Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/817C086E1BC011EFB7916B7DC4F9AE02.roa
File: 817C086E1BC011EFB7916B7DC4F9AE02.roa (raw, json)
Hash identifier: zfr8r5t2kY8aArRWW+CmosDSvpX2Il/QCFY5bZHKhJ0=
Subject key identifier: 07:D4:F9:CF:3A:DE:64:3B:02:A0:0F:B1:D0:2A:98:A7:78:1E:48:6A
Certificate issuer: /CN=A91BC269/serialNumber=30E2061F7C20BD843BEE5372C1321C35FBB1D3EF
Certificate serial: 0296
Authority key identifier: 30:E2:06:1F:7C:20:BD:84:3B:EE:53:72:C1:32:1C:35:FB:B1:D3:EF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/817C086E1BC011EFB7916B7DC4F9AE02.roa
Signing time: Fri 07 Jun 2024 01:12:30 +0000
ROA not before: Fri 07 Jun 2024 01:12:30 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 9876
IP address blocks: 103.8.140.0/22 maxlen: 23
103.8.140.0/24 maxlen: 24
103.8.141.0/24 maxlen: 24
103.8.142.0/24 maxlen: 24
103.8.143.0/24 maxlen: 24
103.15.126.0/23 maxlen: 23
103.15.126.0/24 maxlen: 24
103.15.127.0/24 maxlen: 24
163.47.236.0/22 maxlen: 23
163.47.236.0/24 maxlen: 24
163.47.237.0/24 maxlen: 24
163.47.238.0/24 maxlen: 24
163.47.239.0/24 maxlen: 24
202.56.32.0/20 maxlen: 20
202.56.32.0/22 maxlen: 22
202.56.36.0/22 maxlen: 22
202.56.40.0/22 maxlen: 22
202.56.44.0/22 maxlen: 22
202.56.48.0/21 maxlen: 22
202.56.48.0/23 maxlen: 24
202.56.50.0/23 maxlen: 24
202.56.52.0/23 maxlen: 24
202.56.54.0/23 maxlen: 24
202.137.240.0/21 maxlen: 22
202.137.240.0/23 maxlen: 24
202.137.242.0/23 maxlen: 24
202.137.244.0/23 maxlen: 24
202.137.246.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 23:28:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 662 (0x296)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BC269/serialNumber=30E2061F7C20BD843BEE5372C1321C35FBB1D3EF
Validity
Not Before: Jun 7 01:12:30 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66625e7e-ab3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b2:0d:50:65:75:9d:20:34:8a:e8:c7:77:6d:
ad:c3:7c:01:ef:f6:1b:94:c8:af:22:80:8e:f7:d8:
23:81:2f:05:74:de:b8:8a:e8:e6:04:04:1d:61:a7:
3f:3c:a5:8c:d2:e7:f8:3b:8f:b7:b6:d5:9e:d1:98:
67:b1:50:c2:e0:b2:73:e7:b7:ad:73:f9:aa:42:c9:
3f:f3:5f:5f:72:42:b0:57:50:e3:88:4a:a2:49:c1:
03:df:46:f7:12:b8:98:1c:b8:6a:9b:e1:59:ce:1c:
2b:bf:f0:15:83:f5:e9:5c:60:0e:a8:a9:b0:4c:94:
d3:c3:2c:ed:fd:86:eb:b4:fb:14:4d:ff:6f:48:ba:
0c:68:3d:b8:cd:db:f7:68:ef:bd:46:ab:d5:8a:1d:
86:de:4b:78:67:60:30:7f:7c:a8:62:13:fa:c3:6a:
52:1d:1e:fa:20:85:70:87:0e:cf:ee:79:29:49:c0:
19:70:7e:d1:7d:fb:07:13:1e:79:22:91:be:e8:f9:
72:0c:b6:78:89:2d:15:04:83:b6:ef:1d:cf:45:f5:
7d:4d:62:7f:48:e3:8d:49:17:49:af:12:ca:9a:2d:
83:22:6c:59:74:05:6a:78:f1:fa:0c:82:86:81:6b:
e4:86:94:48:5a:5d:ab:09:6b:7f:37:6e:09:f2:b1:
8c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D4:F9:CF:3A:DE:64:3B:02:A0:0F:B1:D0:2A:98:A7:78:1E:48:6A
X509v3 Authority Key Identifier:
keyid:30:E2:06:1F:7C:20:BD:84:3B:EE:53:72:C1:32:1C:35:FB:B1:D3:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/MOIGH3wgvYQ77lNywTIcNfux0-8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/817C086E1BC011EFB7916B7DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.8.140.0/22
103.15.126.0/23
163.47.236.0/22
202.56.32.0-202.56.55.255
202.137.240.0/21
Signature Algorithm: sha256WithRSAEncryption
bb:52:1f:ce:cc:76:b0:2e:4c:22:d6:af:b6:b1:9e:15:3e:15:
30:58:8c:e8:d7:fb:c4:4a:09:13:8c:a8:5a:f5:b3:02:44:22:
fd:ef:ab:2f:f9:9a:86:f6:db:5b:5a:51:ef:c8:65:56:55:4e:
89:ef:de:9a:69:c3:37:9e:2f:67:73:10:ff:89:fa:48:16:4f:
8a:22:f5:4e:4c:6e:4d:f9:42:4e:a7:4e:df:8a:1c:73:cb:80:
dc:ed:66:d8:fe:37:c7:26:46:88:38:cf:84:21:cb:60:f7:89:
f2:de:6f:2f:9d:05:be:34:63:a3:f1:b5:e6:75:49:b9:5c:04:
58:97:d3:0a:ba:c1:7f:a9:31:73:cf:02:43:4e:c9:6e:18:11:
d9:7c:a7:04:d3:2b:5f:ae:2c:62:a9:91:a1:02:af:e8:3c:92:
f7:d4:dc:dc:0c:1e:15:1c:f8:96:8f:d1:55:26:7e:19:da:2a:
3b:3b:1f:8f:7e:36:2d:7f:65:59:1e:c5:99:88:d6:8b:9f:91:
6b:b6:5d:e8:64:05:1d:35:5d:5f:7f:77:48:e9:b5:c0:47:31:
90:da:18:d3:95:4c:02:ff:c2:bb:b9:2b:b6:fc:ba:40:a9:db:
26:98:a5:23:9c:0b:f3:98:c9:5c:80:f2:1b:04:18:65:b4:30:
19:bb:2b:b3
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICApYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkMyNjkxMTAvBgNVBAUTKDMwRTIwNjFGN0MyMEJEODQzQkVFNTM3MkMxMzIxQzM1
RkJCMUQzRUYwHhcNMjQwNjA3MDExMjMwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYyNWU3ZS1hYjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzbINUGV1nSA0iujHd22tw3wB7/YblMivIoCO99gjgS8FdN64iujmBAQdYac/
PKWM0uf4O4+3ttWe0ZhnsVDC4LJz57etc/mqQsk/819fckKwV1DjiEqiScED30b3
EriYHLhqm+FZzhwrv/AVg/XpXGAOqKmwTJTTwyzt/YbrtPsUTf9vSLoMaD24zdv3
aO+9RqvVih2G3kt4Z2Awf3yoYhP6w2pSHR76IIVwhw7P7nkpScAZcH7RffsHEx55
IpG+6PlyDLZ4iS0VBIO27x3PRfV9TWJ/SOONSRdJrxLKmi2DImxZdAVqePH6DIKG
gWvkhpRIWl2rCWt/N24J8rGMYwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFAfU+c86
3mQ7AqAPsdAqmKd4HkhqMB8GA1UdIwQYMBaAFDDiBh98IL2EO+5TcsEyHDX7sdPv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzI2OS9CQTY3NkUzMENG
RTUxMUVDOTRCQkM3NUFDNEY5QUUwMi9NT0lHSDN3Z3ZZUTc3bE55d1RJY05mdXgw
LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01PSUdIM3dndllRNzdsTnl3VEljTmZ1eDAtOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkMyNjkvQkE2NzZFMzBDRkU1MTFFQzk0QkJDNzVBQzRGOUFFMDIvODE3QzA4NkUx
QkMwMTFFRkI3OTE2QjdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAJnCIwDBAFnD34DBAKjL+wwDAMEBco4IAMEA8o4MAMEA8qJ
8DANBgkqhkiG9w0BAQsFAAOCAQEAu1Ifzsx2sC5MItavtrGeFT4VMFiM6Nf7xEoJ
E4yoWvWzAkQi/e+rL/mahvbbW1pR78hlVlVOie/emmnDN54vZ3MQ/4n6SBZPiiL1
TkxuTflCTqdO34occ8uA3O1m2P43xyZGiDjPhCHLYPeJ8t5vL50FvjRjo/G15nVJ
uVwEWJfTCrrBf6kxc88CQ07JbhgR2XynBNMrX64sYqmRoQKv6DyS99Tc3AweFRz4
lo/RVSZ+GdoqOzsfj342LX9lWR7FmYjWi5+Ra7Zd6GQFHTVdX393SOm1wEcxkNoY
05VMAv/Cu7krtvy6QKnbJpilI5wL85jJXIDyGwQYZbQwGbsrsw==
-----END CERTIFICATE-----
Generated at Tue Jun 11 00:26:10 2024 by rpki-client on console-ams.rpki-client.org