Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D604E/91B5C0C0F4ED11E98CBFA013C4F9AE02/6D038264CA7111EDB1BB3134C4F9AE02.roa
File: 6D038264CA7111EDB1BB3134C4F9AE02.roa (raw, json)
Hash identifier: 2E8/AWLpy77125ZL0KO5JRYgnp8VfhvABCC3aZVqCdM=
Subject key identifier: A0:53:43:C1:2C:BD:0C:EC:11:36:6E:E5:CE:64:9A:8A:B4:5F:CB:89
Certificate issuer: /CN=A91D604E/serialNumber=E4DCEC595A1BB673897223656AC639B95352DD73
Certificate serial: 0B40
Authority key identifier: E4:DC:EC:59:5A:1B:B6:73:89:72:23:65:6A:C6:39:B9:53:52:DD:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5NzsWVobtnOJciNlasY5uVNS3XM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D604E/91B5C0C0F4ED11E98CBFA013C4F9AE02/6D038264CA7111EDB1BB3134C4F9AE02.roa
Signing time: Wed 28 Jun 2023 18:38:17 +0000
ROA not before: Wed 28 Jun 2023 18:38:17 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 135517
IP address blocks: 103.221.52.0/22 maxlen: 22
103.221.52.0/23 maxlen: 23
103.221.52.0/24 maxlen: 24
103.221.53.0/24 maxlen: 24
103.221.54.0/23 maxlen: 23
103.221.54.0/24 maxlen: 24
103.221.55.0/24 maxlen: 24
2400:f8c0::/32 maxlen: 36
2400:f8c0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 May 2024 12:14:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2880 (0xb40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D604E/serialNumber=E4DCEC595A1BB673897223656AC639B95352DD73
Validity
Not Before: Jun 28 18:38:17 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=649c7e19-529c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:83:61:2b:37:11:4c:d1:ee:93:07:59:04:fc:
0c:9e:e5:1b:1b:8c:cc:6e:2e:6a:5d:3b:a3:e8:a7:
24:b8:4e:5e:27:1c:ec:9a:7f:42:2d:e7:58:b2:be:
d0:d1:7c:74:5c:4f:e5:a8:ee:1d:a0:69:85:98:00:
e7:f0:44:ff:98:e9:ab:6b:70:c9:01:e0:0c:bf:8a:
b6:fa:15:33:9d:2f:b6:83:69:59:48:27:25:6c:24:
10:f5:72:eb:25:f5:3a:f0:18:3f:b3:cd:fc:8b:1c:
d0:47:99:39:43:2b:64:44:6d:d2:8a:b1:39:73:bf:
d2:83:3e:99:7f:48:7d:35:4b:9e:e1:80:5f:cb:15:
9e:e6:47:30:9b:83:27:8e:80:b3:73:53:00:f3:30:
97:2f:53:6c:a4:92:ce:1b:a4:d1:a9:af:cc:75:26:
b4:25:d5:8b:b4:53:cd:5b:1e:67:ac:38:dd:60:63:
af:25:c7:5e:56:f3:1b:07:a3:fc:fe:18:4c:a0:d3:
c5:de:80:55:19:e5:16:84:dd:fc:43:d0:aa:3b:a0:
f1:32:9d:5e:85:b1:af:a5:1f:20:e3:55:b3:50:0e:
df:e2:4d:c3:7b:e2:3a:d1:db:19:b9:6c:24:16:6c:
a1:3d:78:1a:9a:40:4e:22:c6:7a:6a:b4:de:31:b5:
b2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:53:43:C1:2C:BD:0C:EC:11:36:6E:E5:CE:64:9A:8A:B4:5F:CB:89
X509v3 Authority Key Identifier:
keyid:E4:DC:EC:59:5A:1B:B6:73:89:72:23:65:6A:C6:39:B9:53:52:DD:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D604E/91B5C0C0F4ED11E98CBFA013C4F9AE02/5NzsWVobtnOJciNlasY5uVNS3XM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5NzsWVobtnOJciNlasY5uVNS3XM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D604E/91B5C0C0F4ED11E98CBFA013C4F9AE02/6D038264CA7111EDB1BB3134C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.52.0/22
IPv6:
2400:f8c0::/32
Signature Algorithm: sha256WithRSAEncryption
0f:cc:00:fe:82:a6:57:04:48:3a:e6:ae:6e:a0:68:0f:16:ac:
4e:e6:ed:a8:74:3c:0f:7a:d9:84:98:9d:27:42:a0:4d:37:12:
73:f9:81:d3:14:bc:c6:83:87:2d:93:15:07:ef:ac:6e:66:45:
c4:a7:c1:28:f6:67:72:ec:86:02:a6:69:f0:84:a4:15:ab:3e:
9c:27:6d:6b:63:57:b0:43:92:25:54:6f:5a:0e:86:ed:24:5a:
27:4b:64:12:d1:5a:a8:e8:5d:8d:2c:3d:dc:8b:a1:c2:75:99:
34:66:d4:4b:e9:d3:f2:85:b7:48:4a:e6:0d:77:47:75:4d:a6:
54:e9:67:50:6b:bc:28:ec:bc:73:13:1a:6a:1f:2a:25:fd:c4:
18:74:13:97:17:b6:08:ea:69:3c:0c:36:07:ad:54:6e:45:16:
ef:8c:79:88:f5:c3:95:25:4e:fd:4f:8a:71:79:58:bd:88:14:
72:7b:72:54:2a:0b:68:d7:a1:e8:14:5e:b0:f8:ff:8c:85:1a:
c8:79:14:dd:c3:64:49:4d:fd:ff:f1:fb:d3:fc:c4:08:dc:cb:
7b:8d:d7:b3:e9:d2:88:6d:30:e5:a9:98:db:b7:08:bb:be:5d:
e3:b4:38:14:6e:a7:66:fa:e3:1c:51:6a:74:52:f8:27:62:29:
fd:ee:dc:b3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC0AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDYwNEUxMTAvBgNVBAUTKEU0RENFQzU5NUExQkI2NzM4OTcyMjM2NTZBQzYzOUI5
NTM1MkRENzMwHhcNMjMwNjI4MTgzODE3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDljN2UxOS01MjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzYNhKzcRTNHukwdZBPwMnuUbG4zMbi5qXTuj6KckuE5eJxzsmn9CLedYsr7Q
0Xx0XE/lqO4doGmFmADn8ET/mOmra3DJAeAMv4q2+hUznS+2g2lZSCclbCQQ9XLr
JfU68Bg/s838ixzQR5k5QytkRG3SirE5c7/Sgz6Zf0h9NUue4YBfyxWe5kcwm4Mn
joCzc1MA8zCXL1NspJLOG6TRqa/MdSa0JdWLtFPNWx5nrDjdYGOvJcdeVvMbB6P8
/hhMoNPF3oBVGeUWhN38Q9CqO6DxMp1ehbGvpR8g41WzUA7f4k3De+I60dsZuWwk
FmyhPXgamkBOIsZ6arTeMbWyrQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKBTQ8Es
vQzsETZu5c5kmoq0X8uJMB8GA1UdIwQYMBaAFOTc7FlaG7ZziXIjZWrGOblTUt1z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjA0RS85MUI1QzBDMEY0
RUQxMUU5OENCRkEwMTNDNEY5QUUwMi81TnpzV1ZvYnRuT0pjaU5sYXNZNXVWTlMz
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVOenNXVm9idG5PSmNpTmxhc1k1dVZOUzNYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDYwNEUvOTFCNUMwQzBGNEVEMTFFOThDQkZBMDEzQzRGOUFFMDIvNkQwMzgyNjRD
QTcxMTFFREIxQkIzMTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJn3TQwDQQCAAIwBwMFACQA+MAwDQYJKoZIhvcNAQELBQAD
ggEBAA/MAP6CplcESDrmrm6gaA8WrE7m7ah0PA962YSYnSdCoE03EnP5gdMUvMaD
hy2TFQfvrG5mRcSnwSj2Z3LshgKmafCEpBWrPpwnbWtjV7BDkiVUb1oOhu0kWidL
ZBLRWqjoXY0sPdyLocJ1mTRm1Evp0/KFt0hK5g13R3VNplTpZ1BrvCjsvHMTGmof
KiX9xBh0E5cXtgjqaTwMNgetVG5FFu+MeYj1w5UlTv1PinF5WL2IFHJ7clQqC2jX
oegUXrD4/4yFGsh5FN3DZElN/f/x+9P8xAjcy3uN17Pp0ohtMOWpmNu3CLu+XeO0
OBRup2b64xxRanRS+CdiKf3u3LM=
-----END CERTIFICATE-----
Generated at Wed May 22 14:01:09 2024 by rpki-client on console-fra.rpki-client.org