Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/E3382E5A169A11EF8722B02DC4F9AE02.roa
File: E3382E5A169A11EF8722B02DC4F9AE02.roa (raw, json)
Hash identifier: BIplTk3LzUb20tMlVdZFvpr35NsWH5m9piKjqbm7foU=
Subject key identifier: 11:C9:0B:1E:92:C1:F8:A3:71:7A:BF:84:7C:70:E4:68:2C:1F:B9:96
Certificate issuer: /CN=A91C7C04/serialNumber=0AE222EC5E17A6E632B559D49C5B1EF332DA43CB
Certificate serial: 0617
Authority key identifier: 0A:E2:22:EC:5E:17:A6:E6:32:B5:59:D4:9C:5B:1E:F3:32:DA:43:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/E3382E5A169A11EF8722B02DC4F9AE02.roa
Signing time: Mon 20 May 2024 11:19:57 +0000
ROA not before: Mon 20 May 2024 11:19:57 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137547
IP address blocks: 103.42.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 02:33:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1559 (0x617)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7C04/serialNumber=0AE222EC5E17A6E632B559D49C5B1EF332DA43CB
Validity
Not Before: May 20 11:19:57 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=664b31dc-78f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:63:5f:e5:f1:93:ee:1c:00:de:8f:9b:b0:1f:
bc:18:c1:e9:50:26:f8:bf:9e:33:ff:0a:a4:6d:d9:
7c:04:47:89:11:95:d6:5a:29:68:10:77:cb:2c:6a:
71:be:89:84:79:2a:83:d5:cf:37:98:f6:ee:11:f4:
34:53:9c:19:7a:9d:df:25:22:e1:1e:73:ec:b9:7f:
7f:3d:9c:75:fd:f5:05:75:d5:75:93:ec:5b:b5:e1:
d3:b8:76:f3:88:68:5a:b7:05:1e:ee:01:fc:2c:b2:
86:83:18:7f:dd:45:40:4d:43:6c:7b:d7:fa:8d:0a:
67:bf:aa:38:30:79:ea:51:64:75:c2:49:b7:dc:49:
cf:24:02:95:08:0b:20:43:ee:d7:02:2f:fa:98:56:
4c:eb:a9:a6:81:45:cb:56:57:27:80:26:71:e5:5c:
52:18:22:a0:f8:58:6c:66:60:37:3d:33:ae:44:4a:
2c:2b:15:04:59:c6:ad:f3:8b:48:c9:38:97:2c:7c:
eb:6c:ba:6f:2b:62:8d:1b:16:b8:a0:a3:09:03:49:
ea:07:99:c2:5a:f8:b2:ef:71:99:ca:b6:ca:44:fb:
fb:38:7a:44:10:40:ba:c8:f1:55:d1:50:33:f3:53:
8b:48:ce:3e:fe:6d:9c:38:97:05:15:1c:1a:54:51:
c0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C9:0B:1E:92:C1:F8:A3:71:7A:BF:84:7C:70:E4:68:2C:1F:B9:96
X509v3 Authority Key Identifier:
keyid:0A:E2:22:EC:5E:17:A6:E6:32:B5:59:D4:9C:5B:1E:F3:32:DA:43:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/CuIi7F4XpuYytVnUnFse8zLaQ8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/E3382E5A169A11EF8722B02DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.180.0/22
Signature Algorithm: sha256WithRSAEncryption
62:0c:16:e1:b7:2a:7a:6b:d7:f5:ab:2d:fa:65:5b:2d:ea:fe:
a7:47:b8:d8:f5:50:73:71:27:9c:71:af:6f:b5:37:c1:7c:bb:
45:91:21:7b:61:75:24:6f:dd:54:6f:21:b1:e7:04:c8:00:b9:
8f:4a:c4:c9:70:9c:5a:b5:6e:30:15:94:d6:c2:19:31:d6:99:
5b:48:54:7a:f7:c8:8b:f8:8f:39:8f:e7:44:18:74:e1:35:e5:
55:a4:7c:eb:13:b7:9e:ab:f1:b9:73:c0:a1:2b:51:43:82:af:
3a:01:9e:86:5f:19:e8:b1:54:59:d8:3f:10:5e:2d:3c:a8:3e:
90:c7:8e:d4:07:c5:f5:79:14:a5:60:b0:93:e2:22:e9:b2:1f:
24:c0:16:1f:bf:b7:fc:65:75:41:83:2a:be:63:95:12:e1:04:
49:66:f1:43:66:91:62:2e:1a:b5:09:8f:dd:d2:5d:c5:a1:d3:
24:46:3e:60:c2:6c:ce:d1:9b:6f:8a:19:56:77:30:53:ac:e0:
84:6e:e0:33:ed:c5:56:5a:92:bb:d3:3a:66:14:54:c8:8e:82:
dd:30:ce:3a:91:c0:3e:43:b9:33:27:ea:03:4b:92:36:2e:ea:
58:5a:73:1c:d4:47:17:2a:11:13:1d:a0:cf:a6:c6:9c:e9:53:
80:2c:b3:96
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdDMDQxMTAvBgNVBAUTKDBBRTIyMkVDNUUxN0E2RTYzMkI1NTlENDlDNUIxRUYz
MzJEQTQzQ0IwHhcNMjQwNTIwMTExOTU3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRiMzFkYy03OGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxGNf5fGT7hwA3o+bsB+8GMHpUCb4v54z/wqkbdl8BEeJEZXWWiloEHfLLGpx
vomEeSqD1c83mPbuEfQ0U5wZep3fJSLhHnPsuX9/PZx1/fUFddV1k+xbteHTuHbz
iGhatwUe7gH8LLKGgxh/3UVATUNse9f6jQpnv6o4MHnqUWR1wkm33EnPJAKVCAsg
Q+7XAi/6mFZM66mmgUXLVlcngCZx5VxSGCKg+FhsZmA3PTOuREosKxUEWcat84tI
yTiXLHzrbLpvK2KNGxa4oKMJA0nqB5nCWviy73GZyrbKRPv7OHpEEEC6yPFV0VAz
81OLSM4+/m2cOJcFFRwaVFHAbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBHJCx6S
wfijcXq/hHxw5GgsH7mWMB8GA1UdIwQYMBaAFAriIuxeF6bmMrVZ1JxbHvMy2kPL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0MwNC9BMERCMzU1MjVG
QjQxMUVCQUI3QzZBMjNDNEY5QUUwMi9DdUlpN0Y0WHB1WXl0Vm5VbkZzZTh6TGFR
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0N1SWk3RjRYcHVZeXRWblVuRnNlOHpMYVE4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdDMDQvQTBEQjM1NTI1RkI0MTFFQkFCN0M2QTIzQzRGOUFFMDIvRTMzODJFNUEx
NjlBMTFFRjg3MjJCMDJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnKrQwDQYJKoZIhvcNAQELBQADggEBAGIMFuG3Knpr1/Wr
LfplWy3q/qdHuNj1UHNxJ5xxr2+1N8F8u0WRIXthdSRv3VRvIbHnBMgAuY9KxMlw
nFq1bjAVlNbCGTHWmVtIVHr3yIv4jzmP50QYdOE15VWkfOsTt56r8blzwKErUUOC
rzoBnoZfGeixVFnYPxBeLTyoPpDHjtQHxfV5FKVgsJPiIumyHyTAFh+/t/xldUGD
Kr5jlRLhBElm8UNmkWIuGrUJj93SXcWh0yRGPmDCbM7Rm2+KGVZ3MFOs4IRu4DPt
xVZakrvTOmYUVMiOgt0wzjqRwD5DuTMn6gNLkjYu6lhacxzURxcqERMdoM+mxpzp
U4Ass5Y=
-----END CERTIFICATE-----
Generated at Fri Sep 27 03:59:55 2024 by rpki-client on console-fra.rpki-client.org