Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91197BC/A8CAFBC2AA2811EA81B19681C4F9AE02/773F8D76DBA611EEB5B7FF0FC4F9AE02.roa
File: 773F8D76DBA611EEB5B7FF0FC4F9AE02.roa (raw, json)
Hash identifier: FBVEPDQmGAJ5ha06T/NLIrptzS+FxG7cku46/15BuVA=
Subject key identifier: 2E:05:94:B5:4E:D1:29:E1:FC:6C:1C:E6:B2:A5:E7:9A:DE:5F:1E:AC
Certificate issuer: /CN=A91197BC/serialNumber=DB6250657FEBC164EB821C7652ABE3A85FA9ACD4
Certificate serial: 0836
Authority key identifier: DB:62:50:65:7F:EB:C1:64:EB:82:1C:76:52:AB:E3:A8:5F:A9:AC:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/22JQZX_rwWTrghx2UqvjqF-prNQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91197BC/A8CAFBC2AA2811EA81B19681C4F9AE02/773F8D76DBA611EEB5B7FF0FC4F9AE02.roa
Signing time: Wed 06 Mar 2024 10:44:11 +0000
ROA not before: Wed 06 Mar 2024 10:44:11 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 38805
IP address blocks: 103.71.100.0/23 maxlen: 23
124.158.64.0/19 maxlen: 19
124.158.105.0/24 maxlen: 24
124.158.106.0/23 maxlen: 23
124.158.108.0/22 maxlen: 22
124.158.112.0/24 maxlen: 24
124.158.119.0/24 maxlen: 24
124.158.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 20 Mar 2024 03:42:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2102 (0x836)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91197BC/serialNumber=DB6250657FEBC164EB821C7652ABE3A85FA9ACD4
Validity
Not Before: Mar 6 10:44:11 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65e848fa-f8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ec:21:d1:b0:47:6a:89:58:6c:34:14:a4:1b:
5c:8f:bd:8a:3d:5a:76:fc:69:cb:4a:da:23:3f:33:
25:8f:65:27:be:c8:d6:21:91:73:20:4b:6d:2e:bb:
d4:33:a2:ed:7c:bb:a1:c6:8b:fb:d3:64:2d:6c:be:
2c:26:f0:d2:c7:5e:d7:57:ad:cc:ed:c0:15:fe:b5:
45:e7:db:1b:cf:e7:56:10:a9:b3:56:79:13:6f:71:
88:53:fe:d5:04:af:97:d9:89:65:f2:9f:a4:70:8a:
72:fa:98:92:64:96:5e:6a:28:ee:14:ad:25:b7:27:
33:73:f2:7d:a7:16:8d:d7:f9:d6:0a:09:95:67:9a:
de:5d:91:6a:00:e9:11:cc:e3:30:66:7b:a1:d1:0c:
8d:e4:4c:ba:b4:4c:1d:b3:29:51:83:66:d9:cb:6a:
70:fc:10:71:29:38:f7:51:61:3c:79:45:68:5b:77:
bf:17:8f:60:ee:59:ec:6e:18:eb:ca:e8:bc:6c:6c:
83:14:68:76:80:e9:86:80:ab:cf:a7:6a:cc:f3:dc:
5d:34:66:eb:91:31:07:ee:23:6f:86:76:a8:ef:ab:
7d:39:59:45:a8:13:01:d0:ce:ba:fe:a6:e1:17:e2:
ef:7e:5c:d2:1e:62:f3:81:87:bb:8a:92:eb:45:3c:
1c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:05:94:B5:4E:D1:29:E1:FC:6C:1C:E6:B2:A5:E7:9A:DE:5F:1E:AC
X509v3 Authority Key Identifier:
keyid:DB:62:50:65:7F:EB:C1:64:EB:82:1C:76:52:AB:E3:A8:5F:A9:AC:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91197BC/A8CAFBC2AA2811EA81B19681C4F9AE02/22JQZX_rwWTrghx2UqvjqF-prNQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/22JQZX_rwWTrghx2UqvjqF-prNQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91197BC/A8CAFBC2AA2811EA81B19681C4F9AE02/773F8D76DBA611EEB5B7FF0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.100.0/23
124.158.64.0/19
124.158.105.0-124.158.112.255
124.158.119.0-124.158.127.255
Signature Algorithm: sha256WithRSAEncryption
48:12:7b:54:dc:71:60:fc:dc:51:56:c9:e0:d2:83:35:01:b2:
a3:52:04:cd:b3:05:ad:2c:0a:f9:7f:e2:a3:be:69:f4:d1:be:
0d:87:3b:ef:cb:01:5d:f5:bc:28:cb:8d:f7:7d:98:05:37:07:
ad:ee:85:b5:8a:9a:29:26:d7:11:25:78:f0:88:f0:0b:72:c7:
55:ef:ad:bc:92:96:e6:bd:b1:97:fa:85:3a:dc:a5:1c:7f:5c:
42:82:d5:45:f0:56:6b:8f:05:fe:16:e4:9b:6b:45:75:44:6c:
2b:42:79:92:af:db:1a:69:e8:83:78:11:85:21:e8:6f:2f:4a:
03:54:d5:21:12:fd:e4:73:f7:da:67:4e:b5:7e:50:45:cf:cf:
dd:a9:5b:25:d2:0e:b3:ed:a8:90:6e:db:9d:84:a8:7c:6e:b2:
05:fb:bc:83:83:2b:58:76:41:fa:de:15:bc:16:52:6e:b5:ce:
52:4b:14:45:cc:fb:9b:fc:0f:51:16:46:bd:d4:a6:47:29:c5:
2b:27:8f:d6:44:43:ce:63:14:d0:d6:49:43:a2:3c:08:99:a2:
a8:be:d6:fd:db:0f:a3:82:f4:3b:7a:20:91:32:90:95:2e:22:
4d:0a:b1:8b:07:2c:5e:78:da:af:32:ed:85:fa:4e:1f:f6:af:
48:4e:53:e2
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICCDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTk3QkMxMTAvBgNVBAUTKERCNjI1MDY1N0ZFQkMxNjRFQjgyMUM3NjUyQUJFM0E4
NUZBOUFDRDQwHhcNMjQwMzA2MTA0NDExWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU4NDhmYS1mOGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvewh0bBHaolYbDQUpBtcj72KPVp2/GnLStojPzMlj2UnvsjWIZFzIEttLrvU
M6LtfLuhxov702QtbL4sJvDSx17XV63M7cAV/rVF59sbz+dWEKmzVnkTb3GIU/7V
BK+X2Yll8p+kcIpy+piSZJZeaijuFK0ltyczc/J9pxaN1/nWCgmVZ5reXZFqAOkR
zOMwZnuh0QyN5Ey6tEwdsylRg2bZy2pw/BBxKTj3UWE8eUVoW3e/F49g7lnsbhjr
yui8bGyDFGh2gOmGgKvPp2rM89xdNGbrkTEH7iNvhnao76t9OVlFqBMB0M66/qbh
F+LvflzSHmLzgYe7ipLrRTwcFwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFC4FlLVO
0Snh/Gwc5rKl55reXx6sMB8GA1UdIwQYMBaAFNtiUGV/68Fk64IcdlKr46hfqazU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTdCQy9BOENBRkJDMkFB
MjgxMUVBODFCMTk2ODFDNEY5QUUwMi8yMkpRWlhfcndXVHJnaHgyVXF2anFGLXBy
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzIySlFaWF9yd1dUcmdoeDJVcXZqcUYtcHJOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTk3QkMvQThDQUZCQzJBQTI4MTFFQTgxQjE5NjgxQzRGOUFFMDIvNzczRjhENzZE
QkE2MTFFRUI1QjdGRjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgDBAFnR2QDBAV8nkAwDAMEAHyeaQMEAHyecDAMAwQAfJ53AwQH
fJ4AMA0GCSqGSIb3DQEBCwUAA4IBAQBIEntU3HFg/NxRVsng0oM1AbKjUgTNswWt
LAr5f+Kjvmn00b4NhzvvywFd9bwoy433fZgFNwet7oW1ipopJtcRJXjwiPALcsdV
7628kpbmvbGX+oU63KUcf1xCgtVF8FZrjwX+FuSba0V1RGwrQnmSr9saaeiDeBGF
IehvL0oDVNUhEv3kc/faZ061flBFz8/dqVsl0g6z7aiQbtudhKh8brIF+7yDgytY
dkH63hW8FlJutc5SSxRFzPub/A9RFka91KZHKcUrJ4/WREPOYxTQ1klDojwImaKo
vtb92w+jgvQ7eiCRMpCVLiJNCrGLByxeeNqvMu2F+k4f9q9ITlPi
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org