Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC324/982C761231E011EF99953D22C4F9AE02/ACEEDCBA31E111EF9A9FBA3BC4F9AE02.roa
File: ACEEDCBA31E111EF9A9FBA3BC4F9AE02.roa (raw, json)
Hash identifier: H0N4tHr0EVa55XTc6bc0+g6gN9fPFldbvZ33JghLCWw=
Subject key identifier: E5:B8:3C:57:9A:96:34:78:22:C3:45:8A:D7:FE:C3:F5:F7:77:46:BC
Certificate issuer: /CN=A91DC324/serialNumber=4B28F5F3A9BE6C955FF1BE0F7B50803AB17EB460
Certificate serial: 04
Authority key identifier: 4B:28:F5:F3:A9:BE:6C:95:5F:F1:BE:0F:7B:50:80:3A:B1:7E:B4:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Syj186m-bJVf8b4Pe1CAOrF-tGA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC324/982C761231E011EF99953D22C4F9AE02/ACEEDCBA31E111EF9A9FBA3BC4F9AE02.roa
Signing time: Mon 24 Jun 2024 10:24:30 +0000
ROA not before: Mon 24 Jun 2024 10:24:30 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152707
IP address blocks: 103.37.202.0/24 maxlen: 24
103.37.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 04:50:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC324/serialNumber=4B28F5F3A9BE6C955FF1BE0F7B50803AB17EB460
Validity
Not Before: Jun 24 10:24:30 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6679495e-0512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a7:36:28:cd:3a:7b:4a:85:fd:f4:e7:ea:54:
6b:50:bf:dc:61:06:68:f7:75:b7:b9:0e:11:87:f0:
88:05:6a:6e:27:ce:fe:14:36:43:12:70:b5:80:2f:
f8:39:28:5f:e8:72:57:4f:fe:b0:35:d5:cb:f7:21:
da:84:a8:b4:3e:32:ec:a6:aa:7f:e2:3b:7a:ce:1c:
47:b5:96:36:f2:ce:6c:bc:92:49:79:43:34:58:a0:
08:b4:6a:36:5f:bb:3d:c6:aa:98:b6:4b:1f:ba:d4:
d6:de:d3:2b:9e:6e:7d:1a:3b:cd:bc:7d:e2:c2:f7:
5f:a2:45:9a:a3:25:92:ae:cb:96:66:9a:61:cf:c2:
8d:c2:19:75:36:ea:d1:c4:6d:a2:79:1f:5a:ee:ce:
a8:c6:15:3d:5a:34:a1:0b:82:df:9a:e7:61:85:6e:
21:5b:84:1a:fc:f3:1a:2b:e9:30:62:53:bb:ad:20:
e7:09:75:a8:72:c4:70:97:29:22:eb:b6:9f:bf:af:
43:c0:db:6d:45:0f:11:d1:52:1d:e1:60:c4:2f:4a:
c8:2e:38:60:d6:22:66:16:14:5e:38:52:5e:76:15:
23:73:4f:14:08:ec:82:27:45:ae:0e:31:20:f3:cd:
9b:eb:56:cb:ca:a8:dd:1f:5b:7b:d5:39:ef:c9:2f:
a4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B8:3C:57:9A:96:34:78:22:C3:45:8A:D7:FE:C3:F5:F7:77:46:BC
X509v3 Authority Key Identifier:
keyid:4B:28:F5:F3:A9:BE:6C:95:5F:F1:BE:0F:7B:50:80:3A:B1:7E:B4:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC324/982C761231E011EF99953D22C4F9AE02/Syj186m-bJVf8b4Pe1CAOrF-tGA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Syj186m-bJVf8b4Pe1CAOrF-tGA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC324/982C761231E011EF99953D22C4F9AE02/ACEEDCBA31E111EF9A9FBA3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.37.202.0/23
Signature Algorithm: sha256WithRSAEncryption
00:98:d3:25:c8:37:42:6d:9b:e7:6f:fb:07:5d:40:c4:c4:e7:
14:b9:a4:58:41:13:0c:26:bd:60:62:34:f3:30:6c:3c:2a:23:
00:55:ff:3d:d5:82:c2:99:81:97:c7:11:7d:ac:9c:d2:70:d3:
ef:2e:e5:e2:e4:f4:9a:16:36:e9:e4:ed:e1:8a:ee:ac:64:f7:
f9:ba:e3:8e:84:73:44:77:5d:96:d7:a0:a5:88:77:67:49:94:
a2:19:cd:87:4e:a8:f0:e4:94:da:3a:c2:27:63:f6:e0:3c:bb:
d6:47:e3:76:93:f5:dd:c7:76:5b:33:5f:db:6c:f3:49:8f:12:
6e:db:45:49:47:e4:fe:09:f9:ea:ae:a1:d3:17:f9:58:a5:40:
f6:10:6e:2e:65:bb:70:b7:1e:cb:ac:26:31:2d:18:d8:7b:8d:
d8:bd:4a:0b:08:f0:62:ac:7e:5b:c4:f1:c4:f8:e1:82:6e:48:
46:76:49:d5:ec:c8:cf:72:aa:1a:31:9d:ab:94:df:65:31:e7:
8e:b5:da:66:03:26:ca:33:24:53:c4:e3:e3:fc:4c:a9:6c:f9:
bb:32:96:fe:1d:f2:7f:4b:c6:49:5a:69:50:73:68:a0:b7:2b:
c5:57:6c:f7:29:7d:59:17:70:05:cf:7b:b5:05:d0:bd:c4:9f:
c1:22:7f:9f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
QzMyNDExMC8GA1UEBRMoNEIyOEY1RjNBOUJFNkM5NTVGRjFCRTBGN0I1MDgwM0FC
MTdFQjQ2MDAeFw0yNDA2MjQxMDI0MzBaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2Nzk0OTVlLTA1MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEpzYozTp7SoX99OfqVGtQv9xhBmj3dbe5DhGH8IgFam4nzv4UNkMScLWAL/g5
KF/ocldP/rA11cv3IdqEqLQ+Muymqn/iO3rOHEe1ljbyzmy8kkl5QzRYoAi0ajZf
uz3Gqpi2Sx+61Nbe0yuebn0aO828feLC91+iRZqjJZKuy5ZmmmHPwo3CGXU26tHE
baJ5H1ruzqjGFT1aNKELgt+a52GFbiFbhBr88xor6TBiU7utIOcJdahyxHCXKSLr
tp+/r0PA221FDxHRUh3hYMQvSsguOGDWImYWFF44Ul52FSNzTxQI7IInRa4OMSDz
zZvrVsvKqN0fW3vVOe/JL6SpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU5bg8V5qW
NHgiw0WK1/7D9fd3RrwwHwYDVR0jBBgwFoAUSyj186m+bJVf8b4Pe1CAOrF+tGAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURDMzI0Lzk4MkM3NjEyMzFF
MDExRUY5OTk1M0QyMkM0RjlBRTAyL1N5ajE4Nm0tYkpWZjhiNFBlMUNBT3JGLXRH
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU3lqMTg2bS1iSlZmOGI0UGUxQ0FPckYtdEdBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QzMyNC85ODJDNzYxMjMxRTAxMUVGOTk5NTNEMjJDNEY5QUUwMi9BQ0VFRENCQTMx
RTExMUVGOUE5RkJBM0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWclyjANBgkqhkiG9w0BAQsFAAOCAQEAAJjTJcg3Qm2b52/7
B11AxMTnFLmkWEETDCa9YGI08zBsPCojAFX/PdWCwpmBl8cRfayc0nDT7y7l4uT0
mhY26eTt4YrurGT3+brjjoRzRHddltegpYh3Z0mUohnNh06o8OSU2jrCJ2P24Dy7
1kfjdpP13cd2WzNf22zzSY8SbttFSUfk/gn56q6h0xf5WKVA9hBuLmW7cLcey6wm
MS0Y2HuN2L1KCwjwYqx+W8TxxPjhgm5IRnZJ1ezIz3KqGjGdq5TfZTHnjrXaZgMm
yjMkU8Tj4/xMqWz5uzKW/h3yf0vGSVppUHNooLcrxVds9yl9WRdwBc97tQXQvcSf
wSJ/nw==
-----END CERTIFICATE-----
Generated at Tue Jun 25 06:21:31 2024 by rpki-client on console-fra.rpki-client.org