Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/4B0B5F9434F011EEBB58A637C4F9AE02.roa
File: 4B0B5F9434F011EEBB58A637C4F9AE02.roa (raw, json)
Hash identifier: kVtOBpu1rEbehBoUxu5QhB8sKn5wcv0hQaAWTlxiAUI=
Subject key identifier: 3F:C3:C4:18:CB:3C:7B:BC:1D:46:71:91:01:10:94:A3:0F:5E:B2:23
Certificate issuer: /CN=A917270F/serialNumber=7E44DCE972F13C80E534B2E685FE1D2A0D761512
Certificate serial: 023E
Authority key identifier: 7E:44:DC:E9:72:F1:3C:80:E5:34:B2:E6:85:FE:1D:2A:0D:76:15:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fkTc6XLxPIDlNLLmhf4dKg12FRI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/4B0B5F9434F011EEBB58A637C4F9AE02.roa
Signing time: Tue 19 Nov 2024 17:28:40 +0000
ROA not before: Tue 19 Nov 2024 17:28:40 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 140269
IP address blocks: 103.191.162.0/24 maxlen: 24
2400:96e0::/32 maxlen: 32
2400:96e0::/48 maxlen: 48
2400:96e0:1::/48 maxlen: 48
2400:96e0:2::/48 maxlen: 48
2400:96e0:1000::/36 maxlen: 36
2400:96e0:2000::/36 maxlen: 36
2400:96e0:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 20 Nov 2024 12:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 574 (0x23e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917270F/serialNumber=7E44DCE972F13C80E534B2E685FE1D2A0D761512
Validity
Not Before: Nov 19 17:28:40 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=673ccac8-1dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5f:0a:5e:32:50:1e:bd:ad:e9:0c:6b:8a:21:
8e:98:c4:f1:32:6a:c7:37:cc:5b:b3:2a:17:58:21:
a7:8d:71:3a:46:4c:90:f7:b3:43:32:67:0c:b0:f9:
6b:45:06:89:fe:86:f6:f3:cc:13:59:1f:0d:53:3e:
38:66:c4:bc:2f:17:a0:07:03:94:35:3d:c6:bd:e5:
93:85:50:5e:ee:74:76:d6:d0:f8:5f:31:5c:84:18:
72:b4:b4:e9:e1:32:4a:4c:e4:61:98:82:99:38:09:
63:2e:2f:ca:8f:bf:d7:16:73:cf:f5:e9:f7:6b:17:
e3:4e:7e:9b:8b:87:ff:39:31:4a:d8:ad:61:c9:20:
22:94:ed:a2:8d:19:4d:31:2a:ca:a1:f3:68:95:54:
9f:06:c9:05:b0:b6:25:9f:89:32:58:78:f5:3c:39:
e7:57:8d:77:de:65:58:c4:b7:50:aa:ff:12:bd:9d:
14:f0:72:7d:f7:09:6a:db:29:05:f8:cf:22:38:ce:
ca:a9:d8:07:bf:54:4f:0b:f9:be:d8:fd:a0:66:87:
93:d7:90:97:95:ab:13:10:2a:21:91:f4:40:69:02:
35:86:57:e4:3b:d5:d7:59:0e:51:9d:41:5a:4c:ea:
d7:9f:cb:3d:2c:57:3b:27:3d:89:e3:1c:10:aa:e1:
63:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C3:C4:18:CB:3C:7B:BC:1D:46:71:91:01:10:94:A3:0F:5E:B2:23
X509v3 Authority Key Identifier:
keyid:7E:44:DC:E9:72:F1:3C:80:E5:34:B2:E6:85:FE:1D:2A:0D:76:15:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/fkTc6XLxPIDlNLLmhf4dKg12FRI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fkTc6XLxPIDlNLLmhf4dKg12FRI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/4B0B5F9434F011EEBB58A637C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.191.162.0/24
IPv6:
2400:96e0::/32
Signature Algorithm: sha256WithRSAEncryption
3a:dd:98:7a:93:e7:df:db:16:79:68:69:a0:80:4f:9b:22:49:
5c:fd:4f:fd:20:c1:d4:00:2e:d5:f6:42:06:24:51:b8:d2:c7:
80:93:91:80:63:53:d3:ea:ea:3c:1b:5b:ba:75:49:96:66:65:
dc:94:9d:61:0a:07:0e:8b:80:f9:a3:61:f9:a2:03:8c:e4:59:
8b:81:c3:8e:3a:83:c4:7d:22:d0:fb:90:3f:8f:2e:f6:ac:a2:
a1:e7:21:ec:87:00:f1:ef:03:e5:0c:33:cf:d7:37:e4:2c:e8:
9f:f7:55:04:c7:cf:79:d0:08:e9:07:4d:4e:8f:78:3b:43:02:
08:ff:a6:02:43:88:a1:b3:47:ec:4d:0d:a7:a5:f3:aa:c5:99:
33:5e:1b:f9:6c:57:2a:c8:8b:72:a0:da:31:79:9b:ab:7d:fd:
f1:53:f2:f4:c4:d4:0d:a6:87:33:6d:0a:76:39:ee:35:2a:da:
b1:af:04:d0:fd:c2:19:82:5d:19:30:a4:82:ea:62:f0:f3:a4:
38:95:f4:f1:17:08:79:fe:35:15:d7:3b:c9:76:cd:5b:a9:2b:
6c:e0:b8:a3:ec:15:a3:ac:00:1d:69:54:5b:67:d3:b8:1d:f8:
da:1b:8e:03:da:27:8b:1b:59:f5:62:87:ab:52:34:d9:6e:15:
5d:b1:ea:69
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAj4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzI3MEYxMTAvBgNVBAUTKDdFNDREQ0U5NzJGMTNDODBFNTM0QjJFNjg1RkUxRDJB
MEQ3NjE1MTIwHhcNMjQxMTE5MTcyODQwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNjY2FjOC0xZGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtl8KXjJQHr2t6QxriiGOmMTxMmrHN8xbsyoXWCGnjXE6RkyQ97NDMmcMsPlr
RQaJ/ob288wTWR8NUz44ZsS8LxegBwOUNT3GveWThVBe7nR21tD4XzFchBhytLTp
4TJKTORhmIKZOAljLi/Kj7/XFnPP9en3axfjTn6bi4f/OTFK2K1hySAilO2ijRlN
MSrKofNolVSfBskFsLYln4kyWHj1PDnnV4133mVYxLdQqv8SvZ0U8HJ99wlq2ykF
+M8iOM7KqdgHv1RPC/m+2P2gZoeT15CXlasTECohkfRAaQI1hlfkO9XXWQ5RnUFa
TOrXn8s9LFc7Jz2J4xwQquFjLwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFD/DxBjL
PHu8HUZxkQEQlKMPXrIjMB8GA1UdIwQYMBaAFH5E3Oly8TyA5TSy5oX+HSoNdhUS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjcwRi9EQzVFNzRDQTA4
RTgxMUVEQjlFMUI2MzNDNEY5QUUwMi9ma1RjNlhMeFBJRGxOTExtaGY0ZEtnMTJG
UkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZrVGM2WEx4UElEbE5MTG1oZjRkS2cxMkZSSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzI3MEYvREM1RTc0Q0EwOEU4MTFFREI5RTFCNjMzQzRGOUFFMDIvNEIwQjVGOTQz
NEYwMTFFRUJCNThBNjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnv6IwDQQCAAIwBwMFACQAluAwDQYJKoZIhvcNAQELBQAD
ggEBADrdmHqT59/bFnloaaCAT5siSVz9T/0gwdQALtX2QgYkUbjSx4CTkYBjU9Pq
6jwbW7p1SZZmZdyUnWEKBw6LgPmjYfmiA4zkWYuBw446g8R9ItD7kD+PLvasoqHn
IeyHAPHvA+UMM8/XN+Qs6J/3VQTHz3nQCOkHTU6PeDtDAgj/pgJDiKGzR+xNDael
86rFmTNeG/lsVyrIi3Kg2jF5m6t9/fFT8vTE1A2mhzNtCnY57jUq2rGvBND9whmC
XRkwpILqYvDzpDiV9PEXCHn+NRXXO8l2zVupK2zguKPsFaOsAB1pVFtn07gd+Nob
jgPaJ4sbWfVih6tSNNluFV2x6mk=
-----END CERTIFICATE-----
Generated at Wed Nov 20 15:03:34 2024 by rpki-client on console-fra.rpki-client.org