Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/191D10F0E03411EEBAD5863FC4F9AE02.roa
File: 191D10F0E03411EEBAD5863FC4F9AE02.roa (raw, json)
Hash identifier: EIUNkplxEjMrY2/4x2OZ9Bcd9tq/a98quADIXPiIXfg=
Subject key identifier: CC:99:79:23:61:69:29:79:99:63:43:AF:ED:B0:18:29:53:12:0E:11
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 847D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/191D10F0E03411EEBAD5863FC4F9AE02.roa
Signing time: Tue 12 Mar 2024 05:52:31 +0000
ROA not before: Tue 12 Mar 2024 05:52:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138317
IP address blocks: 103.66.236.0/24 maxlen: 24
103.132.196.0/24 maxlen: 24
103.132.197.0/24 maxlen: 24
103.132.198.0/24 maxlen: 24
103.132.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 06:19:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33917 (0x847d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 12 05:52:31 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65efed9f-cd21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:47:be:58:f5:2e:84:14:8b:0e:06:23:a8:f4:
f7:b0:97:7d:44:61:16:74:a3:96:90:8b:2d:9d:72:
ba:94:f8:59:7a:6b:8d:06:7e:da:ea:59:f7:47:dd:
aa:50:a4:e3:b7:cf:49:fe:0a:cd:6c:a8:a2:25:ad:
4c:35:0a:51:0f:8b:56:10:51:be:00:f1:9a:4b:65:
7b:81:65:8c:7b:d6:c1:0e:c0:91:38:b8:11:dc:73:
3a:b6:28:3c:f3:af:f8:fd:81:18:6c:12:53:46:cf:
f2:ab:5c:c5:23:23:92:7a:c7:8f:16:a0:5d:0f:0f:
b5:94:26:e2:1d:36:69:8b:26:5a:1e:e9:1c:61:d4:
e2:24:d5:3b:0c:73:d3:e9:f5:f8:7a:82:bb:89:3a:
0d:86:4d:55:e6:88:f9:85:82:ce:b8:e2:3b:96:72:
cb:f9:84:ed:dc:f2:1b:49:99:23:5e:fa:a5:5e:aa:
89:1f:83:1b:c8:c1:e3:db:77:10:c5:97:ec:03:8b:
05:be:be:9d:0b:99:97:df:ed:9e:ae:d7:53:43:fa:
b4:7a:30:78:51:5f:f6:50:bf:d9:87:9e:8e:04:38:
3d:e5:3d:49:62:03:e4:54:45:50:14:0d:9e:3d:5f:
5e:35:e6:83:94:77:1d:29:56:ca:c6:2c:9e:bf:50:
0f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:99:79:23:61:69:29:79:99:63:43:AF:ED:B0:18:29:53:12:0E:11
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/191D10F0E03411EEBAD5863FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.236.0/24
103.132.196.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:af:90:f0:f3:79:b5:74:17:60:bf:66:f2:9d:c9:cb:53:c9:
15:a7:b4:2f:13:39:61:dd:dc:b0:e0:af:35:19:cc:ed:2a:d5:
ad:de:a6:1c:4e:f0:f3:2d:70:0b:e7:ea:8b:fd:5d:6d:b5:ad:
ce:b1:99:f3:d1:f7:d3:00:c8:f5:d0:98:47:07:94:77:69:05:
fd:03:34:cf:21:fb:f3:3e:ee:7b:f1:a1:c0:e5:98:a6:97:0c:
d4:89:a6:ee:36:6d:cd:9c:4a:27:b0:a6:e9:53:c7:6f:3c:cb:
78:be:95:32:8d:46:99:3f:06:c5:ff:ce:1e:b3:42:9b:74:27:
a0:91:8f:70:5b:79:b0:76:00:cd:b7:35:5e:a1:34:56:8d:88:
54:7f:61:7f:17:c2:f9:57:a5:b0:e6:51:db:7e:f4:f9:2a:11:
c2:01:c6:31:7f:52:1f:dd:b4:b7:41:73:45:71:c9:24:f3:56:
5e:cf:73:e9:90:aa:19:2b:7b:a0:fd:8a:7c:a4:40:d0:9d:34:
14:12:69:35:b0:91:8b:8c:91:29:ea:4b:df:b7:43:08:e1:75:
12:66:9e:4c:ac:35:e0:ca:58:db:b5:c9:99:dc:b6:ec:6b:51:
c6:ac:2f:a2:97:b5:a6:44:fd:aa:a0:30:ac:13:d7:5e:68:71:
85:82:02:8d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAIR9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDMxMjA1NTIzMVoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVlZmVkOWYtY2QyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlHvlj1LoQUiw4GI6j097CXfURhFnSjlpCLLZ1yupT4WXprjQZ+2upZ90fd
qlCk47fPSf4KzWyooiWtTDUKUQ+LVhBRvgDxmktle4FljHvWwQ7AkTi4EdxzOrYo
PPOv+P2BGGwSU0bP8qtcxSMjknrHjxagXQ8PtZQm4h02aYsmWh7pHGHU4iTVOwxz
0+n1+HqCu4k6DYZNVeaI+YWCzrjiO5Zyy/mE7dzyG0mZI176pV6qiR+DG8jB49t3
EMWX7AOLBb6+nQuZl9/tnq7XU0P6tHoweFFf9lC/2YeejgQ4PeU9SWID5FRFUBQN
nj1fXjXmg5R3HSlWysYsnr9QD00CAwEAAaOCApswggKXMB0GA1UdDgQWBBTMmXkj
YWkpeZljQ6/tsBgpUxIOETAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE5MUQxMEYw
RTAzNDExRUVCQUQ1ODYzRkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQAZ0LsAwQCZ4TEMA0GCSqGSIb3DQEBCwUAA4IBAQAer5Dw
83m1dBdgv2byncnLU8kVp7QvEzlh3dyw4K81GcztKtWt3qYcTvDzLXAL5+qL/V1t
ta3OsZnz0ffTAMj10JhHB5R3aQX9AzTPIfvzPu578aHA5ZimlwzUiabuNm3NnEon
sKbpU8dvPMt4vpUyjUaZPwbF/84es0KbdCegkY9wW3mwdgDNtzVeoTRWjYhUf2F/
F8L5V6Ww5lHbfvT5KhHCAcYxf1If3bS3QXNFcckk81Zez3PpkKoZK3ug/Yp8pEDQ
nTQUEmk1sJGLjJEp6kvft0MI4XUSZp5MrDXgyljbtcmZ3Lbsa1HGrC+il7WmRP2q
oDCsE9deaHGFggKN
-----END CERTIFICATE-----
Generated at Tue Apr 9 09:34:34 2024 by rpki-client on console-ams.rpki-client.org