Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5E4008F0BE6411EE857DED48C4F9AE02.roa
File: 5E4008F0BE6411EE857DED48C4F9AE02.roa (raw, json)
Hash identifier: 88OZVOvAf+wsEl7Ob5itA+vQeTI1UGMw6doBrIFhuY4=
Subject key identifier: F4:EF:24:00:A0:48:04:DF:23:92:7A:26:8C:D0:A3:79:2C:A5:98:3F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 82EB
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5E4008F0BE6411EE857DED48C4F9AE02.roa
Signing time: Wed 14 Feb 2024 11:28:17 +0000
ROA not before: Wed 14 Feb 2024 11:28:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139195
IP address blocks: 103.42.72.0/22 maxlen: 24
103.104.223.0/24 maxlen: 24
103.105.224.0/22 maxlen: 24
103.171.58.0/23 maxlen: 24
103.189.216.0/24 maxlen: 24
103.189.217.0/24 maxlen: 24
113.30.144.0/22 maxlen: 24
119.161.96.0/22 maxlen: 24
2001:df6:4900::/48 maxlen: 48
2407:c040::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 15 Feb 2024 05:22:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33515 (0x82eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 14 11:28:17 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65cca3d1-d5c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c1:3c:91:43:cd:7d:d5:62:5f:60:7e:2f:e1:
12:b9:83:dd:e0:49:e1:c0:05:69:f7:74:a4:eb:e6:
22:f3:ab:1e:5a:7d:e1:94:cc:ea:33:16:da:1c:f4:
80:9c:8e:61:91:90:10:4a:f7:2b:79:21:02:fd:07:
11:21:95:27:ac:e7:cc:46:3d:f2:62:07:05:d5:4c:
34:ec:bb:c4:d4:a7:6f:db:b7:72:d0:db:e9:a0:a6:
46:78:ba:1a:d6:27:36:c5:ea:b1:bb:6d:dc:bc:6c:
92:cd:39:39:d0:7a:41:a5:d7:b4:d9:5e:22:4d:d5:
43:aa:2c:71:92:04:3d:6d:09:b1:0b:43:21:89:a8:
b4:bd:2b:fc:c3:7c:c9:d4:94:c1:fd:5d:69:cc:30:
1f:99:03:b8:5f:82:5c:c5:9e:4d:67:a1:28:44:3d:
80:81:8f:91:8a:14:2d:52:3a:2c:e3:d2:18:a7:fb:
53:8d:36:f0:b8:46:9c:27:d2:7f:75:13:0a:9a:ac:
c5:86:59:e0:db:65:6c:6b:97:c0:cc:fb:18:c9:5e:
22:94:fa:11:24:09:64:11:eb:54:2c:82:a6:f8:0a:
57:aa:e8:7d:a4:78:23:2a:5c:e3:e4:a5:67:fe:3d:
2f:cd:e8:90:72:c1:c6:43:51:c6:ee:8a:b1:2e:8e:
06:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:EF:24:00:A0:48:04:DF:23:92:7A:26:8C:D0:A3:79:2C:A5:98:3F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5E4008F0BE6411EE857DED48C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.72.0/22
103.104.223.0/24
103.105.224.0/22
103.171.58.0/23
103.189.216.0/23
113.30.144.0/22
119.161.96.0/22
IPv6:
2001:df6:4900::/48
2407:c040::/32
Signature Algorithm: sha256WithRSAEncryption
8a:95:ba:75:d2:2a:a7:50:92:92:35:ef:d1:64:78:31:b0:6f:
cf:75:6e:55:e5:f4:c5:56:37:de:c6:7e:0e:20:3a:e7:18:89:
35:fe:65:11:98:35:76:e8:f0:92:db:a2:bc:de:59:92:4a:3e:
01:0c:12:c4:66:0a:5c:d4:e0:b2:ae:d9:ea:e3:54:10:86:ab:
2d:e3:ae:ac:a4:56:4c:3f:43:a7:a8:57:26:ec:81:67:85:aa:
a1:d2:5e:65:b2:a9:da:8f:e1:36:de:16:cc:5f:98:61:c9:11:
90:ee:c3:d8:5c:ba:d2:55:ef:fd:fe:9e:51:6d:d2:bd:c5:f3:
45:ea:f2:f4:55:dc:02:49:85:1e:33:00:e4:90:33:9e:e3:c3:
58:11:16:9a:34:e7:9e:f2:db:c7:73:2d:63:ee:fd:3d:e3:cf:
c8:40:bb:c6:08:8b:3a:7c:19:46:61:c4:37:ab:29:e9:e5:8a:
04:fd:17:65:07:2c:35:99:76:7e:db:fd:15:6a:00:62:50:03:
de:c5:6f:e6:80:1f:5c:ec:9f:fc:e7:f1:c2:c6:af:21:8f:8b:
70:ee:60:64:07:1c:ed:04:b8:23:5e:21:4e:15:4f:f4:1b:70:
6d:c8:56:3e:d6:e6:cf:c6:fb:4b:04:00:1f:c2:47:3e:31:7a:
e2:b8:d4:09
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIDAILrMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDIxNDExMjgxN1oXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVjY2EzZDEtZDVjMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOrBPJFDzX3VYl9gfi/hErmD3eBJ4cAFafd0pOvmIvOrHlp94ZTM6jMW2hz0
gJyOYZGQEEr3K3khAv0HESGVJ6znzEY98mIHBdVMNOy7xNSnb9u3ctDb6aCmRni6
GtYnNsXqsbtt3Lxsks05OdB6QaXXtNleIk3VQ6oscZIEPW0JsQtDIYmotL0r/MN8
ydSUwf1dacwwH5kDuF+CXMWeTWehKEQ9gIGPkYoULVI6LOPSGKf7U4028LhGnCfS
f3UTCpqsxYZZ4NtlbGuXwMz7GMleIpT6ESQJZBHrVCyCpvgKV6rofaR4Iypc4+Sl
Z/49L83okHLBxkNRxu6KsS6OBvkCAwEAAaOCAtEwggLNMB0GA1UdDgQWBBT07yQA
oEgE3yOSeiaM0KN5LKWYPzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzVFNDAwOEYw
QkU2NDExRUU4NTdERUQ0OEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBwEHAQH/
BEwwSjAwBAIAATAqAwQCZypIAwQAZ2jfAwQCZ2ngAwQBZ6s6AwQBZ73YAwQCcR6Q
AwQCd6FgMBYEAgACMBADBwAgAQ32SQADBQAkB8BAMA0GCSqGSIb3DQEBCwUAA4IB
AQCKlbp10iqnUJKSNe/RZHgxsG/PdW5V5fTFVjfexn4OIDrnGIk1/mURmDV26PCS
26K83lmSSj4BDBLEZgpc1OCyrtnq41QQhqst466spFZMP0OnqFcm7IFnhaqh0l5l
sqnaj+E23hbMX5hhyRGQ7sPYXLrSVe/9/p5RbdK9xfNF6vL0VdwCSYUeMwDkkDOe
48NYERaaNOee8tvHcy1j7v0948/IQLvGCIs6fBlGYcQ3qynp5YoE/RdlByw1mXZ+
2/0VagBiUAPexW/mgB9c7J/85/HCxq8hj4tw7mBkBxztBLgjXiFOFU/0G3BtyFY+
1ubPxvtLBAAfwkc+MXriuNQJ
-----END CERTIFICATE-----
Generated at Thu Feb 15 10:13:05 2024 by rpki-client on console-fra.rpki-client.org