Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB527/DD1AE2F6C2AA11ECAF5F9F76C4F9AE02/D10002B6C32811EC9BAB9A2FC4F9AE02.roa
File: D10002B6C32811EC9BAB9A2FC4F9AE02.roa (raw, json)
Hash identifier: hUsfBYjNSv4dQ1OKiBSoZ+hAuvoFJyziOVMGHYIHo4A=
Subject key identifier: BD:30:86:70:3C:29:E3:17:3C:5A:D7:FA:62:DB:92:F3:FB:5B:28:FD
Certificate issuer: /CN=A91EB527/serialNumber=876A079D444F52C64D60604CCC74F95F08ADA547
Certificate serial: 0278
Authority key identifier: 87:6A:07:9D:44:4F:52:C6:4D:60:60:4C:CC:74:F9:5F:08:AD:A5:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h2oHnURPUsZNYGBMzHT5XwitpUc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB527/DD1AE2F6C2AA11ECAF5F9F76C4F9AE02/D10002B6C32811EC9BAB9A2FC4F9AE02.roa
Signing time: Fri 03 May 2024 04:17:15 +0000
ROA not before: Fri 03 May 2024 04:17:15 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 38008
IP address blocks: 103.186.162.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Nov 2024 02:19:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 632 (0x278)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB527/serialNumber=876A079D444F52C64D60604CCC74F95F08ADA547
Validity
Not Before: May 3 04:17:15 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6634654a-e110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:88:fb:46:5d:1a:3a:e3:e5:90:e5:3e:73:8d:
a6:e5:23:f0:00:48:2a:1d:75:f1:25:3c:d4:a6:fc:
7f:87:d7:9d:00:cc:fa:7e:3f:a8:15:ee:b1:e5:90:
9a:4a:33:bc:16:72:be:a3:e4:52:80:83:69:3b:1f:
9d:e1:5f:97:8f:19:aa:98:18:3c:02:9e:87:8e:c5:
07:ff:ed:9a:2d:b4:d3:b4:29:27:6b:e3:fc:64:fc:
dc:8a:e9:a3:1b:85:72:a6:58:b2:f4:62:fe:9c:2c:
c8:98:13:4d:58:12:84:72:cf:05:22:b0:eb:50:80:
b8:08:8c:56:0f:6f:74:a4:35:33:49:47:3b:01:b1:
f9:d7:09:f7:4a:b0:76:4f:36:5f:6e:8f:46:66:3f:
d3:76:bc:88:7a:10:e0:58:6c:57:b2:4d:58:4c:31:
7a:8a:af:53:36:17:e0:fc:27:e1:39:3c:88:47:16:
8e:1c:34:90:77:7b:e7:12:2a:4c:8c:f9:0b:b4:e6:
f2:6a:1c:b9:cc:80:5a:3f:41:ef:31:70:15:9f:a8:
27:29:42:23:d3:17:5f:09:22:b1:3c:82:13:03:df:
d5:7e:b5:5d:37:ef:ac:0a:4b:bb:de:8f:ac:41:7d:
fb:25:eb:67:fe:e3:a3:0c:49:16:01:4d:ac:4d:f5:
3d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:30:86:70:3C:29:E3:17:3C:5A:D7:FA:62:DB:92:F3:FB:5B:28:FD
X509v3 Authority Key Identifier:
keyid:87:6A:07:9D:44:4F:52:C6:4D:60:60:4C:CC:74:F9:5F:08:AD:A5:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB527/DD1AE2F6C2AA11ECAF5F9F76C4F9AE02/h2oHnURPUsZNYGBMzHT5XwitpUc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h2oHnURPUsZNYGBMzHT5XwitpUc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB527/DD1AE2F6C2AA11ECAF5F9F76C4F9AE02/D10002B6C32811EC9BAB9A2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.162.0/23
Signature Algorithm: sha256WithRSAEncryption
92:41:0a:2d:cf:d3:ff:46:d2:29:e2:70:1e:93:52:fd:3a:29:
46:67:c6:0b:12:33:44:77:e8:b4:96:4f:fb:3e:bb:5a:ee:85:
9e:7a:cf:12:a0:5b:27:d0:aa:f7:dc:4d:3b:25:45:2e:d2:9f:
8b:ff:35:13:23:1c:91:4c:e6:42:ef:7d:0e:d5:8f:1a:fa:93:
38:83:69:a4:d7:56:a8:91:be:91:4b:2c:9d:12:03:b9:b7:e8:
9e:e1:36:87:50:dc:53:ed:31:74:54:46:7c:85:17:99:6e:8b:
1f:62:75:7d:10:f2:85:96:df:3a:1f:92:f3:49:b8:3e:35:b7:
03:1c:d4:24:96:b9:a3:99:d7:92:f0:73:96:5b:91:b7:21:59:
f6:08:c9:24:ff:e3:81:72:c8:d1:84:b6:8f:df:af:70:71:dc:
b7:67:51:8a:51:c3:ed:25:30:5c:f9:cf:bb:cd:01:4f:a1:60:
42:59:d4:a9:63:71:0d:56:78:5d:26:41:8e:3d:74:33:4d:2b:
1f:4a:e2:4c:ed:63:94:8b:3c:ea:ec:10:67:d3:f0:8f:df:30:
52:8d:77:48:10:24:70:ab:cc:a6:40:20:86:b8:04:13:cb:ce:
69:66:d5:fe:88:c6:b9:ca:79:71:c4:02:e0:de:48:99:f3:96:
b2:17:57:12
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAngwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUI1MjcxMTAvBgNVBAUTKDg3NkEwNzlENDQ0RjUyQzY0RDYwNjA0Q0NDNzRGOTVG
MDhBREE1NDcwHhcNMjQwNTAzMDQxNzE1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM0NjU0YS1lMTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Ij7Rl0aOuPlkOU+c42m5SPwAEgqHXXxJTzUpvx/h9edAMz6fj+oFe6x5ZCa
SjO8FnK+o+RSgINpOx+d4V+XjxmqmBg8Ap6HjsUH/+2aLbTTtCkna+P8ZPzciumj
G4Vypliy9GL+nCzImBNNWBKEcs8FIrDrUIC4CIxWD290pDUzSUc7AbH51wn3SrB2
TzZfbo9GZj/TdryIehDgWGxXsk1YTDF6iq9TNhfg/CfhOTyIRxaOHDSQd3vnEipM
jPkLtObyahy5zIBaP0HvMXAVn6gnKUIj0xdfCSKxPIITA9/VfrVdN++sCku73o+s
QX37Jetn/uOjDEkWAU2sTfU9RwIDAQABo4IClTCCApEwHQYDVR0OBBYEFL0whnA8
KeMXPFrX+mLbkvP7Wyj9MB8GA1UdIwQYMBaAFIdqB51ET1LGTWBgTMx0+V8IraVH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjUyNy9ERDFBRTJGNkMy
QUExMUVDQUY1RjlGNzZDNEY5QUUwMi9oMm9IblVSUFVzWk5ZR0JNekhUNVh3aXRw
VWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2gyb0huVVJQVXNaTllHQk16SFQ1WHdpdHBVYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUI1MjcvREQxQUUyRjZDMkFBMTFFQ0FGNUY5Rjc2QzRGOUFFMDIvRDEwMDAyQjZD
MzI4MTFFQzlCQUI5QTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnuqIwDQYJKoZIhvcNAQELBQADggEBAJJBCi3P0/9G0ini
cB6TUv06KUZnxgsSM0R36LSWT/s+u1ruhZ56zxKgWyfQqvfcTTslRS7Sn4v/NRMj
HJFM5kLvfQ7Vjxr6kziDaaTXVqiRvpFLLJ0SA7m36J7hNodQ3FPtMXRURnyFF5lu
ix9idX0Q8oWW3zofkvNJuD41twMc1CSWuaOZ15Lwc5ZbkbchWfYIyST/44FyyNGE
to/fr3Bx3LdnUYpRw+0lMFz5z7vNAU+hYEJZ1KljcQ1WeF0mQY49dDNNKx9K4kzt
Y5SLPOrsEGfT8I/fMFKNd0gQJHCrzKZAIIa4BBPLzmlm1f6IxrnKeXHEAuDeSJnz
lrIXVxI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:52:30 2024 by rpki-client on console-ams.rpki-client.org