Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/786282E0D46111EEA80E3668C4F9AE02.roa
File: 786282E0D46111EEA80E3668C4F9AE02.roa (raw, json)
Hash identifier: a3BFQFkJtEtzn80R9nTb+5h+olqn5hyGfyaw51kd/04=
Subject key identifier: E4:50:CC:EB:3F:C1:50:8B:75:7D:B6:4A:46:2B:0A:4A:B3:D4:26:30
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8386
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/786282E0D46111EEA80E3668C4F9AE02.roa
Signing time: Mon 26 Feb 2024 04:42:39 +0000
ROA not before: Mon 26 Feb 2024 04:42:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134014
IP address blocks: 45.126.168.0/22 maxlen: 24
103.59.200.0/22 maxlen: 24
103.66.232.0/22 maxlen: 24
103.137.94.0/24 maxlen: 24
103.185.178.0/24 maxlen: 24
103.185.236.0/23 maxlen: 23
103.185.237.0/24 maxlen: 24
182.54.148.0/22 maxlen: 24
2001:df0:99c0::/48 maxlen: 48
2402:fbc0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Feb 2024 12:32:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33670 (0x8386)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 26 04:42:39 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65dc16bf-011d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b8:8d:6f:11:99:76:64:f5:4b:d5:f3:09:30:
01:82:0f:af:e7:38:1f:85:c9:96:d6:5d:c5:4c:1c:
51:40:c9:af:94:98:26:54:9b:a6:62:01:b4:59:e5:
cd:01:e1:d9:2c:df:5b:dc:f6:97:68:aa:58:32:d9:
0b:46:db:7c:47:21:6b:91:8a:d2:ef:bd:e4:9d:65:
df:60:18:d5:7f:6c:22:6c:51:8c:8e:ea:54:51:d8:
81:40:f0:92:24:ee:78:91:44:0b:9e:12:bb:b6:8c:
11:bc:95:57:0b:10:78:c1:02:63:95:4b:ba:9e:fb:
80:1d:4a:50:3e:87:f4:8b:43:ef:76:00:12:a5:18:
2b:8e:d8:aa:ad:da:78:28:a6:0d:63:8c:cf:37:f4:
f7:6d:89:77:91:a4:c3:74:3a:d2:03:2c:09:a6:4b:
1c:b0:c1:f8:a6:fe:b1:0f:83:ec:aa:14:d8:0e:cc:
18:12:b6:a1:d2:a5:67:c3:fd:4b:86:a7:5d:91:49:
8e:10:c1:1d:32:60:f6:e6:34:1b:cc:dd:af:37:81:
e5:ab:1f:94:4e:0c:3b:21:3c:ba:44:bf:0d:e6:3e:
63:3a:de:10:ea:4a:eb:c5:73:85:93:71:80:8b:c0:
da:c8:3f:7b:5c:be:78:1b:54:75:86:1a:0a:7f:cb:
47:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:50:CC:EB:3F:C1:50:8B:75:7D:B6:4A:46:2B:0A:4A:B3:D4:26:30
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/786282E0D46111EEA80E3668C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.126.168.0/22
103.59.200.0/22
103.66.232.0/22
103.137.94.0/24
103.185.178.0/24
103.185.236.0/23
182.54.148.0/22
IPv6:
2001:df0:99c0::/48
2402:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
28:dd:af:03:ef:91:ef:ab:a2:8f:6b:0e:9d:68:e9:f5:59:90:
00:fe:cc:6b:fd:2e:34:9a:8e:45:82:ef:1b:ca:7d:5c:72:21:
e2:47:25:c7:73:89:05:34:7f:0c:04:43:d5:a4:2c:f7:8b:e2:
30:63:72:7e:91:ea:3a:0f:2c:48:dd:da:07:c1:55:bc:fa:2d:
5b:0d:2d:1f:e4:10:d0:6f:d2:80:de:e0:ed:d3:a3:50:92:89:
91:7f:2b:89:42:b9:03:d4:ef:aa:c9:14:09:5d:bc:f0:02:01:
98:fd:de:c7:1e:d2:37:c1:0b:af:99:5d:22:e9:3c:66:24:03:
df:91:95:03:77:f8:92:9f:62:29:2a:11:76:fb:ce:1e:05:ca:
0e:47:46:b7:ce:6e:94:68:15:c7:6f:2c:0a:c1:cc:ff:4b:6d:
8f:6a:55:e4:1b:ac:91:1d:e8:63:82:ce:75:2d:cd:60:52:11:
1a:40:e6:ec:2d:10:34:60:e2:c0:8c:6a:31:76:b7:30:94:e9:
82:1f:67:ce:be:26:b3:b6:d9:33:6f:96:fe:7d:5c:c1:f6:3a:
44:64:6e:3c:db:b0:c8:f7:d3:86:80:e3:a5:c8:0e:5a:10:22:
9c:63:72:27:eb:06:9a:5c:a4:bb:77:e5:e0:b3:bc:69:60:c7:
4f:b3:fb:14
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIDAIOGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDIyNjA0NDIzOVoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVkYzE2YmYtMDExZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMm4jW8RmXZk9UvV8wkwAYIPr+c4H4XJltZdxUwcUUDJr5SYJlSbpmIBtFnl
zQHh2SzfW9z2l2iqWDLZC0bbfEcha5GK0u+95J1l32AY1X9sImxRjI7qVFHYgUDw
kiTueJFEC54Su7aMEbyVVwsQeMECY5VLup77gB1KUD6H9ItD73YAEqUYK47Yqq3a
eCimDWOMzzf0922Jd5Gkw3Q60gMsCaZLHLDB+Kb+sQ+D7KoU2A7MGBK2odKlZ8P9
S4anXZFJjhDBHTJg9uY0G8zdrzeB5asflE4MOyE8ukS/DeY+YzreEOpK68VzhZNx
gIvA2sg/e1y+eBtUdYYaCn/LR2sCAwEAAaOCAtEwggLNMB0GA1UdDgQWBBTkUMzr
P8FQi3V9tkpGKwpKs9QmMDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc4NjI4MkUw
RDQ2MTExRUVBODBFMzY2OEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBwEHAQH/
BEwwSjAwBAIAATAqAwQCLX6oAwQCZzvIAwQCZ0LoAwQAZ4leAwQAZ7myAwQBZ7ns
AwQCtjaUMBYEAgACMBADBwAgAQ3wmcADBQAkAvvAMA0GCSqGSIb3DQEBCwUAA4IB
AQAo3a8D75Hvq6KPaw6daOn1WZAA/sxr/S40mo5Fgu8byn1cciHiRyXHc4kFNH8M
BEPVpCz3i+IwY3J+keo6DyxI3doHwVW8+i1bDS0f5BDQb9KA3uDt06NQkomRfyuJ
QrkD1O+qyRQJXbzwAgGY/d7HHtI3wQuvmV0i6TxmJAPfkZUDd/iSn2IpKhF2+84e
BcoOR0a3zm6UaBXHbywKwcz/S22PalXkG6yRHehjgs51Lc1gUhEaQObsLRA0YOLA
jGoxdrcwlOmCH2fOviazttkzb5b+fVzB9jpEZG4827DI99OGgOOlyA5aECKcY3In
6waaXKS7d+Xgs7xpYMdPs/sU
-----END CERTIFICATE-----
Generated at Mon Feb 26 17:25:41 2024 by rpki-client on console-fra.rpki-client.org