Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/7ED9B5540D5911EF9550A82FC4F9AE02.roa
File: 7ED9B5540D5911EF9550A82FC4F9AE02.roa (raw, json)
Hash identifier: iwdVxW3g3uSUZps1fc6hqQ9xSUJE8zD6cQnpw4+98x4=
Subject key identifier: 36:8A:B1:AF:C9:22:B2:0A:7E:7E:A5:67:D4:32:A5:ED:45:08:37:9A
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0BC4
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/7ED9B5540D5911EF9550A82FC4F9AE02.roa
Signing time: Wed 08 May 2024 16:39:10 +0000
ROA not before: Wed 08 May 2024 16:39:10 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 43260
IP address blocks: 103.205.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 05:45:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3012 (0xbc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: May 8 16:39:10 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=663baaae-faf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1c:e9:e7:77:cc:70:09:0f:39:e7:33:72:59:
e0:93:6d:b0:62:35:45:d8:34:6f:d1:77:c1:70:a5:
04:b7:a0:97:8c:16:35:3b:2e:ca:ce:5b:6a:b5:aa:
c2:9a:e5:06:b6:84:b3:0e:ce:58:2a:8c:b1:30:1d:
69:38:61:41:40:d1:1f:36:ad:23:98:d6:86:d1:86:
8b:fa:7b:20:8d:ad:af:ea:16:79:16:2c:dc:4d:1c:
58:70:c7:21:24:74:23:3e:5f:c1:0e:a5:84:1a:68:
b3:88:8b:29:1a:0e:68:11:3f:3c:ab:be:6f:fb:ce:
6a:de:d5:de:f6:00:e2:98:41:2b:91:96:d6:73:3b:
62:04:55:d9:3f:20:b8:78:3d:fe:7b:61:48:be:07:
3f:57:f9:99:62:64:0a:cd:6e:c3:97:6a:db:eb:be:
c9:a6:1c:74:9c:7e:93:22:7c:45:44:e0:93:3f:73:
9d:09:62:1e:71:f1:ee:c7:52:13:38:0b:4e:66:33:
36:2c:e2:c2:50:e1:eb:29:1f:a1:f2:59:d5:6a:b6:
e0:1e:7e:c1:d9:b1:86:40:88:91:2e:99:a3:c2:d1:
a5:d3:16:d0:e5:e5:e5:d7:b9:ea:8b:ae:29:67:fd:
bb:71:51:ca:7b:c7:1b:16:77:b0:fb:bc:00:d5:73:
37:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:8A:B1:AF:C9:22:B2:0A:7E:7E:A5:67:D4:32:A5:ED:45:08:37:9A
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/7ED9B5540D5911EF9550A82FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.180.0/24
Signature Algorithm: sha256WithRSAEncryption
57:7f:99:4c:d9:dc:13:05:28:85:93:d9:3c:f6:c8:3e:56:b4:
ee:19:0d:05:f9:73:cf:e2:6b:e9:f2:b7:24:0f:02:d0:1d:54:
58:96:be:5e:03:6d:02:ef:00:ae:f9:e3:11:14:ab:e0:8e:d6:
b9:75:55:a3:7e:8c:b8:c9:10:2f:9f:1e:20:ff:fa:2b:fd:0c:
bb:34:04:e9:22:b3:cb:51:47:55:37:02:28:35:ee:4d:22:77:
96:01:22:fd:f7:85:63:2c:c2:d0:f6:8b:0f:80:ef:05:43:6b:
de:5b:81:72:0e:9e:5b:82:d5:41:93:77:3a:21:49:bb:78:41:
b9:fb:05:39:70:e9:c4:60:0c:46:1f:7e:72:36:1b:97:1d:29:
40:ff:5a:75:fa:c7:cd:ce:29:9d:b8:c8:40:7d:8b:bf:a9:28:
d9:08:41:65:ee:52:d6:61:dc:8a:8d:c3:8a:08:6e:d9:01:98:
62:66:1b:76:37:4c:da:9d:5c:c1:4c:e9:76:b6:e6:64:d7:f5:
99:bc:bf:b2:9a:03:a2:cb:00:61:2f:89:fa:a9:93:4e:58:b6:
eb:b4:ac:98:b4:84:07:a7:a0:f9:a9:7b:10:ad:e4:1c:9a:c3:
05:4a:2d:60:e5:b5:01:f9:f9:5a:dd:91:00:6b:b8:6f:51:42:
ee:2f:2b:af
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC8QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwNTA4MTYzOTEwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNiYWFhZS1mYWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxhzp53fMcAkPOeczclngk22wYjVF2DRv0XfBcKUEt6CXjBY1Oy7KzltqtarC
muUGtoSzDs5YKoyxMB1pOGFBQNEfNq0jmNaG0YaL+nsgja2v6hZ5FizcTRxYcMch
JHQjPl/BDqWEGmiziIspGg5oET88q75v+85q3tXe9gDimEErkZbWcztiBFXZPyC4
eD3+e2FIvgc/V/mZYmQKzW7Dl2rb677Jphx0nH6TInxFROCTP3OdCWIecfHux1IT
OAtOZjM2LOLCUOHrKR+h8lnVarbgHn7B2bGGQIiRLpmjwtGl0xbQ5eXl17nqi64p
Z/27cVHKe8cbFnew+7wA1XM3swIDAQABo4IClTCCApEwHQYDVR0OBBYEFDaKsa/J
IrIKfn6lZ9Qype1FCDeaMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvN0VEOUI1NTQw
RDU5MTFFRjk1NTBBODJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnzbQwDQYJKoZIhvcNAQELBQADggEBAFd/mUzZ3BMFKIWT
2Tz2yD5WtO4ZDQX5c8/ia+nytyQPAtAdVFiWvl4DbQLvAK754xEUq+CO1rl1VaN+
jLjJEC+fHiD/+iv9DLs0BOkis8tRR1U3Aig17k0id5YBIv33hWMswtD2iw+A7wVD
a95bgXIOnluC1UGTdzohSbt4Qbn7BTlw6cRgDEYffnI2G5cdKUD/WnX6x83OKZ24
yEB9i7+pKNkIQWXuUtZh3IqNw4oIbtkBmGJmG3Y3TNqdXMFM6Xa25mTX9Zm8v7Ka
A6LLAGEvifqpk05Ytuu0rJi0hAenoPmpexCt5ByawwVKLWDltQH5+VrdkQBruG9R
Qu4vK68=
-----END CERTIFICATE-----
Generated at Fri May 10 10:50:10 2024 by rpki-client on console-fra.rpki-client.org