Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/26E752F60C1B11EEA6897210C4F9AE02.roa
File: 26E752F60C1B11EEA6897210C4F9AE02.roa (raw, json)
Hash identifier: qm3/oyA6hGaZ832G1rFAUSjkuqdrIomLnpP7lQ1K0kc=
Subject key identifier: DC:90:04:B2:E3:C9:06:0A:38:6F:3B:23:BF:05:A0:0E:21:CB:3D:C7
Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Certificate serial: 0259
Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/26E752F60C1B11EEA6897210C4F9AE02.roa
Signing time: Thu 07 Dec 2023 03:14:13 +0000
ROA not before: Thu 07 Dec 2023 03:14:13 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 139734
IP address blocks: 103.235.16.0/23 maxlen: 23
103.235.16.0/24 maxlen: 24
103.235.17.0/24 maxlen: 24
103.239.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 26 Feb 2024 05:26:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 601 (0x259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Validity
Not Before: Dec 7 03:14:13 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65713884-7fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:33:ca:b9:10:72:94:cb:7b:16:ed:42:d3:64:
df:6e:81:17:ed:98:c6:52:fd:6d:36:6f:9a:15:9f:
0c:10:dc:1b:bc:ec:56:e8:34:c9:31:69:62:2f:24:
32:87:69:d1:15:6f:e8:6f:54:bc:8b:97:72:95:2f:
b3:11:ac:23:a7:06:45:4b:c0:f5:ec:f6:0e:1e:d1:
63:ab:e3:fb:fe:59:30:08:19:f4:7c:54:de:4c:ec:
89:c4:76:4c:67:6c:f8:33:75:d4:4a:92:81:f8:13:
a5:9a:5c:84:5e:df:ca:ec:59:ff:bb:f7:91:d7:46:
57:55:cb:3e:63:52:d6:1b:2a:4e:79:3e:8d:9a:e9:
cd:4b:0f:8f:71:86:2e:56:4f:06:2e:94:0a:5c:2f:
ff:e8:31:44:0b:ea:39:b1:f7:6b:18:05:f0:37:66:
92:bf:06:50:37:6b:31:08:1c:dd:b2:1c:8e:d6:25:
fb:1c:96:17:ce:55:82:3c:5c:7d:b5:0a:7f:58:ab:
e1:ff:fb:fb:83:07:58:83:7e:2b:67:c0:7b:93:6b:
0c:ce:63:03:44:34:85:b5:ee:78:57:d5:0d:0f:58:
71:c2:d5:00:bf:e8:7e:9a:52:ad:08:a2:54:1c:75:
ac:ae:16:38:99:e5:76:5c:a2:58:99:c0:23:8c:ed:
0c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:90:04:B2:E3:C9:06:0A:38:6F:3B:23:BF:05:A0:0E:21:CB:3D:C7
X509v3 Authority Key Identifier:
keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/26E752F60C1B11EEA6897210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.16.0/23
103.239.100.0/22
Signature Algorithm: sha256WithRSAEncryption
92:aa:d6:0b:88:ce:f0:ec:00:86:e2:19:12:52:8f:2f:bb:75:
6b:89:53:9c:07:ab:c9:7c:0a:41:af:12:0f:65:33:38:f1:09:
fd:94:85:a7:fe:6e:ce:a8:01:f3:67:ac:b4:e6:44:c2:55:8b:
5c:74:49:9d:95:c7:17:75:06:59:59:6e:a4:cf:fc:72:71:6a:
2a:34:a9:40:99:68:c2:8f:ba:45:73:35:8e:73:c0:69:a4:76:
fe:ba:30:ba:9a:e7:c0:3c:09:33:1b:f3:9a:5e:63:02:2c:7f:
2b:b6:01:18:14:e0:f9:d4:18:32:c0:08:4f:b9:d8:1d:60:50:
aa:8d:22:00:90:05:5d:04:45:9f:13:1d:d3:2a:33:98:0d:95:
09:4c:78:2d:4c:6a:dd:95:d7:cc:a3:1a:e9:b2:b5:13:5a:79:
c8:7d:11:ec:75:ec:3f:1a:42:1d:cc:6a:45:15:e0:82:70:9a:
91:f1:f7:97:d0:91:fd:94:7a:09:8e:73:ee:84:cc:f2:ff:f0:
49:d2:25:c2:aa:10:d1:3c:9d:8a:e7:79:f2:ff:60:f5:03:46:
76:fd:01:9b:74:68:72:7d:36:c0:23:6c:ec:3c:68:fa:b4:b3:
61:0d:38:08:07:ce:ff:42:72:e2:be:fd:0b:4b:64:a8:ae:00:
aa:fe:53:35
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE
MjYwQUE5NzgwHhcNMjMxMjA3MDMxNDEzWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcxMzg4NC03ZmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvDPKuRBylMt7Fu1C02TfboEX7ZjGUv1tNm+aFZ8MENwbvOxW6DTJMWliLyQy
h2nRFW/ob1S8i5dylS+zEawjpwZFS8D17PYOHtFjq+P7/lkwCBn0fFTeTOyJxHZM
Z2z4M3XUSpKB+BOlmlyEXt/K7Fn/u/eR10ZXVcs+Y1LWGypOeT6NmunNSw+PcYYu
Vk8GLpQKXC//6DFEC+o5sfdrGAXwN2aSvwZQN2sxCBzdshyO1iX7HJYXzlWCPFx9
tQp/WKvh//v7gwdYg34rZ8B7k2sMzmMDRDSFte54V9UND1hxwtUAv+h+mlKtCKJU
HHWsrhY4meV2XKJYmcAjjO0MjwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNyQBLLj
yQYKOG87I78FoA4hyz3HMB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx
RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1N0IvOERBNzI2NDBDMUZBMTFFQ0IzMEVFMjFBQzRGOUFFMDIvMjZFNzUyRjYw
QzFCMTFFRUE2ODk3MjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFn6xADBAJn72QwDQYJKoZIhvcNAQELBQADggEBAJKq1guI
zvDsAIbiGRJSjy+7dWuJU5wHq8l8CkGvEg9lMzjxCf2Uhaf+bs6oAfNnrLTmRMJV
i1x0SZ2Vxxd1BllZbqTP/HJxaio0qUCZaMKPukVzNY5zwGmkdv66MLqa58A8CTMb
85peYwIsfyu2ARgU4PnUGDLACE+52B1gUKqNIgCQBV0ERZ8THdMqM5gNlQlMeC1M
at2V18yjGumytRNaech9Eex17D8aQh3MakUV4IJwmpHx95fQkf2UegmOc+6EzPL/
8EnSJcKqENE8nYrnefL/YPUDRnb9AZt0aHJ9NsAjbOw8aPq0s2ENOAgHzv9CcuK+
/QtLZKiuAKr+UzU=
Generated at Mon Feb 26 06:20:15 2024 by rpki-client on console-fra.rpki-client.org