Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/DAF522A80BA411EFBFD36A6BC4F9AE02.roa
File: DAF522A80BA411EFBFD36A6BC4F9AE02.roa (raw, json)
Hash identifier: PxJw7P+O3Iz4TrB3l8MjEruRfxqPmlSN+iO0ZsD5pQ0=
Subject key identifier: 8F:C1:0A:8F:7A:FF:C7:D4:D7:64:9C:6C:61:94:25:72:59:AA:54:19
Certificate issuer: /CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Certificate serial: 211B
Authority key identifier: 13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/DAF522A80BA411EFBFD36A6BC4F9AE02.roa
Signing time: Mon 06 May 2024 12:33:35 +0000
ROA not before: Mon 06 May 2024 12:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132296
IP address blocks: 103.255.115.0/24 maxlen: 24
202.134.144.0/24 maxlen: 24
202.134.145.0/24 maxlen: 24
202.134.146.0/24 maxlen: 24
202.134.147.0/24 maxlen: 24
202.134.148.0/24 maxlen: 24
202.134.149.0/24 maxlen: 24
202.134.150.0/24 maxlen: 24
202.134.151.0/24 maxlen: 24
202.134.152.0/24 maxlen: 24
202.134.153.0/24 maxlen: 24
202.134.157.0/24 maxlen: 24
202.134.158.0/24 maxlen: 24
202.134.159.0/24 maxlen: 24
202.134.162.0/24 maxlen: 24
202.134.167.0/24 maxlen: 24
202.134.168.0/24 maxlen: 24
202.134.173.0/24 maxlen: 24
202.134.174.0/24 maxlen: 24
202.134.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 12:34:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8475 (0x211b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Validity
Not Before: May 6 12:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6638ce1f-b3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:74:d0:11:84:24:8c:be:8a:17:11:88:cb:18:
9e:49:26:15:6e:55:27:1e:16:fb:a4:10:95:12:46:
41:d4:cc:01:a2:f5:87:89:f0:20:1b:eb:ec:18:74:
fd:44:ec:e7:88:2c:70:2a:38:7b:d8:62:2c:46:84:
4d:db:7d:75:6c:25:8d:88:de:09:7b:60:b7:40:d6:
26:68:65:a7:d0:85:67:3b:63:30:36:82:1b:99:c5:
65:c0:0a:64:d9:dd:de:00:69:35:72:71:ae:15:63:
24:94:01:54:78:b2:0d:a3:3a:83:8a:e5:27:af:41:
6f:0a:0d:0e:35:d6:d0:b2:71:d2:e6:05:6f:66:9d:
ad:87:03:0c:d6:58:22:6e:6f:95:64:9b:79:ff:c0:
99:44:70:7d:b6:ce:ed:73:77:d7:e2:a3:cb:ff:bf:
cf:18:33:a6:7d:b0:14:5b:f4:dd:d1:7a:b5:50:62:
10:5e:95:6b:68:5d:0e:35:d8:ce:e5:55:f5:aa:8b:
d9:5b:3a:85:b1:2a:96:86:31:25:e5:96:8d:e2:b7:
d4:3a:14:0f:f2:06:c9:20:5f:7d:04:34:18:9e:46:
2a:9b:12:6e:c6:96:c2:53:83:39:47:45:09:25:08:
8e:24:17:76:b1:d3:36:69:b9:6c:3e:de:24:d6:f6:
22:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C1:0A:8F:7A:FF:C7:D4:D7:64:9C:6C:61:94:25:72:59:AA:54:19
X509v3 Authority Key Identifier:
keyid:13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/DAF522A80BA411EFBFD36A6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.115.0/24
202.134.144.0-202.134.153.255
202.134.157.0-202.134.159.255
202.134.162.0/24
202.134.167.0-202.134.168.255
202.134.173.0-202.134.174.255
202.134.181.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:fd:ab:c5:34:48:64:3b:ac:b2:1b:e0:b2:ee:72:46:b7:c5:
19:f4:52:d8:8b:b8:ea:0f:70:87:8c:3f:af:7d:03:ee:f9:67:
5d:3e:7c:30:19:3b:18:31:43:e9:4f:9f:ea:55:70:1b:ec:0f:
08:47:46:cd:65:c9:0f:9f:bc:3c:5f:b6:fd:f2:41:8d:a2:5b:
ac:04:1b:72:23:44:8d:6d:fc:c1:33:f3:8d:4a:62:79:7b:5c:
92:15:52:09:30:91:b5:c0:af:1c:31:89:38:2d:9d:19:bb:7a:
14:56:d7:e2:53:30:e8:03:69:1e:5b:af:e9:82:1a:d6:80:4c:
c2:ce:1d:50:a7:98:76:71:43:70:63:19:b9:5b:62:a1:19:a3:
67:82:c6:6f:c5:65:ab:af:6d:9d:0c:1a:4d:be:3c:09:88:65:
69:ba:d4:6c:d9:de:45:a6:81:f9:b9:d2:b1:f4:9b:58:b4:b6:
26:92:f9:f2:fc:63:74:52:91:3f:7e:70:ee:84:50:50:b4:d4:
45:74:7c:a5:60:0c:8f:2c:68:dc:38:a9:bf:8d:3d:c1:68:89:
1c:3c:78:42:81:ff:48:41:0d:63:9f:db:60:55:01:e4:d6:c2:
d9:6f:76:80:c8:e6:33:57:fc:be:97:3b:f6:8c:1a:1e:96:2e:
98:01:41:cf
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICIRswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OURBRjIxMTAvBgNVBAUTKDEzOUNDMURCNkI5RDI0QjkzQjE0OTI4QTc1MThEMDRF
QjNCMjZBM0EwHhcNMjQwNTA2MTIzMzM1WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4Y2UxZi1iM2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsnTQEYQkjL6KFxGIyxieSSYVblUnHhb7pBCVEkZB1MwBovWHifAgG+vsGHT9
ROzniCxwKjh72GIsRoRN2311bCWNiN4Je2C3QNYmaGWn0IVnO2MwNoIbmcVlwApk
2d3eAGk1cnGuFWMklAFUeLINozqDiuUnr0FvCg0ONdbQsnHS5gVvZp2thwMM1lgi
bm+VZJt5/8CZRHB9ts7tc3fX4qPL/7/PGDOmfbAUW/Td0Xq1UGIQXpVraF0ONdjO
5VX1qovZWzqFsSqWhjEl5ZaN4rfUOhQP8gbJIF99BDQYnkYqmxJuxpbCU4M5R0UJ
JQiOJBd2sdM2ablsPt4k1vYiqwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFI/BCo96
/8fU12ScbGGUJXJZqlQZMB8GA1UdIwQYMBaAFBOcwdtrnSS5OxSSinUY0E6zsmo6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REFGMi8yNkVDNkREQUQz
REExMUU1OEM1Q0Q0MEZDNEY5QUUwMi9FNXpCMjJ1ZEpMazdGSktLZFJqUVRyT3lh
am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U1ekIyMnVkSkxrN0ZKS0tkUmpRVHJPeWFqby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OURBRjIvMjZFQzZEREFEM0RBMTFFNThDNUNENDBGQzRGOUFFMDIvREFGNTIyQTgw
QkE0MTFFRkJGRDM2QTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMFAEAgABMEoDBABn/3MwDAMEBMqGkAMEAcqGmDAMAwQAyoadAwQFyoaAAwQA
yoaiMAwDBADKhqcDBADKhqgwDAMEAMqGrQMEAMqGrgMEAMqGtTANBgkqhkiG9w0B
AQsFAAOCAQEAav2rxTRIZDusshvgsu5yRrfFGfRS2Iu46g9wh4w/r30D7vlnXT58
MBk7GDFD6U+f6lVwG+wPCEdGzWXJD5+8PF+2/fJBjaJbrAQbciNEjW38wTPzjUpi
eXtckhVSCTCRtcCvHDGJOC2dGbt6FFbX4lMw6ANpHluv6YIa1oBMws4dUKeYdnFD
cGMZuVtioRmjZ4LGb8Vlq69tnQwaTb48CYhlabrUbNneRaaB+bnSsfSbWLS2JpL5
8vxjdFKRP35w7oRQULTURXR8pWAMjyxo3Dipv409wWiJHDx4QoH/SEENY5/bYFUB
5NbC2W92gMjmM1f8vpc79owaHpYumAFBzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org