Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FF7AC3EED6C511EE8ACD7981C4F9AE02.roa
File: FF7AC3EED6C511EE8ACD7981C4F9AE02.roa (raw, json)
Hash identifier: QE6Y4YRAYLDKc7d4W5xWyXz0mw/iGoisk+J94Pg2mVw=
Subject key identifier: CE:AD:4F:70:E4:B7:1E:DC:7F:54:EE:6A:0E:E2:96:5E:44:C4:5D:A4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 83D6
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FF7AC3EED6C511EE8ACD7981C4F9AE02.roa
Signing time: Thu 29 Feb 2024 05:51:49 +0000
ROA not before: Thu 29 Feb 2024 05:51:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133304
IP address blocks: 103.105.100.0/24 maxlen: 24
103.105.102.0/24 maxlen: 24
103.159.30.0/24 maxlen: 24
103.159.31.0/24 maxlen: 24
2400:5ca0::/32 maxlen: 32
2400:5ca0::/48 maxlen: 48
2400:5ca0:1::/48 maxlen: 48
2400:5ca0:2::/48 maxlen: 48
2400:5ca0:3::/48 maxlen: 48
2400:5ca0:4::/48 maxlen: 48
2400:5ca0:5::/48 maxlen: 48
2400:5ca0:6::/48 maxlen: 48
2400:5ca0:7::/48 maxlen: 48
2400:5ca0:8::/48 maxlen: 48
2400:5ca0:9::/48 maxlen: 48
2400:c5e0::/32 maxlen: 32
2400:c5e0::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Mar 2024 06:24:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33750 (0x83d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 29 05:51:49 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65e01b75-b99c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cc:75:5a:01:a1:93:95:09:11:1c:3a:5b:2c:
0f:51:7f:5c:13:06:2b:15:9a:89:e7:5e:7a:d9:ab:
67:f4:b2:f1:b0:7f:a0:3e:be:92:68:a3:49:8e:60:
f5:59:b8:e4:f4:07:18:43:67:4c:52:f7:9c:1a:5d:
79:46:08:38:38:eb:cb:4e:18:b7:f9:7e:77:1a:2b:
d4:96:a3:d4:94:b2:80:ef:5a:e6:b7:b5:19:5a:85:
31:07:01:aa:2d:db:23:ad:67:43:26:2b:6b:09:ca:
22:4d:db:b0:35:5e:dc:14:e0:a0:2c:42:21:f5:24:
71:d8:39:d9:22:71:a0:6e:6b:69:dd:f2:5c:54:99:
06:61:8b:32:c7:7a:8e:fd:7b:cc:1b:1d:96:98:36:
03:f6:01:3e:78:00:71:06:70:5f:76:df:6e:04:cc:
07:3e:bd:95:d3:67:1b:3f:53:a9:bc:e5:f0:fb:8f:
d6:d5:8b:4a:9b:3f:5c:ca:7a:61:eb:17:48:0e:c7:
73:55:ce:8a:69:62:fe:f6:ef:65:7a:15:ab:9f:9f:
8f:93:fd:f2:ff:e9:00:ee:f3:96:47:ee:39:0e:36:
74:a8:73:83:2c:f3:8c:52:3e:4c:b8:24:37:25:2e:
c7:f2:f3:10:88:1d:f3:af:d1:1f:17:b9:3b:91:4a:
07:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AD:4F:70:E4:B7:1E:DC:7F:54:EE:6A:0E:E2:96:5E:44:C4:5D:A4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FF7AC3EED6C511EE8ACD7981C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.105.100.0/24
103.105.102.0/24
103.159.30.0/23
IPv6:
2400:5ca0::/32
2400:c5e0::/32
Signature Algorithm: sha256WithRSAEncryption
1a:66:d2:0f:46:fe:b9:33:27:28:dc:57:e3:85:b7:2e:5d:a5:
08:23:69:08:69:13:37:02:e0:34:15:3c:20:46:7d:9f:d3:b5:
7e:b6:9b:c5:3d:dd:64:ea:bc:59:d3:40:cd:90:bf:c8:82:e7:
9c:4e:d9:bc:8d:88:f8:45:79:4e:52:a3:05:54:d2:20:f0:20:
cb:bd:c0:ca:8a:4e:ef:62:9e:19:0f:1a:d5:02:67:4b:48:21:
da:7e:19:35:d2:72:0d:0e:aa:74:cf:1f:bb:7c:0e:20:0b:26:
ed:b7:ca:81:4b:c2:ab:90:1a:f4:ff:02:9f:71:c4:27:cf:d8:
4c:fa:79:a9:6b:4c:f9:5c:96:3b:71:c4:2e:c3:de:ea:3a:c0:
a4:3d:f4:20:18:08:3e:9c:20:ba:c5:f0:66:ea:b9:e8:2f:78:
1f:49:03:d4:39:10:6c:68:81:28:82:cb:ca:20:50:32:6e:5e:
16:a0:1d:e8:eb:ae:b4:38:1f:fa:f9:87:cb:eb:a3:d5:d2:96:
f3:12:a0:01:67:73:a7:c9:bd:36:f7:d0:be:9c:77:1d:46:60:
f4:f1:72:ab:64:62:8b:f0:2e:7c:a3:9d:cb:a3:99:b2:a8:62:
fc:8b:ee:27:a2:a7:2f:39:f7:d4:40:2f:fa:b3:2e:3c:ac:1f:
47:db:af:68
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIDAIPWMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDIyOTA1NTE0OVoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVlMDFiNzUtYjk5YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfMdVoBoZOVCREcOlssD1F/XBMGKxWaiedeetmrZ/Sy8bB/oD6+kmijSY5g
9Vm45PQHGENnTFL3nBpdeUYIODjry04Yt/l+dxor1Jaj1JSygO9a5re1GVqFMQcB
qi3bI61nQyYrawnKIk3bsDVe3BTgoCxCIfUkcdg52SJxoG5rad3yXFSZBmGLMsd6
jv17zBsdlpg2A/YBPngAcQZwX3bfbgTMBz69ldNnGz9Tqbzl8PuP1tWLSps/XMp6
YesXSA7Hc1XOimli/vbvZXoVq5+fj5P98v/pAO7zlkfuOQ42dKhzgyzzjFI+TLgk
NyUux/LzEIgd86/RHxe5O5FKB18CAwEAAaOCArcwggKzMB0GA1UdDgQWBBTOrU9w
5Lce3H9U7moO4pZeRMRdpDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0ZGN0FDM0VF
RDZDNTExRUU4QUNENzk4MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEEGCCsGAQUFBwEHAQH/
BDIwMDAYBAIAATASAwQAZ2lkAwQAZ2lmAwQBZ58eMBQEAgACMA4DBQAkAFygAwUA
JADF4DANBgkqhkiG9w0BAQsFAAOCAQEAGmbSD0b+uTMnKNxX44W3Ll2lCCNpCGkT
NwLgNBU8IEZ9n9O1frabxT3dZOq8WdNAzZC/yILnnE7ZvI2I+EV5TlKjBVTSIPAg
y73AyopO72KeGQ8a1QJnS0gh2n4ZNdJyDQ6qdM8fu3wOIAsm7bfKgUvCq5Aa9P8C
n3HEJ8/YTPp5qWtM+VyWO3HELsPe6jrApD30IBgIPpwgusXwZuq56C94H0kD1DkQ
bGiBKILLyiBQMm5eFqAd6OuutDgf+vmHy+uj1dKW8xKgAWdzp8m9NvfQvpx3HUZg
9PFyq2Rii/AufKOdy6OZsqhi/IvuJ6KnLzn31EAv+rMuPKwfR9uvaA==
-----END CERTIFICATE-----
Generated at Mon Mar 4 07:30:29 2024 by rpki-client on console-ams.rpki-client.org