Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FB7F/1BAE26547CC911E792CBA944C4F9AE02/4CD0067A58B411EFA79AF158C4F9AE02.roa
File: 4CD0067A58B411EFA79AF158C4F9AE02.roa (raw, json)
Hash identifier: EEwoNS1IkT8j48Hq9xPFqxfbi6/BaKsmDZ7yO3zZ9wM=
Subject key identifier: 69:31:36:76:0F:A6:66:DD:B5:41:23:1D:2D:42:BE:66:58:35:9A:AE
Certificate issuer: /CN=A915FB7F/serialNumber=32C42045EA0B516551224D808F0D5550A0473B43
Certificate serial: 18E0
Authority key identifier: 32:C4:20:45:EA:0B:51:65:51:22:4D:80:8F:0D:55:50:A0:47:3B:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MsQgReoLUWVRIk2Ajw1VUKBHO0M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FB7F/1BAE26547CC911E792CBA944C4F9AE02/4CD0067A58B411EFA79AF158C4F9AE02.roa
Signing time: Mon 12 Aug 2024 14:08:08 +0000
ROA not before: Mon 12 Aug 2024 14:08:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136479
IP address blocks: 103.89.152.0/24 maxlen: 24
103.89.153.0/24 maxlen: 24
103.126.4.0/24 maxlen: 24
103.126.5.0/24 maxlen: 25
2001:df0:d500::/48 maxlen: 51
Validation: Failed, certificate revoked on Fri 16 Aug 2024 14:19:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6368 (0x18e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FB7F/serialNumber=32C42045EA0B516551224D808F0D5550A0473B43
Validity
Not Before: Aug 12 14:08:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ba1748-908b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5d:12:3c:cb:50:a1:2a:80:95:4b:33:cb:b0:
ec:3f:1a:98:f2:6e:5e:5d:64:ff:9d:e7:d3:4c:07:
a2:e1:1b:31:7e:25:7b:5b:e5:e5:14:95:a2:96:05:
d6:33:81:1c:f5:8a:06:9d:64:ef:4f:74:ab:22:52:
6f:ec:8c:b1:c1:de:4c:4b:05:64:5c:de:ad:f5:d5:
98:57:5a:fd:88:16:64:ec:dd:6a:a1:75:6d:5d:5b:
db:f6:ed:39:81:be:fc:99:18:0f:b3:d6:68:00:05:
0f:5d:36:cb:e1:8b:14:00:c7:f8:ab:49:c9:07:6a:
a1:9d:bb:80:9d:3f:ee:56:9f:de:1c:6a:f1:78:f4:
a7:cd:30:45:29:e3:ed:3b:8d:19:0e:53:c2:e8:de:
54:bc:7e:5c:f6:ef:e2:44:c8:42:84:c7:d1:87:34:
bb:11:2c:fa:9c:a8:d2:91:90:16:53:1d:38:85:d7:
f3:a3:95:49:4a:be:a3:7d:44:3e:5e:c2:71:ad:0e:
3a:88:0b:27:b9:47:d5:bd:c8:c2:e1:4b:30:74:60:
34:26:6b:24:47:77:d6:a5:c7:5f:4a:f5:df:3e:15:
ee:0f:aa:20:13:3e:0b:27:94:ec:5b:5b:a0:8c:03:
ad:7d:75:dc:1b:53:b4:b2:98:cd:4e:a3:c3:6d:3e:
49:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:31:36:76:0F:A6:66:DD:B5:41:23:1D:2D:42:BE:66:58:35:9A:AE
X509v3 Authority Key Identifier:
keyid:32:C4:20:45:EA:0B:51:65:51:22:4D:80:8F:0D:55:50:A0:47:3B:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FB7F/1BAE26547CC911E792CBA944C4F9AE02/MsQgReoLUWVRIk2Ajw1VUKBHO0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MsQgReoLUWVRIk2Ajw1VUKBHO0M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FB7F/1BAE26547CC911E792CBA944C4F9AE02/4CD0067A58B411EFA79AF158C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.89.152.0/23
103.126.4.0/23
IPv6:
2001:df0:d500::/48
Signature Algorithm: sha256WithRSAEncryption
29:6a:0c:e9:f1:cb:31:c5:e8:56:aa:8c:1f:00:60:53:9e:79:
6e:c3:03:46:44:fd:6f:99:1f:5d:c6:84:3f:99:3e:4b:cf:31:
d9:10:2e:12:8c:93:57:f7:77:52:58:98:0b:29:44:8d:73:5e:
51:14:63:f5:94:49:1f:e4:d2:dc:04:87:90:86:fd:04:91:e6:
c6:1c:78:0a:79:1c:07:28:bb:c3:3b:95:8f:da:1a:82:52:2c:
75:ca:cf:ed:9b:5b:8b:87:c5:95:bb:1d:a1:e3:60:4a:e6:df:
52:58:a5:86:88:93:0c:41:da:68:38:db:23:b3:a1:ff:f4:91:
62:fa:a5:1f:be:5c:c1:2e:f0:f1:05:ef:d6:1e:30:ef:81:6d:
04:e2:70:a6:d0:ed:3a:53:2e:5c:a6:95:bb:9e:36:0a:72:d6:
6e:6b:9d:46:58:f6:bf:99:02:cf:55:ae:76:cc:ac:b4:fb:3e:
8c:f7:20:c2:e2:bf:9f:62:69:4a:8a:50:e7:b0:d1:b1:b4:85:
74:f6:ba:75:6b:81:61:9f:26:dc:e6:99:fb:39:32:91:ad:00:
e5:d3:76:4b:7c:ff:ed:08:2d:e0:00:17:0d:47:4f:a1:67:e2:
13:19:1e:52:e6:6f:7b:d6:fd:5c:19:cc:4e:e7:d2:15:ba:b0:
1d:b7:02:4a
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICGOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUZCN0YxMTAvBgNVBAUTKDMyQzQyMDQ1RUEwQjUxNjU1MTIyNEQ4MDhGMEQ1NTUw
QTA0NzNCNDMwHhcNMjQwODEyMTQwODA4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJhMTc0OC05MDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvl0SPMtQoSqAlUszy7DsPxqY8m5eXWT/nefTTAei4RsxfiV7W+XlFJWilgXW
M4Ec9YoGnWTvT3SrIlJv7Iyxwd5MSwVkXN6t9dWYV1r9iBZk7N1qoXVtXVvb9u05
gb78mRgPs9ZoAAUPXTbL4YsUAMf4q0nJB2qhnbuAnT/uVp/eHGrxePSnzTBFKePt
O40ZDlPC6N5UvH5c9u/iRMhChMfRhzS7ESz6nKjSkZAWUx04hdfzo5VJSr6jfUQ+
XsJxrQ46iAsnuUfVvcjC4UswdGA0JmskR3fWpcdfSvXfPhXuD6ogEz4LJ5TsW1ug
jAOtfXXcG1O0spjNTqPDbT5JrwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFGkxNnYP
pmbdtUEjHS1CvmZYNZquMB8GA1UdIwQYMBaAFDLEIEXqC1FlUSJNgI8NVVCgRztD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RkI3Ri8xQkFFMjY1NDdD
QzkxMUU3OTJDQkE5NDRDNEY5QUUwMi9Nc1FnUmVvTFVXVlJJazJBancxVlVLQkhP
ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01zUWdSZW9MVVdWUklrMkFqdzFWVUtCSE8wTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUZCN0YvMUJBRTI2NTQ3Q0M5MTFFNzkyQ0JBOTQ0QzRGOUFFMDIvNENEMDA2N0E1
OEI0MTFFRkE3OUFGMTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFnWZgDBAFnfgQwDwQCAAIwCQMHACABDfDVADANBgkqhkiG
9w0BAQsFAAOCAQEAKWoM6fHLMcXoVqqMHwBgU555bsMDRkT9b5kfXcaEP5k+S88x
2RAuEoyTV/d3UliYCylEjXNeURRj9ZRJH+TS3ASHkIb9BJHmxhx4CnkcByi7wzuV
j9oaglIsdcrP7Ztbi4fFlbsdoeNgSubfUlilhoiTDEHaaDjbI7Oh//SRYvqlH75c
wS7w8QXv1h4w74FtBOJwptDtOlMuXKaVu542CnLWbmudRlj2v5kCz1WudsystPs+
jPcgwuK/n2JpSopQ57DRsbSFdPa6dWuBYZ8m3OaZ+zkyka0A5dN2S3z/7Qgt4AAX
DUdPoWfiExkeUuZve9b9XBnMTufSFbqwHbcCSg==
-----END CERTIFICATE-----
Generated at Fri Aug 16 18:39:58 2024 by rpki-client on console-fra.rpki-client.org