Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/A7248C32346E11EFA31C0545C4F9AE02.roa
File: A7248C32346E11EFA31C0545C4F9AE02.roa (raw, json)
Hash identifier: nu3jPCVxXeYHluBcbwH0/IwAJc+XFjyrBg07C9jjehQ=
Subject key identifier: 71:CA:C6:0C:EA:C4:65:D8:3B:B0:4C:83:C8:81:FA:EA:3A:C9:47:50
Certificate issuer: /CN=A91776E4/serialNumber=5699A6F52F90057382CDE96F76526F7FCA0193A3
Certificate serial: 0244
Authority key identifier: 56:99:A6:F5:2F:90:05:73:82:CD:E9:6F:76:52:6F:7F:CA:01:93:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vpmm9S-QBXOCzelvdlJvf8oBk6M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/A7248C32346E11EFA31C0545C4F9AE02.roa
Signing time: Thu 27 Jun 2024 10:18:53 +0000
ROA not before: Thu 27 Jun 2024 10:18:53 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 132721
IP address blocks: 103.93.46.0/24 maxlen: 24
103.98.112.0/24 maxlen: 24
103.98.114.0/24 maxlen: 24
103.98.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 14:36:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 580 (0x244)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91776E4/serialNumber=5699A6F52F90057382CDE96F76526F7FCA0193A3
Validity
Not Before: Jun 27 10:18:53 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=667d3c8c-d8b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:94:d6:86:c7:ca:fa:94:ef:42:20:96:25:b3:
79:02:5e:ac:cf:5f:57:1b:a9:a0:26:81:74:b6:f3:
64:fa:7e:ac:ec:28:40:9f:d7:36:3a:54:4e:23:dd:
bb:2c:83:c0:cb:9b:76:6d:5a:82:77:00:7b:10:2b:
88:c8:58:20:0d:69:fb:3e:00:bb:65:e5:d6:b4:51:
71:c1:ca:0c:24:45:91:22:2d:57:27:ac:12:3e:15:
be:9e:b3:99:50:e6:60:42:8b:9d:bd:02:0b:de:20:
66:ff:0a:50:9a:a8:b7:1a:d4:6a:a1:e8:9b:f2:e8:
f3:99:dc:86:5b:5b:e8:ed:47:d0:14:59:8e:d8:49:
3f:2c:8b:fe:97:e5:dd:66:bc:f6:9a:8c:6c:b0:8b:
dd:eb:12:d2:dd:ed:6b:eb:e3:3e:0c:8e:f5:5f:46:
af:7b:05:ba:3d:fd:c2:64:10:67:e9:e4:cc:00:f7:
b2:79:bc:d6:54:68:1b:25:ec:32:d2:76:9b:6e:4b:
7b:4b:d2:fb:da:6c:8e:38:c7:d0:ed:67:00:26:4e:
60:49:10:02:85:db:21:2b:ea:31:ea:75:2b:86:43:
05:8b:4d:ce:2c:c9:78:83:bb:a8:fd:b3:6f:0e:e8:
32:0a:f1:2f:cc:15:ee:ea:22:3a:ee:cc:ed:9a:08:
8f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CA:C6:0C:EA:C4:65:D8:3B:B0:4C:83:C8:81:FA:EA:3A:C9:47:50
X509v3 Authority Key Identifier:
keyid:56:99:A6:F5:2F:90:05:73:82:CD:E9:6F:76:52:6F:7F:CA:01:93:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/Vpmm9S-QBXOCzelvdlJvf8oBk6M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vpmm9S-QBXOCzelvdlJvf8oBk6M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/A7248C32346E11EFA31C0545C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.46.0/24
103.98.112.0/24
103.98.114.0/23
Signature Algorithm: sha256WithRSAEncryption
76:9d:50:29:22:f1:11:37:fe:f9:69:f0:67:01:b8:c6:5b:52:
40:37:f6:5a:f8:0c:21:4d:42:10:c4:07:88:88:13:09:a8:1f:
c9:7b:8f:12:6f:02:5c:70:a4:11:79:9c:02:09:51:ce:8f:32:
c1:a1:b4:bf:8e:ed:0b:a8:ff:7a:0f:9a:06:33:ba:e4:7d:e5:
8a:13:d9:4c:fb:5b:63:8d:60:b9:23:e0:f0:5b:64:22:81:fb:
0e:13:58:20:76:de:02:8a:68:78:c0:16:e8:2a:31:ce:c4:54:
c9:a6:7a:e1:ce:2d:de:10:c0:61:2e:38:06:4c:72:8d:fb:e6:
3d:9e:ae:0d:ea:c2:a4:75:cc:f3:a0:96:77:2d:df:f5:f0:00:
df:30:5f:33:ec:58:31:8a:21:61:2c:2b:51:7e:c3:2e:f0:6a:
94:83:db:f7:46:cf:3f:da:88:b0:e9:4c:8e:56:f6:7e:fe:a6:
f5:aa:b0:27:4e:81:b2:5a:c9:5f:03:f8:7a:94:b8:73:99:d3:
1e:d4:37:c5:2b:5b:82:8b:48:e1:f8:01:6b:a2:97:02:51:ef:
ac:0b:6f:bf:79:1f:2f:9b:ca:bc:b6:18:97:1d:b0:7a:93:1c:
f5:b8:e2:08:be:aa:ef:d0:23:35:0a:8e:11:54:50:dc:4a:bd:
24:dd:69:ad
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAkQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc2RTQxMTAvBgNVBAUTKDU2OTlBNkY1MkY5MDA1NzM4MkNERTk2Rjc2NTI2RjdG
Q0EwMTkzQTMwHhcNMjQwNjI3MTAxODUzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdkM2M4Yy1kOGIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7JTWhsfK+pTvQiCWJbN5Al6sz19XG6mgJoF0tvNk+n6s7ChAn9c2OlROI927
LIPAy5t2bVqCdwB7ECuIyFggDWn7PgC7ZeXWtFFxwcoMJEWRIi1XJ6wSPhW+nrOZ
UOZgQoudvQIL3iBm/wpQmqi3GtRqoeib8ujzmdyGW1vo7UfQFFmO2Ek/LIv+l+Xd
Zrz2moxssIvd6xLS3e1r6+M+DI71X0avewW6Pf3CZBBn6eTMAPeyebzWVGgbJewy
0nabbkt7S9L72myOOMfQ7WcAJk5gSRAChdshK+ox6nUrhkMFi03OLMl4g7uo/bNv
DugyCvEvzBXu6iI67sztmgiPcQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHHKxgzq
xGXYO7BMg8iB+uo6yUdQMB8GA1UdIwQYMBaAFFaZpvUvkAVzgs3pb3ZSb3/KAZOj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzZFNC80NzQyODg3MEU5
RjAxMUVDQTgzNThBODRDNEY5QUUwMi9WcG1tOVMtUUJYT0N6ZWx2ZGxKdmY4b0Jr
Nk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZwbW05Uy1RQlhPQ3plbHZkbEp2ZjhvQms2TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc2RTQvNDc0Mjg4NzBFOUYwMTFFQ0E4MzU4QTg0QzRGOUFFMDIvQTcyNDhDMzIz
NDZFMTFFRkEzMUMwNTQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnXS4DBABnYnADBAFnYnIwDQYJKoZIhvcNAQELBQADggEB
AHadUCki8RE3/vlp8GcBuMZbUkA39lr4DCFNQhDEB4iIEwmoH8l7jxJvAlxwpBF5
nAIJUc6PMsGhtL+O7Quo/3oPmgYzuuR95YoT2Uz7W2ONYLkj4PBbZCKB+w4TWCB2
3gKKaHjAFugqMc7EVMmmeuHOLd4QwGEuOAZMco375j2erg3qwqR1zPOglnct3/Xw
AN8wXzPsWDGKIWEsK1F+wy7wapSD2/dGzz/aiLDpTI5W9n7+pvWqsCdOgbJayV8D
+HqUuHOZ0x7UN8UrW4KLSOH4AWuilwJR76wLb795Hy+byry2GJcdsHqTHPW44gi+
qu/QIzUKjhFUUNxKvSTdaa0=
-----END CERTIFICATE-----
Generated at Thu Aug 1 17:54:14 2024 by rpki-client on console-fra.rpki-client.org