Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/E7E7C9B0F64C11EEAAB16676C4F9AE02.roa
File: E7E7C9B0F64C11EEAAB16676C4F9AE02.roa (raw, json)
Hash identifier: q0W0R7Lw+xfdv5vzaLYAdnMbcQp0PNV4P/WptzzBoLo=
Subject key identifier: 30:C3:77:E7:D9:37:6B:0C:82:2E:C1:37:D2:7A:0C:07:64:34:1E:61
Certificate issuer: /CN=A91E57DC/serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742
Certificate serial: 103F
Authority key identifier: 22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/E7E7C9B0F64C11EEAAB16676C4F9AE02.roa
Signing time: Thu 23 May 2024 07:00:56 +0000
ROA not before: Thu 23 May 2024 07:00:56 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 136406
IP address blocks: 103.86.192.0/22 maxlen: 22
103.86.193.0/24 maxlen: 24
103.86.194.0/24 maxlen: 24
103.86.195.0/24 maxlen: 24
220.152.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 May 2024 09:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4159 (0x103f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E57DC/serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742
Validity
Not Before: May 23 07:00:56 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=664ee9a8-c11d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ed:d7:ef:9f:d2:74:40:08:4c:5f:3a:d8:c2:
2c:12:e6:38:ad:db:47:de:b7:a2:a4:b6:04:75:65:
5b:47:0d:61:54:fc:69:ba:7b:92:9b:3b:a6:d8:e6:
6d:0e:ba:ca:03:59:47:73:42:15:f8:10:8f:e3:b3:
59:03:e1:7e:77:a6:8a:d0:f6:d8:c5:4a:3c:3f:e3:
fa:87:43:f1:7a:f5:fe:c9:e6:c5:04:1e:c8:8a:4f:
0c:8a:2c:78:eb:e4:96:fb:52:6f:f3:ec:32:9a:8f:
28:02:52:00:5e:a4:b5:97:bc:28:1c:c5:4f:24:03:
bc:e4:92:7a:2d:9e:b0:91:bd:d8:11:c0:9a:75:83:
1c:99:e1:79:c5:c0:8a:b7:e6:4a:90:e0:17:10:ac:
5a:88:2c:45:af:fd:31:a7:fb:aa:7d:ab:8e:3a:75:
ce:10:13:56:f0:c0:9a:41:6d:17:ad:d1:80:b6:41:
d4:e2:c0:f5:c5:56:68:87:1e:ae:0c:77:ef:4f:8b:
b8:d6:f8:0d:2a:f2:6e:51:86:a0:0b:6f:a6:eb:36:
6e:8a:ce:c4:26:f7:8f:b4:40:cf:d7:3d:24:b4:7d:
07:50:3e:a5:01:31:62:f6:8e:54:02:97:b8:b9:2a:
3d:4a:38:97:48:2f:4e:a3:79:07:bf:5c:66:38:2f:
33:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C3:77:E7:D9:37:6B:0C:82:2E:C1:37:D2:7A:0C:07:64:34:1E:61
X509v3 Authority Key Identifier:
keyid:22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/E7E7C9B0F64C11EEAAB16676C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.192.0/22
220.152.112.0/24
Signature Algorithm: sha256WithRSAEncryption
23:4d:26:75:0f:f2:fa:31:01:f7:bc:e2:08:07:22:b7:64:45:
f3:7e:30:9e:4e:d7:86:97:92:cd:e4:10:82:99:37:02:e2:05:
c0:88:57:04:42:8c:45:a1:c0:e2:4b:dd:9a:8d:2d:d6:f6:44:
66:2f:41:1e:eb:16:44:1c:ed:17:dc:b5:89:40:18:82:6a:b6:
26:d7:ad:10:26:de:32:b3:e1:8f:c0:58:c9:4d:77:f6:a0:4d:
61:9d:5a:bd:b7:87:02:45:ab:bb:ad:d8:90:59:c6:42:f9:26:
92:ee:45:d9:3a:5f:40:d7:2c:ce:19:82:14:4f:f7:dc:3e:25:
78:f6:ac:40:6b:90:4c:23:48:52:b7:38:15:3b:55:ad:ef:72:
4e:27:61:e0:fd:5d:c3:47:7e:1b:a6:c6:8a:4a:ea:50:77:04:
bc:00:c0:17:fe:33:d0:30:21:91:b3:14:da:4e:79:59:13:f4:
39:d5:46:d3:d3:d4:00:f1:8e:89:85:fe:0f:09:5b:a3:b1:cf:
f2:a0:c0:84:f1:bb:90:77:05:43:64:c8:50:8b:5b:69:8a:51:
53:dc:81:8e:1f:eb:62:12:16:e8:93:82:db:21:1e:ce:5f:78:
8d:91:57:ea:c7:da:bb:57:fa:49:13:61:98:e9:5e:57:25:d8:
c1:92:5f:e4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICED8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTU3REMxMTAvBgNVBAUTKDIyQjFBNzE3NUU3NUZGRDg0NzM5MUYyQzJFOTY2NUU0
RUVFMUI3NDIwHhcNMjQwNTIzMDcwMDU2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRlZTlhOC1jMTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwe3X75/SdEAITF862MIsEuY4rdtH3reipLYEdWVbRw1hVPxpunuSmzum2OZt
DrrKA1lHc0IV+BCP47NZA+F+d6aK0PbYxUo8P+P6h0PxevX+yebFBB7Iik8Miix4
6+SW+1Jv8+wymo8oAlIAXqS1l7woHMVPJAO85JJ6LZ6wkb3YEcCadYMcmeF5xcCK
t+ZKkOAXEKxaiCxFr/0xp/uqfauOOnXOEBNW8MCaQW0XrdGAtkHU4sD1xVZohx6u
DHfvT4u41vgNKvJuUYagC2+m6zZuis7EJvePtEDP1z0ktH0HUD6lATFi9o5UApe4
uSo9SjiXSC9Oo3kHv1xmOC8zuQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDDDd+fZ
N2sMgi7BN9J6DAdkNB5hMB8GA1UdIwQYMBaAFCKxpxdedf/YRzkfLC6WZeTu4bdC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTdEQy8zNUY3OTg2NjFG
MDExMUU5QjFBQTk0MzZDNEY5QUUwMi9JckduRjE1MV85aEhPUjhzTHBabDVPN2h0
MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lyR25GMTUxXzloSE9SOHNMcFpsNU83aHQwSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTU3REMvMzVGNzk4NjYxRjAxMTFFOUIxQUE5NDM2QzRGOUFFMDIvRTdFN0M5QjBG
NjRDMTFFRUFBQjE2Njc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnVsADBADcmHAwDQYJKoZIhvcNAQELBQADggEBACNNJnUP
8voxAfe84ggHIrdkRfN+MJ5O14aXks3kEIKZNwLiBcCIVwRCjEWhwOJL3ZqNLdb2
RGYvQR7rFkQc7RfctYlAGIJqtibXrRAm3jKz4Y/AWMlNd/agTWGdWr23hwJFq7ut
2JBZxkL5JpLuRdk6X0DXLM4ZghRP99w+JXj2rEBrkEwjSFK3OBU7Va3vck4nYeD9
XcNHfhumxopK6lB3BLwAwBf+M9AwIZGzFNpOeVkT9DnVRtPT1ADxjomF/g8JW6Ox
z/KgwITxu5B3BUNkyFCLW2mKUVPcgY4f62ISFuiTgtshHs5feI2RV+rH2rtX+kkT
YZjpXlcl2MGSX+Q=
-----END CERTIFICATE-----
Generated at Thu May 23 10:55:45 2024 by rpki-client on console-fra.rpki-client.org