Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/D5DA40147B8111ED9C4EDD3BC4F9AE02.roa
File: D5DA40147B8111ED9C4EDD3BC4F9AE02.roa (raw, json)
Hash identifier: foK0JjRJWmBebc+BrKp8wrsD7Nr6Pjzx2UTKBy29kDA=
Subject key identifier: BC:65:6F:26:4C:08:75:C1:77:04:C5:E5:97:54:6D:50:EC:A1:51:C9
Certificate issuer: /CN=A918D3A9/serialNumber=1968423ED6D2495880A56A6DB02BC67298C5E686
Certificate serial: 0F54
Authority key identifier: 19:68:42:3E:D6:D2:49:58:80:A5:6A:6D:B0:2B:C6:72:98:C5:E6:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWhCPtbSSViApWptsCvGcpjF5oY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/D5DA40147B8111ED9C4EDD3BC4F9AE02.roa
Signing time: Mon 04 Dec 2023 18:05:20 +0000
ROA not before: Mon 04 Dec 2023 18:05:20 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137955
IP address blocks: 103.103.194.0/24 maxlen: 24
103.116.192.0/24 maxlen: 24
103.116.193.0/24 maxlen: 24
2405:1340::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Mar 2024 15:25:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3924 (0xf54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D3A9/serialNumber=1968423ED6D2495880A56A6DB02BC67298C5E686
Validity
Not Before: Dec 4 18:05:20 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=656e14e0-e1e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7d:fb:34:4c:85:3e:ce:4a:22:67:14:02:b6:
8f:cc:ab:f9:c2:27:0e:d2:ce:aa:cf:04:f8:30:6c:
66:cf:a5:dd:a9:d9:3b:19:ca:13:cc:88:d1:46:f2:
9d:4c:c1:53:7d:19:8d:2c:dc:31:44:50:6a:a7:84:
a2:e7:e9:bf:99:c5:2d:62:a0:7b:b0:98:30:f8:e6:
55:b6:e6:a4:a7:c2:60:c7:08:ca:07:6d:38:0f:22:
8e:5b:56:24:5d:3f:7a:2e:d3:8b:e8:7d:ee:70:a2:
6b:b1:7b:fd:7e:fa:23:b2:c5:2d:1a:cc:92:55:05:
0e:de:1c:09:8e:41:2f:b8:4f:9b:b3:c1:0a:8f:18:
ce:e7:13:d1:af:1f:be:db:23:45:4e:8b:fd:7e:25:
b0:d4:43:07:ee:62:47:e9:78:62:f1:38:b1:44:01:
b2:f3:33:88:24:20:00:25:ce:e7:9a:f2:5e:2a:ba:
f4:6a:a4:17:55:8a:a8:70:78:0a:12:13:65:b1:4b:
16:3b:47:ad:73:9c:4e:72:1e:3e:89:08:63:b6:2a:
67:9a:19:de:57:e0:42:31:72:0c:51:d7:8f:63:ae:
f1:dc:ea:42:ac:a4:8e:86:99:f9:a0:68:a1:33:58:
43:96:e1:9a:f1:70:7f:9b:17:60:02:e6:56:dd:9d:
cd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:65:6F:26:4C:08:75:C1:77:04:C5:E5:97:54:6D:50:EC:A1:51:C9
X509v3 Authority Key Identifier:
keyid:19:68:42:3E:D6:D2:49:58:80:A5:6A:6D:B0:2B:C6:72:98:C5:E6:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/GWhCPtbSSViApWptsCvGcpjF5oY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWhCPtbSSViApWptsCvGcpjF5oY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/D5DA40147B8111ED9C4EDD3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.103.194.0/24
103.116.192.0/23
IPv6:
2405:1340::/32
Signature Algorithm: sha256WithRSAEncryption
2a:0c:2a:42:8a:6c:0f:25:33:46:01:72:9b:f3:15:da:93:5d:
ae:31:06:25:7b:20:96:8c:c7:ca:67:5d:cd:b1:7d:e4:8b:8c:
bd:ea:9d:69:71:eb:3b:30:2d:24:b5:17:63:2d:ef:68:93:4c:
5a:63:84:88:a5:5b:bb:56:c3:fc:08:ae:90:bc:67:db:35:0b:
b7:37:67:8b:e8:c7:44:d2:e2:18:c5:c8:64:73:cf:58:19:13:
78:8d:d6:fe:b4:c6:2a:5b:25:10:7a:a6:9b:99:ff:ae:f5:54:
0c:3c:f2:7c:3f:69:5e:53:02:b7:d7:a0:27:98:5f:cd:a8:86:
15:73:ab:2f:02:35:df:e7:94:f7:85:07:53:e3:ab:8b:ed:73:
c0:10:a6:30:9c:be:b0:5d:81:dc:a2:21:f8:46:da:1f:ee:f9:
c4:47:26:0b:4f:b1:d1:89:0b:da:e0:7b:2d:2f:9a:29:ed:76:
06:39:8c:53:5d:22:87:fb:7e:ea:51:e8:c8:b8:33:81:98:9c:
7c:58:b6:7a:61:5c:65:e9:4c:b7:86:ba:00:30:49:7d:92:51:
46:63:b3:14:13:1f:dc:a4:cf:d8:4e:24:25:40:9d:02:4c:b9:
ff:23:34:a1:94:c1:36:ff:86:ba:ed:41:03:36:cf:7a:95:77:
6a:e3:ef:af
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICD1QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQzQTkxMTAvBgNVBAUTKDE5Njg0MjNFRDZEMjQ5NTg4MEE1NkE2REIwMkJDNjcy
OThDNUU2ODYwHhcNMjMxMjA0MTgwNTIwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZlMTRlMC1lMWUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2X37NEyFPs5KImcUAraPzKv5wicO0s6qzwT4MGxmz6Xdqdk7GcoTzIjRRvKd
TMFTfRmNLNwxRFBqp4Si5+m/mcUtYqB7sJgw+OZVtuakp8JgxwjKB204DyKOW1Yk
XT96LtOL6H3ucKJrsXv9fvojssUtGsySVQUO3hwJjkEvuE+bs8EKjxjO5xPRrx++
2yNFTov9fiWw1EMH7mJH6Xhi8TixRAGy8zOIJCAAJc7nmvJeKrr0aqQXVYqocHgK
EhNlsUsWO0etc5xOch4+iQhjtipnmhneV+BCMXIMUdePY67x3OpCrKSOhpn5oGih
M1hDluGa8XB/mxdgAuZW3Z3NlwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLxlbyZM
CHXBdwTF5ZdUbVDsoVHJMB8GA1UdIwQYMBaAFBloQj7W0klYgKVqbbArxnKYxeaG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDNBOS9CQjdGRkI4RTNB
OTIxMUU5QjUyRENGNTNDNEY5QUUwMi9HV2hDUHRiU1NWaUFwV3B0c0N2R2NwakY1
b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dXaENQdGJTU1ZpQXBXcHRzQ3ZHY3BqRjVvWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQzQTkvQkI3RkZCOEUzQTkyMTFFOUI1MkRDRjUzQzRGOUFFMDIvRDVEQTQwMTQ3
QjgxMTFFRDlDNEVERDNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnZ8IDBAFndMAwDQQCAAIwBwMFACQFE0AwDQYJKoZIhvcN
AQELBQADggEBACoMKkKKbA8lM0YBcpvzFdqTXa4xBiV7IJaMx8pnXc2xfeSLjL3q
nWlx6zswLSS1F2Mt72iTTFpjhIilW7tWw/wIrpC8Z9s1C7c3Z4vox0TS4hjFyGRz
z1gZE3iN1v60xipbJRB6ppuZ/671VAw88nw/aV5TArfXoCeYX82ohhVzqy8CNd/n
lPeFB1Pjq4vtc8AQpjCcvrBdgdyiIfhG2h/u+cRHJgtPsdGJC9rgey0vmintdgY5
jFNdIof7fupR6Mi4M4GYnHxYtnphXGXpTLeGugAwSX2SUUZjsxQTH9ykz9hOJCVA
nQJMuf8jNKGUwTb/hrrtQQM2z3qVd2rj768=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:26 2024 by rpki-client on console-ams.rpki-client.org