Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/9DCC31360ECA11EF83229641C4F9AE02.roa
File: 9DCC31360ECA11EF83229641C4F9AE02.roa (raw, json)
Hash identifier: oFsTCBkYrrzCI/i8CuuByV1xrwgFFoV/QWODNsMRICQ=
Subject key identifier: D9:28:D7:14:50:2F:E2:3D:A6:28:0A:6D:09:36:3B:D9:07:CC:8C:3C
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 01D4
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/9DCC31360ECA11EF83229641C4F9AE02.roa
Signing time: Fri 10 May 2024 12:41:27 +0000
ROA not before: Fri 10 May 2024 12:41:27 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 134450
IP address blocks: 45.125.246.0/24 maxlen: 24
103.221.233.0/24 maxlen: 24
103.239.213.0/24 maxlen: 24
103.241.52.0/22 maxlen: 22
202.94.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 11:37:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 468 (0x1d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: May 10 12:41:27 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=663e15f6-fa72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7c:7a:02:c9:12:5e:c5:65:c9:45:dd:25:51:
31:7d:b9:40:4d:fc:d6:56:d7:e5:ff:49:ca:86:52:
73:35:76:d2:18:ea:3f:e7:2a:7a:25:b1:24:67:e6:
99:13:f1:ee:9d:6a:c4:03:96:a6:8c:0d:b0:e2:46:
1c:94:91:74:91:c2:cb:d1:bb:6b:04:e6:c9:18:60:
24:47:7a:15:19:9f:00:02:63:b5:c2:b5:ba:d2:9b:
e3:86:fb:87:5d:99:9b:92:28:e7:09:0e:39:c6:93:
45:e6:63:72:08:b8:fd:e6:43:70:d5:47:50:d7:70:
39:0c:1c:08:dc:85:00:e2:96:b1:48:29:86:7f:88:
d7:01:64:96:80:9a:30:5d:e7:eb:ec:d4:88:c9:c6:
f7:ec:ff:76:e8:26:92:ce:5d:62:15:c0:08:19:e1:
e4:3f:a3:7a:0f:f7:e5:05:84:0e:2c:00:a8:96:02:
d9:24:95:ad:bb:eb:aa:dc:45:59:cc:85:78:0b:a0:
46:ec:79:40:4f:aa:ab:e0:6d:34:df:6f:47:eb:60:
6c:24:9e:9e:57:6f:14:58:b1:47:18:b7:92:77:a7:
bc:50:6d:04:e0:24:97:a5:c7:3a:4d:d5:8e:64:a3:
f6:f1:50:3c:e1:00:33:a5:ec:4e:81:c6:d3:1b:c2:
2a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:28:D7:14:50:2F:E2:3D:A6:28:0A:6D:09:36:3B:D9:07:CC:8C:3C
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/9DCC31360ECA11EF83229641C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.246.0/24
103.221.233.0/24
103.239.213.0/24
103.241.52.0/22
202.94.174.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:da:79:d6:33:67:8c:7c:86:8c:40:25:52:ae:9f:bd:96:5b:
e7:ea:c9:fb:e5:4b:ff:57:8c:b4:11:bf:83:7d:42:c8:89:c4:
23:f4:47:a6:35:f5:99:1d:07:bd:86:ce:9d:22:fe:fd:d1:4a:
73:a8:60:3e:e9:96:ea:e7:f9:f0:1a:56:78:fe:9b:db:2e:ab:
f8:f7:90:47:46:0e:bc:70:29:ee:54:b7:b6:53:0b:c2:58:cd:
0b:07:a5:44:4e:e6:70:e3:a6:08:e3:d5:b0:82:8a:0f:a8:c9:
a4:c6:54:9c:b3:ba:4a:cb:1b:e1:2c:93:8a:4f:b6:7f:30:e1:
ba:ec:9f:32:dd:f9:58:ed:2c:f4:c2:51:46:43:e7:d8:47:7b:
9b:fa:26:51:3b:94:c8:9e:01:7c:46:c7:1b:19:28:c0:4b:68:
aa:eb:b1:12:ec:8c:99:c2:3f:17:f9:2e:26:0e:bc:31:31:8b:
f7:6d:9a:65:dd:5d:fe:c1:8c:ac:17:9c:20:4a:27:a2:89:3b:
7e:af:5b:a7:40:68:8d:e0:e0:c1:5a:47:2c:0b:ee:fa:b4:65:
fa:a6:75:6b:04:1c:73:4e:85:3d:51:41:bf:71:a6:a3:e0:8f:
a0:91:25:ff:fc:e0:de:e5:04:a5:a1:da:ff:c1:5b:a0:af:41:
8e:25:aa:8c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAdQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5
Njk4RkU2MzgwHhcNMjQwNTEwMTI0MTI3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNlMTVmNi1mYTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvXx6AskSXsVlyUXdJVExfblATfzWVtfl/0nKhlJzNXbSGOo/5yp6JbEkZ+aZ
E/HunWrEA5amjA2w4kYclJF0kcLL0btrBObJGGAkR3oVGZ8AAmO1wrW60pvjhvuH
XZmbkijnCQ45xpNF5mNyCLj95kNw1UdQ13A5DBwI3IUA4paxSCmGf4jXAWSWgJow
Xefr7NSIycb37P926CaSzl1iFcAIGeHkP6N6D/flBYQOLAColgLZJJWtu+uq3EVZ
zIV4C6BG7HlAT6qr4G00329H62BsJJ6eV28UWLFHGLeSd6e8UG0E4CSXpcc6TdWO
ZKP28VA84QAzpexOgcbTG8IqUwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFNko1xRQ
L+I9pigKbQk2O9kHzIw8MB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx
ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvOURDQzMxMzYw
RUNBMTFFRjgzMjI5NjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAAtffYDBABn3ekDBABn79UDBAJn8TQDBADKXq4wDQYJKoZI
hvcNAQELBQADggEBAD/aedYzZ4x8hoxAJVKun72WW+fqyfvlS/9XjLQRv4N9QsiJ
xCP0R6Y19ZkdB72Gzp0i/v3RSnOoYD7plurn+fAaVnj+m9suq/j3kEdGDrxwKe5U
t7ZTC8JYzQsHpURO5nDjpgjj1bCCig+oyaTGVJyzukrLG+Esk4pPtn8w4brsnzLd
+VjtLPTCUUZD59hHe5v6JlE7lMieAXxGxxsZKMBLaKrrsRLsjJnCPxf5LiYOvDEx
i/dtmmXdXf7BjKwXnCBKJ6KJO36vW6dAaI3g4MFaRywL7vq0ZfqmdWsEHHNOhT1R
Qb9xpqPgj6CRJf/84N7lBKWh2v/BW6CvQY4lqow=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org