Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F2CF/F5C14ED2071011EB97F9F537C4F9AE02/588BE670071211EB87554839C4F9AE02.roa
File: 588BE670071211EB87554839C4F9AE02.roa (raw, json)
Hash identifier: MWhf14FWLesIEdRiTgz3zcNeR9PZUXIwIL9OhPAK2Ro=
Subject key identifier: 9E:ED:D4:1A:0D:B2:1F:C2:35:6C:42:7D:BA:9A:08:AF:43:3F:D6:14
Certificate issuer: /CN=A915F2CF/serialNumber=CB30D35C70DFC866A837CAEDFEFCE6FECBFC5B5F
Certificate serial: 06F7
Authority key identifier: CB:30:D3:5C:70:DF:C8:66:A8:37:CA:ED:FE:FC:E6:FE:CB:FC:5B:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yzDTXHDfyGaoN8rt_vzm_sv8W18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F2CF/F5C14ED2071011EB97F9F537C4F9AE02/588BE670071211EB87554839C4F9AE02.roa
Signing time: Thu 04 Jul 2024 22:20:43 +0000
ROA not before: Thu 04 Jul 2024 22:20:43 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 55720
IP address blocks: 45.123.100.0/24 maxlen: 24
45.123.101.0/24 maxlen: 24
45.123.102.0/24 maxlen: 24
45.123.103.0/24 maxlen: 24
103.9.148.0/24 maxlen: 24
103.9.149.0/24 maxlen: 24
103.9.150.0/24 maxlen: 24
103.9.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 04:59:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1783 (0x6f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F2CF/serialNumber=CB30D35C70DFC866A837CAEDFEFCE6FECBFC5B5F
Validity
Not Before: Jul 4 22:20:43 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6687203b-67c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2e:8e:35:ec:fc:3e:68:a8:c7:9c:4c:1e:80:
b8:70:ec:7d:c5:36:6a:15:12:a6:60:5b:9a:61:71:
2e:af:c2:8b:81:64:78:c8:09:83:17:4a:f2:f2:d9:
30:db:24:bb:d2:bf:dd:11:18:18:56:78:6c:05:7a:
92:aa:be:d3:0b:80:9d:0b:3f:5d:75:b8:7a:59:c5:
ad:46:1d:54:ef:97:06:09:dd:99:09:f0:f3:7a:4b:
7e:b8:61:18:af:74:97:53:73:5a:41:ee:5a:07:71:
63:91:9e:16:ce:a7:a7:ab:95:22:8b:e6:ee:08:5e:
a2:5f:62:db:0c:ce:c9:76:89:5b:d4:5d:a6:e9:60:
d6:41:b8:e7:03:9e:95:6b:4a:c4:98:e3:3a:72:da:
0a:67:d4:e4:d0:2e:5e:f0:77:6c:61:e3:76:3a:2d:
07:f4:a1:03:75:52:f6:09:0f:af:21:a8:d7:43:72:
d2:a7:26:0b:74:27:a3:db:ba:b8:4f:28:d9:11:de:
5b:16:b5:07:3c:2a:6c:d0:04:77:bc:c4:53:16:3c:
bc:19:ce:48:6a:d4:10:2a:50:ef:ad:0a:bb:b5:32:
d9:68:89:5d:73:16:ce:bc:8b:7c:85:b6:5d:4f:0c:
c1:62:c7:d1:4f:ac:fd:e6:4c:3c:5d:7d:27:0f:6e:
e8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:ED:D4:1A:0D:B2:1F:C2:35:6C:42:7D:BA:9A:08:AF:43:3F:D6:14
X509v3 Authority Key Identifier:
keyid:CB:30:D3:5C:70:DF:C8:66:A8:37:CA:ED:FE:FC:E6:FE:CB:FC:5B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F2CF/F5C14ED2071011EB97F9F537C4F9AE02/yzDTXHDfyGaoN8rt_vzm_sv8W18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yzDTXHDfyGaoN8rt_vzm_sv8W18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F2CF/F5C14ED2071011EB97F9F537C4F9AE02/588BE670071211EB87554839C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.123.100.0/22
103.9.148.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:46:70:d5:0b:bc:57:cb:59:5d:4d:30:db:15:12:6e:be:21:
e8:26:c7:a8:4e:39:3e:b7:0a:d9:09:58:0a:91:51:66:2a:59:
97:73:7f:79:b5:be:2e:17:ce:77:62:66:dc:10:29:1c:8b:f1:
1d:e3:d8:b9:b9:e0:e0:18:0a:95:e7:a5:15:94:9f:b8:1b:d9:
b5:7a:f8:d3:51:77:eb:85:95:b3:d6:b1:d4:fc:cb:b6:79:21:
c2:f9:50:67:de:11:68:52:3e:c0:69:d4:26:ae:ad:fe:8c:d0:
4d:08:85:47:c0:7e:0f:bd:72:ad:86:1e:43:e8:21:03:2a:f7:
bb:0f:f0:9f:7f:4e:05:e3:91:9a:d7:50:02:84:1b:05:50:ad:
36:fc:09:1f:5b:5f:2e:1c:71:71:09:4d:30:6d:88:3f:15:13:
5f:13:09:ef:fb:cf:d4:a2:24:24:2f:a5:4b:5b:2f:6a:48:8c:
98:76:0c:a7:db:9b:e2:4b:57:96:ce:6b:12:2b:d4:96:3c:a0:
f9:6c:18:b4:18:93:e5:b2:eb:74:e0:29:68:c1:b1:dd:82:2d:
0f:b3:7e:34:35:a3:cc:cb:0d:17:75:5d:71:e6:00:8e:da:f0:
f0:fd:c4:4a:6d:3d:ae:2a:42:bc:62:c5:1c:16:0c:21:b4:c2:
0d:92:6e:19
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBvcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUYyQ0YxMTAvBgNVBAUTKENCMzBEMzVDNzBERkM4NjZBODM3Q0FFREZFRkNFNkZF
Q0JGQzVCNUYwHhcNMjQwNzA0MjIyMDQzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg3MjAzYi02N2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnC6ONez8Pmiox5xMHoC4cOx9xTZqFRKmYFuaYXEur8KLgWR4yAmDF0ry8tkw
2yS70r/dERgYVnhsBXqSqr7TC4CdCz9ddbh6WcWtRh1U75cGCd2ZCfDzekt+uGEY
r3SXU3NaQe5aB3FjkZ4Wzqenq5Uii+buCF6iX2LbDM7Jdolb1F2m6WDWQbjnA56V
a0rEmOM6ctoKZ9Tk0C5e8HdsYeN2Oi0H9KEDdVL2CQ+vIajXQ3LSpyYLdCej27q4
TyjZEd5bFrUHPCps0AR3vMRTFjy8Gc5IatQQKlDvrQq7tTLZaIldcxbOvIt8hbZd
TwzBYsfRT6z95kw8XX0nD27oOwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJ7t1BoN
sh/CNWxCfbqaCK9DP9YUMB8GA1UdIwQYMBaAFMsw01xw38hmqDfK7f785v7L/Ftf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RjJDRi9GNUMxNEVEMjA3
MTAxMUVCOTdGOUY1MzdDNEY5QUUwMi95ekRUWEhEZnlHYW9OOHJ0X3Z6bV9zdjhX
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3l6RFRYSERmeUdhb044cnRfdnptX3N2OFcxOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUYyQ0YvRjVDMTRFRDIwNzEwMTFFQjk3RjlGNTM3QzRGOUFFMDIvNTg4QkU2NzAw
NzEyMTFFQjg3NTU0ODM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIte2QDBAJnCZQwDQYJKoZIhvcNAQELBQADggEBAMJGcNUL
vFfLWV1NMNsVEm6+Iegmx6hOOT63CtkJWAqRUWYqWZdzf3m1vi4XzndiZtwQKRyL
8R3j2Lm54OAYCpXnpRWUn7gb2bV6+NNRd+uFlbPWsdT8y7Z5IcL5UGfeEWhSPsBp
1Caurf6M0E0IhUfAfg+9cq2GHkPoIQMq97sP8J9/TgXjkZrXUAKEGwVQrTb8CR9b
Xy4ccXEJTTBtiD8VE18TCe/7z9SiJCQvpUtbL2pIjJh2DKfbm+JLV5bOaxIr1JY8
oPlsGLQYk+Wy63TgKWjBsd2CLQ+zfjQ1o8zLDRd1XXHmAI7a8PD9xEptPa4qQrxi
xRwWDCG0wg2Sbhk=
-----END CERTIFICATE-----
Generated at Fri Oct 18 06:42:06 2024 by rpki-client on console-ams.rpki-client.org