Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0409933AC6CF11EC842E567CC4F9AE02.roa
File: 0409933AC6CF11EC842E567CC4F9AE02.roa (raw, json)
Hash identifier: lpr7zgzWPT4ClWPzuAIjo5atUiqiaYhnLl14FFTxR74=
Subject key identifier: 73:EC:18:D2:9E:2E:4A:14:A0:5E:1F:ED:DA:7C:F9:39:4B:71:3D:69
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6C7F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0409933AC6CF11EC842E567CC4F9AE02.roa
Signing time: Wed 10 May 2023 16:24:49 +0000
ROA not before: Wed 10 May 2023 16:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136374
IP address blocks: 103.27.2.0/24 maxlen: 24
103.52.220.0/24 maxlen: 24
103.52.221.0/24 maxlen: 24
103.52.222.0/24 maxlen: 24
103.52.223.0/24 maxlen: 24
103.66.54.0/24 maxlen: 24
103.94.84.0/22 maxlen: 24
103.175.139.0/24 maxlen: 24
103.228.250.0/24 maxlen: 24
103.228.251.0/24 maxlen: 24
2404:8c40::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 05:43:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27775 (0x6c7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc551-1825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ae:35:bc:43:e6:43:d3:82:28:7b:03:96:dc:
c3:f2:e4:2a:5e:d1:6c:3e:d0:51:cc:f0:73:59:f5:
8f:17:f8:07:61:8b:e7:e9:8f:9a:b4:4c:b7:69:9f:
be:58:0c:db:ce:63:39:d0:19:87:82:67:0e:47:70:
4a:23:dd:e0:24:3c:ea:59:e3:75:56:81:f5:3c:ab:
0c:d7:d9:ca:36:6d:41:b0:50:88:6c:ac:03:76:f9:
41:e1:36:9b:59:ee:6d:96:02:23:98:ac:ac:15:14:
9d:e1:0c:24:0e:fc:17:cf:1b:52:bc:c4:b9:f1:ab:
96:2c:10:a3:70:8b:cc:76:e2:5c:6f:c2:87:e2:36:
e8:56:66:ca:1a:89:62:b9:a3:58:45:0b:ad:e7:bc:
1d:8b:41:ed:a9:ea:c5:27:9b:f9:df:0a:7b:44:bc:
b4:7f:dc:ae:fc:63:92:45:3e:ea:df:04:a5:50:dc:
de:3a:c1:79:73:19:c4:6b:5d:75:06:35:9f:b6:57:
51:24:b5:ba:53:0c:ed:78:b5:d1:45:c4:1f:be:2a:
8d:ca:50:42:cc:f4:49:8f:56:1d:40:59:66:8f:4c:
2e:54:0e:61:f5:85:ec:45:d5:ee:45:71:db:53:67:
20:00:d7:0f:4e:34:34:8b:c4:09:87:c1:18:45:78:
46:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:EC:18:D2:9E:2E:4A:14:A0:5E:1F:ED:DA:7C:F9:39:4B:71:3D:69
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0409933AC6CF11EC842E567CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.27.2.0/24
103.52.220.0/22
103.66.54.0/24
103.94.84.0/22
103.175.139.0/24
103.228.250.0/23
IPv6:
2404:8c40::/48
Signature Algorithm: sha256WithRSAEncryption
33:3a:38:f2:66:0b:bf:42:78:63:e6:ee:d8:57:e0:14:84:b1:
48:4d:8f:6d:49:5b:3a:d5:dd:21:cb:49:5f:4b:78:42:15:87:
fd:fb:45:ea:a1:2d:8f:16:0b:97:6c:16:7b:bf:40:7d:42:86:
d6:cc:c3:c1:5f:c5:a8:25:d4:5a:f0:fd:69:76:d2:2c:50:fe:
20:a9:28:b3:fe:be:70:b1:55:5c:55:51:0a:79:c1:b8:b2:68:
9c:f9:69:55:ff:2f:f3:6b:63:73:ab:03:d5:48:97:98:b3:e5:
a2:7c:1f:6c:22:17:0c:23:58:2a:5c:74:14:c1:11:cd:41:83:
03:a3:25:a2:62:5b:1a:68:c9:f6:ae:62:c5:15:5a:ee:ba:25:
13:f5:a7:92:65:b0:a4:b8:b3:6f:c2:51:e7:e1:d1:a0:78:b3:
12:3a:85:21:5d:ab:94:3f:f4:7c:99:45:22:58:46:13:57:c0:
1c:3e:e9:a7:21:f9:6a:e3:36:ad:f1:1a:1a:e3:05:bd:7c:0f:
ba:b9:dc:7d:35:b2:55:51:67:9d:45:73:37:bc:b4:33:66:66:
33:f8:ea:c6:58:27:bb:1e:cb:f2:14:56:17:a6:b7:48:9d:08:
4c:77:5d:34:db:7c:9e:88:ec:bb:65:58:f7:5e:e0:cb:78:4a:
0b:ed:86:35
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICbH8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYyNDQ5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzU1MS0xODI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAra41vEPmQ9OCKHsDltzD8uQqXtFsPtBRzPBzWfWPF/gHYYvn6Y+atEy3aZ++
WAzbzmM50BmHgmcOR3BKI93gJDzqWeN1VoH1PKsM19nKNm1BsFCIbKwDdvlB4Tab
We5tlgIjmKysFRSd4QwkDvwXzxtSvMS58auWLBCjcIvMduJcb8KH4jboVmbKGoli
uaNYRQut57wdi0HtqerFJ5v53wp7RLy0f9yu/GOSRT7q3wSlUNzeOsF5cxnEa111
BjWftldRJLW6UwzteLXRRcQfviqNylBCzPRJj1YdQFlmj0wuVA5h9YXsRdXuRXHb
U2cgANcPTjQ0i8QJh8EYRXhGVwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFHPsGNKe
LkoUoF4f7dp8+TlLcT1pMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMDQwOTkzM0FD
NkNGMTFFQzg0MkU1NjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E
PzA9MCoEAgABMCQDBABnGwIDBAJnNNwDBABnQjYDBAJnXlQDBABnr4sDBAFn5Pow
DwQCAAIwCQMHACQEjEAAADANBgkqhkiG9w0BAQsFAAOCAQEAMzo48mYLv0J4Y+bu
2FfgFISxSE2PbUlbOtXdIctJX0t4QhWH/ftF6qEtjxYLl2wWe79AfUKG1szDwV/F
qCXUWvD9aXbSLFD+IKkos/6+cLFVXFVRCnnBuLJonPlpVf8v82tjc6sD1UiXmLPl
onwfbCIXDCNYKlx0FMERzUGDA6MlomJbGmjJ9q5ixRVa7rolE/WnkmWwpLizb8JR
5+HRoHizEjqFIV2rlD/0fJlFIlhGE1fAHD7ppyH5auM2rfEaGuMFvXwPurncfTWy
VVFnnUVzN7y0M2ZmM/jqxlgnux7L8hRWF6a3SJ0ITHddNNt8nojsu2VY917gy3hK
C+2GNQ==
-----END CERTIFICATE-----
Generated at Wed Feb 7 09:08:04 2024 by rpki-client on console-ams.rpki-client.org