRTAyL2lsZ1dWY2tpcDZVU0hnRDdla0otQVpySE1I
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaWxnV1Zja2lwNlVTSGdEN2VrSi1BWnJITUhzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NDM3Ni9BMzU3RDc5NjIwOEIxMUVFQThCNTg5MzRDNEY5QUUwMi80NzRBRjM4NDIw
OTAxMUVFQTI4MzEwNjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWckWDAPBAIAAjAJAwcAIAEN8q5AMA0GCSqGSIb3DQEBCwUA
A4IBAQBq5Kw/IsYyeGnhxUxqB0oTokT8Gt+WWo4hKF/VE+TcRBMxRYMZo6ALkJOF
bWGQRg2cAD4gEuD0VrbByqScau0pW7P9mfqDsbjFcXvGPGicdoIM6jU6ofUwLzkU
DwXRcpsrDCGqKw8+vIPJKbehvqK/GINKGkcxxui3FSkmdGqvK6ZZP9eWf+d/2dwN
vJ4ycLiqaXwofyUXO1qX4Y38uPe8LxkJzwfNsz38HxpdUEy68sW4SB5EoElOpHuo
hFGsL+mv7K5knIDj3igDO4F4nImU8e2iBk7a3ZIOsQgy/FIKon20mSRj9E22MHYp
gi+Cla2A6bdEzQ5mFcO1sg/9TWL2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org