Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/D73C120C6D6111EE89A8734AC4F9AE02.roa
File: D73C120C6D6111EE89A8734AC4F9AE02.roa (raw, json)
Hash identifier: 70f3c4+RlBu+YEYGG+fFi4ke/TLB2V48M54+7TFhHfA=
Subject key identifier: 43:E0:1F:F2:7D:F1:71:72:44:A2:4F:65:45:1C:B9:7D:43:2F:D5:EE
Certificate issuer: /CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Certificate serial: 8F
Authority key identifier: D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/D73C120C6D6111EE89A8734AC4F9AE02.roa
Signing time: Sun 12 May 2024 04:22:25 +0000
ROA not before: Sun 12 May 2024 04:22:25 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 135883
IP address blocks: 103.117.136.0/22 maxlen: 22
2403:1a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 21 May 2024 01:13:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143 (0x8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Validity
Not Before: May 12 04:22:25 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=66404401-abb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:95:d8:6d:98:f8:41:14:68:4b:49:90:2c:ca:
a0:e6:87:a8:75:fa:30:74:7f:af:ff:51:d2:92:25:
0c:b3:1f:c5:19:42:18:fc:07:64:a4:e8:70:01:7c:
b0:05:55:49:77:54:8f:b2:f5:43:c6:e9:fe:7d:d0:
45:0c:7a:dd:1f:05:c7:34:58:58:66:52:09:30:c0:
03:a1:25:34:09:99:98:01:14:a8:c9:99:fd:82:69:
3b:6d:e5:b9:dc:73:07:6a:b8:9f:2f:0c:a5:0c:c0:
6e:a2:86:0b:68:63:e4:10:29:c7:a1:5f:97:78:3c:
2c:57:87:e3:ec:8f:9e:d3:d3:46:25:77:ad:ba:34:
2a:74:d2:e3:cc:f3:5d:3e:92:81:c8:3a:a3:df:12:
05:99:ec:12:b0:e1:b0:ce:fa:4b:eb:c0:55:57:61:
f9:22:02:50:f7:db:4e:f2:c4:22:c6:c0:ca:b0:c6:
ec:36:ea:2e:2a:dd:47:01:86:b2:86:80:e9:98:7f:
d3:90:c4:94:14:1d:cc:8f:6e:07:b4:44:4e:c5:44:
b0:16:7f:a5:df:f0:be:cb:45:25:b0:1c:56:3c:ab:
ee:79:46:50:34:28:56:0a:1e:b4:59:4c:25:29:a8:
cb:44:a4:fc:b7:19:5f:9b:3f:8c:20:9c:f7:97:44:
ab:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E0:1F:F2:7D:F1:71:72:44:A2:4F:65:45:1C:B9:7D:43:2F:D5:EE
X509v3 Authority Key Identifier:
keyid:D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/1DEGkNzrfuShjaNXmsrRdIGGRqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/D73C120C6D6111EE89A8734AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.136.0/22
IPv6:
2403:1a40::/32
Signature Algorithm: sha256WithRSAEncryption
43:d2:7a:d2:bb:46:73:34:03:ce:b7:28:0b:4d:fb:1c:5a:d1:
4c:0c:d4:03:ed:d2:92:80:de:a8:36:6e:a2:c0:21:6f:b7:84:
b3:70:b3:1e:6b:91:b1:52:99:7d:03:cc:38:d0:15:06:c4:f6:
1b:ea:10:3a:12:e4:b9:52:7d:a2:39:67:af:d6:25:c8:9f:80:
2f:c9:a8:a8:63:94:e2:60:e4:83:5e:d2:f0:e9:39:1d:19:8d:
c2:16:57:4b:cd:69:fd:ea:27:5e:30:92:bd:51:1a:4d:40:9a:
37:cb:0a:70:c1:2b:57:19:85:20:07:0f:20:f3:2f:21:58:00:
1c:61:fa:41:11:98:18:9a:53:9e:89:d6:07:fe:d7:89:ca:c5:
31:68:eb:7d:a5:67:80:86:e2:cd:1d:91:54:5e:0d:d0:55:66:
aa:6c:37:b3:5a:50:d6:48:c3:96:67:83:6f:82:28:e5:b1:61:
aa:b2:19:b4:1e:a5:7b:c2:c9:95:78:e2:16:1f:17:c7:3c:c1:
1c:e5:4a:66:d4:fb:79:30:e5:bf:e0:43:a1:c1:1f:9a:b1:0c:
20:e3:0b:78:59:33:78:47:39:89:82:3d:b6:d7:ce:bf:13:6c:
e8:27:8f:63:06:aa:34:c1:95:e4:91:93:aa:d3:05:80:8a:42:
82:9b:48:48
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkIwN0QxMTAvBgNVBAUTKEQ0MzEwNjkwRENFQjdFRTRBMThEQTM1NzlBQ0FEMTc0
ODE4NjQ2QTMwHhcNMjQwNTEyMDQyMjI1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQwNDQwMS1hYmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy5XYbZj4QRRoS0mQLMqg5oeodfowdH+v/1HSkiUMsx/FGUIY/AdkpOhwAXyw
BVVJd1SPsvVDxun+fdBFDHrdHwXHNFhYZlIJMMADoSU0CZmYARSoyZn9gmk7beW5
3HMHarifLwylDMBuooYLaGPkECnHoV+XeDwsV4fj7I+e09NGJXetujQqdNLjzPNd
PpKByDqj3xIFmewSsOGwzvpL68BVV2H5IgJQ99tO8sQixsDKsMbsNuouKt1HAYay
hoDpmH/TkMSUFB3Mj24HtEROxUSwFn+l3/C+y0UlsBxWPKvueUZQNChWCh60WUwl
KajLRKT8txlfmz+MIJz3l0SrPQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEPgH/J9
8XFyRKJPZUUcuX1DL9XuMB8GA1UdIwQYMBaAFNQxBpDc637koY2jV5rK0XSBhkaj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjA3RC9FOUI0ODUzQzRB
QzQxMUVFOTgzOTM4NkZDNEY5QUUwMi8xREVHa056cmZ1U2hqYU5YbXNyUmRJR0dS
cU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFERUdrTnpyZnVTaGphTlhtc3JSZElHR1JxTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkIwN0QvRTlCNDg1M0M0QUM0MTFFRTk4MzkzODZGQzRGOUFFMDIvRDczQzEyMEM2
RDYxMTFFRTg5QTg3MzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJndYgwDQQCAAIwBwMFACQDGkAwDQYJKoZIhvcNAQELBQAD
ggEBAEPSetK7RnM0A863KAtN+xxa0UwM1APt0pKA3qg2bqLAIW+3hLNwsx5rkbFS
mX0DzDjQFQbE9hvqEDoS5LlSfaI5Z6/WJcifgC/JqKhjlOJg5INe0vDpOR0ZjcIW
V0vNaf3qJ14wkr1RGk1AmjfLCnDBK1cZhSAHDyDzLyFYABxh+kERmBiaU56J1gf+
14nKxTFo632lZ4CG4s0dkVReDdBVZqpsN7NaUNZIw5Zng2+CKOWxYaqyGbQepXvC
yZV44hYfF8c8wRzlSmbU+3kw5b/gQ6HBH5qxDCDjC3hZM3hHOYmCPbbXzr8TbOgn
j2MGqjTBleSRk6rTBYCKQoKbSEg=
-----END CERTIFICATE-----
Generated at Tue May 21 03:51:40 2024 by rpki-client on console-ams.rpki-client.org