Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/04CC36A03B0111ED861DCE51C4F9AE02.roa
File: 04CC36A03B0111ED861DCE51C4F9AE02.roa (raw, json)
Hash identifier: KyMGRvXBpy4rutrcwVdbrcx2bdspGW8GAtUehITe9BI=
Subject key identifier: 17:C8:A5:41:70:AA:72:5F:62:26:69:A0:FF:24:00:2B:F5:EC:7E:40
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6A09
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/04CC36A03B0111ED861DCE51C4F9AE02.roa
Signing time: Wed 10 May 2023 16:12:46 +0000
ROA not before: Wed 10 May 2023 16:12:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132754
IP address blocks: 103.43.36.0/24 maxlen: 24
103.49.206.0/24 maxlen: 24
103.110.20.0/22 maxlen: 24
103.155.140.0/23 maxlen: 24
103.158.105.0/24 maxlen: 24
103.165.12.0/23 maxlen: 24
103.184.170.0/23 maxlen: 24
103.243.60.0/23 maxlen: 24
103.248.32.0/24 maxlen: 24
103.248.33.0/24 maxlen: 24
103.248.35.0/24 maxlen: 24
202.3.72.0/23 maxlen: 24
2401:f4c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Jan 2024 12:32:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27145 (0x6a09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:12:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc27e-2f2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ad:9a:aa:2b:cf:47:f6:18:a8:c7:06:0b:69:
ff:44:f3:34:aa:d1:29:3e:29:1a:9e:10:05:be:07:
bc:54:cf:08:96:e3:b8:c8:8a:18:be:20:4f:a3:8e:
3a:97:8b:f7:60:02:c3:93:d0:69:1d:68:e2:a9:fd:
8b:a4:60:0c:90:2d:ad:b5:b4:b7:4d:e7:c9:85:70:
37:3e:79:aa:6c:f3:d7:47:3f:af:5b:11:09:d4:14:
6b:39:29:3a:2e:8f:7c:ac:dc:35:71:99:84:ac:12:
fa:2d:3b:73:c0:ff:4e:99:69:9d:70:34:63:ce:01:
c7:6d:e8:b1:93:f6:83:22:a0:91:67:84:e7:5f:da:
82:da:03:a1:8c:7f:bb:93:2a:46:11:f8:c8:d4:82:
c9:f2:55:d3:50:81:f9:bb:e8:32:80:34:41:4a:1e:
61:0a:04:32:9e:bc:e3:8b:69:d5:ee:90:71:ec:72:
cb:7a:98:d8:2a:7a:dd:a6:b0:ff:9f:0e:fc:87:b9:
fd:82:f6:00:b3:23:a7:f3:7d:2f:74:6c:e6:90:44:
6d:2d:13:94:dd:10:af:c5:da:d7:fd:6c:28:bb:74:
85:34:78:4d:4a:92:d1:91:6d:42:4e:7e:ac:22:f4:
85:3f:27:88:6b:cf:38:1d:3d:94:d3:e4:21:20:f7:
0e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C8:A5:41:70:AA:72:5F:62:26:69:A0:FF:24:00:2B:F5:EC:7E:40
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/04CC36A03B0111ED861DCE51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.43.36.0/24
103.49.206.0/24
103.110.20.0/22
103.155.140.0/23
103.158.105.0/24
103.165.12.0/23
103.184.170.0/23
103.243.60.0/23
103.248.32.0/23
103.248.35.0/24
202.3.72.0/23
IPv6:
2401:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
04:44:62:98:5c:40:b6:78:96:8b:6d:1e:97:f5:d1:50:f5:92:
2b:b0:d3:93:17:dc:69:86:44:2e:66:32:bc:97:d5:e8:fb:a7:
01:87:32:8a:e0:ec:ff:3a:46:04:18:fe:ce:db:f3:be:f8:5c:
0d:b9:d4:6f:a8:dd:fa:c4:b3:f8:3c:c2:36:5e:07:05:d6:df:
fa:5d:20:57:77:21:af:cd:94:14:14:38:1b:29:9d:60:84:bc:
4d:94:bc:c5:3f:1b:de:73:e8:2e:00:dd:e3:72:cf:a6:c4:a7:
50:2c:88:a4:bc:24:46:79:b2:67:58:75:d1:61:62:22:72:1a:
3f:63:77:7b:0b:0e:de:ce:99:4c:5a:b7:60:1a:7a:61:c0:0f:
4b:95:4b:a5:cc:b3:22:1e:02:eb:2e:d1:b6:97:83:10:09:ad:
5f:ad:75:f9:5c:f8:f4:2a:e1:9c:94:bd:71:2c:e7:38:c2:b2:
da:4d:a0:56:1d:2e:bf:cc:73:3b:7f:e3:db:91:f0:fc:6e:7b:
90:f4:3c:35:88:4e:6a:88:b1:15:b4:27:2a:74:c9:59:56:81:
d0:61:d3:7f:eb:2b:d2:2d:ac:9a:f9:cd:24:23:36:d0:16:36:
c3:0c:1b:26:ea:ce:86:65:44:b0:e5:28:34:59:f6:c8:b6:0d:
cb:d9:9f:3b
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICagkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYxMjQ2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzI3ZS0yZjJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqq2aqivPR/YYqMcGC2n/RPM0qtEpPikanhAFvge8VM8IluO4yIoYviBPo446
l4v3YALDk9BpHWjiqf2LpGAMkC2ttbS3TefJhXA3PnmqbPPXRz+vWxEJ1BRrOSk6
Lo98rNw1cZmErBL6LTtzwP9OmWmdcDRjzgHHbeixk/aDIqCRZ4TnX9qC2gOhjH+7
kypGEfjI1ILJ8lXTUIH5u+gygDRBSh5hCgQynrzji2nV7pBx7HLLepjYKnrdprD/
nw78h7n9gvYAsyOn830vdGzmkERtLROU3RCvxdrX/Wwou3SFNHhNSpLRkW1CTn6s
IvSFPyeIa884HT2U0+QhIPcOmQIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFBfIpUFw
qnJfYiZpoP8kACv17H5AMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMDRDQzM2QTAz
QjAxMTFFRDg2MURDRTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMEgEAgABMEIDBABnKyQDBABnMc4DBAJnbhQDBAFnm4wDBABnnmkDBAFnpQwD
BAFnuKoDBAFn8zwDBAFn+CADBABn+CMDBAHKA0gwDQQCAAIwBwMFACQB9MAwDQYJ
KoZIhvcNAQELBQADggEBAAREYphcQLZ4lottHpf10VD1kiuw05MX3GmGRC5mMryX
1ej7pwGHMorg7P86RgQY/s7b8774XA251G+o3frEs/g8wjZeBwXW3/pdIFd3Ia/N
lBQUOBspnWCEvE2UvMU/G95z6C4A3eNyz6bEp1AsiKS8JEZ5smdYddFhYiJyGj9j
d3sLDt7OmUxat2AaemHAD0uVS6XMsyIeAusu0baXgxAJrV+tdflc+PQq4ZyUvXEs
5zjCstpNoFYdLr/Mczt/49uR8Pxue5D0PDWITmqIsRW0Jyp0yVlWgdBh03/rK9It
rJr5zSQjNtAWNsMMGybqzoZlRLDlKDRZ9si2DcvZnzs=
-----END CERTIFICATE-----
Generated at Wed Jan 10 16:13:22 2024 by rpki-client on console-fra.rpki-client.org