Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A2A1F/1ECFFC4C621911EC99A55F3EC4F9AE02/BE257796EAFC11ED9F4DC557C4F9AE02.roa
File: BE257796EAFC11ED9F4DC557C4F9AE02.roa (raw, json)
Hash identifier: 372ayuLacBOK97NE+s2G3Z3UQt3IxAQ6ewCJOhR23ag=
Subject key identifier: 2F:4F:05:83:D0:3F:6E:17:96:D8:B5:1B:73:6B:EC:CD:03:A5:4D:21
Certificate issuer: /CN=A91A2A1F/serialNumber=6939FC040DA5C30B766DC794F9CA4C2F41ACAEEA
Certificate serial: 0309
Authority key identifier: 69:39:FC:04:0D:A5:C3:0B:76:6D:C7:94:F9:CA:4C:2F:41:AC:AE:EA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aTn8BA2lwwt2bceU-cpML0Gsruo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A2A1F/1ECFFC4C621911EC99A55F3EC4F9AE02/BE257796EAFC11ED9F4DC557C4F9AE02.roa
Signing time: Tue 19 Sep 2023 01:42:59 +0000
ROA not before: Tue 19 Sep 2023 01:42:59 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 147182
IP address blocks: 103.96.26.0/24 maxlen: 24
123.253.194.0/23 maxlen: 23
123.253.194.0/24 maxlen: 24
123.253.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 05:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 777 (0x309)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A2A1F/serialNumber=6939FC040DA5C30B766DC794F9CA4C2F41ACAEEA
Validity
Not Before: Sep 19 01:42:59 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6508fca3-705d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:30:bd:f8:44:cf:52:1f:66:6f:34:93:38:34:
f5:a8:e0:13:aa:bc:f2:af:1b:27:31:c7:8d:68:db:
87:aa:ed:42:1e:a3:b1:f7:f0:2a:7a:e0:39:5b:c1:
9f:cc:20:3d:16:ab:05:31:0a:dd:60:2e:6d:3a:f6:
b2:d0:4b:37:1d:56:93:df:c2:c6:73:de:5b:d2:1f:
e6:ab:d3:6b:0a:b0:27:2f:3e:38:3f:b0:33:1c:fd:
1a:d7:0b:2f:fd:2e:c3:62:0a:ec:37:d5:fb:d5:03:
be:a5:19:01:f1:fc:17:5e:3d:eb:4c:ec:8c:59:8b:
f7:e7:26:53:61:d6:96:93:4e:68:38:58:6d:3a:f1:
6a:d6:0e:c6:af:bf:23:3d:b1:04:62:ab:bf:17:2b:
28:5e:d2:2a:0d:42:3d:8e:aa:38:2b:f6:5f:9d:97:
75:ef:42:6b:36:4c:ef:66:7f:2e:39:0a:45:4c:a3:
eb:5e:e9:0a:d7:2e:a5:31:cf:ee:2c:3b:6a:26:bb:
50:51:0c:eb:a1:ba:49:aa:a4:19:df:10:29:d4:d2:
06:6e:8f:ba:3b:86:d5:90:65:c5:0a:36:f3:ad:f6:
40:ca:41:cf:2d:df:f0:fa:d2:1e:d6:8c:e2:da:11:
33:68:af:c3:d7:ff:14:ae:e0:c7:c3:15:46:a6:2e:
f2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4F:05:83:D0:3F:6E:17:96:D8:B5:1B:73:6B:EC:CD:03:A5:4D:21
X509v3 Authority Key Identifier:
keyid:69:39:FC:04:0D:A5:C3:0B:76:6D:C7:94:F9:CA:4C:2F:41:AC:AE:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A2A1F/1ECFFC4C621911EC99A55F3EC4F9AE02/aTn8BA2lwwt2bceU-cpML0Gsruo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aTn8BA2lwwt2bceU-cpML0Gsruo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A2A1F/1ECFFC4C621911EC99A55F3EC4F9AE02/BE257796EAFC11ED9F4DC557C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.96.26.0/24
123.253.194.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:50:63:84:b4:1f:df:4d:d5:b7:71:2f:4c:61:43:75:1b:90:
03:ef:70:a7:8a:78:af:f1:4c:ea:31:e1:17:d2:37:7f:83:b2:
33:89:e8:b9:5d:d9:8a:3f:a0:bb:8d:b4:c2:5c:68:2f:5c:b8:
75:5b:bb:d3:69:b3:84:91:da:b7:78:42:87:00:25:47:20:e3:
8d:9b:5c:aa:72:35:f3:8e:d4:e7:5e:4a:58:44:cd:80:c1:5e:
47:c0:cf:6c:ca:a9:7d:ac:94:fb:74:78:d0:55:f3:1c:ce:57:
7a:b2:3a:83:ae:08:bf:e1:e4:93:7a:22:a8:b2:ea:96:57:d3:
f4:e2:d6:d9:ee:ef:16:d1:bf:a7:1f:41:1b:fb:07:cf:65:89:
0b:84:38:ea:c1:95:e6:fc:e2:82:8e:70:67:b1:4a:ec:ea:72:
16:4b:bb:63:1d:9d:66:a2:ec:29:90:cd:f6:42:fa:d3:e4:b1:
a9:22:16:69:6d:bb:e7:0b:5f:75:01:aa:9b:4d:f8:fb:c2:3f:
1e:3c:04:d9:b0:2d:3b:30:ce:0b:39:42:78:0c:f2:53:45:83:
72:1f:f4:b3:d2:e8:76:f6:76:1f:05:f1:eb:be:70:db:4c:1c:
cd:ec:0e:1e:c2:46:c8:76:f4:83:0e:c5:50:30:c9:c3:f8:82:
5a:1c:db:53
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAwkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTJBMUYxMTAvBgNVBAUTKDY5MzlGQzA0MERBNUMzMEI3NjZEQzc5NEY5Q0E0QzJG
NDFBQ0FFRUEwHhcNMjMwOTE5MDE0MjU5WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA4ZmNhMy03MDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwjC9+ETPUh9mbzSTODT1qOATqrzyrxsnMceNaNuHqu1CHqOx9/AqeuA5W8Gf
zCA9FqsFMQrdYC5tOvay0Es3HVaT38LGc95b0h/mq9NrCrAnLz44P7AzHP0a1wsv
/S7DYgrsN9X71QO+pRkB8fwXXj3rTOyMWYv35yZTYdaWk05oOFhtOvFq1g7Gr78j
PbEEYqu/FysoXtIqDUI9jqo4K/ZfnZd170JrNkzvZn8uOQpFTKPrXukK1y6lMc/u
LDtqJrtQUQzrobpJqqQZ3xAp1NIGbo+6O4bVkGXFCjbzrfZAykHPLd/w+tIe1ozi
2hEzaK/D1/8UruDHwxVGpi7yKwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC9PBYPQ
P24Xlti1G3Nr7M0DpU0hMB8GA1UdIwQYMBaAFGk5/AQNpcMLdm3HlPnKTC9BrK7q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMkExRi8xRUNGRkM0QzYy
MTkxMUVDOTlBNTVGM0VDNEY5QUUwMi9hVG44QkEybHd3dDJiY2VVLWNwTUwwR3Ny
dW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FUbjhCQTJsd3d0MmJjZVUtY3BNTDBHc3J1by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTJBMUYvMUVDRkZDNEM2MjE5MTFFQzk5QTU1RjNFQzRGOUFFMDIvQkUyNTc3OTZF
QUZDMTFFRDlGNERDNTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnYBoDBAF7/cIwDQYJKoZIhvcNAQELBQADggEBAF1QY4S0
H99N1bdxL0xhQ3UbkAPvcKeKeK/xTOox4RfSN3+DsjOJ6Lld2Yo/oLuNtMJcaC9c
uHVbu9Nps4SR2rd4QocAJUcg442bXKpyNfOO1OdeSlhEzYDBXkfAz2zKqX2slPt0
eNBV8xzOV3qyOoOuCL/h5JN6Iqiy6pZX0/Ti1tnu7xbRv6cfQRv7B89liQuEOOrB
leb84oKOcGexSuzqchZLu2MdnWai7CmQzfZC+tPksakiFmltu+cLX3UBqptN+PvC
Px48BNmwLTswzgs5QngM8lNFg3If9LPS6Hb2dh8F8eu+cNtMHM3sDh7CRsh29IMO
xVAwycP4gloc21M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org