Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/89707206960D11ED942B5D62C4F9AE02.roa
File: 89707206960D11ED942B5D62C4F9AE02.roa (raw, json)
Hash identifier: qb7lB1wiab2YS9g1+6MNoPkSjA6uKt9lJZdCfIMvtqs=
Subject key identifier: F7:3E:03:5E:5B:75:2B:6C:A8:AC:AE:27:77:4E:33:96:6F:81:88:EF
Certificate issuer: /CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
Certificate serial: 341F
Authority key identifier: A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/89707206960D11ED942B5D62C4F9AE02.roa
Signing time: Tue 18 Jun 2024 15:31:11 +0000
ROA not before: Tue 18 Jun 2024 15:31:11 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 174
IP address blocks: 103.112.36.0/22 maxlen: 22
180.189.160.0/20 maxlen: 20
2405:1f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 22 Nov 2024 06:56:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13343 (0x341f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8D22
Validity
Not Before: Jun 18 15:31:11 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6671a83f-41b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7c:a7:eb:21:1b:d3:4c:f7:00:18:b2:a3:50:
b4:bf:e9:46:c1:b2:84:d7:a0:94:7b:ad:70:bf:34:
08:60:cb:61:ee:81:37:f0:8e:0c:1b:20:09:a8:65:
73:e7:45:86:ea:05:02:9e:eb:a0:32:0d:22:1b:b4:
d6:80:c1:10:4d:df:68:48:9d:9e:06:a1:6c:39:b2:
a7:cd:a0:b8:03:3a:9f:48:96:06:9f:64:16:a7:22:
64:3b:17:fe:38:1f:40:d4:a5:14:da:bb:95:95:53:
a9:bd:55:b4:81:f1:be:63:6a:fb:18:43:89:bc:62:
d3:93:69:a6:da:08:e2:5b:b8:35:12:78:cf:06:da:
05:29:4b:7a:ce:5c:b7:08:61:e9:6b:29:a6:c9:c6:
c6:9a:f8:3c:1a:43:e5:32:be:ce:8a:e6:d0:8f:d5:
d3:e8:d6:9c:b6:ac:70:8c:fd:84:39:2f:25:09:30:
28:10:14:f4:14:db:0d:d6:50:d8:0b:ab:d5:b4:83:
06:87:b3:6a:02:a6:92:ac:33:b0:67:ec:0e:70:73:
b9:0e:e0:e9:19:3a:ef:2b:bf:a7:7d:f2:55:1d:6b:
61:b5:2f:ff:61:a2:8e:65:cc:ed:03:5a:5a:dd:64:
58:f0:b1:b0:39:16:99:52:a6:04:8e:b4:97:1c:fd:
55:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3E:03:5E:5B:75:2B:6C:A8:AC:AE:27:77:4E:33:96:6F:81:88:EF
X509v3 Authority Key Identifier:
keyid:A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/89707206960D11ED942B5D62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.36.0/22
180.189.160.0/20
IPv6:
2405:1f00::/32
Signature Algorithm: sha256WithRSAEncryption
49:e0:b2:18:49:14:35:ea:1a:dc:e3:26:dc:46:ff:05:68:66:
62:a9:e6:33:d6:33:59:88:b1:ae:00:23:02:48:49:c6:29:d2:
eb:84:3d:79:19:99:9b:24:16:b3:cc:db:5b:0e:c6:52:bf:b0:
01:98:f8:b2:1d:f3:b2:c7:44:77:e6:58:5f:0a:9e:95:f8:24:
38:42:d1:ac:f7:07:a0:97:01:35:81:de:32:fa:74:e6:12:d0:
f2:a7:1f:63:0a:6d:fc:cb:78:41:a9:fa:37:ec:3d:bc:c9:6d:
57:fa:ef:0b:a7:96:c6:94:0c:97:de:06:7e:f1:67:c0:da:0e:
f3:ce:df:f7:4b:7b:b0:f7:08:21:7e:cc:36:42:0c:43:cd:89:
55:06:a6:d0:1a:60:b4:c6:c1:f5:81:11:e0:70:25:9b:7f:20:
29:9f:f0:20:05:d9:f1:03:69:2f:58:c0:95:76:50:01:cd:be:
ab:ee:e7:28:c3:a0:d0:4e:fa:b0:75:b7:13:9f:d9:33:c3:03:
23:2f:f8:51:94:0d:19:ff:45:c0:ff:91:70:d4:2c:e0:48:19:
6e:02:96:b3:6e:59:ac:dc:ef:23:f3:a3:0a:5c:c4:12:ed:58:
eb:ee:76:8b:7d:72:c0:ad:51:c2:bb:8c:ac:3c:34:23:a5:2a:
52:dd:b3:a5
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICNB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThEMjIxMTAvBgNVBAUTKEE2ODNGNjcyNEMwMkExM0YyRDM5Q0YyRjIxNTAwQkUw
MDM4MERERTMwHhcNMjQwNjE4MTUzMTExWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjcxYTgzZi00MWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtnyn6yEb00z3ABiyo1C0v+lGwbKE16CUe61wvzQIYMth7oE38I4MGyAJqGVz
50WG6gUCnuugMg0iG7TWgMEQTd9oSJ2eBqFsObKnzaC4AzqfSJYGn2QWpyJkOxf+
OB9A1KUU2ruVlVOpvVW0gfG+Y2r7GEOJvGLTk2mm2gjiW7g1EnjPBtoFKUt6zly3
CGHpaymmycbGmvg8GkPlMr7OiubQj9XT6NactqxwjP2EOS8lCTAoEBT0FNsN1lDY
C6vVtIMGh7NqAqaSrDOwZ+wOcHO5DuDpGTrvK7+nffJVHWthtS//YaKOZcztA1pa
3WRY8LGwORaZUqYEjrSXHP1VKwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFPc+A15b
dStsqKyuJ3dOM5ZvgYjvMB8GA1UdIwQYMBaAFKaD9nJMAqE/LTnPLyFQC+ADgN3j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEQyMi8yNTI2OTc5ODFE
OTIxMUUyQjYxOENBRjQwOEIwMkNEMi9wb1AyY2t3Q29UOHRPYzh2SVZBTDRBT0Ez
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BvUDJja3dDb1Q4dE9jOHZJVkFMNEFPQTNlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThEMjIvMjUyNjk3OTgxRDkyMTFFMkI2MThDQUY0MDhCMDJDRDIvODk3MDcyMDY5
NjBEMTFFRDk0MkI1RDYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJncCQDBAS0vaAwDQQCAAIwBwMFACQFHwAwDQYJKoZIhvcN
AQELBQADggEBAEngshhJFDXqGtzjJtxG/wVoZmKp5jPWM1mIsa4AIwJIScYp0uuE
PXkZmZskFrPM21sOxlK/sAGY+LId87LHRHfmWF8KnpX4JDhC0az3B6CXATWB3jL6
dOYS0PKnH2MKbfzLeEGp+jfsPbzJbVf67wunlsaUDJfeBn7xZ8DaDvPO3/dLe7D3
CCF+zDZCDEPNiVUGptAaYLTGwfWBEeBwJZt/ICmf8CAF2fEDaS9YwJV2UAHNvqvu
5yjDoNBO+rB1txOf2TPDAyMv+FGUDRn/RcD/kXDULOBIGW4ClrNuWazc7yPzowpc
xBLtWOvudot9csCtUcK7jKw8NCOlKlLds6U=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:17:25 2025 by rpki-client