Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/08F42A44E6B811EE9102CF4FC4F9AE02.roa
File: 08F42A44E6B811EE9102CF4FC4F9AE02.roa (raw, json)
Hash identifier: UOcgxqCtc35j9KTXr3sRudCoILQfOi0QZzMNAco+nEY=
Subject key identifier: EF:49:4A:02:0E:73:B7:98:18:18:89:32:53:B1:E9:C2:EE:94:B1:5F
Certificate issuer: /CN=A918AA78/serialNumber=09CFFE467F3B09C3D06F24919CFAC7E003E4BB75
Certificate serial: 1B42
Authority key identifier: 09:CF:FE:46:7F:3B:09:C3:D0:6F:24:91:9C:FA:C7:E0:03:E4:BB:75
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/08F42A44E6B811EE9102CF4FC4F9AE02.roa
Signing time: Tue 09 Jul 2024 12:35:52 +0000
ROA not before: Tue 09 Jul 2024 12:35:52 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 7342
IP address blocks: 103.87.108.0/24 maxlen: 24
103.87.109.0/24 maxlen: 24
103.87.110.0/24 maxlen: 24
103.87.111.0/24 maxlen: 24
203.144.58.0/24 maxlen: 24
203.144.59.0/24 maxlen: 24
203.144.61.0/24 maxlen: 24
2402:79c0:3::/48 maxlen: 48
2402:79c0:100::/48 maxlen: 48
2402:79c0:100::7/128 maxlen: 128
2402:79c0:101::/48 maxlen: 48
2402:79c0:102::/48 maxlen: 48
2402:79c0:103::/48 maxlen: 48
2402:79c0:104::/48 maxlen: 48
2402:79c0:105::/48 maxlen: 48
2402:79c0:106::/48 maxlen: 48
2402:79c0:107::/48 maxlen: 48
2402:79c0:108::/48 maxlen: 48
2402:79c0:109::/48 maxlen: 48
2402:79c0:10a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jul 2024 12:36:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6978 (0x1b42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918AA78/serialNumber=09CFFE467F3B09C3D06F24919CFAC7E003E4BB75
Validity
Not Before: Jul 9 12:35:52 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=668d2ea8-f257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e1:fd:fc:bf:16:ba:ac:15:c7:64:69:85:09:
aa:07:b5:ac:83:47:a9:4c:7b:38:28:3e:0a:67:f1:
c9:51:00:76:cd:e6:df:dc:3d:f3:30:a2:9b:a2:13:
8b:a2:9b:45:c1:44:22:6a:4f:41:bc:12:7c:ff:02:
ba:3b:eb:72:d2:e2:21:5d:39:96:bb:a7:28:b3:06:
51:eb:37:ee:a9:fa:fc:d1:1d:2f:d8:cc:a2:df:e4:
e7:21:2e:94:83:49:8b:66:16:9a:7a:9e:19:3f:f3:
33:75:6b:7c:99:6e:2e:45:f6:20:17:06:58:ea:a4:
ba:2c:38:35:91:67:9f:8b:75:e3:ef:39:23:82:8e:
95:31:3a:dd:4d:dd:5f:5a:08:61:0a:d3:d7:50:c7:
36:18:1c:ce:59:48:28:ec:c1:2d:b8:aa:f1:89:61:
9d:e0:6c:a4:7f:a9:ed:3c:64:1d:08:c2:c4:79:62:
59:8f:06:56:95:fa:fb:5c:7c:c9:24:43:b4:cf:43:
ed:96:bb:c7:3e:f2:19:69:ad:0d:70:a8:68:4d:ec:
fa:bd:5f:c9:f5:87:d7:71:a2:f0:19:c4:1d:b5:76:
64:b8:f9:54:51:bd:5f:4b:9b:28:cf:af:00:5a:8c:
91:91:de:e0:56:ff:77:45:aa:92:16:5a:a1:09:46:
1e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:49:4A:02:0E:73:B7:98:18:18:89:32:53:B1:E9:C2:EE:94:B1:5F
X509v3 Authority Key Identifier:
keyid:09:CF:FE:46:7F:3B:09:C3:D0:6F:24:91:9C:FA:C7:E0:03:E4:BB:75
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/08F42A44E6B811EE9102CF4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.87.108.0/22
203.144.58.0/23
203.144.61.0/24
IPv6:
2402:79c0:3::/48
2402:79c0:100::-2402:79c0:10a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c1:5c:00:e7:8a:6c:ec:61:6f:55:e3:09:dc:f7:65:35:21:ee:
2b:04:2c:10:ec:7d:1a:78:37:6a:58:ac:6c:20:03:f9:94:c6:
84:e6:da:84:a4:78:c9:ec:97:c2:66:a1:53:f5:c8:7e:cd:d8:
f6:32:1e:0f:c4:0b:dc:28:26:8a:30:35:db:83:4d:1b:81:d6:
52:6e:ba:d4:38:b5:6e:57:8c:a2:07:33:c0:fc:da:1c:ad:80:
9e:c2:32:57:c6:bf:9b:17:71:7d:a4:8f:88:87:01:57:46:9b:
25:55:4f:89:27:e1:91:68:8f:44:6f:51:a4:a7:b5:a0:30:fe:
e0:de:f7:e9:dd:21:86:9d:81:02:66:e4:da:fd:d1:1d:e1:ca:
12:0a:97:b8:ad:bc:ff:3f:f4:a9:9b:1d:94:89:04:5b:02:71:
80:03:7d:06:56:be:8c:1a:e8:ab:54:0f:4c:e0:0b:a3:2a:be:
f0:dc:c9:ac:3a:4b:84:61:17:7f:7f:56:fa:55:47:44:8c:30:
bd:69:a2:7c:d5:21:ea:9d:92:2d:3f:93:61:5b:27:56:01:1e:
ba:7c:08:d8:fb:e9:7c:1e:b7:f9:0a:90:eb:61:fb:d9:47:c2:
29:99:8d:4d:b2:4a:b9:c9:24:e4:d8:b5:67:80:6d:a6:85:67:
91:a7:31:f1
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICG0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEFBNzgxMTAvBgNVBAUTKDA5Q0ZGRTQ2N0YzQjA5QzNEMDZGMjQ5MTlDRkFDN0Uw
MDNFNEJCNzUwHhcNMjQwNzA5MTIzNTUyWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhkMmVhOC1mMjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0eH9/L8WuqwVx2RphQmqB7Wsg0epTHs4KD4KZ/HJUQB2zebf3D3zMKKbohOL
optFwUQiak9BvBJ8/wK6O+ty0uIhXTmWu6coswZR6zfuqfr80R0v2Myi3+TnIS6U
g0mLZhaaep4ZP/MzdWt8mW4uRfYgFwZY6qS6LDg1kWefi3Xj7zkjgo6VMTrdTd1f
WghhCtPXUMc2GBzOWUgo7MEtuKrxiWGd4Gykf6ntPGQdCMLEeWJZjwZWlfr7XHzJ
JEO0z0PtlrvHPvIZaa0NcKhoTez6vV/J9YfXcaLwGcQdtXZkuPlUUb1fS5soz68A
WoyRkd7gVv93RaqSFlqhCUYetwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFO9JSgIO
c7eYGBiJMlOx6cLulLFfMB8GA1UdIwQYMBaAFAnP/kZ/OwnD0G8kkZz6x+AD5Lt1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUE3OC82OEQzMzQ5MEZE
NjQxMUU2QTEwOTU0ODNDNEY5QUUwMi9DY18tUm44N0NjUFFieVNSblBySDRBUGt1
M1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NjXy1Sbjg3Q2NQUWJ5U1JuUHJINEFQa3UzVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEFBNzgvNjhEMzM0OTBGRDY0MTFFNkExMDk1NDgzQzRGOUFFMDIvMDhGNDJBNDRF
NkI4MTFFRTkxMDJDRjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MBgEAgABMBIDBAJnV2wDBAHLkDoDBADLkD0wIgQCAAIwHAMHACQCecAAAzAR
AwYAJAJ5wAEDBwAkAnnAAQowDQYJKoZIhvcNAQELBQADggEBAMFcAOeKbOxhb1Xj
Cdz3ZTUh7isELBDsfRp4N2pYrGwgA/mUxoTm2oSkeMnsl8JmoVP1yH7N2PYyHg/E
C9woJoowNduDTRuB1lJuutQ4tW5XjKIHM8D82hytgJ7CMlfGv5sXcX2kj4iHAVdG
myVVT4kn4ZFoj0RvUaSntaAw/uDe9+ndIYadgQJm5Nr90R3hyhIKl7itvP8/9Kmb
HZSJBFsCcYADfQZWvowa6KtUD0zgC6MqvvDcyaw6S4RhF39/VvpVR0SMML1ponzV
Ieqdki0/k2FbJ1YBHrp8CNj76Xwet/kKkOth+9lHwimZjU2ySrnJJOTYtWeAbaaF
Z5GnMfE=
-----END CERTIFICATE-----
Generated at Tue Jul 30 16:02:24 2024 by rpki-client on console-fra.rpki-client.org