Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/8A375E2A960D11ED942B5D62C4F9AE02.roa
File: 8A375E2A960D11ED942B5D62C4F9AE02.roa (raw, json)
Hash identifier: rOy5Kt1JooFCty94F5nKGVymlNhwBsSPxLr9wrgURrI=
Subject key identifier: 6A:B4:6B:01:72:8A:4B:C5:1F:4F:00:F0:43:45:87:BF:A0:C4:CF:A4
Certificate issuer: /CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
Certificate serial: 3355
Authority key identifier: A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/8A375E2A960D11ED942B5D62C4F9AE02.roa
Signing time: Mon 26 Jun 2023 15:10:56 +0000
ROA not before: Mon 26 Jun 2023 15:10:56 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 58731
IP address blocks: 103.112.36.0/22 maxlen: 22
180.189.160.0/20 maxlen: 20
180.189.164.0/22 maxlen: 22
180.189.169.0/24 maxlen: 24
2405:1f00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13141 (0x3355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
Validity
Not Before: Jun 26 15:10:56 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6499aa80-77d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6e:22:0e:ad:eb:30:ad:ca:82:1e:22:e2:a4:
a8:e4:07:7d:fc:e3:11:66:58:ec:62:6c:c0:a6:cf:
a3:1f:12:cd:61:d8:8a:2b:f4:bd:a1:b4:f8:4a:56:
b1:e8:97:69:f0:67:c0:8a:d0:6e:81:54:c6:89:08:
1f:81:20:98:4f:47:cb:0b:44:a6:49:7b:bc:29:ca:
50:4c:b9:96:43:2e:e7:ce:aa:b8:81:18:e5:48:4a:
1d:fa:f0:f5:d4:59:8e:89:f2:27:26:07:e1:c5:e6:
3a:7b:8f:99:2b:3a:11:0f:34:45:85:43:65:43:42:
9d:00:e2:36:40:57:9f:5b:4c:1e:71:81:24:3e:da:
fa:6f:13:92:26:74:14:4e:b8:68:9e:e7:2f:bb:dd:
7a:93:44:ea:f0:bf:7c:c3:e9:55:e8:6a:c5:66:ab:
2f:78:d9:18:89:f9:87:2b:af:0b:c0:e6:8e:cb:c1:
0b:2f:6c:3c:cf:e8:c8:c3:23:8c:b6:1d:a6:66:6a:
a9:de:7e:27:52:1b:34:78:65:e2:0d:8d:f8:fb:78:
f4:25:88:e4:58:3f:91:78:c3:42:6c:48:a7:d7:8c:
fc:85:7a:aa:8a:dc:d9:62:5e:70:f6:a7:c8:83:e9:
92:01:04:1d:47:2a:80:18:f1:70:01:86:ce:7f:0e:
35:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B4:6B:01:72:8A:4B:C5:1F:4F:00:F0:43:45:87:BF:A0:C4:CF:A4
X509v3 Authority Key Identifier:
keyid:A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/8A375E2A960D11ED942B5D62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.36.0/22
180.189.160.0/20
IPv6:
2405:1f00::/32
Signature Algorithm: sha256WithRSAEncryption
a9:e6:c1:2f:78:5e:52:f7:87:77:f2:91:f2:a0:77:8f:b3:85:
f9:06:46:1c:27:0b:53:77:ca:c1:ba:cc:8f:cd:1d:47:83:0b:
36:9a:e9:5a:83:93:86:1b:0e:ba:55:31:b3:cc:d7:8f:df:c7:
d3:72:c5:a9:58:e6:be:71:86:3a:4c:1b:d2:a3:d6:67:2a:1b:
e8:62:ef:24:39:ac:86:61:67:83:81:78:3b:3d:98:e8:37:4e:
20:52:9c:c4:c1:57:b7:14:81:2b:0f:84:fd:48:a7:6b:7b:2b:
c7:45:87:c0:9d:8d:79:cc:5a:ca:9c:33:3e:d4:4f:7b:05:ad:
6a:43:4c:d3:45:dc:9d:d0:07:d2:d3:44:74:74:0d:bf:cf:3d:
c4:4f:cb:0f:e4:27:12:41:fb:fa:9d:f0:82:6b:6a:2e:b4:74:
7b:db:86:dd:36:81:3c:df:a6:71:b8:5c:4c:d4:4b:24:c9:f8:
6c:3c:ed:40:d1:ad:e0:97:35:57:d4:b0:79:b5:1b:19:ca:2d:
ec:ee:b3:fd:0b:98:cd:03:e0:82:bf:40:fc:7e:14:70:b2:cb:
e6:17:5b:00:25:9d:90:91:11:da:ac:9d:ce:9a:f1:0b:ac:d6:
72:a0:10:67:06:66:2f:aa:a3:ac:40:63:b1:0c:f5:e5:29:b4:
0e:e3:51:be
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICM1UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThEMjIxMTAvBgNVBAUTKEE2ODNGNjcyNEMwMkExM0YyRDM5Q0YyRjIxNTAwQkUw
MDM4MERERTMwHhcNMjMwNjI2MTUxMDU2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk5YWE4MC03N2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz24iDq3rMK3Kgh4i4qSo5Ad9/OMRZljsYmzAps+jHxLNYdiKK/S9obT4Slax
6Jdp8GfAitBugVTGiQgfgSCYT0fLC0SmSXu8KcpQTLmWQy7nzqq4gRjlSEod+vD1
1FmOifInJgfhxeY6e4+ZKzoRDzRFhUNlQ0KdAOI2QFefW0wecYEkPtr6bxOSJnQU
Trhonucvu916k0Tq8L98w+lV6GrFZqsveNkYifmHK68LwOaOy8ELL2w8z+jIwyOM
th2mZmqp3n4nUhs0eGXiDY34+3j0JYjkWD+ReMNCbEin14z8hXqqitzZYl5w9qfI
g+mSAQQdRyqAGPFwAYbOfw41QQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGq0awFy
ikvFH08A8ENFh7+gxM+kMB8GA1UdIwQYMBaAFKaD9nJMAqE/LTnPLyFQC+ADgN3j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEQyMi8yNTI2OTc5ODFE
OTIxMUUyQjYxOENBRjQwOEIwMkNEMi9wb1AyY2t3Q29UOHRPYzh2SVZBTDRBT0Ez
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BvUDJja3dDb1Q4dE9jOHZJVkFMNEFPQTNlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThEMjIvMjUyNjk3OTgxRDkyMTFFMkI2MThDQUY0MDhCMDJDRDIvOEEzNzVFMkE5
NjBEMTFFRDk0MkI1RDYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJncCQDBAS0vaAwDQQCAAIwBwMFACQFHwAwDQYJKoZIhvcN
AQELBQADggEBAKnmwS94XlL3h3fykfKgd4+zhfkGRhwnC1N3ysG6zI/NHUeDCzaa
6VqDk4YbDrpVMbPM14/fx9NyxalY5r5xhjpMG9Kj1mcqG+hi7yQ5rIZhZ4OBeDs9
mOg3TiBSnMTBV7cUgSsPhP1Ip2t7K8dFh8CdjXnMWsqcMz7UT3sFrWpDTNNF3J3Q
B9LTRHR0Db/PPcRPyw/kJxJB+/qd8IJrai60dHvbht02gTzfpnG4XEzUSyTJ+Gw8
7UDRreCXNVfUsHm1GxnKLezus/0LmM0D4IK/QPx+FHCyy+YXWwAlnZCREdqsnc6a
8Qus1nKgEGcGZi+qo6xAY7EM9eUptA7jUb4=
-----END CERTIFICATE-----
Generated at Tue Nov 21 01:10:08 2023 by rpki-client on console-fra.rpki-client.org