Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DE88/4BFCA142C3EE11ED922A1154C4F9AE02/3E2BEF42694B11EFABF9221EC4F9AE02.roa
File: 3E2BEF42694B11EFABF9221EC4F9AE02.roa (raw, json)
Hash identifier: ViLTP376h0LT8HpfAe3+eP2VHK/4zEQ+gEDPJU3DZXc=
Subject key identifier: E5:94:1C:7B:8C:A7:37:3E:91:F7:31:53:F9:D0:7F:9D:A8:56:5F:B2
Certificate issuer: /CN=A911DE88/serialNumber=BE3F8BDF81B66B4ED2E1C74EB5D5FB01B5F77641
Certificate serial: 0131
Authority key identifier: BE:3F:8B:DF:81:B6:6B:4E:D2:E1:C7:4E:B5:D5:FB:01:B5:F7:76:41
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vj-L34G2a07S4cdOtdX7AbX3dkE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DE88/4BFCA142C3EE11ED922A1154C4F9AE02/3E2BEF42694B11EFABF9221EC4F9AE02.roa
Signing time: Mon 02 Sep 2024 16:48:56 +0000
ROA not before: Mon 02 Sep 2024 16:48:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152177
IP address blocks: 103.112.42.0/23 maxlen: 23
103.112.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 08:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 305 (0x131)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DE88/serialNumber=BE3F8BDF81B66B4ED2E1C74EB5D5FB01B5F77641
Validity
Not Before: Sep 2 16:48:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66d5ec78-c1a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5a:c6:50:02:86:b7:16:95:1f:d8:ca:d2:c3:
f8:0c:d6:65:ae:20:6f:e0:18:89:5e:fc:6d:72:88:
ed:c2:50:15:e9:fb:82:9d:16:c6:6e:70:4d:47:59:
92:41:8e:f4:af:c9:ba:82:f6:96:6d:5b:b5:f8:22:
ff:be:dc:ce:04:62:5b:68:85:4e:a1:ea:4a:e6:84:
0f:55:17:b0:33:2e:4d:92:8b:8c:9e:a8:48:77:05:
a9:28:f2:35:5a:01:28:1c:0b:4d:2c:a2:a7:96:b3:
b9:8a:60:a6:3e:e1:40:24:44:c1:57:ca:2f:01:a1:
28:0a:14:46:23:cd:93:7e:e3:14:22:63:79:3d:18:
80:1e:7f:85:88:65:b6:3e:57:e1:fb:73:bf:13:ee:
f9:9f:4f:22:f4:ad:15:85:03:e4:5a:6d:ea:41:b4:
ae:29:86:2e:2b:25:a2:a7:8e:ed:04:27:d3:de:13:
79:ac:a3:6a:1f:05:79:0b:1d:a2:92:c5:42:5a:c8:
02:53:48:a6:2c:94:fc:a4:4b:94:29:cb:08:c6:8e:
6f:55:42:ab:d0:9f:24:83:6b:43:00:1b:c1:85:98:
be:ac:4b:e8:00:20:7a:d1:1c:f2:d4:6c:1a:f8:92:
8e:23:0e:6c:fe:04:af:1a:66:e5:5d:00:5c:23:6c:
bf:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:94:1C:7B:8C:A7:37:3E:91:F7:31:53:F9:D0:7F:9D:A8:56:5F:B2
X509v3 Authority Key Identifier:
keyid:BE:3F:8B:DF:81:B6:6B:4E:D2:E1:C7:4E:B5:D5:FB:01:B5:F7:76:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DE88/4BFCA142C3EE11ED922A1154C4F9AE02/vj-L34G2a07S4cdOtdX7AbX3dkE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vj-L34G2a07S4cdOtdX7AbX3dkE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DE88/4BFCA142C3EE11ED922A1154C4F9AE02/3E2BEF42694B11EFABF9221EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.42.0/23
Signature Algorithm: sha256WithRSAEncryption
83:63:fe:6d:1e:84:6d:53:60:8d:f7:c2:df:f4:91:60:5a:1c:
2d:4e:f9:35:1a:16:9a:90:b9:1b:d4:d8:ab:bd:e2:70:e7:e6:
e6:1e:16:ac:72:31:82:b8:2c:d0:04:86:5d:bf:e4:c4:bb:c2:
a6:6a:13:44:1a:c0:f2:4b:bf:9d:07:b4:ac:78:70:d3:84:f7:
2e:ed:fb:83:3b:ff:c7:4a:06:50:e4:87:1d:e8:a7:4a:4c:ed:
42:27:f6:8e:19:57:0d:6c:1d:4b:78:41:61:8a:93:a0:4b:ec:
be:34:d5:c3:ab:a3:42:12:3e:41:63:35:5c:96:47:7c:8d:11:
78:45:c8:d7:9c:cd:50:e6:a1:3b:ee:bb:94:7d:54:c0:6b:c7:
3b:1a:bf:8b:7b:e0:6e:a1:c9:21:44:43:0a:1c:0c:d5:16:c4:
69:5a:73:41:ef:4f:27:3a:f4:be:9c:f5:a6:04:1c:e2:c0:d4:
7d:a8:0f:f0:0d:93:97:b8:93:06:fc:11:de:0f:9b:eb:9e:80:
1b:60:39:ee:13:04:1d:14:a6:05:1e:a0:c0:94:2c:69:d7:e8:
63:9a:ca:4d:60:55:19:a5:8c:e0:63:7d:99:b5:e9:68:63:16:
5f:fd:09:01:52:49:da:cf:3d:cf:30:7a:13:57:27:a3:f2:a1:
06:9a:fa:33
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MURFODgxMTAvBgNVBAUTKEJFM0Y4QkRGODFCNjZCNEVEMkUxQzc0RUI1RDVGQjAx
QjVGNzc2NDEwHhcNMjQwOTAyMTY0ODU2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1ZWM3OC1jMWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA11rGUAKGtxaVH9jK0sP4DNZlriBv4BiJXvxtcojtwlAV6fuCnRbGbnBNR1mS
QY70r8m6gvaWbVu1+CL/vtzOBGJbaIVOoepK5oQPVRewMy5NkouMnqhIdwWpKPI1
WgEoHAtNLKKnlrO5imCmPuFAJETBV8ovAaEoChRGI82TfuMUImN5PRiAHn+FiGW2
Plfh+3O/E+75n08i9K0VhQPkWm3qQbSuKYYuKyWip47tBCfT3hN5rKNqHwV5Cx2i
ksVCWsgCU0imLJT8pEuUKcsIxo5vVUKr0J8kg2tDABvBhZi+rEvoACB60Rzy1Gwa
+JKOIw5s/gSvGmblXQBcI2y/8wIDAQABo4IClTCCApEwHQYDVR0OBBYEFOWUHHuM
pzc+kfcxU/nQf52oVl+yMB8GA1UdIwQYMBaAFL4/i9+BtmtO0uHHTrXV+wG193ZB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExREU4OC80QkZDQTE0MkMz
RUUxMUVEOTIyQTExNTRDNEY5QUUwMi92ai1MMzRHMmEwN1M0Y2RPdGRYN0FiWDNk
a0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZqLUwzNEcyYTA3UzRjZE90ZFg3QWJYM2RrRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MURFODgvNEJGQ0ExNDJDM0VFMTFFRDkyMkExMTU0QzRGOUFFMDIvM0UyQkVGNDI2
OTRCMTFFRkFCRjkyMjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFncCowDQYJKoZIhvcNAQELBQADggEBAINj/m0ehG1TYI33
wt/0kWBaHC1O+TUaFpqQuRvU2Ku94nDn5uYeFqxyMYK4LNAEhl2/5MS7wqZqE0Qa
wPJLv50HtKx4cNOE9y7t+4M7/8dKBlDkhx3op0pM7UIn9o4ZVw1sHUt4QWGKk6BL
7L401cOro0ISPkFjNVyWR3yNEXhFyNeczVDmoTvuu5R9VMBrxzsav4t74G6hySFE
QwocDNUWxGlac0HvTyc69L6c9aYEHOLA1H2oD/ANk5e4kwb8Ed4Pm+uegBtgOe4T
BB0UpgUeoMCULGnX6GOayk1gVRmljOBjfZm16WhjFl/9CQFSSdrPPc8wehNXJ6Py
oQaa+jM=
-----END CERTIFICATE-----
Generated at Wed Sep 25 10:31:31 2024 by rpki-client on console-ams.rpki-client.org