Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/23BAF9DE681D11EAB365BD2EC4F9AE02.roa
File: 23BAF9DE681D11EAB365BD2EC4F9AE02.roa (raw, json)
Hash identifier: dwuIH89MAE9P2hXlQ295sSBtR3IL2ZhOccAABp0NrXI=
Subject key identifier: F2:B5:15:C0:B8:85:B5:6C:1E:9C:53:66:3C:0D:EA:E8:DC:33:6F:1B
Certificate issuer: /CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Certificate serial: 2116
Authority key identifier: 13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/23BAF9DE681D11EAB365BD2EC4F9AE02.roa
Signing time: Mon 06 May 2024 04:07:17 +0000
ROA not before: Mon 06 May 2024 04:07:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132296
IP address blocks: 103.255.115.0/24 maxlen: 24
202.134.144.0/24 maxlen: 24
202.134.145.0/24 maxlen: 24
202.134.146.0/24 maxlen: 24
202.134.147.0/24 maxlen: 24
202.134.148.0/24 maxlen: 24
202.134.149.0/24 maxlen: 24
202.134.150.0/24 maxlen: 24
202.134.151.0/24 maxlen: 24
202.134.152.0/24 maxlen: 24
202.134.153.0/24 maxlen: 24
202.134.157.0/24 maxlen: 24
202.134.158.0/24 maxlen: 24
202.134.159.0/24 maxlen: 24
202.134.162.0/24 maxlen: 24
202.134.167.0/24 maxlen: 24
202.134.168.0/24 maxlen: 24
202.134.173.0/24 maxlen: 24
202.134.174.0/24 maxlen: 24
202.134.179.0/24 maxlen: 24
202.134.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 12:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8470 (0x2116)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Validity
Not Before: May 6 04:07:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66385775-68a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:57:de:04:03:4e:87:c9:96:92:94:d2:76:12:
88:34:f4:65:2c:c3:56:9a:68:ce:14:66:7a:dc:53:
cf:af:ce:9d:72:12:19:dd:e9:7d:76:c0:0a:65:f2:
db:40:84:04:de:e5:e1:b4:f9:d7:5c:0e:84:99:aa:
5a:76:c1:a0:c1:37:64:b6:d8:47:b8:b4:06:cf:2f:
12:76:34:39:14:cc:f1:9e:7a:3d:22:bf:90:66:01:
89:ea:d0:a5:9a:ae:06:e8:3a:a8:67:84:ac:79:54:
fa:47:b0:36:50:2c:8c:3c:2b:16:16:50:c2:3e:a1:
bd:01:14:42:a8:6f:ae:59:21:b1:f9:ae:cf:d6:c8:
9a:18:95:fd:18:94:69:b5:4a:72:dd:ad:6f:4e:b5:
58:0c:1b:85:df:f0:ad:36:cb:63:86:f7:ee:f9:a2:
59:5f:12:76:88:0b:a4:f5:fe:12:4c:08:0a:f6:c5:
28:b4:e0:fd:54:5c:f5:cc:f0:6d:df:da:0e:34:93:
f3:43:b0:3f:0c:ce:3b:c4:cc:ce:82:95:01:fc:c8:
bb:85:0c:e3:43:8a:ba:03:4d:d3:84:86:eb:b3:79:
07:4d:86:48:f2:a2:b1:3a:8f:2d:6e:48:02:89:4f:
7c:d8:bd:b7:6e:d7:5c:53:b6:bb:bf:9c:13:2e:82:
92:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B5:15:C0:B8:85:B5:6C:1E:9C:53:66:3C:0D:EA:E8:DC:33:6F:1B
X509v3 Authority Key Identifier:
keyid:13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/23BAF9DE681D11EAB365BD2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.115.0/24
202.134.144.0-202.134.153.255
202.134.157.0-202.134.159.255
202.134.162.0/24
202.134.167.0-202.134.168.255
202.134.173.0-202.134.174.255
202.134.179.0/24
202.134.181.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:76:a9:9f:91:e4:b3:01:c4:3b:36:30:b5:51:72:2f:94:d5:
dd:26:6b:e7:77:75:a5:23:97:d3:a3:db:00:8b:87:89:8f:4d:
7e:68:91:15:9f:9a:6e:44:67:61:56:b5:39:90:cb:31:2a:6e:
e1:59:d3:c8:3e:ee:ef:4b:c9:20:d4:08:e1:ac:13:36:5b:ef:
48:c7:7a:28:69:0d:64:a5:fa:65:03:7e:20:7f:22:ec:1d:9a:
c2:44:07:0c:41:99:ea:df:b8:94:a6:09:9c:44:21:ee:b2:24:
ca:c1:6c:70:51:42:d0:66:5a:68:11:d5:17:b9:88:64:e3:23:
46:4a:e5:ed:95:ef:aa:f6:c6:aa:19:a4:0d:50:89:5f:5b:b2:
73:cb:4d:83:8d:47:e2:12:78:bd:58:6a:b1:a5:40:23:74:9e:
0b:14:b6:c0:ee:65:7e:3b:25:82:75:6b:12:a4:ec:fd:2d:6a:
ae:46:e7:5f:dd:3b:b2:72:d7:5d:00:ef:39:71:f3:26:5f:a6:
29:46:5d:0d:5d:b1:f5:a6:79:af:56:01:f3:b1:34:d4:e7:e0:
86:40:10:c0:d7:33:5c:07:05:31:b2:49:f9:76:e4:80:81:e2:
77:49:7d:d8:eb:a0:6a:9d:04:2b:10:e3:8b:ec:0d:c6:ca:cc:
84:25:e8:23
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgICIRYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OURBRjIxMTAvBgNVBAUTKDEzOUNDMURCNkI5RDI0QjkzQjE0OTI4QTc1MThEMDRF
QjNCMjZBM0EwHhcNMjQwNTA2MDQwNzE3WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4NTc3NS02OGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxlfeBANOh8mWkpTSdhKINPRlLMNWmmjOFGZ63FPPr86dchIZ3el9dsAKZfLb
QIQE3uXhtPnXXA6EmapadsGgwTdktthHuLQGzy8SdjQ5FMzxnno9Ir+QZgGJ6tCl
mq4G6DqoZ4SseVT6R7A2UCyMPCsWFlDCPqG9ARRCqG+uWSGx+a7P1siaGJX9GJRp
tUpy3a1vTrVYDBuF3/CtNstjhvfu+aJZXxJ2iAuk9f4STAgK9sUotOD9VFz1zPBt
39oONJPzQ7A/DM47xMzOgpUB/Mi7hQzjQ4q6A03ThIbrs3kHTYZI8qKxOo8tbkgC
iU982L23btdcU7a7v5wTLoKSIwIDAQABo4IC3zCCAtswHQYDVR0OBBYEFPK1FcC4
hbVsHpxTZjwN6ujcM28bMB8GA1UdIwQYMBaAFBOcwdtrnSS5OxSSinUY0E6zsmo6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REFGMi8yNkVDNkREQUQz
REExMUU1OEM1Q0Q0MEZDNEY5QUUwMi9FNXpCMjJ1ZEpMazdGSktLZFJqUVRyT3lh
am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U1ekIyMnVkSkxrN0ZKS0tkUmpRVHJPeWFqby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OURBRjIvMjZFQzZEREFEM0RBMTFFNThDNUNENDBGQzRGOUFFMDIvMjNCQUY5REU2
ODFEMTFFQUIzNjVCRDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaQYIKwYBBQUHAQcBAf8E
WjBYMFYEAgABMFADBABn/3MwDAMEBMqGkAMEAcqGmDAMAwQAyoadAwQFyoaAAwQA
yoaiMAwDBADKhqcDBADKhqgwDAMEAMqGrQMEAMqGrgMEAMqGswMEAMqGtTANBgkq
hkiG9w0BAQsFAAOCAQEAGnapn5HkswHEOzYwtVFyL5TV3SZr53d1pSOX06PbAIuH
iY9NfmiRFZ+abkRnYVa1OZDLMSpu4VnTyD7u70vJINQI4awTNlvvSMd6KGkNZKX6
ZQN+IH8i7B2awkQHDEGZ6t+4lKYJnEQh7rIkysFscFFC0GZaaBHVF7mIZOMjRkrl
7ZXvqvbGqhmkDVCJX1uyc8tNg41H4hJ4vVhqsaVAI3SeCxS2wO5lfjslgnVrEqTs
/S1qrkbnX907snLXXQDvOXHzJl+mKUZdDV2x9aZ5r1YB87E01OfghkAQwNczXAcF
MbJJ+XbkgIHid0l92Ougap0EKxDji+wNxsrMhCXoIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org