Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/6A82A910D68111EBA71D041EC4F9AE02.roa
File: 6A82A910D68111EBA71D041EC4F9AE02.roa (raw, json)
Hash identifier: 463PaKJMjMMt6YDEeWhwHGY4Gd0szjbv5YcdK71mVC8=
Subject key identifier: 90:15:2B:60:11:40:94:F2:DC:BD:44:29:60:71:46:66:A2:41:4A:15
Certificate issuer: /CN=A917CE22/serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A
Certificate serial: 069D
Authority key identifier: 62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/6A82A910D68111EBA71D041EC4F9AE02.roa
Signing time: Mon 22 Jan 2024 23:01:26 +0000
ROA not before: Mon 22 Jan 2024 23:01:26 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 45250
IP address blocks: 103.204.180.0/24 maxlen: 24
103.204.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 15:50:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1693 (0x69d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917CE22/serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A
Validity
Not Before: Jan 22 23:01:26 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65aef3c6-dc91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7b:84:a1:4e:04:e7:8c:59:17:f2:7d:64:25:
76:63:d2:f8:bb:15:bf:36:d1:db:90:c9:bc:88:64:
87:9d:5a:1c:30:75:22:58:dc:0c:b3:8c:3e:6a:b6:
0f:30:81:cb:19:bb:8a:05:50:c4:5f:d0:e7:21:aa:
54:9b:17:28:7c:12:b8:77:dd:86:59:fb:6a:ed:b7:
7d:56:1a:7b:9d:a9:64:be:32:2e:37:26:f9:b3:48:
a8:79:28:28:81:2c:65:25:4a:3c:59:63:b9:21:c8:
de:6d:3d:32:16:39:14:f9:d6:ad:5c:e7:28:d4:de:
05:38:1d:b1:cd:23:bc:e7:71:a8:c5:06:01:f5:48:
72:b3:e0:fd:c2:c8:33:ba:f9:55:86:7c:b3:fb:7b:
74:f1:bb:b4:74:a8:9e:ef:ca:8e:9c:fc:c9:92:18:
ac:34:1f:bd:aa:f6:8b:ad:20:f7:99:c4:6a:df:5a:
2b:26:85:54:68:33:c6:8b:48:17:02:9b:d0:59:2c:
12:d6:34:06:37:ad:cd:53:31:8b:41:7f:13:6f:9c:
ef:77:ef:90:e1:1f:b4:fa:9b:ff:46:45:87:04:7b:
98:bf:2b:82:9b:99:da:ea:fb:78:88:c6:6c:7c:85:
13:20:7f:69:55:44:df:cb:4b:ac:ea:28:bc:e8:66:
59:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:15:2B:60:11:40:94:F2:DC:BD:44:29:60:71:46:66:A2:41:4A:15
X509v3 Authority Key Identifier:
keyid:62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/6A82A910D68111EBA71D041EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.180.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:55:f0:bd:8b:3c:d4:a5:be:68:e0:c2:3f:c1:f5:ec:ad:6a:
01:3f:df:4b:c5:a9:b0:3a:93:a0:f0:10:77:3f:ab:96:76:c0:
db:f4:bf:b0:67:ba:8a:5c:9e:4d:cb:1d:2a:b6:fe:f1:9b:8d:
f3:b1:87:c6:7b:83:82:ee:8e:28:9d:30:dc:dd:43:0c:b9:55:
02:2c:66:b6:10:13:99:53:96:ce:f1:90:55:af:cc:16:38:2d:
0f:d1:a7:46:fe:50:dd:8b:08:64:03:f3:3c:d4:f1:d2:fd:b0:
ff:19:49:24:80:58:84:64:bb:49:34:7e:a4:e1:ab:41:b9:64:
fc:33:db:db:aa:49:c5:55:68:9c:4b:69:0b:d6:77:fa:9e:14:
96:96:2c:15:20:83:57:72:f1:42:54:ac:19:82:48:80:1d:5c:
12:92:de:69:e8:c8:8e:42:bf:97:58:8c:07:d8:25:9f:c1:83:
4f:64:86:7a:bb:b0:8d:f0:52:ee:8f:35:cb:e6:63:df:69:8c:
e3:33:23:1c:09:b1:d2:81:ef:fe:31:6f:88:34:aa:82:f2:62:
17:9d:dc:7d:30:f8:48:c5:e8:30:a3:ae:98:0b:0b:c5:21:84:
0f:01:2f:2d:5a:62:31:e0:0a:93:fb:34:69:5b:e7:11:0c:91:
80:8d:82:75
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBp0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0NFMjIxMTAvBgNVBAUTKDYyQzQxODJDMDAzRUZDRkEzOEREQUY0RUY5MDRGQjA0
RkU1QjU2NEEwHhcNMjQwMTIyMjMwMTI2WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWFlZjNjNi1kYzkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvHuEoU4E54xZF/J9ZCV2Y9L4uxW/NtHbkMm8iGSHnVocMHUiWNwMs4w+arYP
MIHLGbuKBVDEX9DnIapUmxcofBK4d92GWftq7bd9Vhp7nalkvjIuNyb5s0ioeSgo
gSxlJUo8WWO5IcjebT0yFjkU+datXOco1N4FOB2xzSO853GoxQYB9Uhys+D9wsgz
uvlVhnyz+3t08bu0dKie78qOnPzJkhisNB+9qvaLrSD3mcRq31orJoVUaDPGi0gX
ApvQWSwS1jQGN63NUzGLQX8Tb5zvd++Q4R+0+pv/RkWHBHuYvyuCm5na6vt4iMZs
fIUTIH9pVUTfy0us6ii86GZZswIDAQABo4IClTCCApEwHQYDVR0OBBYEFJAVK2AR
QJTy3L1EKWBxRmaiQUoVMB8GA1UdIwQYMBaAFGLEGCwAPvz6ON2vTvkE+wT+W1ZK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0UyMi8xMkZBODExQTE3
N0IxMUVCODQ2MzRDMzZDNEY5QUUwMi9Zc1FZTEFBLV9QbzQzYTlPLVFUN0JQNWJW
a28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lzUVlMQUEtX1BvNDNhOU8tUVQ3QlA1YlZrby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0NFMjIvMTJGQTgxMUExNzdCMTFFQjg0NjM0QzM2QzRGOUFFMDIvNkE4MkE5MTBE
NjgxMTFFQkE3MUQwNDFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnzLQwDQYJKoZIhvcNAQELBQADggEBALdV8L2LPNSlvmjg
wj/B9eytagE/30vFqbA6k6DwEHc/q5Z2wNv0v7Bnuopcnk3LHSq2/vGbjfOxh8Z7
g4LujiidMNzdQwy5VQIsZrYQE5lTls7xkFWvzBY4LQ/Rp0b+UN2LCGQD8zzU8dL9
sP8ZSSSAWIRku0k0fqThq0G5ZPwz29uqScVVaJxLaQvWd/qeFJaWLBUgg1dy8UJU
rBmCSIAdXBKS3mnoyI5Cv5dYjAfYJZ/Bg09khnq7sI3wUu6PNcvmY99pjOMzIxwJ
sdKB7/4xb4g0qoLyYhed3H0w+EjF6DCjrpgLC8UhhA8BLy1aYjHgCpP7NGlb5xEM
kYCNgnU=
-----END CERTIFICATE-----
Generated at Wed May 1 21:27:23 2024 by rpki-client on console-fra.rpki-client.org