Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/68E633526ECB11EFB7934C84C4F9AE02.roa
File: 68E633526ECB11EFB7934C84C4F9AE02.roa (raw, json)
Hash identifier: pQ5DHjXOg64fTpTuFU+5uUgtL2a7xQOt3sLwgSyO7u8=
Subject key identifier: C1:7A:81:10:87:B9:CA:66:67:A2:6A:86:53:CF:60:E8:7A:75:A2:82
Certificate issuer: /CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Certificate serial: 07A4
Authority key identifier: 9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/68E633526ECB11EFB7934C84C4F9AE02.roa
Signing time: Fri 04 Oct 2024 21:30:50 +0000
ROA not before: Fri 04 Oct 2024 21:30:50 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 62468
IP address blocks: 43.249.8.0/23 maxlen: 24
43.249.10.0/23 maxlen: 24
103.40.100.0/23 maxlen: 24
103.40.102.0/23 maxlen: 24
114.134.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 06:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1956 (0x7a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Validity
Not Before: Oct 4 21:30:50 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67005e8a-644c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:99:b9:c5:b8:81:1c:92:4e:00:5b:a5:7f:64:
e2:2f:e8:ff:11:f7:f3:fb:28:07:03:2b:50:9b:ad:
12:2d:76:a7:67:a5:b8:b6:d2:39:d0:37:68:a1:07:
8c:43:14:8d:df:57:15:c8:f9:d2:b5:8a:44:93:a9:
94:48:66:53:42:44:a3:16:35:17:2c:8e:a5:57:0c:
14:fa:3c:63:9c:e2:da:2d:21:48:f4:5f:0a:4a:6d:
3d:b6:e8:99:7e:92:2f:94:ac:f9:70:b1:b3:1a:8f:
90:f0:99:ae:01:22:dc:f7:8d:06:11:dd:a8:1b:a9:
fa:c2:49:5f:82:c8:9d:22:df:52:5c:ce:21:d9:17:
f2:ab:35:05:d2:4c:16:26:7c:9f:5f:5e:19:97:35:
e3:d0:f5:af:32:a0:73:0b:83:12:a0:d0:07:6c:e0:
2e:e5:0a:86:7a:0d:24:20:a0:d8:c7:e1:7e:70:16:
ab:58:3c:c2:fa:56:04:9d:36:88:1a:12:f2:1f:5f:
a7:26:54:ab:60:c7:6f:e4:38:bb:29:dc:45:de:9f:
14:d3:8a:d4:8f:c8:16:76:b4:87:ac:b7:df:63:02:
7b:38:f2:e7:df:ac:76:92:c0:ac:fc:fc:71:12:37:
f4:52:d5:94:88:7a:91:91:62:68:d2:24:91:47:96:
d9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:7A:81:10:87:B9:CA:66:67:A2:6A:86:53:CF:60:E8:7A:75:A2:82
X509v3 Authority Key Identifier:
keyid:9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/nQdEbvmfPFfCnFgta3rKRzX05HA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/68E633526ECB11EFB7934C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.8.0/22
103.40.100.0/22
114.134.184.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:4e:65:19:01:32:15:32:42:68:ca:75:b9:99:5f:07:e3:5b:
4b:cb:5b:b7:2b:4b:10:2d:6c:e5:5c:80:49:34:2d:b6:b2:70:
fc:43:2f:9b:77:16:54:90:57:33:d3:b4:44:0e:e2:d1:f6:10:
bf:55:69:ce:f3:37:71:70:41:b3:71:3a:22:2e:b3:00:4f:5f:
ab:9a:7c:e5:33:e1:b1:1e:91:81:92:51:7b:dc:cc:26:76:53:
16:1d:ba:61:d8:13:80:e8:4d:57:0c:d0:2d:91:ee:94:3d:5d:
b9:b1:de:94:a9:71:cb:17:45:3b:02:53:a0:41:69:eb:1d:3c:
40:41:cd:41:a2:3a:55:e3:c5:00:12:da:c3:a3:47:55:d6:19:
ec:cc:ff:57:e6:c8:4b:24:0c:92:c0:56:ab:e1:f6:56:d1:cc:
02:c5:94:13:b8:c9:64:70:99:d3:a9:30:da:12:19:60:d0:d2:
9c:f8:5c:66:ae:25:88:d6:fb:cf:e9:4f:d2:83:2c:c4:15:eb:
1e:f1:be:11:4b:a4:65:00:38:76:9e:91:21:b1:d7:45:63:2f:
f8:39:10:d9:c5:61:51:64:94:de:61:80:be:51:be:6a:c2:bf:
78:47:1f:48:26:a6:ee:64:66:19:e7:97:fc:6e:74:e8:cc:d8:
f8:d5:a8:9a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICB6QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE5MEYxMTAvBgNVBAUTKDlEMDc0NDZFRjk5RjNDNTdDMjlDNTgyRDZCN0FDQTQ3
MzVGNEU0NzAwHhcNMjQxMDA0MjEzMDUwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzAwNWU4YS02NDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7Zm5xbiBHJJOAFulf2TiL+j/Effz+ygHAytQm60SLXanZ6W4ttI50DdooQeM
QxSN31cVyPnStYpEk6mUSGZTQkSjFjUXLI6lVwwU+jxjnOLaLSFI9F8KSm09tuiZ
fpIvlKz5cLGzGo+Q8JmuASLc940GEd2oG6n6wklfgsidIt9SXM4h2RfyqzUF0kwW
JnyfX14ZlzXj0PWvMqBzC4MSoNAHbOAu5QqGeg0kIKDYx+F+cBarWDzC+lYEnTaI
GhLyH1+nJlSrYMdv5Di7KdxF3p8U04rUj8gWdrSHrLffYwJ7OPLn36x2ksCs/Pxx
Ejf0UtWUiHqRkWJo0iSRR5bZUQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFMF6gRCH
ucpmZ6JqhlPPYOh6daKCMB8GA1UdIwQYMBaAFJ0HRG75nzxXwpxYLWt6ykc19ORw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTkwRi9CM0NBNzZDMEZB
MzExMUVBQkQyNDlFN0FDNEY5QUUwMi9uUWRFYnZtZlBGZkNuRmd0YTNyS1J6WDA1
SEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25RZEVidm1mUEZmQ25GZ3RhM3JLUnpYMDVIQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE5MEYvQjNDQTc2QzBGQTMxMTFFQUJEMjQ5RTdBQzRGOUFFMDIvNjhFNjMzNTI2
RUNCMTFFRkI3OTM0Qzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAIr+QgDBAJnKGQDBAJyhrgwDQYJKoZIhvcNAQELBQADggEB
ALtOZRkBMhUyQmjKdbmZXwfjW0vLW7crSxAtbOVcgEk0LbaycPxDL5t3FlSQVzPT
tEQO4tH2EL9Vac7zN3FwQbNxOiIuswBPX6uafOUz4bEekYGSUXvczCZ2UxYdumHY
E4DoTVcM0C2R7pQ9Xbmx3pSpccsXRTsCU6BBaesdPEBBzUGiOlXjxQAS2sOjR1XW
GezM/1fmyEskDJLAVqvh9lbRzALFlBO4yWRwmdOpMNoSGWDQ0pz4XGauJYjW+8/p
T9KDLMQV6x7xvhFLpGUAOHaekSGx10VjL/g5ENnFYVFklN5hgL5RvmrCv3hHH0gm
pu5kZhnnl/xudOjM2PjVqJo=
-----END CERTIFICATE-----
Generated at Mon Oct 14 07:27:47 2024 by rpki-client on console-ams.rpki-client.org