Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/2E10D01A26D911EE99AE0A0FC4F9AE02.roa
File: 2E10D01A26D911EE99AE0A0FC4F9AE02.roa (raw, json)
Hash identifier: WuWDjnv749lYLM94ZOU1gCq+ZzsYmce4UYGjh3zgaRI=
Subject key identifier: 24:F9:0B:EA:0E:DC:24:19:7A:6C:A7:29:D6:09:C1:96:97:50:CD:F1
Certificate issuer: /CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Certificate serial: 0CF6
Authority key identifier: 25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/2E10D01A26D911EE99AE0A0FC4F9AE02.roa
Signing time: Thu 04 Apr 2024 18:26:38 +0000
ROA not before: Thu 04 Apr 2024 18:26:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137547
IP address blocks: 103.88.94.0/23 maxlen: 23
103.88.94.0/24 maxlen: 24
103.88.95.0/24 maxlen: 24
220.158.194.0/23 maxlen: 23
220.158.194.0/24 maxlen: 24
220.158.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 16:41:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3318 (0xcf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Validity
Not Before: Apr 4 18:26:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660ef0de-065b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:22:aa:8a:7c:01:75:eb:7b:43:96:aa:7b:21:
91:7f:53:9f:04:e1:f3:7b:9b:e5:4f:31:5c:0c:d6:
b1:43:42:0a:ad:93:d6:5d:cf:80:6f:f3:2d:f7:e1:
4a:3b:a4:21:9f:d5:cf:da:59:c3:1e:c6:67:37:84:
a8:2b:79:61:bb:c9:0b:61:84:ca:ec:ab:98:a6:85:
91:06:14:ff:54:17:4d:8d:c9:c9:de:ba:50:5e:9d:
33:73:92:36:43:40:82:7e:8e:5b:92:fa:d1:84:b8:
60:1b:c4:ff:0d:d7:d7:23:3c:bf:a8:14:5a:94:22:
1b:a4:d9:23:6d:fd:22:41:33:8a:25:0f:3e:33:3e:
cc:c1:f5:ba:17:ce:ca:51:4a:fa:89:b5:bd:ee:1c:
64:6a:6d:be:e9:3f:11:11:d1:e0:41:33:03:58:61:
04:77:fb:92:92:ea:bc:95:fb:c5:d8:8b:98:f2:bd:
05:00:20:24:c5:50:25:42:b9:b3:00:49:aa:9d:a4:
3b:f6:38:af:93:9f:84:ec:e6:20:ed:0a:e1:60:82:
60:45:39:b0:63:c3:88:21:b4:7c:09:a2:87:95:fe:
5e:9e:d5:de:37:89:70:05:cf:3f:b2:04:a8:ae:82:
d4:5e:32:fc:3c:a2:31:b7:7a:78:8a:3f:fe:72:5c:
1b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F9:0B:EA:0E:DC:24:19:7A:6C:A7:29:D6:09:C1:96:97:50:CD:F1
X509v3 Authority Key Identifier:
keyid:25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/JVKQoBqpuRGLZu7aD5BfbUDbBa4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/2E10D01A26D911EE99AE0A0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.94.0/23
220.158.194.0/23
Signature Algorithm: sha256WithRSAEncryption
65:a6:db:fa:12:11:57:87:4f:e1:d8:c9:69:e9:23:e5:96:ad:
79:49:21:de:28:89:3f:0e:22:13:bf:f0:68:69:77:c4:23:13:
58:b6:72:f0:8e:01:78:0f:73:28:67:1d:68:81:90:9a:ce:5e:
f7:3f:21:36:6c:52:3a:23:7c:8e:76:8d:c7:ed:97:0f:40:49:
54:44:89:3c:4a:9d:f5:15:1f:8e:cb:4b:12:2e:61:5e:90:5f:
ad:6b:0c:35:a1:9f:8e:b2:6b:82:b4:bf:7b:62:ce:8a:cf:64:
29:be:ec:e3:da:3e:09:9e:f2:ca:e0:de:74:9d:7e:94:82:ff:
81:e4:08:db:b2:24:8a:62:2d:ad:c7:c1:71:65:c2:75:94:0f:
c6:57:73:09:00:17:b5:ae:b5:54:6b:30:0c:5e:08:ee:a8:df:
0e:0f:34:fb:0d:b5:cd:a4:c3:c8:b0:28:22:4a:d8:6b:67:50:
c6:10:3b:69:67:40:c2:7f:99:fa:e5:3a:74:4e:08:92:6c:51:
ba:aa:bf:52:dc:47:b6:77:f9:ef:c6:b8:ef:64:81:b1:22:f3:
97:66:5b:83:f3:ea:03:97:80:ce:d9:00:a5:cd:9e:5b:a1:b9:
7b:7c:54:b6:d1:d9:7c:fb:04:19:b9:f0:a4:af:a0:b6:c5:01:
d2:39:06:6d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlFMTkxMTAvBgNVBAUTKDI1NTI5MEEwMUFBOUI5MTE4QjY2RUVEQTBGOTA1RjZE
NDBEQjA1QUUwHhcNMjQwNDA0MTgyNjM4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBlZjBkZS0wNjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoSKqinwBdet7Q5aqeyGRf1OfBOHze5vlTzFcDNaxQ0IKrZPWXc+Ab/Mt9+FK
O6Qhn9XP2lnDHsZnN4SoK3lhu8kLYYTK7KuYpoWRBhT/VBdNjcnJ3rpQXp0zc5I2
Q0CCfo5bkvrRhLhgG8T/DdfXIzy/qBRalCIbpNkjbf0iQTOKJQ8+Mz7MwfW6F87K
UUr6ibW97hxkam2+6T8REdHgQTMDWGEEd/uSkuq8lfvF2IuY8r0FACAkxVAlQrmz
AEmqnaQ79jivk5+E7OYg7QrhYIJgRTmwY8OIIbR8CaKHlf5entXeN4lwBc8/sgSo
roLUXjL8PKIxt3p4ij/+clwbRQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCT5C+oO
3CQZemynKdYJwZaXUM3xMB8GA1UdIwQYMBaAFCVSkKAaqbkRi2bu2g+QX21A2wWu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUUxOS8zNTZGMkYzRUMx
QTUxMUU5QThCOEYzMzZDNEY5QUUwMi9KVktRb0JxcHVSR0xadTdhRDVCZmJVRGJC
YTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pWS1FvQnFwdVJHTFp1N2FENUJmYlVEYkJhNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlFMTkvMzU2RjJGM0VDMUE1MTFFOUE4QjhGMzM2QzRGOUFFMDIvMkUxMEQwMUEy
NkQ5MTFFRTk5QUUwQTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnWF4DBAHcnsIwDQYJKoZIhvcNAQELBQADggEBAGWm2/oS
EVeHT+HYyWnpI+WWrXlJId4oiT8OIhO/8Ghpd8QjE1i2cvCOAXgPcyhnHWiBkJrO
Xvc/ITZsUjojfI52jcftlw9ASVREiTxKnfUVH47LSxIuYV6QX61rDDWhn46ya4K0
v3tizorPZCm+7OPaPgme8srg3nSdfpSC/4HkCNuyJIpiLa3HwXFlwnWUD8ZXcwkA
F7WutVRrMAxeCO6o3w4PNPsNtc2kw8iwKCJK2GtnUMYQO2lnQMJ/mfrlOnROCJJs
Ubqqv1LcR7Z3+e/GuO9kgbEi85dmW4Pz6gOXgM7ZAKXNnluhuXt8VLbR2Xz7BBm5
8KSvoLbFAdI5Bm0=
-----END CERTIFICATE-----
Generated at Fri Sep 27 18:50:42 2024 by rpki-client on console-fra.rpki-client.org