Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1DB8/16CBC054A11E11E89E636710C4F9AE02/3C1707CEC07611EEB6C59044C4F9AE02.roa
File: 3C1707CEC07611EEB6C59044C4F9AE02.roa (raw, json)
Hash identifier: FyWY4fWj3o9RJXEVUC0nqcJcDJvCixivl6RqLP2VRCA=
Subject key identifier: 27:29:25:53:D7:DE:56:3F:9B:83:B3:5F:87:C5:94:A3:15:B0:A6:7B
Certificate issuer: /CN=A91C1DB8/serialNumber=C319AF7BB4F981611AD00C32F8A357DE6353DC36
Certificate serial: 1297
Authority key identifier: C3:19:AF:7B:B4:F9:81:61:1A:D0:0C:32:F8:A3:57:DE:63:53:DC:36
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxmve7T5gWEa0Awy-KNX3mNT3DY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1DB8/16CBC054A11E11E89E636710C4F9AE02/3C1707CEC07611EEB6C59044C4F9AE02.roa
Signing time: Wed 31 Jan 2024 20:20:54 +0000
ROA not before: Wed 31 Jan 2024 20:20:54 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 10204
IP address blocks: 103.229.32.0/24 maxlen: 24
103.229.33.0/24 maxlen: 24
103.229.34.0/24 maxlen: 24
103.229.35.0/24 maxlen: 24
203.115.192.0/18 maxlen: 18
203.115.192.0/19 maxlen: 19
203.115.192.0/21 maxlen: 21
203.115.192.0/24 maxlen: 24
203.115.199.0/24 maxlen: 24
203.115.201.0/24 maxlen: 24
203.115.205.0/24 maxlen: 24
203.115.208.0/21 maxlen: 21
203.115.208.0/24 maxlen: 24
203.115.211.0/24 maxlen: 24
203.115.212.0/22 maxlen: 22
203.115.217.0/24 maxlen: 24
203.115.222.0/24 maxlen: 24
203.115.224.0/19 maxlen: 23
203.115.224.0/20 maxlen: 24
203.115.240.0/23 maxlen: 24
203.115.242.0/24 maxlen: 24
203.115.244.0/22 maxlen: 24
203.115.248.0/21 maxlen: 24
2001:c18::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 31 Jan 2024 21:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4759 (0x1297)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1DB8/serialNumber=C319AF7BB4F981611AD00C32F8A357DE6353DC36
Validity
Not Before: Jan 31 20:20:54 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65baaba6-0546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3a:8f:a7:f2:d9:21:bc:8c:f4:f7:b3:a9:85:
6e:0d:91:73:26:76:39:98:da:59:2e:56:9e:77:b7:
de:49:3f:28:36:b1:ad:a3:ac:3a:62:86:9e:ca:d7:
b6:af:07:87:c8:5c:8d:8b:2a:d4:aa:c1:38:7c:2a:
e4:50:b9:1d:5a:ca:7d:6d:27:5e:bc:72:92:18:15:
1f:3a:e9:d7:a0:29:3c:dc:ef:75:d6:7f:21:2c:c9:
c9:ef:bd:6b:5d:69:ef:a9:6d:34:4b:ec:80:9c:72:
e7:75:c2:95:3d:ea:3b:15:13:c5:d9:02:b4:bf:67:
72:58:fb:ad:7e:5b:38:00:53:60:ab:ff:39:61:3b:
d2:ba:d5:a9:0e:e3:44:2c:99:e5:c6:b2:27:d6:5f:
87:a1:51:e2:83:5a:29:61:82:73:e4:61:c9:41:f4:
43:0c:d7:5c:37:66:13:1b:22:44:9a:2f:83:65:03:
25:fa:62:bd:38:56:84:1e:be:4e:15:ed:f4:6a:72:
b5:d1:b3:09:3c:6a:8c:7c:9f:7a:97:2e:be:38:60:
e9:c6:64:da:ad:a3:c5:0a:c5:88:6f:c8:05:c8:4f:
fe:b5:4c:11:00:c2:7f:6e:13:73:c0:6d:fe:ed:05:
a1:cb:c5:10:a0:7f:87:9c:84:4d:d1:84:ef:91:be:
c4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:29:25:53:D7:DE:56:3F:9B:83:B3:5F:87:C5:94:A3:15:B0:A6:7B
X509v3 Authority Key Identifier:
keyid:C3:19:AF:7B:B4:F9:81:61:1A:D0:0C:32:F8:A3:57:DE:63:53:DC:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/16CBC054A11E11E89E636710C4F9AE02/wxmve7T5gWEa0Awy-KNX3mNT3DY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxmve7T5gWEa0Awy-KNX3mNT3DY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/16CBC054A11E11E89E636710C4F9AE02/3C1707CEC07611EEB6C59044C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.229.32.0/22
203.115.192.0/18
IPv6:
2001:c18::/32
Signature Algorithm: sha256WithRSAEncryption
b4:0f:d6:a4:e7:f4:de:00:2a:aa:91:85:15:8c:4a:cc:36:ed:
d1:fa:20:09:72:1f:8e:c8:15:b9:93:9a:d4:16:3c:da:63:d1:
f1:54:87:15:e7:63:3b:fa:47:f1:78:a2:b9:50:23:f4:59:5b:
f4:31:63:65:d1:7c:13:a1:d3:4b:38:76:5d:86:20:47:3f:bd:
76:6b:dd:00:de:20:69:f5:a8:91:f1:8a:dd:d6:9d:89:30:e7:
2d:bf:05:b6:a2:29:a0:b2:96:49:e9:f8:ac:08:8c:35:e5:7a:
68:43:aa:cc:86:d9:e5:cd:99:a5:1c:27:fd:ba:9a:0d:b9:67:
89:c1:4f:56:dc:31:3f:be:f0:28:f7:9a:3e:ab:b6:00:fc:33:
a8:99:1d:d7:48:fe:e2:3d:5f:87:be:2c:eb:de:32:b4:fc:86:
c3:28:8f:01:20:37:2d:d7:bd:ed:2f:d0:ed:e3:c4:7d:00:54:
5a:03:b3:27:0b:43:63:22:27:8b:37:64:47:82:29:27:b2:be:
12:2b:e8:09:06:e9:36:38:14:d7:a5:a6:46:bf:62:99:0c:0f:
c6:d6:ed:da:d5:08:d7:05:a3:e9:38:88:19:94:2b:3a:17:e8:
7a:4f:dc:6e:2b:ec:6f:3f:95:ee:9f:7a:6f:4a:b2:1b:5b:81:
f4:7e:71:33
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICEpcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFEQjgxMTAvBgNVBAUTKEMzMTlBRjdCQjRGOTgxNjExQUQwMEMzMkY4QTM1N0RF
NjM1M0RDMzYwHhcNMjQwMTMxMjAyMDU0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJhYWJhNi0wNTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTqPp/LZIbyM9PezqYVuDZFzJnY5mNpZLlaed7feST8oNrGto6w6Yoaeyte2
rweHyFyNiyrUqsE4fCrkULkdWsp9bSdevHKSGBUfOunXoCk83O911n8hLMnJ771r
XWnvqW00S+yAnHLndcKVPeo7FRPF2QK0v2dyWPutfls4AFNgq/85YTvSutWpDuNE
LJnlxrIn1l+HoVHig1opYYJz5GHJQfRDDNdcN2YTGyJEmi+DZQMl+mK9OFaEHr5O
Fe30anK10bMJPGqMfJ96ly6+OGDpxmTaraPFCsWIb8gFyE/+tUwRAMJ/bhNzwG3+
7QWhy8UQoH+HnIRN0YTvkb7EhwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFCcpJVPX
3lY/m4OzX4fFlKMVsKZ7MB8GA1UdIwQYMBaAFMMZr3u0+YFhGtAMMvijV95jU9w2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMURCOC8xNkNCQzA1NEEx
MUUxMUU4OUU2MzY3MTBDNEY5QUUwMi93eG12ZTdUNWdXRWEwQXd5LUtOWDNtTlQz
RFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3d4bXZlN1Q1Z1dFYTBBd3ktS05YM21OVDNEWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFEQjgvMTZDQkMwNTRBMTFFMTFFODlFNjM2NzEwQzRGOUFFMDIvM0MxNzA3Q0VD
MDc2MTFFRUI2QzU5MDQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJn5SADBAbLc8AwDQQCAAIwBwMFACABDBgwDQYJKoZIhvcN
AQELBQADggEBALQP1qTn9N4AKqqRhRWMSsw27dH6IAlyH47IFbmTmtQWPNpj0fFU
hxXnYzv6R/F4orlQI/RZW/QxY2XRfBOh00s4dl2GIEc/vXZr3QDeIGn1qJHxit3W
nYkw5y2/BbaiKaCylknp+KwIjDXlemhDqsyG2eXNmaUcJ/26mg25Z4nBT1bcMT++
8Cj3mj6rtgD8M6iZHddI/uI9X4e+LOveMrT8hsMojwEgNy3Xve0v0O3jxH0AVFoD
sycLQ2MiJ4s3ZEeCKSeyvhIr6AkG6TY4FNelpka/YpkMD8bW7drVCNcFo+k4iBmU
KzoX6HpP3G4r7G8/le6fem9KshtbgfR+cTM=
-----END CERTIFICATE-----
Generated at Thu Feb 1 00:36:26 2024 by rpki-client on console-ams.rpki-client.org