Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4F66/E5F658AA368A11EAB5749272C4F9AE02/96C4D6BA368C11EA82C65C78C4F9AE02.roa
File: 96C4D6BA368C11EA82C65C78C4F9AE02.roa (raw, json)
Hash identifier: qHXIqfihcAhlgEYpCra9fJu31QYK6NjqSwiPmPzRCd8=
Subject key identifier: 4E:A6:6E:FF:EE:4E:B9:98:9B:99:CE:2D:91:26:2A:E6:10:F0:93:B0
Certificate issuer: /CN=A91E4F66/serialNumber=69C8198BDA3FD09053F42553D73EEA15121D241C
Certificate serial: 09F2
Authority key identifier: 69:C8:19:8B:DA:3F:D0:90:53:F4:25:53:D7:3E:EA:15:12:1D:24:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/acgZi9o_0JBT9CVT1z7qFRIdJBw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4F66/E5F658AA368A11EAB5749272C4F9AE02/96C4D6BA368C11EA82C65C78C4F9AE02.roa
Signing time: Sun 30 Jul 2023 19:57:22 +0000
ROA not before: Sun 30 Jul 2023 19:57:22 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 137884
IP address blocks: 103.116.116.0/22 maxlen: 22
103.116.116.0/23 maxlen: 23
103.116.116.0/24 maxlen: 24
103.116.117.0/24 maxlen: 24
103.116.118.0/23 maxlen: 23
103.116.118.0/24 maxlen: 24
103.116.119.0/24 maxlen: 24
2402:f940::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 27 Feb 2024 20:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2546 (0x9f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4F66/serialNumber=69C8198BDA3FD09053F42553D73EEA15121D241C
Validity
Not Before: Jul 30 19:57:22 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64c6c0a2-75a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e2:af:b1:65:39:fc:78:06:a1:06:fa:07:a4:
86:0e:25:f2:60:cd:8b:6d:b7:51:1e:54:a5:f5:ed:
e1:72:bc:76:f9:7d:e7:78:31:62:6c:45:65:a0:ee:
1a:f9:2f:67:29:39:1e:bb:62:7d:2e:9d:80:7a:a5:
b8:77:39:ae:17:28:9d:37:b5:d8:cb:80:38:ec:2a:
e1:ae:5f:47:21:14:45:04:20:c6:13:ec:79:8c:92:
5c:95:0f:21:1a:e4:00:80:2a:34:d5:38:bb:e5:48:
b7:57:8f:46:86:06:4d:36:52:2a:c3:d5:52:b3:70:
0e:7f:56:72:57:28:4a:f9:54:2d:4c:4c:69:ce:e4:
1c:f9:00:51:2f:8e:bb:2d:cb:20:6c:07:a2:39:7e:
15:40:4a:62:50:d4:33:5c:28:60:26:bf:86:a8:8d:
67:71:fd:07:26:f2:dc:4d:05:ac:c3:11:de:c9:f6:
1d:a4:5a:5e:e2:e8:21:6a:58:0c:92:87:88:80:08:
b8:8f:d0:e4:44:2d:63:f9:15:c7:83:dc:fc:be:20:
f3:de:c5:f9:b0:44:c8:76:d6:ae:f4:05:b2:0b:c2:
bf:6a:89:66:ff:d6:3d:db:1b:2d:90:43:3d:ab:5d:
36:b2:78:4f:ee:1d:28:60:77:30:53:97:3c:1e:14:
93:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A6:6E:FF:EE:4E:B9:98:9B:99:CE:2D:91:26:2A:E6:10:F0:93:B0
X509v3 Authority Key Identifier:
keyid:69:C8:19:8B:DA:3F:D0:90:53:F4:25:53:D7:3E:EA:15:12:1D:24:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4F66/E5F658AA368A11EAB5749272C4F9AE02/acgZi9o_0JBT9CVT1z7qFRIdJBw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/acgZi9o_0JBT9CVT1z7qFRIdJBw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4F66/E5F658AA368A11EAB5749272C4F9AE02/96C4D6BA368C11EA82C65C78C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.116.0/22
IPv6:
2402:f940::/32
Signature Algorithm: sha256WithRSAEncryption
a1:d3:5e:aa:b3:cb:48:6b:4e:eb:c1:ef:21:51:77:75:32:d4:
42:ed:b0:ea:b4:79:ac:5e:74:60:a3:b4:ad:0a:5b:a8:a3:b9:
76:9a:74:83:2a:07:57:61:35:bd:b9:e5:bf:65:8e:d6:f7:ab:
d9:21:54:c9:41:5e:85:1b:6d:0e:7f:a2:1d:03:8c:45:3e:a8:
9e:44:2f:f2:02:34:f0:e6:24:e4:3d:b7:ec:f7:e7:ab:f2:bf:
ce:78:39:06:cd:c5:31:49:ae:6f:fa:39:f9:d3:7f:c1:b8:fd:
d5:20:a7:95:a7:54:2e:30:12:73:f1:34:02:95:eb:bf:40:1e:
b6:5f:68:d3:54:ea:5d:2b:27:c2:71:f8:68:43:28:64:81:36:
f6:fd:21:aa:3e:88:a1:97:5f:28:11:a7:3d:c3:07:a3:94:39:
71:6e:23:7c:09:15:20:e9:e1:7c:6d:da:38:a3:c2:0a:ef:25:
1e:31:24:31:07:e4:6f:87:7b:40:12:11:8d:01:26:49:56:f7:
61:86:21:03:ec:ce:c2:c0:ce:5b:37:7a:59:99:57:ce:f1:b9:
bf:b5:a0:20:3f:4f:33:17:83:25:ec:78:2d:86:24:1b:2f:5e:
e2:0d:d3:9a:81:a9:ec:91:28:8f:99:93:64:21:0e:2d:c1:fc:
99:6e:da:21
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCfIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRGNjYxMTAvBgNVBAUTKDY5QzgxOThCREEzRkQwOTA1M0Y0MjU1M0Q3M0VFQTE1
MTIxRDI0MUMwHhcNMjMwNzMwMTk1NzIyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM2YzBhMi03NWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8uKvsWU5/HgGoQb6B6SGDiXyYM2LbbdRHlSl9e3hcrx2+X3neDFibEVloO4a
+S9nKTkeu2J9Lp2AeqW4dzmuFyidN7XYy4A47Crhrl9HIRRFBCDGE+x5jJJclQ8h
GuQAgCo01Ti75Ui3V49GhgZNNlIqw9VSs3AOf1ZyVyhK+VQtTExpzuQc+QBRL467
LcsgbAeiOX4VQEpiUNQzXChgJr+GqI1ncf0HJvLcTQWswxHeyfYdpFpe4ughalgM
koeIgAi4j9DkRC1j+RXHg9z8viDz3sX5sETIdtau9AWyC8K/aolm/9Y92xstkEM9
q102snhP7h0oYHcwU5c8HhST6QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFE6mbv/u
TrmYm5nOLZEmKuYQ8JOwMB8GA1UdIwQYMBaAFGnIGYvaP9CQU/QlU9c+6hUSHSQc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEY2Ni9FNUY2NThBQTM2
OEExMUVBQjU3NDkyNzJDNEY5QUUwMi9hY2daaTlvXzBKQlQ5Q1ZUMXo3cUZSSWRK
QncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FjZ1ppOW9fMEpCVDlDVlQxejdxRlJJZEpCdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRGNjYvRTVGNjU4QUEzNjhBMTFFQUI1NzQ5MjcyQzRGOUFFMDIvOTZDNEQ2QkEz
NjhDMTFFQTgyQzY1Qzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJndHQwDQQCAAIwBwMFACQC+UAwDQYJKoZIhvcNAQELBQAD
ggEBAKHTXqqzy0hrTuvB7yFRd3Uy1ELtsOq0eaxedGCjtK0KW6ijuXaadIMqB1dh
Nb255b9ljtb3q9khVMlBXoUbbQ5/oh0DjEU+qJ5EL/ICNPDmJOQ9t+z356vyv854
OQbNxTFJrm/6OfnTf8G4/dUgp5WnVC4wEnPxNAKV679AHrZfaNNU6l0rJ8Jx+GhD
KGSBNvb9Iao+iKGXXygRpz3DB6OUOXFuI3wJFSDp4Xxt2jijwgrvJR4xJDEH5G+H
e0ASEY0BJklW92GGIQPszsLAzls3elmZV87xub+1oCA/TzMXgyXseC2GJBsvXuIN
05qBqeyRKI+Zk2QhDi3B/Jlu2iE=
-----END CERTIFICATE-----
Generated at Tue Feb 27 23:59:25 2024 by rpki-client on console-fra.rpki-client.org