Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/C869A5480F7B11EF98C46671C4F9AE02.roa
File: C869A5480F7B11EF98C46671C4F9AE02.roa (raw, json)
Hash identifier: ayTMbPndFOmwc9b07vf3iiCHuXi7w57DEQvJHN2IeqA=
Subject key identifier: 57:5F:C1:4F:A1:D0:01:9D:50:39:7B:6A:47:7F:76:29:4E:76:D7:4D
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0BD2
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/C869A5480F7B11EF98C46671C4F9AE02.roa
Signing time: Sat 11 May 2024 09:49:39 +0000
ROA not before: Sat 11 May 2024 09:49:39 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 43260
IP address blocks: 103.205.180.0/24 maxlen: 24
103.205.181.0/24 maxlen: 24
103.205.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 May 2024 13:36:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3026 (0xbd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: May 11 09:49:39 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=663f3f33-9390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:35:1a:d3:ba:cd:8e:22:e8:57:f0:be:15:f3:
0d:42:04:93:ca:e6:3f:9e:e4:b0:4e:b3:be:f3:ca:
90:d5:15:96:aa:c9:94:b8:73:df:d9:1a:fe:15:72:
85:27:7e:25:22:9a:41:6e:49:42:70:98:26:d5:f8:
af:aa:1e:b8:e9:20:24:6f:a5:ff:2b:b8:2d:df:db:
fa:3c:b9:60:81:02:39:a0:8c:bd:e7:c4:25:9e:6a:
02:28:74:ef:c4:bb:4a:d4:cc:ed:d6:b8:23:8e:ff:
aa:70:1d:02:85:1f:e6:08:01:df:a5:db:39:82:cf:
b3:e5:c6:c2:7e:71:30:d3:9a:6f:20:df:40:1f:0b:
97:32:02:d0:e7:13:42:21:f1:a6:8c:1b:b0:9c:43:
a1:62:3a:dc:0a:b0:0c:ff:01:1b:e3:19:c0:c1:d6:
2f:fb:8d:30:0a:58:ab:30:bd:a4:ba:bc:8d:3c:8c:
7a:a5:99:95:b1:c5:f1:a4:e6:82:17:6b:68:ac:47:
2f:06:66:54:79:9c:df:fa:4e:5c:a3:07:7d:1a:32:
f3:83:30:28:35:29:fd:a4:04:00:a4:eb:ef:13:7a:
5d:f6:61:21:6a:7e:79:71:38:b0:04:8b:bf:c6:be:
57:2d:f5:df:ef:8a:f7:15:ab:50:63:e3:75:2b:92:
e2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:5F:C1:4F:A1:D0:01:9D:50:39:7B:6A:47:7F:76:29:4E:76:D7:4D
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/C869A5480F7B11EF98C46671C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.180.0/23
103.205.183.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:37:7a:87:6f:61:00:6c:d0:d0:ac:07:6a:5b:a6:d4:2c:ab:
4e:5d:5d:3a:26:22:83:0e:f7:ae:16:03:29:d3:85:fc:55:b4:
46:fc:93:31:3d:24:8e:d9:e7:1a:83:a5:0a:50:cb:dc:d6:5c:
c2:32:c6:ea:0b:1c:84:cd:65:fc:95:00:0a:16:2a:5e:61:a9:
b9:97:4b:87:f8:68:b0:c5:4f:3d:f0:f2:a9:c0:1e:68:c6:e1:
64:9b:d9:88:93:58:29:71:f7:cb:3e:9e:7b:c5:24:5e:4b:19:
ed:2f:9a:12:e0:fa:c8:cc:f3:b2:d0:c4:71:63:7f:31:5d:64:
8a:54:23:35:aa:2f:fa:37:27:78:d6:1e:a3:fb:39:c8:6b:cf:
61:22:09:7e:3a:e3:1d:0b:5a:ac:8d:57:46:d3:72:8e:33:77:
65:46:ab:9d:8d:af:de:c6:36:39:31:12:03:ee:29:35:c0:a8:
ea:89:cf:81:ba:62:17:98:ab:0e:85:74:db:c4:67:b0:d3:e2:
fe:be:92:e7:d2:8b:f5:38:78:10:c9:4f:93:53:0b:bf:82:6a:
a5:a1:b6:ae:52:19:b8:b8:d3:3a:4e:7e:a0:21:a0:da:c0:01:
1d:bb:84:a7:cc:1b:03:c0:97:d9:92:d0:1c:cb:0f:e6:ee:8b:
01:52:e7:4b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC9IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQwNTExMDk0OTM5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNmM2YzMy05MzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxTUa07rNjiLoV/C+FfMNQgSTyuY/nuSwTrO+88qQ1RWWqsmUuHPf2Rr+FXKF
J34lIppBbklCcJgm1fivqh646SAkb6X/K7gt39v6PLlggQI5oIy958QlnmoCKHTv
xLtK1Mzt1rgjjv+qcB0ChR/mCAHfpds5gs+z5cbCfnEw05pvIN9AHwuXMgLQ5xNC
IfGmjBuwnEOhYjrcCrAM/wEb4xnAwdYv+40wClirML2kuryNPIx6pZmVscXxpOaC
F2torEcvBmZUeZzf+k5cowd9GjLzgzAoNSn9pAQApOvvE3pd9mEhan55cTiwBIu/
xr5XLfXf74r3FatQY+N1K5Li2wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFdfwU+h
0AGdUDl7akd/dilOdtdNMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvQzg2OUE1NDgw
RjdCMTFFRjk4QzQ2NjcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnzbQDBABnzbcwDQYJKoZIhvcNAQELBQADggEBADw3eodv
YQBs0NCsB2pbptQsq05dXTomIoMO964WAynThfxVtEb8kzE9JI7Z5xqDpQpQy9zW
XMIyxuoLHITNZfyVAAoWKl5hqbmXS4f4aLDFTz3w8qnAHmjG4WSb2YiTWClx98s+
nnvFJF5LGe0vmhLg+sjM87LQxHFjfzFdZIpUIzWqL/o3J3jWHqP7Ochrz2EiCX46
4x0LWqyNV0bTco4zd2VGq52Nr97GNjkxEgPuKTXAqOqJz4G6YheYqw6FdNvEZ7DT
4v6+kufSi/U4eBDJT5NTC7+CaqWhtq5SGbi40zpOfqAhoNrAAR27hKfMGwPAl9mS
0BzLD+buiwFS50s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org