Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF31D/055AB5447DF711EE87B7D430C4F9AE02/2BC92C3A7EB311EEA7E4DF58C4F9AE02.roa
File: 2BC92C3A7EB311EEA7E4DF58C4F9AE02.roa (raw, json)
Hash identifier: 292yT2m2wQ14q+gFbGddH4T0lFK8+ivLOzm4iroT/m0=
Subject key identifier: 3B:2F:CA:7A:0F:26:1B:94:A4:80:1E:AA:DB:28:E8:E7:03:E3:FE:26
Certificate issuer: /CN=A91DF31D/serialNumber=4600C18D62C6F724D5C95506F41B8C95FC390DC0
Certificate serial: 09
Authority key identifier: 46:00:C1:8D:62:C6:F7:24:D5:C9:55:06:F4:1B:8C:95:FC:39:0D:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RgDBjWLG9yTVyVUG9BuMlfw5DcA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF31D/055AB5447DF711EE87B7D430C4F9AE02/2BC92C3A7EB311EEA7E4DF58C4F9AE02.roa
Signing time: Thu 09 Nov 2023 03:52:05 +0000
ROA not before: Thu 09 Nov 2023 03:52:05 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 151802
IP address blocks: 103.226.26.0/24 maxlen: 24
103.226.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Nov 2023 05:15:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF31D/serialNumber=4600C18D62C6F724D5C95506F41B8C95FC390DC0
Validity
Not Before: Nov 9 03:52:05 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=654c5765-206a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b4:a3:65:c3:f0:72:11:ce:d2:18:6e:4b:d2:
c3:b2:e7:8e:0d:65:d3:d8:e1:d2:31:3e:cd:2e:5e:
bf:c1:17:48:98:9c:91:af:5d:61:f0:24:38:14:ca:
65:de:0b:00:da:ff:60:45:74:fd:89:f1:c6:24:7c:
d2:f6:50:2a:a2:04:87:c8:c2:7d:4b:e8:b0:9f:4b:
1b:10:f5:80:88:62:8f:0e:52:78:c2:91:be:24:f4:
34:05:fb:9b:e6:35:06:67:ba:ae:f9:e9:56:ca:b1:
f5:cb:b9:6d:bc:84:cc:0f:24:bd:fc:8d:3d:17:a9:
19:18:08:ce:94:6d:f7:ab:23:a8:f6:f0:6e:09:37:
c0:f7:06:49:5d:a1:c0:75:d5:d7:b3:b4:2a:fa:10:
40:76:5b:38:b9:7e:a3:72:32:9d:12:cf:b1:82:78:
5d:22:fc:0f:14:0e:cc:fd:8c:4a:9b:44:bf:f8:71:
54:62:21:e7:9e:d3:c8:99:ad:ad:f5:20:f0:e4:18:
65:af:06:b9:05:59:94:da:f9:17:d1:9d:05:ee:c2:
da:41:fb:3f:f9:9c:f1:78:36:8b:5a:70:d7:b5:ba:
b6:13:c7:0e:46:47:5b:47:d4:f8:12:58:20:82:17:
e5:20:9a:de:77:8f:9a:ba:9d:df:48:e9:f0:90:f0:
0e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:2F:CA:7A:0F:26:1B:94:A4:80:1E:AA:DB:28:E8:E7:03:E3:FE:26
X509v3 Authority Key Identifier:
keyid:46:00:C1:8D:62:C6:F7:24:D5:C9:55:06:F4:1B:8C:95:FC:39:0D:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF31D/055AB5447DF711EE87B7D430C4F9AE02/RgDBjWLG9yTVyVUG9BuMlfw5DcA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RgDBjWLG9yTVyVUG9BuMlfw5DcA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF31D/055AB5447DF711EE87B7D430C4F9AE02/2BC92C3A7EB311EEA7E4DF58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.226.26.0/23
Signature Algorithm: sha256WithRSAEncryption
36:dd:df:2a:f9:b1:04:51:d7:15:eb:5e:79:36:80:8a:e4:66:
35:ae:f7:3c:61:61:72:20:af:07:34:d1:8b:c8:60:69:3b:ae:
d4:88:fa:89:1e:60:0c:96:50:7d:7f:b0:98:ab:cd:8c:d1:cc:
50:6d:bc:a9:14:ab:63:f9:ed:6b:b8:d6:d5:63:10:33:56:1a:
b1:6c:75:02:e1:15:9b:52:0c:b3:44:ee:92:1d:70:cb:d8:98:
d6:b5:0b:9a:02:7b:e1:9a:b9:92:a1:29:88:2f:e2:69:31:5a:
29:58:ee:0d:6c:f5:62:94:ef:15:b6:7a:64:e2:4f:a6:fc:65:
47:12:c5:73:0f:56:e8:98:3a:b7:36:2b:e1:8f:a0:96:77:34:
20:36:6c:2d:a0:1a:1e:1d:4e:b5:96:55:da:42:9c:80:1a:a3:
3e:21:d6:f7:70:2b:4d:66:a6:11:c8:9f:0c:ac:a5:e7:80:8c:
46:e1:a0:f7:78:06:fa:6d:85:aa:6b:7e:f3:2c:6e:8f:dd:4c:
19:98:8b:99:e5:82:86:50:21:d8:26:c0:18:3b:d5:ca:25:f9:
d0:a4:1e:35:b4:35:67:c0:97:99:69:23:56:d6:f9:cd:04:37:
29:83:54:33:24:29:90:46:bb:f6:31:91:1c:96:8a:ef:12:9c:
67:c4:f0:e6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
RjMxRDExMC8GA1UEBRMoNDYwMEMxOEQ2MkM2RjcyNEQ1Qzk1NTA2RjQxQjhDOTVG
QzM5MERDMDAeFw0yMzExMDkwMzUyMDVaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NGM1NzY1LTIwNmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCtKNlw/ByEc7SGG5L0sOy544NZdPY4dIxPs0uXr/BF0iYnJGvXWHwJDgUymXe
CwDa/2BFdP2J8cYkfNL2UCqiBIfIwn1L6LCfSxsQ9YCIYo8OUnjCkb4k9DQF+5vm
NQZnuq756VbKsfXLuW28hMwPJL38jT0XqRkYCM6UbferI6j28G4JN8D3BkldocB1
1deztCr6EEB2Wzi5fqNyMp0Sz7GCeF0i/A8UDsz9jEqbRL/4cVRiIeee08iZra31
IPDkGGWvBrkFWZTa+RfRnQXuwtpB+z/5nPF4NotacNe1urYTxw5GR1tH1PgSWCCC
F+Ugmt53j5q6nd9I6fCQ8A79AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUOy/Keg8m
G5SkgB6q2yjo5wPj/iYwHwYDVR0jBBgwFoAURgDBjWLG9yTVyVUG9BuMlfw5DcAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURGMzFELzA1NUFCNTQ0N0RG
NzExRUU4N0I3RDQzMEM0RjlBRTAyL1JnREJqV0xHOXlUVnlWVUc5QnVNbGZ3NURj
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUmdEQmpXTEc5eVRWeVZVRzlCdU1sZnc1RGNBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RjMxRC8wNTVBQjU0NDdERjcxMUVFODdCN0Q0MzBDNEY5QUUwMi8yQkM5MkMzQTdF
QjMxMUVFQTdFNERGNThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfiGjANBgkqhkiG9w0BAQsFAAOCAQEANt3fKvmxBFHXFete
eTaAiuRmNa73PGFhciCvBzTRi8hgaTuu1Ij6iR5gDJZQfX+wmKvNjNHMUG28qRSr
Y/nta7jW1WMQM1YasWx1AuEVm1IMs0Tukh1wy9iY1rULmgJ74Zq5kqEpiC/iaTFa
KVjuDWz1YpTvFbZ6ZOJPpvxlRxLFcw9W6Jg6tzYr4Y+glnc0IDZsLaAaHh1OtZZV
2kKcgBqjPiHW93ArTWamEcifDKyl54CMRuGg93gG+m2Fqmt+8yxuj91MGZiLmeWC
hlAh2CbAGDvVyiX50KQeNbQ1Z8CXmWkjVtb5zQQ3KYNUMyQpkEa79jGRHJaK7xKc
Z8Tw5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org