Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/E44A49B2BA8E11EE91E3AF15C4F9AE02.roa
File: E44A49B2BA8E11EE91E3AF15C4F9AE02.roa (raw, json)
Hash identifier: vF1GzfdmjQxipqsUCO8GDuPEmB0djCCu9GCtBkXVgxg=
Subject key identifier: 84:F5:86:CF:A8:6D:24:F1:BC:9C:D8:61:10:2F:A5:29:03:22:C4:5F
Certificate issuer: /CN=A911112F/serialNumber=1E57B43F044D4ABA8222A409786614280AA739A1
Certificate serial: 02
Authority key identifier: 1E:57:B4:3F:04:4D:4A:BA:82:22:A4:09:78:66:14:28:0A:A7:39:A1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hle0PwRNSrqCIqQJeGYUKAqnOaE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/E44A49B2BA8E11EE91E3AF15C4F9AE02.roa
Signing time: Wed 24 Jan 2024 08:02:17 +0000
ROA not before: Wed 24 Jan 2024 08:02:17 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 142297
IP address blocks: 103.167.186.0/24 maxlen: 24
2001:df6:bb80::/64 maxlen: 64
Validation: Failed, certificate revoked on Fri 29 Mar 2024 10:40:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911112F/serialNumber=1E57B43F044D4ABA8222A409786614280AA739A1
Validity
Not Before: Jan 24 08:02:17 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65b0c409-c954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5a:fe:ea:8e:b8:9e:ad:f1:8b:6c:de:0f:80:
5c:56:c9:83:4e:86:15:99:ba:b5:4a:5c:f6:5c:b0:
b0:00:15:98:48:6b:d1:de:79:c8:0c:a8:85:08:9d:
48:39:cd:32:b0:63:8d:44:f8:53:67:3f:b7:51:d3:
44:3e:9e:cb:ef:5c:c7:34:50:a5:d8:a9:a7:7c:f2:
3d:e2:9d:ae:1c:23:9b:5b:50:85:e2:d5:0b:5e:d3:
cb:10:d0:5f:69:17:0f:e5:2e:a4:e4:4d:9d:46:f8:
76:47:6a:79:84:68:bd:39:64:96:d9:3a:63:96:74:
24:3d:30:fc:47:c0:6b:31:a4:e8:5c:d5:fb:28:5a:
c5:70:b3:ea:a3:e0:fd:4d:96:f4:a3:40:30:1d:1d:
97:ce:42:cd:d2:4d:c3:e6:df:b2:fc:46:dd:d5:9d:
96:a2:a2:17:4b:94:20:68:c4:6e:8d:e2:a8:2e:4e:
07:21:af:5a:6f:93:8e:dd:4e:65:15:24:d5:7c:41:
f1:c4:d9:1f:25:cc:6c:e8:76:a7:42:ad:c1:f7:98:
a9:aa:bc:cd:88:f5:c3:09:e2:61:5e:a4:78:34:e2:
da:62:fe:c3:32:09:9e:26:25:3c:19:35:f2:04:94:
a9:db:60:53:ba:2e:11:db:f3:c9:6e:c6:ea:f1:1b:
f6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F5:86:CF:A8:6D:24:F1:BC:9C:D8:61:10:2F:A5:29:03:22:C4:5F
X509v3 Authority Key Identifier:
keyid:1E:57:B4:3F:04:4D:4A:BA:82:22:A4:09:78:66:14:28:0A:A7:39:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/Hle0PwRNSrqCIqQJeGYUKAqnOaE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hle0PwRNSrqCIqQJeGYUKAqnOaE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/E44A49B2BA8E11EE91E3AF15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.186.0/24
IPv6:
2001:df6:bb80::/64
Signature Algorithm: sha256WithRSAEncryption
a6:ce:4c:46:bc:2c:2e:85:ee:e9:b2:ff:91:b2:87:e0:15:6c:
78:0e:60:ff:83:3d:fc:d7:64:56:37:d0:17:72:53:26:8e:8b:
03:b8:79:65:40:23:08:ef:9e:8c:8c:db:73:8f:8c:7e:e4:81:
7f:29:11:e5:b1:1d:ae:5e:e1:4c:6a:a7:68:f0:2a:cc:e7:cc:
c4:a6:c4:03:2d:4c:4f:1c:7c:70:0c:02:50:87:59:50:7b:85:
20:a1:08:cf:e7:7e:d8:02:88:bd:69:af:0b:87:cb:4b:7e:7b:
9d:26:6c:73:4e:dc:22:e1:84:65:71:36:47:ac:83:1a:e1:ab:
7a:84:af:1d:22:8e:69:4d:ad:48:fd:fb:50:6f:74:d2:7f:d6:
cc:cd:21:5d:8d:fd:ed:89:00:fc:78:b6:9c:9d:ee:47:66:69:
0d:fd:bd:6c:12:8f:95:74:0e:b5:9f:c9:72:ae:71:be:f1:d1:
91:bb:86:8c:16:e3:38:e8:c1:2f:15:3d:34:c9:f7:9d:17:97:
0c:96:43:89:57:2f:76:05:5e:2b:2c:1e:7e:0b:2b:82:8f:80:
1c:97:ec:0c:1b:8a:01:63:2d:9a:fa:b2:df:0c:35:83:a9:dd:
6a:f1:dd:ee:13:bc:ab:e9:ea:b3:52:50:83:b5:46:74:d4:68:
b9:a6:d1:dc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MTEyRjExMC8GA1UEBRMoMUU1N0I0M0YwNDRENEFCQTgyMjJBNDA5Nzg2NjE0Mjgw
QUE3MzlBMTAeFw0yNDAxMjQwODAyMTdaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YjBjNDA5LWM5NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuWv7qjrierfGLbN4PgFxWyYNOhhWZurVKXPZcsLAAFZhIa9HeecgMqIUInUg5
zTKwY41E+FNnP7dR00Q+nsvvXMc0UKXYqad88j3ina4cI5tbUIXi1Qte08sQ0F9p
Fw/lLqTkTZ1G+HZHanmEaL05ZJbZOmOWdCQ9MPxHwGsxpOhc1fsoWsVws+qj4P1N
lvSjQDAdHZfOQs3STcPm37L8Rt3VnZaiohdLlCBoxG6N4qguTgchr1pvk47dTmUV
JNV8QfHE2R8lzGzodqdCrcH3mKmqvM2I9cMJ4mFepHg04tpi/sMyCZ4mJTwZNfIE
lKnbYFO6LhHb88luxurxG/ZTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhPWGz6ht
JPG8nNhhEC+lKQMixF8wHwYDVR0jBBgwFoAUHle0PwRNSrqCIqQJeGYUKAqnOaEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTExMTJGLzk2NERDNjlBQkE4
RDExRUU4MjhBODk0NkM0RjlBRTAyL0hsZTBQd1JOU3JxQ0lxUUplR1lVS0Fxbk9h
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSGxlMFB3Uk5TcnFDSXFRSmVHWVVLQXFuT2FFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MTEyRi85NjREQzY5QUJBOEQxMUVFODI4QTg5NDZDNEY5QUUwMi9FNDRBNDlCMkJB
OEUxMUVFOTFFM0FGMTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAyBggrBgEFBQcBBwEB/wQj
MCEwDAQCAAEwBgMEAGenujARBAIAAjALAwkAIAEN9ruAAAAwDQYJKoZIhvcNAQEL
BQADggEBAKbOTEa8LC6F7umy/5Gyh+AVbHgOYP+DPfzXZFY30BdyUyaOiwO4eWVA
IwjvnoyM23OPjH7kgX8pEeWxHa5e4Uxqp2jwKsznzMSmxAMtTE8cfHAMAlCHWVB7
hSChCM/nftgCiL1prwuHy0t+e50mbHNO3CLhhGVxNkesgxrhq3qErx0ijmlNrUj9
+1BvdNJ/1szNIV2N/e2JAPx4tpyd7kdmaQ39vWwSj5V0DrWfyXKucb7x0ZG7howW
4zjowS8VPTTJ950XlwyWQ4lXL3YFXissHn4LK4KPgByX7AwbigFjLZr6st8MNYOp
3Wrx3e4TvKvp6rNSUIO1RnTUaLmm0dw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:54 2024 by rpki-client on console-fra.rpki-client.org