Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/BEFCC86E5F9A11EE86E5F045C4F9AE02.roa
File: BEFCC86E5F9A11EE86E5F045C4F9AE02.roa (raw, json)
Hash identifier: nKgrggZ2xWrMd61pl43ombqS7Bvz+PXXjcstbBAcFzQ=
Subject key identifier: 11:C2:24:4A:DC:B0:A7:32:03:C5:D9:32:88:F2:86:08:AF:A5:DE:13
Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Certificate serial: 026E
Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/BEFCC86E5F9A11EE86E5F045C4F9AE02.roa
Signing time: Mon 25 Dec 2023 05:21:13 +0000
ROA not before: Mon 25 Dec 2023 05:21:13 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137451
IP address blocks: 43.255.116.0/24 maxlen: 24
43.255.117.0/24 maxlen: 24
103.235.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 622 (0x26e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Validity
Not Before: Dec 25 05:21:13 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65891149-0795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6d:68:2c:bf:41:d1:42:b6:9e:5c:44:71:3c:
f2:7d:96:81:97:94:ab:1b:6a:b2:3d:d7:41:93:91:
89:80:c9:3a:16:42:1a:9e:6b:c0:ea:8d:b0:90:72:
f5:8b:e0:b7:87:6d:2d:da:de:cf:87:ab:62:8e:0f:
b6:02:7d:60:4c:15:56:c7:30:ad:84:58:21:d5:91:
69:46:22:56:2a:bd:80:61:43:29:c0:8e:e2:0d:cb:
82:40:a1:a2:17:d2:d6:59:00:9d:5f:4e:c7:06:24:
ac:b4:07:02:98:37:b9:9f:f6:e7:62:42:7f:3c:e3:
e7:4f:99:db:f7:f2:c1:1a:dc:8d:62:30:73:4f:42:
97:5e:4a:dc:bf:1a:68:5b:fa:4d:c7:4f:b8:d6:c4:
37:15:23:00:ac:ab:69:64:cc:ad:1b:05:10:a0:e3:
ee:91:a9:fe:9a:3c:16:49:50:bf:81:68:fd:d2:4d:
fe:0a:c0:fc:3a:39:d9:a5:d2:79:ea:c2:ad:0c:5a:
6d:54:68:0f:e1:21:b9:a2:ac:04:01:b5:a3:5b:38:
2c:b9:8e:1b:73:e3:71:f8:82:c6:2f:52:3a:0b:a8:
20:65:f0:cc:12:45:01:76:2f:26:80:22:ab:12:2b:
c0:77:e1:bd:b1:ac:ba:42:39:b0:22:01:58:df:73:
a9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C2:24:4A:DC:B0:A7:32:03:C5:D9:32:88:F2:86:08:AF:A5:DE:13
X509v3 Authority Key Identifier:
keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/BEFCC86E5F9A11EE86E5F045C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.116.0/23
103.235.19.0/24
Signature Algorithm: sha256WithRSAEncryption
86:7c:cc:1a:40:66:15:be:e1:97:b5:f3:03:72:5f:10:8e:4a:
c7:53:c2:5d:f9:b5:59:93:21:d5:20:7c:9c:94:42:03:5f:7f:
6b:ce:88:0c:8b:bd:d0:4f:50:01:a5:94:a7:9f:e3:a9:df:b8:
a0:d3:ab:42:75:b3:7e:95:41:80:cd:98:01:ed:9b:9b:4b:ab:
12:75:22:67:fb:e6:78:d5:cb:cb:3c:26:ba:0c:c3:c9:40:e5:
29:66:bc:ea:d8:19:54:1f:f0:6f:66:6d:74:a5:13:19:06:c6:
c7:7f:53:92:78:c9:83:3a:be:69:f2:13:7a:8d:46:be:04:50:
da:a4:92:6f:3f:72:90:a4:32:64:e2:92:23:5d:6a:f7:26:5e:
f5:36:c4:ed:4a:a6:bd:03:11:01:ea:2a:a4:06:5a:b8:1d:c6:
e8:59:f9:a7:52:4c:83:79:78:2d:cc:4e:50:66:7f:77:8a:0d:
f5:2b:d7:c8:2b:91:f8:04:55:67:72:36:cf:ae:07:e1:a5:4b:
c2:c9:32:8e:0b:9e:9f:05:f0:98:23:4d:2b:1b:8f:4e:b9:8a:
f3:ad:83:e7:6a:5b:ac:7e:9b:d6:5f:28:d8:06:74:0f:38:2d:
32:0e:dc:b8:99:84:84:e7:a9:44:07:46:d0:c3:3f:ca:ef:6d:
0b:62:1a:70
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAm4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE
MjYwQUE5NzgwHhcNMjMxMjI1MDUyMTEzWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTg5MTE0OS0wNzk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyW1oLL9B0UK2nlxEcTzyfZaBl5SrG2qyPddBk5GJgMk6FkIanmvA6o2wkHL1
i+C3h20t2t7Ph6tijg+2An1gTBVWxzCthFgh1ZFpRiJWKr2AYUMpwI7iDcuCQKGi
F9LWWQCdX07HBiSstAcCmDe5n/bnYkJ/POPnT5nb9/LBGtyNYjBzT0KXXkrcvxpo
W/pNx0+41sQ3FSMArKtpZMytGwUQoOPukan+mjwWSVC/gWj90k3+CsD8OjnZpdJ5
6sKtDFptVGgP4SG5oqwEAbWjWzgsuY4bc+Nx+ILGL1I6C6ggZfDMEkUBdi8mgCKr
EivAd+G9say6QjmwIgFY33Op+wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBHCJErc
sKcyA8XZMojyhgivpd4TMB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx
RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1N0IvOERBNzI2NDBDMUZBMTFFQ0IzMEVFMjFBQzRGOUFFMDIvQkVGQ0M4NkU1
RjlBMTFFRTg2RTVGMDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEr/3QDBABn6xMwDQYJKoZIhvcNAQELBQADggEBAIZ8zBpA
ZhW+4Ze18wNyXxCOSsdTwl35tVmTIdUgfJyUQgNff2vOiAyLvdBPUAGllKef46nf
uKDTq0J1s36VQYDNmAHtm5tLqxJ1Imf75njVy8s8JroMw8lA5SlmvOrYGVQf8G9m
bXSlExkGxsd/U5J4yYM6vmnyE3qNRr4EUNqkkm8/cpCkMmTikiNdavcmXvU2xO1K
pr0DEQHqKqQGWrgdxuhZ+adSTIN5eC3MTlBmf3eKDfUr18grkfgEVWdyNs+uB+Gl
S8LJMo4Lnp8F8JgjTSsbj065ivOtg+dqW6x+m9ZfKNgGdA84LTIO3LiZhITnqUQH
RtDDP8rvbQtiGnA=
-----END CERTIFICATE-----
Generated at Mon Dec 25 08:20:38 2023 by rpki-client on console-ams.rpki-client.org