Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/007FA420AB3911EEBD67A713C4F9AE02.roa
File: 007FA420AB3911EEBD67A713C4F9AE02.roa (raw, json)
Hash identifier: U4PPpPO6AfW05a8w0LoAlfC1krFh5XN7cFmBZ9Da5v0=
Subject key identifier: D3:20:94:9D:D1:A2:0A:09:36:5F:29:79:88:7C:F7:D0:DB:2C:52:E6
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: 0254
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/007FA420AB3911EEBD67A713C4F9AE02.roa
Signing time: Thu 11 Jan 2024 22:59:45 +0000
ROA not before: Thu 11 Jan 2024 22:59:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.229.116.0/24 maxlen: 24
103.229.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 08:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 596 (0x254)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Validity
Not Before: Jan 11 22:59:45 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65a072e1-be82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:41:e8:37:ab:e8:5b:76:d1:ee:0e:df:f8:54:
99:69:69:ac:05:f1:29:49:d0:6c:dc:02:19:71:e7:
45:43:b2:5b:85:11:2c:bc:d3:8c:9a:9a:d3:d3:ca:
ed:8b:67:49:7b:97:81:91:e6:8d:c0:e3:e3:20:0e:
98:0b:58:33:78:09:5c:3a:ba:57:fb:56:18:72:2c:
ed:d8:8d:91:0e:65:90:dd:18:e3:ed:1c:7b:04:01:
ea:bd:84:d0:24:c4:9d:c0:c6:97:b3:22:14:bc:b6:
af:ce:64:f4:00:a6:f1:5e:df:b5:d2:22:08:9b:77:
43:d2:e7:67:98:4a:8c:ce:a9:ad:dd:93:fb:75:27:
bf:89:9a:ae:16:42:fd:26:15:f7:ef:82:2c:cb:13:
a1:a3:5f:9e:a3:65:2e:b0:2a:50:3c:6d:ef:4f:de:
d1:c6:19:f3:86:b0:8b:f7:84:49:04:11:6a:24:cf:
d2:1e:f0:26:38:58:a2:28:7b:3c:de:51:26:a3:81:
dd:4a:3c:7c:3c:8d:96:c4:75:67:6d:79:75:82:6d:
62:03:cd:22:1f:ed:72:a3:d9:fa:34:20:b0:fa:de:
54:96:57:a9:35:7a:77:4f:85:53:48:f7:01:2e:ce:
25:3a:6c:d5:86:52:8e:7f:59:24:e8:75:22:cc:5b:
98:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:20:94:9D:D1:A2:0A:09:36:5F:29:79:88:7C:F7:D0:DB:2C:52:E6
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/007FA420AB3911EEBD67A713C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.229.116.0/24
103.229.118.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f1:eb:62:b4:fd:90:98:89:86:e1:1a:52:29:50:72:ee:da:
40:ed:95:98:bf:c9:06:88:fb:3d:93:9b:97:14:56:4d:90:bb:
c5:c3:81:17:16:80:b2:fb:cf:a6:7b:c4:6b:ae:12:18:69:70:
70:74:cc:63:a0:f5:c0:ef:b5:54:66:86:f4:cd:57:2d:2a:e1:
70:7a:ba:9e:3e:1c:15:07:0f:fb:f5:5a:d0:89:9c:5b:25:66:
de:2b:e9:93:02:57:0f:5a:73:2d:6d:34:3a:a8:52:64:3e:6b:
5d:c9:be:f0:cc:27:57:4d:99:5f:e6:7c:b5:26:83:d3:bd:6a:
22:cf:29:40:ed:2a:21:84:ac:ae:17:b6:2f:c3:1e:fb:6f:42:
5f:c2:83:40:e7:9a:bd:43:5a:04:98:a6:e0:e7:67:75:f8:bd:
44:a4:97:82:5a:2d:41:ff:e5:0d:9a:a0:ac:34:ef:72:19:0f:
c2:ec:1f:1e:4f:64:7a:1e:a5:ce:76:6a:f0:b8:c3:4d:7f:ff:
6c:08:00:60:dc:fa:a3:3e:ec:4b:0a:cb:c9:86:be:c0:3e:a2:
1c:56:8b:52:9c:0a:7d:ea:4d:d9:eb:85:99:45:1d:05:55:2d:
b9:33:d9:22:1b:75:f1:ae:84:53:15:9b:13:12:20:45:fd:d1:
6e:18:70:47
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAlQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhBRjIxMTAvBgNVBAUTKDEwMDVDQ0Q1RTE4MjMwRkJBOUFERDNEMjdGODVEQTM4
RjEzRTQxNzIwHhcNMjQwMTExMjI1OTQ1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWEwNzJlMS1iZTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA30HoN6voW3bR7g7f+FSZaWmsBfEpSdBs3AIZcedFQ7JbhREsvNOMmprT08rt
i2dJe5eBkeaNwOPjIA6YC1gzeAlcOrpX+1YYcizt2I2RDmWQ3Rjj7Rx7BAHqvYTQ
JMSdwMaXsyIUvLavzmT0AKbxXt+10iIIm3dD0udnmEqMzqmt3ZP7dSe/iZquFkL9
JhX374IsyxOho1+eo2UusCpQPG3vT97RxhnzhrCL94RJBBFqJM/SHvAmOFiiKHs8
3lEmo4HdSjx8PI2WxHVnbXl1gm1iA80iH+1yo9n6NCCw+t5UllepNXp3T4VTSPcB
Ls4lOmzVhlKOf1kk6HUizFuYuQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNMglJ3R
ogoJNl8peYh899DbLFLmMB8GA1UdIwQYMBaAFBAFzNXhgjD7qa3T0n+F2jjxPkFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEFGMi83M0M4ODc5MkUw
NjcxMUVDQjlEMkZGODFDNEY5QUUwMi9FQVhNMWVHQ01QdXByZFBTZjRYYU9QRS1R
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhBRjIvNzNDODg3OTJFMDY3MTFFQ0I5RDJGRjgxQzRGOUFFMDIvMDA3RkE0MjBB
QjM5MTFFRUJENjdBNzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn5XQDBABn5XYwDQYJKoZIhvcNAQELBQADggEBAJLx62K0
/ZCYiYbhGlIpUHLu2kDtlZi/yQaI+z2Tm5cUVk2Qu8XDgRcWgLL7z6Z7xGuuEhhp
cHB0zGOg9cDvtVRmhvTNVy0q4XB6up4+HBUHD/v1WtCJnFslZt4r6ZMCVw9acy1t
NDqoUmQ+a13JvvDMJ1dNmV/mfLUmg9O9aiLPKUDtKiGErK4Xti/DHvtvQl/Cg0Dn
mr1DWgSYpuDnZ3X4vUSkl4JaLUH/5Q2aoKw073IZD8LsHx5PZHoepc52avC4w01/
/2wIAGDc+qM+7EsKy8mGvsA+ohxWi1KcCn3qTdnrhZlFHQVVLbkz2SIbdfGuhFMV
mxMSIEX90W4YcEc=
-----END CERTIFICATE-----
Generated at Tue Jan 16 13:17:11 2024 by rpki-client on console-fra.rpki-client.org