Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F978/7E22B374B69B11E8AE06C616C4F9AE02/ED8C6E249DCD11EF8AD1A44BC4F9AE02.roa
File: ED8C6E249DCD11EF8AD1A44BC4F9AE02.roa (raw, json)
Hash identifier: 7LwoGXeXx+/xGw2V3MoAvo4RO+UpG3iPy7w826hfmlg=
Subject key identifier: F6:D4:9A:F3:84:32:6F:E0:6C:1A:92:6C:FF:5E:57:70:EB:49:6D:49
Certificate issuer: /CN=A918F978/serialNumber=6850AABF9BDABF26BFA09283021FE913D6956E32
Certificate serial: 129B
Authority key identifier: 68:50:AA:BF:9B:DA:BF:26:BF:A0:92:83:02:1F:E9:13:D6:95:6E:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aFCqv5vavya_oJKDAh_pE9aVbjI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F978/7E22B374B69B11E8AE06C616C4F9AE02/ED8C6E249DCD11EF8AD1A44BC4F9AE02.roa
Signing time: Fri 08 Nov 2024 12:35:25 +0000
ROA not before: Fri 08 Nov 2024 12:35:25 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 138197
IP address blocks: 103.129.208.0/22 maxlen: 22
103.129.208.0/23 maxlen: 23
103.129.208.0/24 maxlen: 24
103.129.210.0/23 maxlen: 23
103.129.210.0/24 maxlen: 24
103.129.211.0/24 maxlen: 24
2403:8840::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 20 Nov 2024 02:22:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4763 (0x129b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F978/serialNumber=6850AABF9BDABF26BFA09283021FE913D6956E32
Validity
Not Before: Nov 8 12:35:25 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=672e058d-0794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:04:59:b2:96:4f:e9:ef:6f:23:9d:cf:39:18:
5e:0e:88:0f:ec:59:7a:d3:58:55:1a:c7:60:11:e8:
01:64:3e:ce:64:71:7f:b7:e1:b8:cb:f9:9d:b7:35:
37:85:94:9c:8b:de:d9:0f:2c:da:db:84:69:fe:3a:
ea:d3:18:f2:55:0a:ec:1a:06:1b:49:88:23:8f:a6:
43:b9:3e:44:b5:2e:f5:1c:09:d9:66:08:a9:28:bd:
ad:4e:0c:ef:5e:56:06:be:8b:49:75:88:06:2c:87:
4e:5f:fd:1b:57:b0:5b:44:99:df:57:d2:9d:02:22:
f4:11:65:80:0a:71:27:8e:00:6f:f5:3f:cc:97:00:
d9:e5:9c:d4:15:49:3e:42:46:61:59:27:97:13:18:
dc:95:c1:44:78:e4:20:7e:63:c7:52:09:02:c3:a2:
4d:e2:3d:37:7c:5c:31:5e:52:ab:7c:93:92:de:f9:
bd:b4:89:9e:eb:dd:fb:c8:f2:84:21:15:47:04:5c:
89:78:93:f8:1c:c3:57:19:d5:6a:ef:84:c2:6b:21:
99:2b:ec:f6:e2:d2:d8:f4:63:cb:c1:2f:1f:33:52:
17:c8:bf:d6:e8:81:8e:19:b0:78:7a:ea:51:15:23:
ca:7b:18:93:d2:be:b2:09:8d:10:10:d8:20:05:56:
f3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:D4:9A:F3:84:32:6F:E0:6C:1A:92:6C:FF:5E:57:70:EB:49:6D:49
X509v3 Authority Key Identifier:
keyid:68:50:AA:BF:9B:DA:BF:26:BF:A0:92:83:02:1F:E9:13:D6:95:6E:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F978/7E22B374B69B11E8AE06C616C4F9AE02/aFCqv5vavya_oJKDAh_pE9aVbjI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aFCqv5vavya_oJKDAh_pE9aVbjI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F978/7E22B374B69B11E8AE06C616C4F9AE02/ED8C6E249DCD11EF8AD1A44BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.208.0/22
IPv6:
2403:8840::/32
Signature Algorithm: sha256WithRSAEncryption
59:c2:31:b7:7d:91:45:33:a9:07:f5:15:b7:1b:a6:12:b8:a3:
88:88:13:52:b6:ed:3b:fa:80:eb:56:8d:80:1e:db:e2:f4:a3:
3b:73:a8:05:6b:8b:8d:c6:7d:b2:c5:9a:6b:9b:23:8a:4d:ac:
f6:71:c2:50:2b:61:58:72:73:f7:3f:cc:03:09:01:ac:fa:60:
68:95:79:91:13:38:98:8d:47:97:92:83:d3:8b:f6:d0:21:25:
36:c3:5f:c7:fe:da:9c:57:2b:79:99:b3:ab:ed:e1:28:d8:bc:
82:08:5c:02:ae:3a:e6:21:78:f7:46:cb:26:a7:43:7f:42:47:
fe:9c:5c:0f:17:d9:5f:74:96:d9:ab:2c:b2:e8:d3:88:27:7d:
f7:90:f1:a2:5b:85:e8:00:c0:f7:4c:85:e1:95:40:88:e9:c0:
5e:15:de:bb:2c:fd:40:dd:be:4b:1e:98:25:4e:9c:b2:31:6f:
bb:ae:b1:a4:6e:e7:9b:3b:95:9e:1e:41:b2:6b:d5:46:5a:38:
ed:fd:6a:6a:1d:ef:9a:6a:3c:3a:04:2d:d8:b6:94:52:a9:4c:
f5:b9:f1:13:5b:77:6a:88:cf:25:40:94:05:6d:b4:d0:70:cb:
69:3e:96:6a:8c:d5:13:bc:f8:19:04:ad:da:c6:ce:75:12:21:
74:ec:b5:cc
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEpswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEY5NzgxMTAvBgNVBAUTKDY4NTBBQUJGOUJEQUJGMjZCRkEwOTI4MzAyMUZFOTEz
RDY5NTZFMzIwHhcNMjQxMTA4MTIzNTI1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJlMDU4ZC0wNzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwgRZspZP6e9vI53PORheDogP7Fl601hVGsdgEegBZD7OZHF/t+G4y/mdtzU3
hZSci97ZDyza24Rp/jrq0xjyVQrsGgYbSYgjj6ZDuT5EtS71HAnZZgipKL2tTgzv
XlYGvotJdYgGLIdOX/0bV7BbRJnfV9KdAiL0EWWACnEnjgBv9T/MlwDZ5ZzUFUk+
QkZhWSeXExjclcFEeOQgfmPHUgkCw6JN4j03fFwxXlKrfJOS3vm9tIme6937yPKE
IRVHBFyJeJP4HMNXGdVq74TCayGZK+z24tLY9GPLwS8fM1IXyL/W6IGOGbB4eupR
FSPKexiT0r6yCY0QENggBVbzzQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPbUmvOE
Mm/gbBqSbP9eV3DrSW1JMB8GA1UdIwQYMBaAFGhQqr+b2r8mv6CSgwIf6RPWlW4y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4Rjk3OC83RTIyQjM3NEI2
OUIxMUU4QUUwNkM2MTZDNEY5QUUwMi9hRkNxdjV2YXZ5YV9vSktEQWhfcEU5YVZi
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FGQ3F2NXZhdnlhX29KS0RBaF9wRTlhVmJqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEY5NzgvN0UyMkIzNzRCNjlCMTFFOEFFMDZDNjE2QzRGOUFFMDIvRUQ4QzZFMjQ5
RENEMTFFRjhBRDFBNDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJngdAwDQQCAAIwBwMFACQDiEAwDQYJKoZIhvcNAQELBQAD
ggEBAFnCMbd9kUUzqQf1FbcbphK4o4iIE1K27Tv6gOtWjYAe2+L0oztzqAVri43G
fbLFmmubI4pNrPZxwlArYVhyc/c/zAMJAaz6YGiVeZETOJiNR5eSg9OL9tAhJTbD
X8f+2pxXK3mZs6vt4SjYvIIIXAKuOuYhePdGyyanQ39CR/6cXA8X2V90ltmrLLLo
04gnffeQ8aJbhegAwPdMheGVQIjpwF4V3rss/UDdvksemCVOnLIxb7uusaRu55s7
lZ4eQbJr1UZaOO39amod75pqPDoELdi2lFKpTPW58RNbd2qIzyVAlAVttNBwy2k+
lmqM1RO8+BkErdrGznUSIXTstcw=
-----END CERTIFICATE-----
Generated at Wed Nov 20 04:35:44 2024 by rpki-client on console-fra.rpki-client.org