Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5C58DB9EFE5311EB8C09B12FC4F9AE02.roa
File: 5C58DB9EFE5311EB8C09B12FC4F9AE02.roa (raw, json)
Hash identifier: 3yUH7hG3imXkxeXiOeF1rK8ijL+/QFqmF2Fk9xYNbrI=
Subject key identifier: F9:2A:48:0E:FD:12:37:05:FD:2C:4B:2A:24:48:EA:EB:73:52:16:7B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8506
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5C58DB9EFE5311EB8C09B12FC4F9AE02.roa
Signing time: Tue 19 Mar 2024 10:17:19 +0000
ROA not before: Tue 19 Mar 2024 10:17:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132566
IP address blocks: 103.19.128.0/23 maxlen: 24
103.84.68.0/22 maxlen: 22
103.171.114.0/23 maxlen: 24
103.230.226.0/23 maxlen: 24
202.66.176.0/22 maxlen: 24
2406:7340::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 22 Mar 2024 11:39:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34054 (0x8506)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 19 10:17:19 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65f9662f-c5e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7e:fb:b9:2b:8a:a5:c4:34:b6:ae:bd:c5:65:
13:d8:68:65:00:b4:20:67:e1:4a:9d:5f:14:80:61:
bc:7a:48:3a:34:92:28:a2:a3:97:20:21:35:ea:82:
f3:f4:43:8a:f3:6b:a1:95:42:8c:6f:31:a9:5f:0f:
5f:64:2d:22:55:d0:2c:01:b8:38:14:dd:b8:4c:af:
9d:ea:a9:35:39:ea:55:8a:20:fd:df:0f:53:37:46:
90:72:5b:a5:0d:37:2c:d4:9a:6b:6b:8c:f6:7a:c6:
61:64:26:2f:bf:7f:67:3e:25:b2:f8:72:f3:3a:4d:
e0:4b:79:6a:92:34:9e:b9:d9:8a:71:95:dc:e6:be:
39:eb:57:45:d8:b6:c5:e3:c6:fd:89:51:63:ec:6c:
0a:73:3a:7c:da:e8:aa:ad:3c:51:a2:4a:8f:c8:4d:
18:37:b5:7a:fc:9d:5f:4a:80:a4:b8:fa:dc:9d:08:
37:44:a4:e5:c2:8d:5f:2c:db:42:29:31:c4:a2:b8:
d6:8a:9e:54:ed:e1:39:c3:c0:38:7d:35:1c:4a:3b:
e8:2c:ca:46:19:a8:ac:2d:52:35:db:c0:5d:e8:7c:
8b:8a:76:aa:fd:a6:3b:f1:08:90:8c:5f:2b:23:24:
17:69:80:33:cb:74:ef:a4:10:36:11:25:ee:3b:82:
29:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2A:48:0E:FD:12:37:05:FD:2C:4B:2A:24:48:EA:EB:73:52:16:7B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5C58DB9EFE5311EB8C09B12FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.19.128.0/23
103.84.68.0/22
103.171.114.0/23
103.230.226.0/23
202.66.176.0/22
IPv6:
2406:7340::/32
Signature Algorithm: sha256WithRSAEncryption
5b:fa:db:cf:92:5b:29:59:06:20:25:b5:84:40:b5:15:b0:58:
1f:a4:71:7c:96:10:a8:7d:bf:ca:f4:7f:18:57:2c:eb:ad:d0:
7c:66:63:d5:08:74:33:b9:ce:4c:21:49:c8:ba:80:c9:e7:47:
84:bc:b0:ed:f8:b1:df:e6:33:ee:b0:8e:12:18:27:61:99:99:
d6:2f:83:36:b7:0d:ab:38:07:3b:2d:66:d4:23:74:12:ba:f8:
32:fc:dc:2c:d1:1f:6f:a2:5a:7c:f0:ce:17:6f:40:ae:05:c2:
e0:68:25:33:3b:ce:c9:f7:cb:a1:40:6c:39:81:61:b3:f9:83:
9d:df:4b:c0:ce:4d:9f:3d:d3:1e:fe:cd:61:39:03:2b:36:7c:
67:f6:c8:4c:a2:3c:04:ea:dd:9c:03:4f:96:e1:8d:36:79:20:
1a:9e:f3:b4:fa:20:f2:4c:6a:04:f5:10:d4:e5:52:9b:89:48:
9a:a8:0a:da:64:4c:95:c2:9a:c7:51:e0:26:5f:84:fa:a0:58:
9c:48:ed:0c:ac:5c:e1:0f:9a:4c:ac:4d:a5:a7:d9:aa:94:f7:
0e:14:15:6d:10:bd:20:ee:ff:a8:13:92:80:23:85:17:19:15:
01:54:97:9c:5d:ee:c8:cb:17:27:09:c0:b6:f3:89:69:3a:9b:
b8:cc:c5:56
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIDAIUGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDMxOTEwMTcxOVoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVmOTY2MmYtYzVlNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMF++7kriqXENLauvcVlE9hoZQC0IGfhSp1fFIBhvHpIOjSSKKKjlyAhNeqC
8/RDivNroZVCjG8xqV8PX2QtIlXQLAG4OBTduEyvneqpNTnqVYog/d8PUzdGkHJb
pQ03LNSaa2uM9nrGYWQmL79/Zz4lsvhy8zpN4Et5apI0nrnZinGV3Oa+OetXRdi2
xePG/YlRY+xsCnM6fNroqq08UaJKj8hNGDe1evydX0qApLj63J0IN0Sk5cKNXyzb
QikxxKK41oqeVO3hOcPAOH01HEo76CzKRhmorC1SNdvAXeh8i4p2qv2mO/EIkIxf
KyMkF2mAM8t076QQNhEl7juCKRMCAwEAAaOCArwwggK4MB0GA1UdDgQWBBT5KkgO
/RI3Bf0sSyokSOrrc1IWezAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzVDNThEQjlF
RkU1MzExRUI4QzA5QjEyRkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEYGCCsGAQUFBwEHAQH/
BDcwNTAkBAIAATAeAwQBZxOAAwQCZ1REAwQBZ6tyAwQBZ+biAwQCykKwMA0EAgAC
MAcDBQAkBnNAMA0GCSqGSIb3DQEBCwUAA4IBAQBb+tvPklspWQYgJbWEQLUVsFgf
pHF8lhCofb/K9H8YVyzrrdB8ZmPVCHQzuc5MIUnIuoDJ50eEvLDt+LHf5jPusI4S
GCdhmZnWL4M2tw2rOAc7LWbUI3QSuvgy/Nws0R9volp88M4Xb0CuBcLgaCUzO87J
98uhQGw5gWGz+YOd30vAzk2fPdMe/s1hOQMrNnxn9shMojwE6t2cA0+W4Y02eSAa
nvO0+iDyTGoE9RDU5VKbiUiaqAraZEyVwprHUeAmX4T6oFicSO0MrFzhD5pMrE2l
p9mqlPcOFBVtEL0g7v+oE5KAI4UXGRUBVJecXe7IyxcnCcC284lpOpu4zMVW
-----END CERTIFICATE-----
Generated at Fri Mar 22 16:04:35 2024 by rpki-client on console-fra.rpki-client.org