Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D477A/C828943273E811EA88F0227FC4F9AE02/C2C28FF673E911EA8DF36980C4F9AE02.roa
File: C2C28FF673E911EA8DF36980C4F9AE02.roa (raw, json)
Hash identifier: euiXVmTJ/dRG4SfR6OTfJ7zSIPUrvUV/3o28Idjfd3A=
Subject key identifier: C3:76:20:20:EE:EA:0B:4D:1D:04:FE:CA:FC:D2:BE:E6:FE:9C:29:96
Certificate issuer: /CN=A91D477A/serialNumber=112940DF56532B5D9A597869ACA931E783E8ACBF
Certificate serial: 08CA
Authority key identifier: 11:29:40:DF:56:53:2B:5D:9A:59:78:69:AC:A9:31:E7:83:E8:AC:BF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ESlA31ZTK12aWXhprKkx54PorL8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D477A/C828943273E811EA88F0227FC4F9AE02/C2C28FF673E911EA8DF36980C4F9AE02.roa
Signing time: Wed 30 Aug 2023 01:45:50 +0000
ROA not before: Wed 30 Aug 2023 01:45:50 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 137551
IP address blocks: 103.112.240.0/22 maxlen: 22
103.112.240.0/24 maxlen: 24
103.112.241.0/24 maxlen: 24
103.112.242.0/24 maxlen: 24
103.112.243.0/24 maxlen: 24
103.120.120.0/22 maxlen: 22
103.120.121.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2250 (0x8ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D477A/serialNumber=112940DF56532B5D9A597869ACA931E783E8ACBF
Validity
Not Before: Aug 30 01:45:50 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64ee9f4e-352b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e6:d9:21:5e:f4:a4:61:0f:54:b7:4d:3b:9b:
cd:05:10:1f:b7:64:d3:df:cb:a6:59:b2:73:e7:8e:
cc:7b:0e:a8:b8:7a:9b:60:92:e2:b2:18:dd:45:c6:
62:4f:93:eb:a7:e3:89:63:86:9b:5e:f2:c7:2f:ef:
43:e1:cd:0a:3d:5b:ff:c8:fa:82:0e:28:29:6c:01:
c1:b0:76:2e:51:7f:b1:a3:f2:10:f2:07:2a:48:ed:
60:25:6e:4e:d5:1e:95:c2:a8:97:08:19:ca:a1:2c:
3d:61:c1:b9:ba:d8:15:a8:40:a8:a2:b9:07:6d:00:
88:1a:44:2e:f5:32:91:8d:d8:14:3d:b0:45:36:18:
56:10:97:d2:0a:38:e2:b8:8c:1d:46:f6:36:ea:3a:
8d:52:9a:ba:1b:37:39:4a:77:ea:70:2e:ca:a7:99:
9b:8a:3f:9a:85:62:e3:38:ed:32:95:2d:b4:50:2b:
44:12:14:79:eb:ef:eb:60:0e:64:4a:1d:05:2c:3c:
75:ed:04:84:a7:f7:0d:33:71:1c:71:79:d8:01:30:
ee:94:10:8a:ab:9a:6c:62:14:8b:08:8f:ea:84:b5:
86:76:76:33:8f:07:66:4c:42:63:fc:5b:4e:28:43:
76:0c:32:ac:0e:62:46:0f:0b:94:67:71:db:4f:7f:
1c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:76:20:20:EE:EA:0B:4D:1D:04:FE:CA:FC:D2:BE:E6:FE:9C:29:96
X509v3 Authority Key Identifier:
keyid:11:29:40:DF:56:53:2B:5D:9A:59:78:69:AC:A9:31:E7:83:E8:AC:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D477A/C828943273E811EA88F0227FC4F9AE02/ESlA31ZTK12aWXhprKkx54PorL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ESlA31ZTK12aWXhprKkx54PorL8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D477A/C828943273E811EA88F0227FC4F9AE02/C2C28FF673E911EA8DF36980C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.240.0/22
103.120.120.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:57:77:53:42:07:5f:56:ea:1a:a2:7e:98:3d:02:fc:c7:d0:
59:6c:55:f9:ec:4a:a9:62:4e:88:26:1f:bd:21:52:4d:e1:69:
a2:e9:74:f1:90:8c:69:2b:c8:96:f6:20:ea:18:41:d1:46:41:
2e:d4:07:e3:ee:41:ff:64:8b:b4:fe:c0:71:a0:9a:d4:c8:31:
0c:d7:f4:2e:d8:39:18:11:2b:9f:4f:b5:48:38:51:78:af:d4:
b7:90:3f:16:e7:57:08:a9:b8:9f:aa:bc:3c:03:e4:d2:eb:f7:
63:14:51:e1:41:c7:f7:38:80:a4:6f:84:44:bc:62:06:8f:fd:
83:e8:a1:c8:34:c8:09:02:9f:25:11:f4:e5:38:f5:5e:19:42:
ed:0f:fb:63:55:64:bc:57:fc:03:5a:c2:80:06:22:6c:e8:11:
15:84:01:1a:ff:7a:e8:27:43:ac:d7:7c:7f:29:b1:1b:aa:50:
ad:6b:e8:b6:f3:9e:a3:1d:ed:00:60:e2:5a:42:9f:2b:29:c9:
6b:b9:75:55:1f:aa:98:11:bc:0e:f4:69:9e:e7:a9:94:4d:a6:
91:bd:af:ec:49:a4:9d:f0:4b:cf:3a:d3:a8:ef:fb:23:c8:b5:
7c:ba:5e:b8:3c:28:8e:6d:72:9c:cb:e3:9c:b7:37:8e:12:34:
8c:c8:27:bc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ3N0ExMTAvBgNVBAUTKDExMjk0MERGNTY1MzJCNUQ5QTU5Nzg2OUFDQTkzMUU3
ODNFOEFDQkYwHhcNMjMwODMwMDE0NTUwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVlOWY0ZS0zNTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArObZIV70pGEPVLdNO5vNBRAft2TT38umWbJz547Mew6ouHqbYJLishjdRcZi
T5Prp+OJY4abXvLHL+9D4c0KPVv/yPqCDigpbAHBsHYuUX+xo/IQ8gcqSO1gJW5O
1R6VwqiXCBnKoSw9YcG5utgVqECoorkHbQCIGkQu9TKRjdgUPbBFNhhWEJfSCjji
uIwdRvY26jqNUpq6Gzc5SnfqcC7Kp5mbij+ahWLjOO0ylS20UCtEEhR56+/rYA5k
Sh0FLDx17QSEp/cNM3EccXnYATDulBCKq5psYhSLCI/qhLWGdnYzjwdmTEJj/FtO
KEN2DDKsDmJGDwuUZ3HbT38cKwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMN2ICDu
6gtNHQT+yvzSvub+nCmWMB8GA1UdIwQYMBaAFBEpQN9WUytdmll4aaypMeeD6Ky/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDc3QS9DODI4OTQzMjcz
RTgxMUVBODhGMDIyN0ZDNEY5QUUwMi9FU2xBMzFaVEsxMmFXWGhwcktreDU0UG9y
TDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VTbEEzMVpUSzEyYVdYaHByS2t4NTRQb3JMOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ3N0EvQzgyODk0MzI3M0U4MTFFQTg4RjAyMjdGQzRGOUFFMDIvQzJDMjhGRjY3
M0U5MTFFQThERjM2OTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJncPADBAJneHgwDQYJKoZIhvcNAQELBQADggEBAD5Xd1NC
B19W6hqifpg9AvzH0FlsVfnsSqliTogmH70hUk3haaLpdPGQjGkryJb2IOoYQdFG
QS7UB+PuQf9ki7T+wHGgmtTIMQzX9C7YORgRK59PtUg4UXiv1LeQPxbnVwipuJ+q
vDwD5NLr92MUUeFBx/c4gKRvhES8YgaP/YPoocg0yAkCnyUR9OU49V4ZQu0P+2NV
ZLxX/ANawoAGImzoERWEARr/eugnQ6zXfH8psRuqUK1r6LbznqMd7QBg4lpCnysp
yWu5dVUfqpgRvA70aZ7nqZRNppG9r+xJpJ3wS88606jv+yPItXy6Xrg8KI5tcpzL
45y3N44SNIzIJ7w=
-----END CERTIFICATE-----
Generated at Wed Aug 30 03:15:02 2023 by rpki-client on console-ams.rpki-client.org