Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A3E6/640D618EF2C911EA86F12717C4F9AE02/32B402A0F32311EA96B98711C4F9AE02.roa
File: 32B402A0F32311EA96B98711C4F9AE02.roa (raw, json)
Hash identifier: 8oIp8sIslxRTZrjfqYMt22W3gkW5OqRMWeNPGz0pEWg=
Subject key identifier: C2:B4:FC:E1:6E:62:4D:D1:AA:AB:39:D7:5D:2C:48:8B:83:11:18:01
Certificate issuer: /CN=A918A3E6/serialNumber=ED8CBC54CD86F2C1F92DEC6BC909DBC6FA634C81
Certificate serial: 06A6
Authority key identifier: ED:8C:BC:54:CD:86:F2:C1:F9:2D:EC:6B:C9:09:DB:C6:FA:63:4C:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Yy8VM2G8sH5LexryQnbxvpjTIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A3E6/640D618EF2C911EA86F12717C4F9AE02/32B402A0F32311EA96B98711C4F9AE02.roa
Signing time: Mon 02 Oct 2023 21:59:18 +0000
ROA not before: Mon 02 Oct 2023 21:59:18 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 141166
IP address blocks: 103.155.150.0/23 maxlen: 23
103.155.150.0/24 maxlen: 24
103.155.151.0/24 maxlen: 24
2001:df4:ce80::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 Nov 2023 18:04:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1702 (0x6a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A3E6/serialNumber=ED8CBC54CD86F2C1F92DEC6BC909DBC6FA634C81
Validity
Not Before: Oct 2 21:59:18 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651b3d36-0b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5d:45:b6:96:04:a4:72:56:81:13:73:e4:e8:
ab:34:95:41:24:13:f6:26:03:3a:49:a1:dc:bf:09:
d4:06:9b:8f:c9:d0:52:03:46:57:57:40:98:57:c9:
7c:ee:cc:f8:7c:6c:65:cb:01:f4:80:20:3a:f2:5f:
35:4a:6b:8d:6d:d7:48:98:66:0a:2e:c3:ba:02:a8:
8b:79:8e:fd:a8:1c:aa:37:a1:18:09:c3:9f:0b:ae:
8f:27:a1:e1:41:b5:d4:ec:45:65:4c:d7:82:29:51:
dd:a0:87:7f:9b:15:00:f6:77:3d:d1:69:72:f2:6f:
3b:88:a2:4b:88:22:57:76:54:ba:f5:ee:37:22:3c:
d8:e1:7f:10:0c:2b:cc:d7:da:db:a5:13:5a:6b:56:
70:a9:f7:9c:47:0a:5e:5f:9c:99:56:d9:64:dd:79:
c4:09:73:20:e0:b6:bb:f2:2b:33:21:ad:a7:38:6b:
eb:32:ea:80:40:76:1c:be:05:04:60:60:2b:d4:e3:
90:b6:bc:6e:b1:06:09:89:38:f0:02:4d:50:a7:36:
13:14:ea:4b:89:0d:85:ba:3e:51:eb:b3:fe:ca:b5:
31:54:b4:36:10:8e:dd:8f:58:39:02:47:a3:d0:4e:
be:34:83:29:8e:db:f8:72:cf:1f:83:03:7b:b3:83:
54:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B4:FC:E1:6E:62:4D:D1:AA:AB:39:D7:5D:2C:48:8B:83:11:18:01
X509v3 Authority Key Identifier:
keyid:ED:8C:BC:54:CD:86:F2:C1:F9:2D:EC:6B:C9:09:DB:C6:FA:63:4C:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A3E6/640D618EF2C911EA86F12717C4F9AE02/7Yy8VM2G8sH5LexryQnbxvpjTIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Yy8VM2G8sH5LexryQnbxvpjTIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A3E6/640D618EF2C911EA86F12717C4F9AE02/32B402A0F32311EA96B98711C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.155.150.0/23
IPv6:
2001:df4:ce80::/48
Signature Algorithm: sha256WithRSAEncryption
0b:e7:37:0b:21:09:7c:e3:0e:1a:28:99:3d:b2:56:7c:76:c1:
b5:f2:c6:7d:a8:87:25:03:5b:cc:00:fa:56:fc:f9:f7:70:3d:
be:77:3b:b3:e7:1b:8b:b8:0d:db:bc:9f:6c:56:85:9f:28:d3:
5e:5a:11:c0:08:7e:2a:f4:54:8c:49:a7:53:ee:70:18:45:af:
2a:47:a5:56:5a:8d:97:a5:59:8e:a9:48:c9:c1:86:d3:29:51:
8e:45:0f:20:91:0f:87:df:b7:f1:4d:55:5c:7d:08:9c:cd:49:
e5:14:de:1c:cf:10:79:eb:63:79:0c:5a:12:85:12:9c:c9:b0:
5a:75:07:db:88:83:03:c3:60:b1:d7:93:1f:5d:79:a9:07:44:
a1:2d:f5:49:53:25:f4:7d:ce:27:20:38:2d:6d:20:e0:79:e7:
55:d5:df:a1:a3:d1:eb:33:63:66:6a:3e:d8:24:1f:0b:c6:84:
84:0f:74:dd:60:ef:2e:81:c2:fd:c0:a8:50:4b:be:bc:9f:55:
97:01:43:6b:f8:e3:cd:61:d7:aa:ba:63:76:f6:73:94:83:4c:
de:0c:de:92:00:af:af:07:ca:83:7c:73:36:08:a7:f8:78:b0:
f7:08:38:12:d0:81:bc:ff:14:5b:c0:5f:fd:ce:75:ed:0b:74:
42:43:fa:32
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBqYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEEzRTYxMTAvBgNVBAUTKEVEOENCQzU0Q0Q4NkYyQzFGOTJERUM2QkM5MDlEQkM2
RkE2MzRDODEwHhcNMjMxMDAyMjE1OTE4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFiM2QzNi0wYjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3l1FtpYEpHJWgRNz5OirNJVBJBP2JgM6SaHcvwnUBpuPydBSA0ZXV0CYV8l8
7sz4fGxlywH0gCA68l81SmuNbddImGYKLsO6AqiLeY79qByqN6EYCcOfC66PJ6Hh
QbXU7EVlTNeCKVHdoId/mxUA9nc90Wly8m87iKJLiCJXdlS69e43IjzY4X8QDCvM
19rbpRNaa1ZwqfecRwpeX5yZVtlk3XnECXMg4La78iszIa2nOGvrMuqAQHYcvgUE
YGAr1OOQtrxusQYJiTjwAk1QpzYTFOpLiQ2Fuj5R67P+yrUxVLQ2EI7dj1g5Akej
0E6+NIMpjtv4cs8fgwN7s4NU7QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMK0/OFu
Yk3Rqqs5110sSIuDERgBMB8GA1UdIwQYMBaAFO2MvFTNhvLB+S3sa8kJ28b6Y0yB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTNFNi82NDBENjE4RUYy
QzkxMUVBODZGMTI3MTdDNEY5QUUwMi83WXk4Vk0yRzhzSDVMZXhyeVFuYnh2cGpU
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdZeThWTTJHOHNINUxleHJ5UW5ieHZwalRJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEEzRTYvNjQwRDYxOEVGMkM5MTFFQTg2RjEyNzE3QzRGOUFFMDIvMzJCNDAyQTBG
MzIzMTFFQTk2Qjk4NzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnm5YwDwQCAAIwCQMHACABDfTOgDANBgkqhkiG9w0BAQsF
AAOCAQEAC+c3CyEJfOMOGiiZPbJWfHbBtfLGfaiHJQNbzAD6Vvz593A9vnc7s+cb
i7gN27yfbFaFnyjTXloRwAh+KvRUjEmnU+5wGEWvKkelVlqNl6VZjqlIycGG0ylR
jkUPIJEPh9+38U1VXH0InM1J5RTeHM8QeetjeQxaEoUSnMmwWnUH24iDA8NgsdeT
H115qQdEoS31SVMl9H3OJyA4LW0g4HnnVdXfoaPR6zNjZmo+2CQfC8aEhA903WDv
LoHC/cCoUEu+vJ9VlwFDa/jjzWHXqrpjdvZzlINM3gzekgCvrwfKg3xzNgin+Hiw
9wg4EtCBvP8UW8Bf/c517Qt0QkP6Mg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org