Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5F9970566CDE11EE9894A211C4F9AE02.roa
File: 5F9970566CDE11EE9894A211C4F9AE02.roa (raw, json)
Hash identifier: tqGHgn+sRfbXFngeW80k5JzL9nn9a+MrkhM20vZYtR4=
Subject key identifier: 77:ED:77:24:53:BB:9D:EF:72:8D:E6:5F:12:76:76:88:FA:B6:4F:1B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7C20
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5F9970566CDE11EE9894A211C4F9AE02.roa
Signing time: Tue 17 Oct 2023 11:14:44 +0000
ROA not before: Tue 17 Oct 2023 11:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138768
IP address blocks: 103.88.56.0/24 maxlen: 24
103.139.190.0/23 maxlen: 24
103.178.176.0/24 maxlen: 24
103.178.177.0/24 maxlen: 24
103.184.236.0/24 maxlen: 24
103.184.237.0/24 maxlen: 24
103.191.202.0/23 maxlen: 24
2001:df0:3bc0::/48 maxlen: 48
2001:df0:9340::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 Feb 2024 12:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31776 (0x7c20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 17 11:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=652e6ca4-2898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:85:27:84:c7:99:0a:4d:eb:7a:60:86:87:20:
5c:ef:19:d8:d7:ad:6a:b6:cf:84:97:25:2f:3b:b4:
12:0e:53:50:41:a5:ed:6c:87:5c:3e:e6:7a:55:b0:
c4:3a:57:bd:c7:99:5a:93:7a:39:13:fc:8e:d9:95:
00:54:25:02:11:6c:0f:57:15:be:8d:a2:e9:57:a3:
a6:1b:e3:f0:19:42:a0:d3:ed:8b:dd:58:26:18:99:
5b:0c:d3:e4:10:c9:a7:9a:7a:01:a1:2e:64:ec:fb:
05:1f:6d:0c:21:f3:69:52:1e:a8:ef:d4:fd:36:4e:
51:1c:be:82:de:7b:55:6c:6c:e5:4a:d6:db:ec:a5:
56:aa:07:c1:d4:50:94:08:7c:10:83:b9:49:97:76:
c5:19:f8:f0:ef:a6:22:bb:99:92:fe:39:27:10:a4:
33:6a:ff:02:bd:1c:62:6e:1a:6b:4c:e2:a0:13:e7:
56:83:50:9b:43:b6:ce:92:8b:d0:77:9c:9f:59:85:
69:35:24:4a:93:66:ce:4f:0d:dd:ce:dc:ad:0c:01:
a9:f5:d9:79:b2:30:ef:56:56:5b:d7:21:8f:7b:19:
38:4b:ad:7d:ac:b8:74:9f:6e:75:75:60:c6:1d:0c:
dc:8d:6d:c8:be:a7:e3:f2:cc:cf:a3:43:41:91:a1:
04:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:ED:77:24:53:BB:9D:EF:72:8D:E6:5F:12:76:76:88:FA:B6:4F:1B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5F9970566CDE11EE9894A211C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.56.0/24
103.139.190.0/23
103.178.176.0/23
103.184.236.0/23
103.191.202.0/23
IPv6:
2001:df0:3bc0::/48
2001:df0:9340::/48
Signature Algorithm: sha256WithRSAEncryption
7f:b1:22:85:db:dd:79:9e:df:ed:5d:09:2b:c0:ba:d8:06:4d:
9d:e8:d5:33:24:32:ce:2d:11:5e:0b:c5:fd:b9:5b:0a:dd:85:
fd:b6:6c:98:d2:88:92:ed:c0:b4:51:4b:0e:e4:bb:42:09:84:
4c:77:2c:3a:fb:01:58:2b:fc:fa:c6:32:5a:48:c2:55:87:1a:
4a:da:27:d8:6d:41:09:ec:4c:48:d7:8f:0d:26:ec:9f:52:35:
fb:de:00:cf:50:25:c7:7e:2a:b8:47:97:a3:14:2c:ab:19:ce:
f9:0a:f7:e0:98:1b:1a:8b:82:eb:e9:81:4d:40:e3:0b:5e:d0:
1e:46:aa:c8:d5:1e:ae:f4:41:62:ce:42:b4:e8:75:08:eb:16:
02:52:ce:32:24:cc:6a:4e:4b:06:e1:30:ca:cb:52:8d:72:b6:
c5:71:8a:4b:6d:e2:ca:33:46:5b:63:a7:2f:0f:2c:19:8c:db:
bf:20:98:66:cc:69:bc:5e:e2:86:c9:b7:ad:40:3d:fa:d1:0f:
1c:f8:35:a6:05:31:eb:3c:61:4b:f8:f0:bf:ca:df:4c:02:a8:
17:70:0f:82:d4:6a:af:74:00:78:de:c7:a8:0e:e0:ef:17:05:
33:ea:d1:f9:c9:af:c9:14:5c:d4:69:f7:74:37:0c:5c:70:37:
18:75:fd:4c
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgICfCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMDE3MTExNDQ0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTJlNmNhNC0yODk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxoUnhMeZCk3remCGhyBc7xnY161qts+ElyUvO7QSDlNQQaXtbIdcPuZ6VbDE
Ole9x5lak3o5E/yO2ZUAVCUCEWwPVxW+jaLpV6OmG+PwGUKg0+2L3VgmGJlbDNPk
EMmnmnoBoS5k7PsFH20MIfNpUh6o79T9Nk5RHL6C3ntVbGzlStbb7KVWqgfB1FCU
CHwQg7lJl3bFGfjw76Yiu5mS/jknEKQzav8CvRxibhprTOKgE+dWg1CbQ7bOkovQ
d5yfWYVpNSRKk2bOTw3dztytDAGp9dl5sjDvVlZb1yGPexk4S619rLh0n251dWDG
HQzcjW3Ivqfj8szPo0NBkaEEuwIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFHftdyRT
u53vco3mXxJ2doj6tk8bMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNUY5OTcwNTY2
Q0RFMTFFRTk4OTRBMjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E
QjBAMCQEAgABMB4DBABnWDgDBAFni74DBAFnsrADBAFnuOwDBAFnv8owGAQCAAIw
EgMHACABDfA7wAMHACABDfCTQDANBgkqhkiG9w0BAQsFAAOCAQEAf7EihdvdeZ7f
7V0JK8C62AZNnejVMyQyzi0RXgvF/blbCt2F/bZsmNKIku3AtFFLDuS7QgmETHcs
OvsBWCv8+sYyWkjCVYcaSton2G1BCexMSNePDSbsn1I1+94Az1Alx34quEeXoxQs
qxnO+Qr34JgbGouC6+mBTUDjC17QHkaqyNUervRBYs5CtOh1COsWAlLOMiTMak5L
BuEwystSjXK2xXGKS23iyjNGW2OnLw8sGYzbvyCYZsxpvF7ihsm3rUA9+tEPHPg1
pgUx6zxhS/jwv8rfTAKoF3APgtRqr3QAeN7HqA7g7xcFM+rR+cmvyRRc1Gn3dDcM
XHA3GHX9TA==
-----END CERTIFICATE-----
Generated at Tue Feb 6 15:18:26 2024 by rpki-client on console-fra.rpki-client.org