Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/5C8BCD4AD5E911EE8B8A1F4EC4F9AE02.roa
File: 5C8BCD4AD5E911EE8B8A1F4EC4F9AE02.roa (raw, json)
Hash identifier: +nKsBzG4QB7i/Pfs0hHoH1m01d9ZTAvkA2oeauBvBk4=
Subject key identifier: 02:5E:B1:D0:0A:A3:B9:12:94:90:E8:48:0D:24:99:32:C4:F0:10:4A
Certificate issuer: /CN=A91B036A/serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A
Certificate serial: 3F
Authority key identifier: 0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/5C8BCD4AD5E911EE8B8A1F4EC4F9AE02.roa
Signing time: Wed 28 Feb 2024 03:43:26 +0000
ROA not before: Wed 28 Feb 2024 03:43:26 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 24334
IP address blocks: 103.11.88.0/22 maxlen: 24
202.83.240.0/21 maxlen: 21
202.83.240.0/24 maxlen: 24
202.83.241.0/24 maxlen: 24
202.83.242.0/24 maxlen: 24
202.83.243.0/24 maxlen: 24
202.83.244.0/24 maxlen: 24
202.83.245.0/24 maxlen: 24
202.83.246.0/24 maxlen: 24
202.83.247.0/24 maxlen: 24
202.171.208.0/21 maxlen: 21
202.171.208.0/24 maxlen: 24
202.171.209.0/24 maxlen: 24
202.171.210.0/24 maxlen: 24
202.171.211.0/24 maxlen: 24
202.171.212.0/24 maxlen: 24
202.171.213.0/24 maxlen: 24
202.171.214.0/24 maxlen: 24
202.171.215.0/24 maxlen: 24
203.142.88.0/21 maxlen: 21
203.142.88.0/24 maxlen: 24
203.142.89.0/24 maxlen: 24
203.142.90.0/24 maxlen: 24
203.142.91.0/24 maxlen: 24
203.142.92.0/24 maxlen: 24
203.142.93.0/24 maxlen: 24
203.142.94.0/24 maxlen: 24
203.142.95.0/24 maxlen: 24
2404:1a0::/30 maxlen: 32
2404:1a0:1002::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 22 Mar 2024 02:18:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63 (0x3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B036A/serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A
Validity
Not Before: Feb 28 03:43:26 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65deabde-6602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bd:e1:30:da:df:c6:a3:e8:7f:75:17:7e:95:
f6:20:3c:8a:e8:98:36:e7:a3:58:2c:0a:f7:25:fc:
2b:30:67:71:78:b3:3d:fe:c0:31:93:6b:81:93:96:
4c:de:bc:8b:a9:c6:59:07:cc:fa:7a:d0:28:27:b1:
44:ec:3b:91:c5:d3:24:63:f0:79:f3:0f:9f:94:e5:
d2:cd:54:67:16:07:df:a6:4c:29:60:db:4d:00:d3:
f5:9f:6b:a3:26:10:d7:9e:85:f2:3e:2c:ef:29:f8:
55:33:84:5d:c8:ba:5d:f1:02:8c:27:e7:18:63:7e:
3e:f6:8b:c9:1c:67:74:ef:ec:09:65:0e:18:98:37:
4c:a2:cc:c9:11:40:30:a4:87:b5:b3:29:18:f7:be:
d6:13:a3:07:9a:c9:ac:fd:2e:01:fe:34:3e:ef:c6:
49:3a:4d:ea:13:f1:c6:76:ab:65:94:06:e9:bb:ae:
0f:90:e9:10:f7:84:5d:63:ba:16:92:f0:69:d2:4b:
37:cd:76:57:f4:9c:0a:52:76:f0:a9:63:24:0c:bd:
8a:10:2b:8f:17:d2:0f:cc:9a:54:23:ef:95:df:0a:
0b:95:66:14:a9:fd:d5:34:3f:72:81:38:22:f5:18:
68:21:2f:04:6f:23:a0:91:af:e2:43:3a:98:3f:04:
d0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:5E:B1:D0:0A:A3:B9:12:94:90:E8:48:0D:24:99:32:C4:F0:10:4A
X509v3 Authority Key Identifier:
keyid:0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/5C8BCD4AD5E911EE8B8A1F4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.88.0/22
202.83.240.0/21
202.171.208.0/21
203.142.88.0/21
IPv6:
2404:1a0::/30
Signature Algorithm: sha256WithRSAEncryption
6d:6e:2c:d6:72:1b:d0:1c:87:3f:ef:1f:96:5a:f8:0e:82:53:
ab:8f:8a:bf:0f:8a:21:97:29:73:a8:d2:91:4d:fb:c4:a8:f0:
15:b4:dc:c2:b0:8f:9a:42:aa:00:bb:b9:f0:8a:de:9d:39:0b:
bb:ed:1c:d4:92:c9:44:a6:e6:28:aa:15:a1:19:47:cf:8c:cc:
02:b6:62:32:e3:38:f1:63:cb:8c:84:b0:bb:fc:ab:21:08:4a:
2d:60:02:69:35:65:df:9a:83:12:52:7e:13:37:9d:0d:08:8a:
db:1b:da:bc:9e:40:cf:78:92:0f:3e:5b:aa:7c:e1:bb:ae:21:
83:4d:07:ad:7b:b6:80:1a:8b:1a:59:41:03:8e:f6:be:61:e7:
cf:dd:1a:5b:66:a9:5e:71:fc:30:4a:f5:e1:ae:58:5c:da:a5:
20:cb:ce:64:9a:47:dd:6f:6a:9f:c5:8a:4d:75:2b:78:64:b2:
a7:c4:77:c6:91:65:6b:dc:dc:33:4c:9c:95:0c:c0:bb:c8:b7:
9d:27:f7:93:19:f8:3f:a8:8e:85:5d:7f:53:98:3c:67:8e:cd:
f5:82:7d:9e:99:95:c9:6f:5f:ad:ae:30:fa:3f:90:e1:e9:4c:
67:c2:a0:f3:73:7d:25:b1:b5:c9:9b:67:db:8a:57:0f:ec:71:
4c:d9:2d:85
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
MDM2QTExMC8GA1UEBRMoMEYxN0YzN0RCQzk0ODREOTZFMUEwQUJDNzhBNEY5Q0FD
RDVFREE4QTAeFw0yNDAyMjgwMzQzMjZaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZGVhYmRlLTY2MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClveEw2t/Go+h/dRd+lfYgPIromDbno1gsCvcl/CswZ3F4sz3+wDGTa4GTlkze
vIupxlkHzPp60CgnsUTsO5HF0yRj8HnzD5+U5dLNVGcWB9+mTClg200A0/Wfa6Mm
ENeehfI+LO8p+FUzhF3Iul3xAown5xhjfj72i8kcZ3Tv7AllDhiYN0yizMkRQDCk
h7WzKRj3vtYToweayaz9LgH+ND7vxkk6TeoT8cZ2q2WUBum7rg+Q6RD3hF1juhaS
8GnSSzfNdlf0nApSdvCpYyQMvYoQK48X0g/MmlQj75XfCguVZhSp/dU0P3KBOCL1
GGghLwRvI6CRr+JDOpg/BNDbAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUAl6x0Aqj
uRKUkOhIDSSZMsTwEEowHwYDVR0jBBgwFoAUDxfzfbyUhNluGgq8eKT5ys1e2oow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwMzZBL0JCQzJGNzc2RDFG
MTExRUU4NjA1MUE2MUM0RjlBRTAyL0R4ZnpmYnlVaE5sdUdncThlS1Q1eXMxZTJv
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRHhmemZieVVoTmx1R2dxOGVLVDV5czFlMm9vLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MDM2QS9CQkMyRjc3NkQxRjExMUVFODYwNTFBNjFDNEY5QUUwMi81QzhCQ0Q0QUQ1
RTkxMUVFOEI4QTFGNEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAmcLWAMEA8pT8AMEA8qr0AMEA8uOWDANBAIAAjAHAwUCJAQB
oDANBgkqhkiG9w0BAQsFAAOCAQEAbW4s1nIb0ByHP+8fllr4DoJTq4+Kvw+KIZcp
c6jSkU37xKjwFbTcwrCPmkKqALu58IrenTkLu+0c1JLJRKbmKKoVoRlHz4zMArZi
MuM48WPLjISwu/yrIQhKLWACaTVl35qDElJ+EzedDQiK2xvavJ5Az3iSDz5bqnzh
u64hg00HrXu2gBqLGllBA472vmHnz90aW2apXnH8MEr14a5YXNqlIMvOZJpH3W9q
n8WKTXUreGSyp8R3xpFla9zcM0yclQzAu8i3nSf3kxn4P6iOhV1/U5g8Z47N9YJ9
npmVyW9fra4w+j+Q4elMZ8Kg83N9JbG1yZtn24pXD+xxTNkthQ==
-----END CERTIFICATE-----
Generated at Fri Mar 22 05:20:54 2024 by rpki-client on console-fra.rpki-client.org