Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912ECA4/485F336ADCED11EEBBBF402FC4F9AE02/133C102EDCF011EE9FDCDF16C4F9AE02.roa
File: 133C102EDCF011EE9FDCDF16C4F9AE02.roa (raw, json)
Hash identifier: a0pAvyk112yWMOVpDMh08GRlTOFZe1E0y3wXZGc7khE=
Subject key identifier: 1C:E7:50:4D:1E:DE:55:2F:46:EE:77:5A:89:E3:B1:FA:F2:0F:AC:B4
Certificate issuer: /CN=A912ECA4/serialNumber=8C1C14DC1674DBB68B494301587B3D2F98ED701B
Certificate serial: 02
Authority key identifier: 8C:1C:14:DC:16:74:DB:B6:8B:49:43:01:58:7B:3D:2F:98:ED:70:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jBwU3BZ027aLSUMBWHs9L5jtcBs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912ECA4/485F336ADCED11EEBBBF402FC4F9AE02/133C102EDCF011EE9FDCDF16C4F9AE02.roa
Signing time: Fri 08 Mar 2024 02:03:37 +0000
ROA not before: Fri 08 Mar 2024 02:03:37 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 63981
IP address blocks: 45.251.67.0/24 maxlen: 24
103.206.88.0/22 maxlen: 22
2401:3e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 15 Mar 2024 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912ECA4/serialNumber=8C1C14DC1674DBB68B494301587B3D2F98ED701B
Validity
Not Before: Mar 8 02:03:37 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65ea71f9-475d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:09:bb:82:a3:d2:6c:a3:2a:b9:8d:6d:0d:43:
a6:32:33:2d:b0:31:af:34:9e:90:50:1a:24:39:13:
fd:08:cd:19:c5:be:3e:e9:98:a1:67:d5:8a:3f:09:
9b:5b:c0:06:6b:a3:bc:f8:f5:4a:62:1e:af:1f:73:
a6:1c:2d:ac:07:5c:c6:e4:fa:f5:b7:7f:f5:cd:98:
52:e2:8a:15:3b:b0:df:8d:02:1c:43:5f:40:a2:12:
d6:6a:c6:9a:60:b6:ed:97:bc:69:84:15:d5:3f:96:
b8:a7:db:42:b4:e1:db:1d:35:63:7c:ad:99:5c:77:
13:86:18:13:42:56:62:62:e6:48:9f:46:d6:34:ea:
30:70:77:c3:d2:35:7b:09:56:df:18:2d:15:99:98:
6f:fa:89:97:9f:a4:57:bd:24:56:74:9a:87:18:be:
fe:e8:b7:c1:b1:71:35:92:37:a8:a8:07:85:39:76:
74:eb:2e:61:0f:82:5c:ec:35:33:43:7a:83:ed:b5:
ea:cb:08:6b:e1:bf:de:ab:d7:55:dc:56:a0:52:25:
10:c9:3a:fb:91:b9:50:8e:7f:d2:1e:9a:f0:12:f5:
14:07:1d:17:73:c5:3a:c2:bc:37:f7:52:59:45:2a:
2e:eb:c8:10:d7:75:a3:e7:e9:05:ba:45:f3:22:4e:
1f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:E7:50:4D:1E:DE:55:2F:46:EE:77:5A:89:E3:B1:FA:F2:0F:AC:B4
X509v3 Authority Key Identifier:
keyid:8C:1C:14:DC:16:74:DB:B6:8B:49:43:01:58:7B:3D:2F:98:ED:70:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912ECA4/485F336ADCED11EEBBBF402FC4F9AE02/jBwU3BZ027aLSUMBWHs9L5jtcBs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jBwU3BZ027aLSUMBWHs9L5jtcBs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912ECA4/485F336ADCED11EEBBBF402FC4F9AE02/133C102EDCF011EE9FDCDF16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.67.0/24
103.206.88.0/22
IPv6:
2401:3e0::/32
Signature Algorithm: sha256WithRSAEncryption
a4:81:e0:cb:c1:8c:9b:4b:a2:32:97:65:a5:56:7e:03:27:53:
77:dc:ef:7d:a3:9e:d1:7c:a4:88:7f:8a:48:c9:8c:9b:17:77:
31:fb:36:f4:fc:9c:2a:00:2e:65:f2:f5:8d:7f:0e:67:9f:3e:
5a:44:11:44:6d:f8:3a:5b:6b:58:f0:89:11:64:75:8c:d1:91:
79:24:5e:6c:b8:e7:ab:e5:7a:93:fb:a0:36:26:e9:d4:bd:27:
92:a4:90:ba:a0:7a:13:74:d4:be:42:55:9c:80:ef:ba:5d:d5:
f2:46:63:8f:fe:cb:ec:aa:c4:ba:8e:35:79:25:77:55:64:15:
1f:32:ef:0d:a4:2a:46:fc:58:c0:07:f3:17:cc:14:6b:74:40:
3b:68:37:d6:b7:59:72:ea:15:1c:df:00:fd:51:68:64:5a:32:
69:0f:f5:db:67:bf:46:01:4f:bc:e0:54:b6:61:1e:2f:08:5b:
8a:e9:67:64:d8:25:39:06:99:ed:61:10:c9:64:2f:6d:2a:33:
92:f6:25:10:d1:9a:7b:0a:6c:1b:3f:ca:9b:c5:27:19:eb:24:
81:8c:e4:57:48:c1:eb:b8:44:8d:56:22:d5:50:2b:95:82:25:
ef:a2:8f:9a:8a:b2:ae:e4:f3:0a:e3:4d:24:17:4c:ba:03:cc:
6f:41:be:05
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RUNBNDExMC8GA1UEBRMoOEMxQzE0REMxNjc0REJCNjhCNDk0MzAxNTg3QjNEMkY5
OEVENzAxQjAeFw0yNDAzMDgwMjAzMzdaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZWE3MWY5LTQ3NWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDECbuCo9Jsoyq5jW0NQ6YyMy2wMa80npBQGiQ5E/0IzRnFvj7pmKFn1Yo/CZtb
wAZro7z49UpiHq8fc6YcLawHXMbk+vW3f/XNmFLiihU7sN+NAhxDX0CiEtZqxppg
tu2XvGmEFdU/lrin20K04dsdNWN8rZlcdxOGGBNCVmJi5kifRtY06jBwd8PSNXsJ
Vt8YLRWZmG/6iZefpFe9JFZ0mocYvv7ot8GxcTWSN6ioB4U5dnTrLmEPglzsNTND
eoPtterLCGvhv96r11XcVqBSJRDJOvuRuVCOf9IemvAS9RQHHRdzxTrCvDf3UllF
Ki7ryBDXdaPn6QW6RfMiTh8TAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUHOdQTR7e
VS9G7ndaieOx+vIPrLQwHwYDVR0jBBgwFoAUjBwU3BZ027aLSUMBWHs9L5jtcBsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJFQ0E0LzQ4NUYzMzZBRENF
RDExRUVCQkJGNDAyRkM0RjlBRTAyL2pCd1UzQlowMjdhTFNVTUJXSHM5TDVqdGNC
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvakJ3VTNCWjAyN2FMU1VNQldIczlMNWp0Y0JzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RUNBNC80ODVGMzM2QURDRUQxMUVFQkJCRjQwMkZDNEY5QUUwMi8xMzNDMTAyRURD
RjAxMUVFOUZEQ0RGMTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAC37QwMEAmfOWDANBAIAAjAHAwUAJAED4DANBgkqhkiG9w0B
AQsFAAOCAQEApIHgy8GMm0uiMpdlpVZ+AydTd9zvfaOe0XykiH+KSMmMmxd3Mfs2
9PycKgAuZfL1jX8OZ58+WkQRRG34OltrWPCJEWR1jNGReSRebLjnq+V6k/ugNibp
1L0nkqSQuqB6E3TUvkJVnIDvul3V8kZjj/7L7KrEuo41eSV3VWQVHzLvDaQqRvxY
wAfzF8wUa3RAO2g31rdZcuoVHN8A/VFoZFoyaQ/122e/RgFPvOBUtmEeLwhbiuln
ZNglOQaZ7WEQyWQvbSozkvYlENGaewpsGz/Km8UnGeskgYzkV0jB67hEjVYi1VAr
lYIl76KPmoqyruTzCuNNJBdMugPMb0G+BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org