Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/4EC5DFE61FEC11EF8D3A6C82C4F9AE02.roa
File: 4EC5DFE61FEC11EF8D3A6C82C4F9AE02.roa (raw, json)
Hash identifier: Wy5hUBrE9kjv92/xDvwI9hhNhDdwj8R1Mnyf7CScDw0=
Subject key identifier: F3:08:F9:AE:B7:AC:6D:D2:C5:9C:9E:C4:D0:48:53:F6:08:CA:03:39
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0C38
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/4EC5DFE61FEC11EF8D3A6C82C4F9AE02.roa
Signing time: Sat 01 Jun 2024 07:56:52 +0000
ROA not before: Sat 01 Jun 2024 07:56:52 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 43260
IP address blocks: 103.205.180.0/22 maxlen: 22
103.205.180.0/24 maxlen: 24
103.205.181.0/24 maxlen: 24
103.205.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 06:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3128 (0xc38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Jun 1 07:56:52 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=665ad443-ed47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0c:89:25:48:87:98:6a:6d:51:72:49:28:5a:
b9:b3:e1:6b:e0:4f:fa:b7:67:1c:ee:34:da:17:f7:
5d:37:c4:7e:eb:eb:cc:20:ea:19:90:fa:cb:0a:4e:
97:61:83:9f:61:e6:8b:31:83:ed:b6:15:84:f4:73:
ef:a8:be:8a:d0:5e:b8:58:97:4d:44:77:c5:cb:14:
9b:07:ab:ee:fb:1e:ed:9d:fc:e2:78:56:64:52:b4:
46:56:83:3c:b1:fe:07:ea:94:63:cd:36:eb:4d:bb:
ab:68:e4:f9:13:10:a7:e7:30:8a:20:92:10:39:cb:
f3:fa:3a:8b:9a:41:e3:27:d0:e6:75:92:35:5b:87:
bb:45:94:62:48:93:5c:3f:81:55:01:d0:a8:d7:b9:
4d:63:69:62:97:6a:90:9d:f1:ab:ff:a0:57:0b:a2:
f6:ad:32:7b:47:e6:3d:4e:11:f9:a9:71:74:dc:1d:
70:9b:9c:0e:71:b9:7c:a7:bd:4a:94:15:a9:21:13:
f9:4f:ec:20:3b:e7:fb:a5:60:a2:38:de:1b:4b:06:
3a:34:2c:39:6f:1a:9f:99:7b:a5:74:cf:a9:eb:ec:
b0:b5:47:5a:47:cf:20:de:14:46:84:81:4d:e9:68:
80:61:ea:4a:2c:ae:ae:3e:b0:b3:87:b5:1c:c9:77:
8c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:08:F9:AE:B7:AC:6D:D2:C5:9C:9E:C4:D0:48:53:F6:08:CA:03:39
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/4EC5DFE61FEC11EF8D3A6C82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.180.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:b5:68:41:15:a4:23:01:a2:52:ab:c9:f0:46:8f:ad:96:3d:
1d:38:98:42:c0:b5:5b:94:83:30:bc:ed:51:63:a8:c5:2b:d1:
7c:67:b6:1d:5f:0d:09:78:5d:4f:3a:7b:41:45:75:d3:d2:9b:
de:b3:5d:db:7c:8f:25:6f:53:4d:e3:21:41:45:d3:8b:1f:33:
d6:b1:46:86:32:68:15:34:64:33:a2:ce:4a:56:92:a9:fc:92:
b2:d7:99:91:92:90:9c:8f:c2:1a:e4:0e:5b:4a:98:88:07:56:
0e:4c:25:2e:25:60:74:aa:79:54:da:21:c9:90:de:98:1d:c8:
f8:05:3f:f9:c7:a3:44:80:49:17:f8:67:0b:3a:8f:78:c5:ed:
1b:a4:f7:1b:bc:97:d1:7d:66:25:ab:0f:7d:fb:63:3c:12:a4:
62:31:0c:1e:ba:71:b4:dc:9a:7d:7e:18:78:9c:e2:a8:b7:94:
15:89:69:e6:3c:94:e7:9b:d3:1c:c5:6c:a9:49:14:df:ed:b2:
ca:b6:25:6b:ce:65:9e:55:80:52:69:6c:fc:cb:70:9b:a9:a1:
73:71:c6:47:57:64:c5:ba:da:31:0c:14:c6:2b:79:22:fb:8b:
e1:da:6b:02:9b:d9:e9:eb:2a:cf:67:37:96:1e:65:a4:39:e1:
ce:1d:75:79
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwNjAxMDc1NjUyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVhZDQ0My1lZDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsgyJJUiHmGptUXJJKFq5s+Fr4E/6t2cc7jTaF/ddN8R+6+vMIOoZkPrLCk6X
YYOfYeaLMYPtthWE9HPvqL6K0F64WJdNRHfFyxSbB6vu+x7tnfzieFZkUrRGVoM8
sf4H6pRjzTbrTburaOT5ExCn5zCKIJIQOcvz+jqLmkHjJ9DmdZI1W4e7RZRiSJNc
P4FVAdCo17lNY2lil2qQnfGr/6BXC6L2rTJ7R+Y9ThH5qXF03B1wm5wOcbl8p71K
lBWpIRP5T+wgO+f7pWCiON4bSwY6NCw5bxqfmXuldM+p6+ywtUdaR88g3hRGhIFN
6WiAYepKLK6uPrCzh7UcyXeMzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPMI+a63
rG3SxZyexNBIU/YIygM5MB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvNEVDNURGRTYx
RkVDMTFFRjhEM0E2QzgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnzbQwDQYJKoZIhvcNAQELBQADggEBAKm1aEEVpCMBolKr
yfBGj62WPR04mELAtVuUgzC87VFjqMUr0Xxnth1fDQl4XU86e0FFddPSm96zXdt8
jyVvU03jIUFF04sfM9axRoYyaBU0ZDOizkpWkqn8krLXmZGSkJyPwhrkDltKmIgH
Vg5MJS4lYHSqeVTaIcmQ3pgdyPgFP/nHo0SASRf4Zws6j3jF7Ruk9xu8l9F9ZiWr
D337YzwSpGIxDB66cbTcmn1+GHic4qi3lBWJaeY8lOeb0xzFbKlJFN/tssq2JWvO
ZZ5VgFJpbPzLcJupoXNxxkdXZMW62jEMFMYreSL7i+HaawKb2enrKs9nN5YeZaQ5
4c4ddXk=
-----END CERTIFICATE-----
Generated at Fri Sep 6 08:35:59 2024 by rpki-client on console-ams.rpki-client.org