Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/379AC9C429FD11EFB248F32BC4F9AE02.roa
File: 379AC9C429FD11EFB248F32BC4F9AE02.roa (raw, json)
Hash identifier: gy8eMlGLyip0S3cNMaT3K26WykjKhcitHcW+BqSN8YU=
Subject key identifier: F6:0F:83:39:B4:07:6D:D4:58:B3:63:A0:02:EC:F2:03:01:67:CD:7D
Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Certificate serial: 0305
Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/379AC9C429FD11EFB248F32BC4F9AE02.roa
Signing time: Wed 14 Aug 2024 06:39:49 +0000
ROA not before: Wed 14 Aug 2024 06:39:49 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 62610
IP address blocks: 43.230.8.0/23 maxlen: 23
43.255.116.0/24 maxlen: 24
103.49.62.0/23 maxlen: 23
103.103.246.0/24 maxlen: 24
103.103.247.0/24 maxlen: 24
103.239.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 06:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 773 (0x305)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916557B
Validity
Not Before: Aug 14 06:39:49 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66bc5135-4ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:62:e2:4d:ec:f3:c2:71:99:3f:9e:4a:06:5c:
ba:17:04:eb:bf:12:b1:4e:06:a9:29:58:d5:97:c7:
94:58:2e:92:eb:dc:9d:0f:e1:ff:8f:52:cd:85:a0:
e4:ed:20:b1:46:76:82:21:47:a9:1d:e7:39:67:8d:
c8:32:79:53:a7:f1:60:d6:1d:4b:d2:53:ca:1c:25:
c7:6c:17:e1:69:5c:df:02:87:ab:42:e4:fd:d3:3f:
cc:d6:cc:b3:73:f7:af:74:14:fa:5a:df:1b:d0:89:
93:64:98:60:a1:4e:73:df:1e:41:47:85:89:18:ae:
25:20:ed:51:95:fe:fe:e8:ae:dd:7e:d0:a6:14:2b:
d0:0f:ea:28:02:95:f6:02:61:39:ca:ce:db:ab:3d:
eb:ab:a0:c3:a4:b5:46:18:bc:58:86:7b:b2:62:6c:
3f:b4:e6:6d:1b:e2:22:f2:95:e1:64:e1:d7:fd:e4:
fb:49:f6:d2:d8:fa:1e:f5:c0:b3:26:cd:06:aa:89:
15:af:6e:4c:00:58:87:72:91:51:35:88:91:88:90:
35:ba:72:ee:61:09:89:48:19:54:af:d6:2a:b0:1c:
24:4d:11:46:ad:06:0f:e1:39:76:ae:ea:ba:78:ad:
db:59:fe:ae:21:4b:65:8c:05:52:f2:9c:2d:8a:f2:
51:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:0F:83:39:B4:07:6D:D4:58:B3:63:A0:02:EC:F2:03:01:67:CD:7D
X509v3 Authority Key Identifier:
keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/379AC9C429FD11EFB248F32BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.8.0/23
43.255.116.0/24
103.49.62.0/23
103.103.246.0/23
103.239.103.0/24
Signature Algorithm: sha256WithRSAEncryption
25:75:28:a8:ef:8f:dc:e8:fc:bf:d9:d1:bb:ed:aa:23:58:01:
6f:cb:85:c6:9a:a8:03:60:ca:4c:c2:a5:5f:04:0f:64:9e:55:
e0:46:29:9f:c0:70:31:4e:46:59:21:50:c7:93:7c:bf:cc:12:
53:bc:dc:b5:07:bd:e1:38:7f:8f:59:15:92:d3:da:e5:b2:75:
09:01:6c:8d:d7:d0:32:46:5c:f6:3c:7e:69:11:80:19:63:31:
96:b5:97:f9:14:eb:11:73:8d:28:cf:31:af:0d:2d:2e:93:de:
e3:ff:01:f0:23:2e:a4:2d:f0:1d:ae:a1:1c:a2:ee:d9:fb:c9:
b2:7c:67:ff:41:51:e2:06:56:01:06:64:79:9d:97:03:a9:63:
dc:ba:a4:f4:2d:7c:b6:8f:c9:0d:cb:66:e1:bf:93:40:e6:5d:
62:c4:f5:47:04:fb:6e:b1:c8:be:b3:22:7e:8c:a1:cb:3d:da:
82:17:b3:df:1f:0c:d9:b1:11:72:3a:c5:c8:76:9d:c1:1f:eb:
04:42:a4:48:5b:ef:5f:46:d8:ce:cd:e8:d2:2f:33:e2:3d:ff:
d3:a2:1b:d7:92:56:bb:10:93:ab:ad:31:72:9c:b6:b9:78:99:
33:fe:5b:5a:8d:74:a9:46:29:b5:66:e3:0c:50:93:5f:05:35:
eb:27:7a:b9
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAwUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE
MjYwQUE5NzgwHhcNMjQwODE0MDYzOTQ5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJjNTEzNS00ZWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmmLiTezzwnGZP55KBly6FwTrvxKxTgapKVjVl8eUWC6S69ydD+H/j1LNhaDk
7SCxRnaCIUepHec5Z43IMnlTp/Fg1h1L0lPKHCXHbBfhaVzfAoerQuT90z/M1syz
c/evdBT6Wt8b0ImTZJhgoU5z3x5BR4WJGK4lIO1Rlf7+6K7dftCmFCvQD+ooApX2
AmE5ys7bqz3rq6DDpLVGGLxYhnuyYmw/tOZtG+Ii8pXhZOHX/eT7SfbS2Poe9cCz
Js0GqokVr25MAFiHcpFRNYiRiJA1unLuYQmJSBlUr9YqsBwkTRFGrQYP4Tl2ruq6
eK3bWf6uIUtljAVS8pwtivJR7QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPYPgzm0
B23UWLNjoALs8gMBZ819MB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx
RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1N0IvOERBNzI2NDBDMUZBMTFFQ0IzMEVFMjFBQzRGOUFFMDIvMzc5QUM5QzQy
OUZEMTFFRkIyNDhGMzJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAEr5ggDBAAr/3QDBAFnMT4DBAFnZ/YDBABn72cwDQYJKoZI
hvcNAQELBQADggEBACV1KKjvj9zo/L/Z0bvtqiNYAW/LhcaaqANgykzCpV8ED2Se
VeBGKZ/AcDFORlkhUMeTfL/MElO83LUHveE4f49ZFZLT2uWydQkBbI3X0DJGXPY8
fmkRgBljMZa1l/kU6xFzjSjPMa8NLS6T3uP/AfAjLqQt8B2uoRyi7tn7ybJ8Z/9B
UeIGVgEGZHmdlwOpY9y6pPQtfLaPyQ3LZuG/k0DmXWLE9UcE+26xyL6zIn6Mocs9
2oIXs98fDNmxEXI6xch2ncEf6wRCpEhb719G2M7N6NIvM+I9/9OiG9eSVrsQk6ut
MXKctrl4mTP+W1qNdKlGKbVm4wxQk18FNesnerk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:03 2025 by rpki-client