Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DC3066AED22011EEA94BCB42C4F9AE02.roa
File: DC3066AED22011EEA94BCB42C4F9AE02.roa (raw, json)
Hash identifier: B8lzxhY9EMwhr1M4OtFj3Lp9lQZ3e76VTjuXHdgU06c=
Subject key identifier: 42:95:F0:53:CD:43:0F:10:CB:21:D1:70:46:C2:FD:91:5D:59:CD:CD
Certificate issuer: /CN=A91B036A/serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A
Certificate serial: 0F
Authority key identifier: 0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DC3066AED22011EEA94BCB42C4F9AE02.roa
Signing time: Fri 23 Feb 2024 08:05:12 +0000
ROA not before: Fri 23 Feb 2024 08:05:12 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 24334
IP address blocks: 103.11.88.0/22 maxlen: 22
103.11.88.0/24 maxlen: 24
103.11.89.0/24 maxlen: 24
103.11.90.0/24 maxlen: 24
103.11.91.0/24 maxlen: 24
202.83.240.0/21 maxlen: 21
202.83.240.0/24 maxlen: 24
202.83.241.0/24 maxlen: 24
202.83.242.0/24 maxlen: 24
202.83.243.0/24 maxlen: 24
202.83.244.0/24 maxlen: 24
202.83.245.0/24 maxlen: 24
202.83.246.0/24 maxlen: 24
202.83.247.0/24 maxlen: 24
202.171.208.0/21 maxlen: 21
202.171.208.0/24 maxlen: 24
202.171.209.0/24 maxlen: 24
202.171.210.0/24 maxlen: 24
202.171.211.0/24 maxlen: 24
202.171.212.0/24 maxlen: 24
202.171.213.0/24 maxlen: 24
202.171.214.0/24 maxlen: 24
202.171.215.0/24 maxlen: 24
203.142.88.0/21 maxlen: 21
203.142.88.0/24 maxlen: 24
203.142.89.0/24 maxlen: 24
203.142.90.0/24 maxlen: 24
203.142.91.0/24 maxlen: 24
203.142.92.0/24 maxlen: 24
203.142.93.0/24 maxlen: 24
203.142.94.0/24 maxlen: 24
203.142.95.0/24 maxlen: 24
2404:1a0::/30 maxlen: 32
Validation: Failed, certificate revoked on Fri 23 Feb 2024 08:10:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B036A/serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A
Validity
Not Before: Feb 23 08:05:12 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65d851b8-276c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:9b:b8:32:eb:f3:97:d6:d8:48:69:19:38:
3f:41:92:4c:61:ef:41:70:63:79:db:10:c4:2d:04:
71:f5:01:da:42:65:00:e2:43:ef:04:73:89:d6:10:
4e:01:f9:d8:f7:a4:d4:21:78:8e:94:ef:94:3a:b5:
0b:b3:47:1e:85:a7:d9:1d:32:f7:37:f5:2f:54:9c:
41:e3:c6:28:7b:c9:fb:d3:10:f0:89:54:2d:71:f0:
81:bc:b6:80:31:45:55:4e:b8:8a:30:8d:9b:df:b3:
ca:d8:af:8f:30:f7:ea:35:e0:a0:a9:99:e7:fd:3e:
ef:99:9a:7b:fc:fe:a6:50:6e:32:f1:da:b0:ea:fe:
63:07:25:5d:f5:a2:7b:e1:71:4a:b1:d0:61:a1:b3:
88:24:16:57:17:ee:73:5c:c4:1c:d3:3c:c6:f9:9d:
2b:70:c9:00:db:30:9f:7e:4c:26:60:53:e8:75:94:
af:67:1d:00:d9:d2:d1:17:7d:e6:6d:4d:2d:9b:62:
44:4d:17:ff:ea:f6:92:87:8e:1f:7f:bd:dc:8f:ec:
c2:1b:2c:c2:a1:d0:48:44:61:7c:a0:01:84:ff:dc:
84:25:33:ee:61:b5:13:d7:24:98:de:8c:c0:4c:1b:
79:14:c6:79:be:1b:45:ab:de:f3:21:d0:f4:d3:54:
c3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:95:F0:53:CD:43:0F:10:CB:21:D1:70:46:C2:FD:91:5D:59:CD:CD
X509v3 Authority Key Identifier:
keyid:0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DC3066AED22011EEA94BCB42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.88.0/22
202.83.240.0/21
202.171.208.0/21
203.142.88.0/21
IPv6:
2404:1a0::/30
Signature Algorithm: sha256WithRSAEncryption
87:51:cb:3a:f7:00:64:cc:57:49:42:56:ee:c9:05:e3:0f:10:
e5:1a:e3:f1:b0:ca:9a:0b:a6:5c:cd:56:84:91:be:1c:e0:56:
58:9b:25:89:61:ab:aa:b0:c7:1d:d9:23:b3:39:bc:f8:e1:89:
89:37:31:a8:d3:a3:8a:83:95:3b:a6:9e:b1:54:13:64:7d:2a:
8f:5d:a0:23:ca:e7:9c:ba:db:10:ae:8e:a9:44:6f:16:dd:b7:
4e:05:ee:12:50:e5:bc:65:04:7c:fe:5d:bb:31:b8:d7:10:5d:
b9:22:70:18:64:af:61:84:d3:07:43:19:ed:9d:3c:bf:02:07:
0e:f6:56:5c:9f:0c:ce:f4:26:e9:b9:99:c6:7d:7e:63:88:56:
97:6a:80:e3:54:3e:5a:b4:aa:d4:50:82:dc:70:80:75:87:09:
bc:c9:dd:e0:ee:cb:97:b9:92:e3:93:f1:ca:a3:7e:5c:07:b5:
bd:cd:1c:5b:c4:4f:c6:63:04:32:a2:aa:9f:d6:63:02:05:03:
55:b9:fb:bb:13:5e:68:b1:cf:b3:40:f1:d2:ae:41:08:08:d9:
29:59:27:59:db:2c:92:11:7c:c4:68:43:ee:8b:32:d6:fc:d1:
b8:df:e0:14:7c:69:9e:bf:72:87:99:05:e0:df:25:71:ef:b5:
74:b8:96:52
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBDzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
MDM2QTExMC8GA1UEBRMoMEYxN0YzN0RCQzk0ODREOTZFMUEwQUJDNzhBNEY5Q0FD
RDVFREE4QTAeFw0yNDAyMjMwODA1MTJaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZDg1MWI4LTI3NmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCl/5u4Muvzl9bYSGkZOD9Bkkxh70FwY3nbEMQtBHH1AdpCZQDiQ+8Ec4nWEE4B
+dj3pNQheI6U75Q6tQuzRx6Fp9kdMvc39S9UnEHjxih7yfvTEPCJVC1x8IG8toAx
RVVOuIowjZvfs8rYr48w9+o14KCpmef9Pu+Zmnv8/qZQbjLx2rDq/mMHJV31onvh
cUqx0GGhs4gkFlcX7nNcxBzTPMb5nStwyQDbMJ9+TCZgU+h1lK9nHQDZ0tEXfeZt
TS2bYkRNF//q9pKHjh9/vdyP7MIbLMKh0EhEYXygAYT/3IQlM+5htRPXJJjejMBM
G3kUxnm+G0Wr3vMh0PTTVMM1AgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUQpXwU81D
DxDLIdFwRsL9kV1Zzc0wHwYDVR0jBBgwFoAUDxfzfbyUhNluGgq8eKT5ys1e2oow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwMzZBL0JCQzJGNzc2RDFG
MTExRUU4NjA1MUE2MUM0RjlBRTAyL0R4ZnpmYnlVaE5sdUdncThlS1Q1eXMxZTJv
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRHhmemZieVVoTmx1R2dxOGVLVDV5czFlMm9vLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MDM2QS9CQkMyRjc3NkQxRjExMUVFODYwNTFBNjFDNEY5QUUwMi9EQzMwNjZBRUQy
MjAxMUVFQTk0QkNCNDJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAmcLWAMEA8pT8AMEA8qr0AMEA8uOWDANBAIAAjAHAwUCJAQB
oDANBgkqhkiG9w0BAQsFAAOCAQEAh1HLOvcAZMxXSUJW7skF4w8Q5Rrj8bDKmgum
XM1WhJG+HOBWWJsliWGrqrDHHdkjszm8+OGJiTcxqNOjioOVO6aesVQTZH0qj12g
I8rnnLrbEK6OqURvFt23TgXuElDlvGUEfP5duzG41xBduSJwGGSvYYTTB0MZ7Z08
vwIHDvZWXJ8MzvQm6bmZxn1+Y4hWl2qA41Q+WrSq1FCC3HCAdYcJvMnd4O7Ll7mS
45PxyqN+XAe1vc0cW8RPxmMEMqKqn9ZjAgUDVbn7uxNeaLHPs0Dx0q5BCAjZKVkn
WdsskhF8xGhD7osy1vzRuN/gFHxpnr9yh5kF4N8lce+1dLiWUg==
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:33 2024 by rpki-client on console-ams.rpki-client.org