Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/2DFFD8AA77E211EE80306157C4F9AE02.roa
File: 2DFFD8AA77E211EE80306157C4F9AE02.roa (raw, json)
Hash identifier: 7v1dAq9G4hon2oLI2n/4Q93K/x/8LBHlBeMBavig8+I=
Subject key identifier: 8A:0F:8E:D7:BF:C3:41:87:F2:3B:AE:D1:EB:33:E9:70:C5:48:8B:5C
Certificate issuer: /CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE
Certificate serial: 33CA
Authority key identifier: 6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/2DFFD8AA77E211EE80306157C4F9AE02.roa
Signing time: Tue 31 Oct 2023 11:39:41 +0000
ROA not before: Tue 31 Oct 2023 11:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132509
IP address blocks: 103.244.180.0/24 maxlen: 24
103.244.181.0/24 maxlen: 24
103.244.182.0/24 maxlen: 24
103.244.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 02:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13258 (0x33ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE
Validity
Not Before: Oct 31 11:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6540e77d-8526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c0:66:c2:8c:ca:2f:61:a0:cc:07:34:29:51:
a2:df:e6:bc:09:fe:0b:e0:3a:b8:de:5e:b5:0b:2d:
ce:7d:80:e0:49:12:5d:80:0e:a9:b5:93:78:a2:ba:
ee:49:c0:ee:52:b7:73:dc:3d:7c:42:21:2d:36:30:
0f:0b:3d:fa:d5:8e:5d:b1:89:9b:81:14:5a:26:fc:
f2:60:52:73:56:2b:de:37:3f:a1:38:aa:9e:4e:24:
f2:2a:4e:73:3a:29:d2:fc:4f:97:04:af:47:93:2a:
d0:e1:a2:a4:a0:fe:15:b8:ef:c9:a7:21:2b:19:e3:
bc:b5:66:ec:be:3b:29:d7:85:c1:a6:be:dd:f8:fa:
75:d6:cd:83:03:5a:1d:59:1e:fd:73:ce:4a:2c:64:
8f:79:41:89:c3:d4:a6:a8:8b:74:a2:84:e0:1d:8d:
50:c2:8b:b8:16:b7:15:f8:85:99:95:c1:59:a4:52:
2e:40:eb:40:b4:4c:0b:97:81:03:a0:1e:70:10:bf:
07:b5:e1:7f:98:5b:8c:dc:c6:ad:34:11:29:a6:55:
49:98:cd:66:44:4f:7f:0e:34:84:b3:65:00:99:e9:
86:06:8d:5d:f9:4c:37:93:b8:42:28:eb:06:da:a5:
fa:6e:c8:f3:b7:ce:6b:32:ea:f7:b2:9d:f1:44:6b:
22:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0F:8E:D7:BF:C3:41:87:F2:3B:AE:D1:EB:33:E9:70:C5:48:8B:5C
X509v3 Authority Key Identifier:
keyid:6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/2DFFD8AA77E211EE80306157C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.244.180.0/22
Signature Algorithm: sha256WithRSAEncryption
35:5f:c4:df:c7:d3:ba:f1:fd:55:32:1e:0c:24:d4:63:4f:b3:
66:5a:6c:7d:f2:95:fe:b8:8e:63:51:8c:c9:d6:05:c8:d8:11:
35:21:ea:97:34:71:09:a4:f3:5b:af:ed:3a:63:9d:83:e5:4f:
e9:5d:13:e6:f5:b3:01:81:75:26:af:c7:0e:8e:f3:50:f9:49:
06:78:a5:93:8e:fb:9b:09:c8:e2:1a:fa:a2:08:d6:12:38:7a:
9c:45:93:ca:d0:d6:1b:46:46:45:69:0f:87:9f:06:ba:ec:f1:
56:92:33:a7:04:77:bf:e8:76:83:e6:04:41:10:37:e9:a9:39:
f9:ed:a1:f9:99:15:c6:44:4b:ef:67:82:0a:6c:bf:2f:e2:a9:
b9:77:b3:83:53:46:5f:0f:41:94:db:f9:68:4a:af:65:51:14:
02:00:75:7c:ee:b1:21:bd:7e:2f:bd:45:e5:78:a5:7b:ad:8a:
b3:e1:e4:57:2c:47:85:92:92:ac:89:ca:bd:8f:d0:ac:97:b4:
8a:97:8e:da:69:b8:f0:be:af:a1:67:4c:b4:ee:ce:f5:54:ae:
22:ce:ae:e5:f8:9e:fe:72:df:d3:4a:ec:75:5b:9d:33:ef:02:
f3:3d:bb:bf:ba:24:c5:b6:2b:09:64:89:f2:c1:55:50:7d:36:
5f:3a:3d:07
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICM8owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U5NzgxMTAvBgNVBAUTKDZBMUU0RjcyODQ3RUIzNjk5NTIyQzkzRDI2NzczRjBE
RjgzOTZFQkUwHhcNMjMxMDMxMTEzOTQxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQwZTc3ZC04NTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxcBmwozKL2GgzAc0KVGi3+a8Cf4L4Dq43l61Cy3OfYDgSRJdgA6ptZN4orru
ScDuUrdz3D18QiEtNjAPCz361Y5dsYmbgRRaJvzyYFJzViveNz+hOKqeTiTyKk5z
OinS/E+XBK9HkyrQ4aKkoP4VuO/JpyErGeO8tWbsvjsp14XBpr7d+Pp11s2DA1od
WR79c85KLGSPeUGJw9SmqIt0ooTgHY1Qwou4FrcV+IWZlcFZpFIuQOtAtEwLl4ED
oB5wEL8HteF/mFuM3MatNBEpplVJmM1mRE9/DjSEs2UAmemGBo1d+Uw3k7hCKOsG
2qX6bsjzt85rMur3sp3xRGsiNwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIoPjte/
w0GH8juu0esz6XDFSItcMB8GA1UdIwQYMBaAFGoeT3KEfrNplSLJPSZ3Pw34OW6+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC8zMjIzRjM1RTFE
OTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMybVZJc2s5Sm5jX0RmZzVi
cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FoNVBjb1ItczJtVklzazlKbmNfRGZnNWJyNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U5NzgvMzIyM0YzNUUxRDk4MTFFMjhBOEMyRTgyMDhCMDJDRDIvMkRGRkQ4QUE3
N0UyMTFFRTgwMzA2MTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn9LQwDQYJKoZIhvcNAQELBQADggEBADVfxN/H07rx/VUy
Hgwk1GNPs2ZabH3ylf64jmNRjMnWBcjYETUh6pc0cQmk81uv7TpjnYPlT+ldE+b1
swGBdSavxw6O81D5SQZ4pZOO+5sJyOIa+qII1hI4epxFk8rQ1htGRkVpD4efBrrs
8VaSM6cEd7/odoPmBEEQN+mpOfntofmZFcZES+9nggpsvy/iqbl3s4NTRl8PQZTb
+WhKr2VRFAIAdXzusSG9fi+9ReV4pXutirPh5FcsR4WSkqyJyr2P0KyXtIqXjtpp
uPC+r6FnTLTuzvVUriLOruX4nv5y39NK7HVbnTPvAvM9u7+6JMW2KwlkifLBVVB9
Nl86PQc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org