Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9180488/6520FF08F1D011EAA48CEE6FC4F9AE02/0E8274C8F1D111EAB8680270C4F9AE02.roa
File: 0E8274C8F1D111EAB8680270C4F9AE02.roa (raw, json)
Hash identifier: QKQD1DnluPTlVGCPpmIHUQBiInmIdxjnp7xFvuRg7FU=
Subject key identifier: DD:83:F1:D3:D7:2F:86:C1:E4:5F:27:B0:C5:E6:37:F8:EF:3C:F9:1E
Certificate issuer: /CN=A9180488/serialNumber=C4F6C930E09B81AF5E8C00E79A5842AA7273D10F
Certificate serial: 067F
Authority key identifier: C4:F6:C9:30:E0:9B:81:AF:5E:8C:00:E7:9A:58:42:AA:72:73:D1:0F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPbJMOCbga9ejADnmlhCqnJz0Q8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9180488/6520FF08F1D011EAA48CEE6FC4F9AE02/0E8274C8F1D111EAB8680270C4F9AE02.roa
Signing time: Wed 02 Aug 2023 21:59:02 +0000
ROA not before: Wed 02 Aug 2023 21:59:02 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 17747
IP address blocks: 103.26.216.0/24 maxlen: 24
103.26.217.0/24 maxlen: 24
103.26.218.0/24 maxlen: 24
103.26.219.0/24 maxlen: 24
150.129.176.0/24 maxlen: 24
150.129.177.0/24 maxlen: 24
150.129.178.0/24 maxlen: 24
150.129.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 May 2024 13:07:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1663 (0x67f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9180488/serialNumber=C4F6C930E09B81AF5E8C00E79A5842AA7273D10F
Validity
Not Before: Aug 2 21:59:02 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64cad1a5-b404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0b:46:fc:10:02:1e:f7:74:a0:64:18:af:15:
a4:a0:4e:9c:0f:ef:1d:7b:a8:2c:e9:48:3c:03:34:
28:eb:78:cc:a3:44:1a:4c:dc:e4:cd:b4:d8:dc:78:
20:f6:82:57:f6:cf:7a:33:6d:23:92:f7:bc:d9:88:
c0:a7:d7:c3:31:41:65:5d:95:e1:4b:82:7c:0c:c3:
04:da:52:4a:15:a2:5f:bb:7e:18:54:3a:4d:d4:7f:
aa:12:dc:a3:64:49:dc:11:91:49:af:26:22:21:0d:
58:82:11:53:96:1f:f8:7c:58:cb:2e:c4:72:88:d0:
c9:3b:fe:89:34:1c:67:19:f5:bc:a2:3a:94:93:04:
e8:4a:a1:5c:31:da:b4:14:59:06:f1:02:fa:13:94:
fb:0e:3f:47:0c:13:b2:0f:7f:38:ba:ab:7a:71:ac:
a0:c4:6c:4d:b9:96:af:29:3f:c2:f0:b0:c0:4a:83:
2a:eb:e3:18:a3:7e:bc:eb:9b:20:da:2a:73:1e:8c:
ea:0c:29:ba:c4:90:00:80:07:39:86:5a:e8:0c:6f:
bf:c1:6e:42:d7:f9:25:08:3c:e3:0b:1e:e9:bf:20:
f8:c2:23:49:72:48:4d:e2:05:a9:b8:0a:4b:d6:e0:
be:79:64:b8:34:2f:17:a7:51:8d:cb:88:22:b7:df:
5e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:83:F1:D3:D7:2F:86:C1:E4:5F:27:B0:C5:E6:37:F8:EF:3C:F9:1E
X509v3 Authority Key Identifier:
keyid:C4:F6:C9:30:E0:9B:81:AF:5E:8C:00:E7:9A:58:42:AA:72:73:D1:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9180488/6520FF08F1D011EAA48CEE6FC4F9AE02/xPbJMOCbga9ejADnmlhCqnJz0Q8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPbJMOCbga9ejADnmlhCqnJz0Q8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9180488/6520FF08F1D011EAA48CEE6FC4F9AE02/0E8274C8F1D111EAB8680270C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.26.216.0/22
150.129.176.0/22
Signature Algorithm: sha256WithRSAEncryption
80:9f:c3:e6:98:0c:34:40:3e:f3:c1:1f:58:8c:7d:e9:71:7c:
1f:86:39:9c:03:d6:9d:95:03:f1:33:d0:ae:dd:ae:a9:2b:9d:
88:5c:ca:e0:63:82:24:10:48:18:b3:f1:09:a4:38:8a:db:e8:
f6:5b:8a:93:ec:ca:b1:c4:6a:c7:b9:65:7a:64:2e:14:c4:01:
a3:52:cf:e9:7e:ca:95:75:c9:77:a5:6e:2e:df:ab:00:89:ae:
a8:fe:6b:2e:15:a6:56:1e:1c:9d:ae:6b:7d:88:84:e3:b9:76:
2d:ce:28:16:bc:9f:6e:7e:f1:21:91:74:41:5b:53:36:8e:7e:
61:b1:07:f0:53:95:01:a7:2c:e8:36:d8:f6:92:e3:44:65:4b:
f3:92:e8:d1:78:1c:5e:5b:b0:c7:87:bc:59:47:61:b3:37:64:
e6:28:27:1e:c4:dd:15:9b:99:38:e5:61:6e:d3:8e:6c:55:c3:
3e:35:d3:4d:04:f6:2f:46:2c:0b:5d:fd:a2:9f:af:7d:ca:3b:
26:51:cc:0e:6f:40:29:7c:a5:f1:d7:60:91:17:f3:10:75:e2:
e5:6a:fc:a0:6d:0c:39:eb:1f:d8:1d:98:ec:2d:75:7d:89:ca:
97:0b:ab:d2:d9:2b:ae:6a:fb:27:42:e5:72:f3:13:4f:2a:75:
ac:ab:e2:3c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBn8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODA0ODgxMTAvBgNVBAUTKEM0RjZDOTMwRTA5QjgxQUY1RThDMDBFNzlBNTg0MkFB
NzI3M0QxMEYwHhcNMjMwODAyMjE1OTAyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNhZDFhNS1iNDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvQtG/BACHvd0oGQYrxWkoE6cD+8de6gs6Ug8AzQo63jMo0QaTNzkzbTY3Hgg
9oJX9s96M20jkve82YjAp9fDMUFlXZXhS4J8DMME2lJKFaJfu34YVDpN1H+qEtyj
ZEncEZFJryYiIQ1YghFTlh/4fFjLLsRyiNDJO/6JNBxnGfW8ojqUkwToSqFcMdq0
FFkG8QL6E5T7Dj9HDBOyD384uqt6caygxGxNuZavKT/C8LDASoMq6+MYo36865sg
2ipzHozqDCm6xJAAgAc5hlroDG+/wW5C1/klCDzjCx7pvyD4wiNJckhN4gWpuApL
1uC+eWS4NC8Xp1GNy4git99eMQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN2D8dPX
L4bB5F8nsMXmN/jvPPkeMB8GA1UdIwQYMBaAFMT2yTDgm4GvXowA55pYQqpyc9EP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDQ4OC82NTIwRkYwOEYx
RDAxMUVBQTQ4Q0VFNkZDNEY5QUUwMi94UGJKTU9DYmdhOWVqQURubWxoQ3FuSnow
UTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hQYkpNT0NiZ2E5ZWpBRG5tbGhDcW5KejBROC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODA0ODgvNjUyMEZGMDhGMUQwMTFFQUE0OENFRTZGQzRGOUFFMDIvMEU4Mjc0QzhG
MUQxMTFFQUI4NjgwMjcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnGtgDBAKWgbAwDQYJKoZIhvcNAQELBQADggEBAICfw+aY
DDRAPvPBH1iMfelxfB+GOZwD1p2VA/Ez0K7drqkrnYhcyuBjgiQQSBiz8QmkOIrb
6PZbipPsyrHEase5ZXpkLhTEAaNSz+l+ypV1yXelbi7fqwCJrqj+ay4VplYeHJ2u
a32IhOO5di3OKBa8n25+8SGRdEFbUzaOfmGxB/BTlQGnLOg22PaS40RlS/OS6NF4
HF5bsMeHvFlHYbM3ZOYoJx7E3RWbmTjlYW7TjmxVwz41000E9i9GLAtd/aKfr33K
OyZRzA5vQCl8pfHXYJEX8xB14uVq/KBtDDnrH9gdmOwtdX2JypcLq9LZK65q+ydC
5XLzE08qdayr4jw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org