Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8B3F6A06557011EE924F6680C4F9AE02.roa
File: 8B3F6A06557011EE924F6680C4F9AE02.roa (raw, json)
Hash identifier: hdjbUappCwylvkM8qtgb0b1UOWW/FFGoijozU1roxdo=
Subject key identifier: 42:B5:C9:AD:7F:CC:9C:76:0F:A4:EC:07:50:FE:EB:D7:10:73:FE:28
Certificate issuer: /CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Certificate serial: 2132
Authority key identifier: BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8B3F6A06557011EE924F6680C4F9AE02.roa
Signing time: Sat 07 Oct 2023 14:57:41 +0000
ROA not before: Sat 07 Oct 2023 14:57:41 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 133334
IP address blocks: 45.124.56.0/22 maxlen: 24
103.61.220.0/22 maxlen: 22
103.61.220.0/24 maxlen: 24
103.61.221.0/24 maxlen: 24
103.61.222.0/24 maxlen: 24
103.61.223.0/24 maxlen: 24
103.200.32.0/22 maxlen: 22
103.200.32.0/24 maxlen: 24
103.200.33.0/24 maxlen: 24
103.200.34.0/24 maxlen: 24
103.200.35.0/24 maxlen: 24
103.203.52.0/22 maxlen: 22
103.203.52.0/24 maxlen: 24
103.203.53.0/24 maxlen: 24
103.203.54.0/24 maxlen: 24
103.203.55.0/24 maxlen: 24
103.225.136.0/22 maxlen: 24
2401:b80::/32 maxlen: 32
2401:b80:1000::/36 maxlen: 36
2401:b80:2000::/36 maxlen: 36
2401:b80:3000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8498 (0x2132)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Validity
Not Before: Oct 7 14:57:41 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=652171e4-c50e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dc:2a:2a:f4:44:bd:1d:c8:9b:c3:33:2d:dc:
25:53:6d:61:fd:0a:2c:a9:32:c7:9d:33:92:12:ad:
69:ca:81:2a:11:7a:94:86:59:a7:66:65:7d:9e:bd:
31:84:97:0b:54:3f:ca:a6:76:2e:9d:fd:17:59:8c:
4b:dd:74:9b:ce:ad:17:c3:55:a8:bc:08:60:e0:50:
dd:ec:59:9a:fa:96:21:b0:c6:ee:29:d0:b5:22:ed:
34:1b:8f:39:d2:58:57:f4:09:e3:44:bf:be:14:64:
ec:f6:c0:2f:01:15:66:25:db:dc:b7:c4:05:8b:0d:
86:30:02:7e:b3:d9:62:97:86:62:1d:37:f2:fe:1d:
85:07:58:5d:70:ca:84:15:c0:f1:65:b6:3d:ca:47:
e2:f0:a8:f2:ab:26:bc:54:08:b6:d1:63:14:0a:27:
9b:91:d3:ed:15:46:54:ff:7f:02:bc:04:10:d9:d1:
aa:40:8f:8c:ba:11:36:c5:53:3c:d9:8a:c7:7a:10:
55:50:87:ce:19:0a:aa:93:bd:53:aa:4c:92:c3:1b:
5b:5f:ba:1b:08:6d:9f:6e:51:26:e1:35:6b:16:9d:
39:93:fb:21:c2:c6:c7:36:02:29:3a:e4:90:8e:61:
47:ed:8f:19:f2:56:06:7d:99:e5:7a:a3:ed:bd:14:
45:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B5:C9:AD:7F:CC:9C:76:0F:A4:EC:07:50:FE:EB:D7:10:73:FE:28
X509v3 Authority Key Identifier:
keyid:BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8B3F6A06557011EE924F6680C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.56.0/22
103.61.220.0/22
103.200.32.0/22
103.203.52.0/22
103.225.136.0/22
IPv6:
2401:b80::/32
Signature Algorithm: sha256WithRSAEncryption
a4:cb:21:87:f7:7b:f8:df:7a:c0:f8:f1:14:e4:37:c3:8e:ca:
1b:29:29:3f:97:d9:eb:03:80:13:b8:fc:6c:c3:f4:bb:8f:32:
45:1b:71:d6:06:dd:56:8e:1f:fb:b6:d0:b4:2f:7c:c2:0d:f1:
91:e5:85:a8:85:34:cd:b7:b2:0f:8f:98:0c:23:52:7b:ab:67:
a1:cc:b5:56:5a:3d:4d:bc:14:9c:90:44:af:64:85:05:d5:ba:
69:72:c3:6d:da:c5:8d:ab:72:8a:3d:d2:cf:d5:d5:d5:cc:bb:
1e:07:c4:67:f7:50:6f:b0:6f:6c:52:54:bd:95:8a:3f:80:bf:
fa:96:66:7e:fb:7c:52:95:23:7b:ba:fb:9d:ea:c6:c2:5e:1e:
f8:e8:5a:fe:c5:ab:03:f9:58:57:b6:8a:9b:19:ce:8a:e3:d5:
9b:1d:0c:38:ad:8d:de:18:3d:a6:8d:54:bd:e2:06:a3:90:df:
87:cc:c9:10:88:e9:e6:64:70:69:c3:82:92:72:b8:7f:cd:c1:
b6:48:11:27:42:d4:13:a4:c1:68:f3:89:29:fb:39:e4:3f:c2:
ae:8d:94:f4:1c:8e:36:9c:00:a1:ff:cc:e7:dd:f9:49:b8:90:
49:00:a4:c9:4c:7d:c6:ee:68:9c:0c:d1:62:96:61:32:fe:d2:
f5:56:43:7e
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICITIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURFMEExMTAvBgNVBAUTKEJFNDg4QjRFNjBBQzZBNzNBNjU2RUZEQkM1RkE2N0Ex
QThERTgxMkEwHhcNMjMxMDA3MTQ1NzQxWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTIxNzFlNC1jNTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAudwqKvREvR3Im8MzLdwlU21h/QosqTLHnTOSEq1pyoEqEXqUhlmnZmV9nr0x
hJcLVD/KpnYunf0XWYxL3XSbzq0Xw1WovAhg4FDd7Fma+pYhsMbuKdC1Iu00G485
0lhX9AnjRL++FGTs9sAvARVmJdvct8QFiw2GMAJ+s9lil4ZiHTfy/h2FB1hdcMqE
FcDxZbY9ykfi8Kjyqya8VAi20WMUCiebkdPtFUZU/38CvAQQ2dGqQI+MuhE2xVM8
2YrHehBVUIfOGQqqk71TqkySwxtbX7obCG2fblEm4TVrFp05k/shwsbHNgIpOuSQ
jmFH7Y8Z8lYGfZnleqPtvRRFEwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFEK1ya1/
zJx2D6TsB1D+69cQc/4oMB8GA1UdIwQYMBaAFL5Ii05grGpzplbv28X6Z6Go3oEq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREUwQS8zMEQ4MDEyNkMx
MTMxMUU1QjAxQTcyNjlDNEY5QUUwMi92a2lMVG1Dc2FuT21WdV9ieGZwbm9hamVn
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZraUxUbUNzYW5PbVZ1X2J4ZnBub2FqZWdTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURFMEEvMzBEODAxMjZDMTEzMTFFNUIwMUE3MjY5QzRGOUFFMDIvOEIzRjZBMDY1
NTcwMTFFRTkyNEY2NjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAItfDgDBAJnPdwDBAJnyCADBAJnyzQDBAJn4YgwDQQCAAIw
BwMFACQBC4AwDQYJKoZIhvcNAQELBQADggEBAKTLIYf3e/jfesD48RTkN8OOyhsp
KT+X2esDgBO4/GzD9LuPMkUbcdYG3VaOH/u20LQvfMIN8ZHlhaiFNM23sg+PmAwj
UnurZ6HMtVZaPU28FJyQRK9khQXVumlyw23axY2rcoo90s/V1dXMux4HxGf3UG+w
b2xSVL2Vij+Av/qWZn77fFKVI3u6+53qxsJeHvjoWv7FqwP5WFe2ipsZzorj1Zsd
DDitjd4YPaaNVL3iBqOQ34fMyRCI6eZkcGnDgpJyuH/NwbZIESdC1BOkwWjziSn7
OeQ/wq6NlPQcjjacAKH/zOfd+Um4kEkApMlMfcbuaJwM0WKWYTL+0vVWQ34=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:36:09 2023 by rpki-client on console.sobornost.net