Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91862F9/4E609A723B7D11EE9656FC64C4F9AE02/A4FA498C3B7D11EEAE866066C4F9AE02.roa
File: A4FA498C3B7D11EEAE866066C4F9AE02.roa (raw, json)
Hash identifier: n1pyD3TmfJGFy0CcRc4DgaFjI3lIq8XQUxn4ebHxoew=
Subject key identifier: 7C:44:1C:3A:4A:4C:87:8C:31:08:05:02:F0:0D:E8:9A:C3:50:6A:4A
Certificate issuer: /CN=A91862F9/serialNumber=BE6341A7CC0CA0F6C1A15E0466EC7155B8283C9D
Certificate serial: 04
Authority key identifier: BE:63:41:A7:CC:0C:A0:F6:C1:A1:5E:04:66:EC:71:55:B8:28:3C:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vmNBp8wMoPbBoV4EZuxxVbgoPJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91862F9/4E609A723B7D11EE9656FC64C4F9AE02/A4FA498C3B7D11EEAE866066C4F9AE02.roa
Signing time: Tue 15 Aug 2023 15:09:21 +0000
ROA not before: Tue 15 Aug 2023 15:09:21 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 135365
IP address blocks: 103.253.176.0/23 maxlen: 23
103.253.176.0/24 maxlen: 24
103.253.177.0/24 maxlen: 24
2401:25e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Mar 2024 15:32:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862F9/serialNumber=BE6341A7CC0CA0F6C1A15E0466EC7155B8283C9D
Validity
Not Before: Aug 15 15:09:21 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64db9521-c89b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fc:3b:90:d8:a2:fe:bf:21:73:74:9e:7f:a0:
10:10:1a:7b:f7:b5:65:ac:19:ec:f5:4e:a0:ca:60:
33:14:fe:c3:ff:91:48:e8:e3:fc:a3:8b:6e:7c:b4:
20:ad:1a:94:19:ee:a8:20:95:da:23:32:fb:90:7e:
4e:09:5d:07:17:ee:7c:b4:10:c5:ed:a8:b8:08:76:
38:b1:c7:a1:50:21:97:ab:d0:3e:0d:d9:1a:93:8f:
20:be:24:63:ee:3f:b3:b7:8a:fb:9d:ed:63:88:a1:
28:2a:ea:c3:3d:bd:11:fa:c2:4b:bd:a7:f2:d1:51:
48:43:95:b0:ce:c2:8d:b2:4b:1c:e7:95:be:0b:1c:
52:70:03:8d:5f:36:f8:6b:8c:02:b9:a0:82:6a:0f:
8a:f8:24:6a:b5:7b:cc:bf:11:fc:77:a9:ba:12:47:
87:01:13:f4:27:d7:9c:c4:a1:73:da:e9:81:7d:e0:
35:9f:d2:77:59:ac:0c:c0:2b:b2:ab:9c:f6:8c:64:
1f:7c:39:83:9a:73:19:af:17:85:0d:a7:5e:ca:7d:
00:52:1e:e4:14:92:65:82:8a:0f:29:a0:01:8d:d9:
51:e1:bf:22:3a:cd:a9:0e:03:8c:74:99:6e:07:75:
ee:18:b5:59:f4:75:30:fb:37:a0:79:09:2f:d9:8a:
74:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:44:1C:3A:4A:4C:87:8C:31:08:05:02:F0:0D:E8:9A:C3:50:6A:4A
X509v3 Authority Key Identifier:
keyid:BE:63:41:A7:CC:0C:A0:F6:C1:A1:5E:04:66:EC:71:55:B8:28:3C:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91862F9/4E609A723B7D11EE9656FC64C4F9AE02/vmNBp8wMoPbBoV4EZuxxVbgoPJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vmNBp8wMoPbBoV4EZuxxVbgoPJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91862F9/4E609A723B7D11EE9656FC64C4F9AE02/A4FA498C3B7D11EEAE866066C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.253.176.0/23
IPv6:
2401:25e0::/32
Signature Algorithm: sha256WithRSAEncryption
96:cb:5f:09:6a:35:f8:28:e3:d6:c4:22:e3:4a:3a:8b:93:b4:
f8:6b:05:55:9f:d5:80:54:df:58:e3:c7:bb:98:7d:f0:49:32:
78:7e:20:82:84:af:3d:96:08:53:f4:d5:0f:75:37:16:dc:13:
4f:ac:05:92:49:92:ee:2c:4d:3b:cd:f0:da:9f:e2:11:15:2a:
5e:9f:38:1a:29:9e:49:a1:56:22:22:f6:93:5a:9b:6c:d1:8d:
fd:15:d6:c7:6e:53:c9:3e:8f:74:41:b8:c6:e1:af:63:66:d0:
07:ba:39:fb:4e:ed:4c:69:32:c1:4d:2d:7f:88:78:95:64:01:
ce:87:74:d3:40:97:a1:9e:71:46:37:a7:8d:8c:d8:7f:16:3b:
33:66:4c:8d:b0:b6:cf:dc:53:93:38:2e:67:b1:51:a1:1f:b0:
5f:a2:c8:52:e5:07:e1:7f:83:c1:df:ba:0c:5d:aa:d1:00:37:
54:29:2f:17:a0:5a:32:fa:39:ee:18:96:7e:95:22:1e:95:66:
eb:f1:30:49:c7:a8:42:2d:fc:bb:90:80:b0:e9:2e:2b:6b:0e:
8e:f4:91:58:fa:35:e4:75:43:00:bf:6d:c1:22:73:4e:4e:51:
b2:40:f4:8e:74:02:91:28:7a:96:62:99:4b:20:6b:7f:a3:39:
3f:21:75:88
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NjJGOTExMC8GA1UEBRMoQkU2MzQxQTdDQzBDQTBGNkMxQTE1RTA0NjZFQzcxNTVC
ODI4M0M5RDAeFw0yMzA4MTUxNTA5MjFaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZGI5NTIxLWM4OWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCq/DuQ2KL+vyFzdJ5/oBAQGnv3tWWsGez1TqDKYDMU/sP/kUjo4/yji258tCCt
GpQZ7qggldojMvuQfk4JXQcX7ny0EMXtqLgIdjixx6FQIZer0D4N2RqTjyC+JGPu
P7O3ivud7WOIoSgq6sM9vRH6wku9p/LRUUhDlbDOwo2ySxznlb4LHFJwA41fNvhr
jAK5oIJqD4r4JGq1e8y/Efx3qboSR4cBE/Qn15zEoXPa6YF94DWf0ndZrAzAK7Kr
nPaMZB98OYOacxmvF4UNp17KfQBSHuQUkmWCig8poAGN2VHhvyI6zakOA4x0mW4H
de4YtVn0dTD7N6B5CS/ZinQtAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUfEQcOkpM
h4wxCAUC8A3omsNQakowHwYDVR0jBBgwFoAUvmNBp8wMoPbBoV4EZuxxVbgoPJ0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg2MkY5LzRFNjA5QTcyM0I3
RDExRUU5NjU2RkM2NEM0RjlBRTAyL3ZtTkJwOHdNb1BiQm9WNEVadXh4VmJnb1BK
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdm1OQnA4d01vUGJCb1Y0RVp1eHhWYmdvUEowLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NjJGOS80RTYwOUE3MjNCN0QxMUVFOTY1NkZDNjRDNEY5QUUwMi9BNEZBNDk4QzNC
N0QxMUVFQUU4NjYwNjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWf9sDANBAIAAjAHAwUAJAEl4DANBgkqhkiG9w0BAQsFAAOC
AQEAlstfCWo1+Cjj1sQi40o6i5O0+GsFVZ/VgFTfWOPHu5h98EkyeH4ggoSvPZYI
U/TVD3U3FtwTT6wFkkmS7ixNO83w2p/iERUqXp84GimeSaFWIiL2k1qbbNGN/RXW
x25TyT6PdEG4xuGvY2bQB7o5+07tTGkywU0tf4h4lWQBzod000CXoZ5xRjenjYzY
fxY7M2ZMjbC2z9xTkzguZ7FRoR+wX6LIUuUH4X+Dwd+6DF2q0QA3VCkvF6BaMvo5
7hiWfpUiHpVm6/EwSceoQi38u5CAsOkuK2sOjvSRWPo15HVDAL9twSJzTk5RskD0
jnQCkSh6lmKZSyBrf6M5PyF1iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org