Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/36D4C6987E7211EE8B5F665CC4F9AE02.roa
File: 36D4C6987E7211EE8B5F665CC4F9AE02.roa (raw, json)
Hash identifier: tay4wsZ2j/j1NS2VycUH25542lNUcQUfpCSUUFIBb+w=
Subject key identifier: FB:90:22:2D:F6:F6:BE:8A:A0:B7:4A:52:40:7F:75:7E:5F:17:41:2E
Certificate issuer: /CN=A911AB17/serialNumber=42F2791EEAC1FC7D7EC10B69F25E9EE95DAB34E1
Certificate serial: 12
Authority key identifier: 42:F2:79:1E:EA:C1:FC:7D:7E:C1:0B:69:F2:5E:9E:E9:5D:AB:34:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QvJ5HurB_H1-wQtp8l6e6V2rNOE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/36D4C6987E7211EE8B5F665CC4F9AE02.roa
Signing time: Wed 08 Nov 2023 20:05:50 +0000
ROA not before: Wed 08 Nov 2023 20:05:50 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 139008
IP address blocks: 103.218.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 09:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AB17/serialNumber=42F2791EEAC1FC7D7EC10B69F25E9EE95DAB34E1
Validity
Not Before: Nov 8 20:05:50 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=654bea1e-2cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:fc:66:af:81:e5:43:b2:7a:fe:54:47:45:c1:
9c:e9:30:d3:ea:ac:95:ab:a7:6b:c5:bb:44:91:e6:
e7:b0:80:7c:b5:db:4c:63:20:be:40:3b:50:3e:5d:
cf:92:e1:37:5e:74:3c:9e:2f:94:6f:95:f9:3b:03:
f1:8b:5f:55:46:c9:1c:db:9a:3c:84:87:5f:0b:a5:
88:48:1f:d0:b7:05:da:b1:c1:57:b2:fa:75:fc:dd:
54:47:cf:67:81:49:a6:05:97:97:75:93:28:f1:6e:
cf:6d:0e:2b:71:61:5f:34:af:e3:96:f0:f0:8f:24:
70:49:b2:ef:50:72:26:54:c3:2b:52:37:ac:60:a9:
61:17:c5:79:e7:7d:be:37:69:48:0c:ba:c7:b2:0f:
f9:13:40:a3:d7:fa:6e:bd:8a:e8:6a:0f:ce:63:80:
92:eb:f2:18:13:1c:fa:26:f4:a7:e3:14:67:91:4c:
56:e4:99:45:07:a3:6a:8c:6a:df:9b:46:ba:3c:9d:
9a:50:1b:eb:83:2e:14:fe:f4:6f:1f:c6:41:dd:49:
49:36:82:c1:0b:e4:94:77:37:ae:a2:10:a4:cd:c8:
e8:1d:29:03:94:e5:48:6e:b6:2b:ed:d9:80:54:91:
23:e3:5e:0f:e4:57:82:cf:06:e9:a6:2e:1e:31:7b:
f8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:90:22:2D:F6:F6:BE:8A:A0:B7:4A:52:40:7F:75:7E:5F:17:41:2E
X509v3 Authority Key Identifier:
keyid:42:F2:79:1E:EA:C1:FC:7D:7E:C1:0B:69:F2:5E:9E:E9:5D:AB:34:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/QvJ5HurB_H1-wQtp8l6e6V2rNOE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QvJ5HurB_H1-wQtp8l6e6V2rNOE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/36D4C6987E7211EE8B5F665CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.226.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:93:f4:8f:43:c3:3c:62:57:48:e5:84:af:9d:f3:17:11:08:
2a:8f:04:5f:79:58:45:47:04:3d:8e:59:6a:43:37:70:1a:03:
6a:cc:28:64:56:fe:79:20:e1:34:3b:e8:04:c5:5a:ec:29:bd:
eb:ae:d9:b4:89:d5:8b:f1:19:1b:37:64:33:8f:e8:c0:5a:1b:
60:60:b2:d5:f9:74:d1:b5:00:63:45:30:43:ed:a7:76:8a:70:
f9:72:fe:43:53:44:ee:f9:d5:0f:8b:83:75:f7:83:73:9a:48:
1d:81:90:72:0b:dc:a8:90:3f:fc:11:85:0a:a2:fc:98:7b:27:
7b:dc:6d:91:a7:e6:5f:24:cb:86:36:92:70:cf:32:e2:67:d5:
03:fb:5c:fe:18:a1:7e:f0:aa:9f:3a:bc:79:1d:12:e9:de:e8:
13:7d:32:30:09:f5:e7:1b:e8:fd:3c:fb:e7:20:31:63:2f:82:
03:4c:08:18:66:bd:df:11:3e:b5:c6:01:e3:bc:8d:50:9d:75:
96:7f:e2:1f:2f:58:8c:e0:4b:ce:9a:fa:b9:a8:3c:66:2a:57:
7b:d8:d3:92:19:d2:08:3b:ba:6d:5e:44:5c:bb:c7:97:a7:82:
89:c1:28:81:6b:4b:14:46:8e:c2:21:32:e6:76:95:e1:33:f4:
e9:15:be:1d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QUIxNzExMC8GA1UEBRMoNDJGMjc5MUVFQUMxRkM3RDdFQzEwQjY5RjI1RTlFRTk1
REFCMzRFMTAeFw0yMzExMDgyMDA1NTBaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NGJlYTFlLTJjZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZ/GavgeVDsnr+VEdFwZzpMNPqrJWrp2vFu0SR5uewgHy120xjIL5AO1A+Xc+S
4TdedDyeL5Rvlfk7A/GLX1VGyRzbmjyEh18LpYhIH9C3BdqxwVey+nX83VRHz2eB
SaYFl5d1kyjxbs9tDitxYV80r+OW8PCPJHBJsu9QciZUwytSN6xgqWEXxXnnfb43
aUgMuseyD/kTQKPX+m69iuhqD85jgJLr8hgTHPom9KfjFGeRTFbkmUUHo2qMat+b
Rro8nZpQG+uDLhT+9G8fxkHdSUk2gsEL5JR3N66iEKTNyOgdKQOU5Uhutivt2YBU
kSPjXg/kV4LPBummLh4xe/j3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+5AiLfb2
voqgt0pSQH91fl8XQS4wHwYDVR0jBBgwFoAUQvJ5HurB/H1+wQtp8l6e6V2rNOEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBQjE3LzU5NjZERDI2NzJB
NzExRUVCMTBCRTg1MkM0RjlBRTAyL1F2SjVIdXJCX0gxLXdRdHA4bDZlNlYyck5P
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUXZKNUh1ckJfSDEtd1F0cDhsNmU2VjJyTk9FLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QUIxNy81OTY2REQyNjcyQTcxMUVFQjEwQkU4NTJDNEY5QUUwMi8zNkQ0QzY5ODdF
NzIxMUVFOEI1RjY2NUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfa4jANBgkqhkiG9w0BAQsFAAOCAQEADpP0j0PDPGJXSOWE
r53zFxEIKo8EX3lYRUcEPY5ZakM3cBoDaswoZFb+eSDhNDvoBMVa7Cm9667ZtInV
i/EZGzdkM4/owFobYGCy1fl00bUAY0UwQ+2ndopw+XL+Q1NE7vnVD4uDdfeDc5pI
HYGQcgvcqJA//BGFCqL8mHsne9xtkafmXyTLhjaScM8y4mfVA/tc/hihfvCqnzq8
eR0S6d7oE30yMAn15xvo/Tz75yAxYy+CA0wIGGa93xE+tcYB47yNUJ11ln/iHy9Y
jOBLzpr6uag8ZipXe9jTkhnSCDu6bV5EXLvHl6eCicEogWtLFEaOwiEy5naV4TP0
6RW+HQ==
-----END CERTIFICATE-----
Generated at Fri Mar 8 14:07:08 2024 by rpki-client on console-ams.rpki-client.org