Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FFC5E3F0838811EE956BE11CC4F9AE02.roa
File: FFC5E3F0838811EE956BE11CC4F9AE02.roa (raw, json)
Hash identifier: Ua2e4TwgVOofgv6phpOAHlfVwwqjT/S5I+8fkzBNdC8=
Subject key identifier: 9F:84:75:8A:5D:2D:CE:0A:B0:C1:C6:7E:04:65:C8:82:1B:C8:68:22
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7DAC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FFC5E3F0838811EE956BE11CC4F9AE02.roa
Signing time: Wed 15 Nov 2023 07:31:32 +0000
ROA not before: Wed 15 Nov 2023 07:31:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150091
IP address blocks: 103.179.120.0/24 maxlen: 24
103.179.121.0/24 maxlen: 24
103.180.168.0/23 maxlen: 24
103.181.86.0/24 maxlen: 24
103.181.87.0/24 maxlen: 24
103.181.151.0/24 maxlen: 24
103.181.174.0/24 maxlen: 24
103.181.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32172 (0x7dac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 15 07:31:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=655473d4-d869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2d:22:7e:a4:52:07:67:47:35:3f:43:cf:1e:
2b:f2:09:ac:53:c4:88:3c:42:6e:0f:95:2f:91:d8:
20:3a:d0:6e:b5:95:b4:8c:aa:f4:65:06:4a:d2:20:
30:93:23:0e:44:e2:a2:d0:15:fd:e2:d9:31:7c:4c:
d9:a8:23:22:50:64:a9:c4:02:64:26:9f:1b:e7:07:
52:1e:73:2b:22:e5:00:03:58:31:ba:a9:bc:7d:bd:
02:b1:43:ac:3d:d2:03:d3:03:79:64:ca:bb:de:c4:
71:bc:cf:e3:dc:98:17:b3:e3:4f:e2:16:1e:17:ae:
9f:4b:ca:e6:cb:6e:70:14:e2:b1:99:8e:b8:c2:3d:
4f:cb:3a:d1:e1:0b:86:d7:d2:0c:b2:17:f7:21:41:
72:c3:ce:04:59:a2:8c:d7:26:1e:65:05:95:3c:a6:
5a:5d:43:32:3d:8f:09:67:f0:79:ed:93:70:62:b9:
70:73:c2:ab:48:5b:b2:43:93:e8:3c:34:f9:4f:50:
1f:fd:ef:ee:d9:48:d1:d9:61:3a:20:c9:44:a4:9b:
bc:fd:54:53:55:3d:26:7e:3d:04:cc:06:fd:ae:e4:
a6:53:67:ec:94:b2:ee:87:76:f2:ec:32:55:36:bb:
c4:4a:3d:7d:f8:8d:07:f4:11:24:72:4c:cd:57:67:
c1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:84:75:8A:5D:2D:CE:0A:B0:C1:C6:7E:04:65:C8:82:1B:C8:68:22
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FFC5E3F0838811EE956BE11CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.120.0/23
103.180.168.0/23
103.181.86.0/23
103.181.151.0/24
103.181.174.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:7f:fb:7d:9c:b7:ff:b4:f9:a8:7b:0e:ad:f1:d6:f3:5a:f9:
87:56:24:b5:00:f0:66:5a:00:56:b4:84:e6:c4:c3:20:5d:c2:
ad:2e:31:5b:87:cb:6c:93:46:87:08:2c:f2:c3:e6:b6:ef:37:
95:a7:e8:8e:5f:c3:1e:ca:3f:04:30:54:ee:ea:87:92:00:3c:
1b:53:20:be:72:99:f0:1c:46:13:eb:3e:f2:e8:34:99:03:a9:
7e:ef:7d:f6:53:56:04:48:8c:bc:89:a4:60:63:07:d1:61:a4:
1a:46:1d:fa:d9:2a:8f:9c:c0:db:e8:14:46:cf:c3:13:b0:b6:
39:2a:7f:6c:3e:a5:ed:7e:3a:16:6f:f5:38:f1:35:da:2c:38:
62:6b:f5:a4:68:8e:dd:17:c5:0f:34:a2:72:70:37:88:b8:dc:
f9:5b:4b:3e:ae:78:1a:50:3c:98:62:ca:ca:84:79:63:ff:6a:
e1:4d:46:32:81:fc:7b:3d:7b:43:af:ba:14:5e:6e:b6:34:8d:
7b:3f:9b:e4:37:63:1a:3c:bf:c7:43:de:06:e9:d0:71:78:52:
14:d2:8a:3a:2a:65:67:d4:9b:b2:ec:df:28:c2:2e:37:39:e6:
70:1c:7b:00:0a:ef:b7:88:a6:82:50:ab:a4:b4:4b:80:77:1a:
84:ba:86:65
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICfawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTE1MDczMTMyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU0NzNkNC1kODY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzy0ifqRSB2dHNT9Dzx4r8gmsU8SIPEJuD5UvkdggOtButZW0jKr0ZQZK0iAw
kyMOROKi0BX94tkxfEzZqCMiUGSpxAJkJp8b5wdSHnMrIuUAA1gxuqm8fb0CsUOs
PdID0wN5ZMq73sRxvM/j3JgXs+NP4hYeF66fS8rmy25wFOKxmY64wj1PyzrR4QuG
19IMshf3IUFyw84EWaKM1yYeZQWVPKZaXUMyPY8JZ/B57ZNwYrlwc8KrSFuyQ5Po
PDT5T1Af/e/u2UjR2WE6IMlEpJu8/VRTVT0mfj0EzAb9ruSmU2fslLLuh3by7DJV
NrvESj19+I0H9BEkckzNV2fBcQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJ+EdYpd
Lc4KsMHGfgRlyIIbyGgiMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRkZDNUUzRjA4
Mzg4MTFFRTk1NkJFMTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAFns3gDBAFntKgDBAFntVYDBABntZcDBAFnta4wDQYJKoZI
hvcNAQELBQADggEBAKV/+32ct/+0+ah7Dq3x1vNa+YdWJLUA8GZaAFa0hObEwyBd
wq0uMVuHy2yTRocILPLD5rbvN5Wn6I5fwx7KPwQwVO7qh5IAPBtTIL5ymfAcRhPr
PvLoNJkDqX7vffZTVgRIjLyJpGBjB9FhpBpGHfrZKo+cwNvoFEbPwxOwtjkqf2w+
pe1+OhZv9TjxNdosOGJr9aRojt0XxQ80onJwN4i43PlbSz6ueBpQPJhiysqEeWP/
auFNRjKB/Hs9e0OvuhRebrY0jXs/m+Q3Yxo8v8dD3gbp0HF4UhTSijoqZWfUm7Ls
3yjCLjc55nAcewAK77eIpoJQq6S0S4B3GoS6hmU=
-----END CERTIFICATE-----
Generated at Mon Nov 20 07:36:33 2023 by rpki-client on console-fra.rpki-client.org