Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBB2D/965BD57EB89511EC8242D27EC4F9AE02/3998E978B89811ECB89A3A27C4F9AE02.roa
File: 3998E978B89811ECB89A3A27C4F9AE02.roa (raw, json)
Hash identifier: fIgxq6BFKX8HYiWK8AnAC3NsfpCN2fXiZPo32dlIdxE=
Subject key identifier: 4F:A3:FE:61:DF:50:BB:A2:1C:60:E3:D0:4A:63:FE:A6:4A:47:C6:47
Certificate issuer: /CN=A91EBB2D/serialNumber=39DD6335399F12B819211CE91AA7DCF62F6D81BC
Certificate serial: 0204
Authority key identifier: 39:DD:63:35:39:9F:12:B8:19:21:1C:E9:1A:A7:DC:F6:2F:6D:81:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Od1jNTmfErgZIRzpGqfc9i9tgbw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBB2D/965BD57EB89511EC8242D27EC4F9AE02/3998E978B89811ECB89A3A27C4F9AE02.roa
Signing time: Fri 11 Aug 2023 02:43:08 +0000
ROA not before: Fri 11 Aug 2023 02:43:08 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 149774
IP address blocks: 103.186.20.0/23 maxlen: 23
103.186.20.0/24 maxlen: 24
103.186.21.0/24 maxlen: 24
2400:6c60::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 12 Oct 2023 08:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 516 (0x204)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBB2D/serialNumber=39DD6335399F12B819211CE91AA7DCF62F6D81BC
Validity
Not Before: Aug 11 02:43:08 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64d5a03c-1c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3f:fb:9f:ca:fa:d5:74:b6:9f:0e:fe:1b:a1:
14:28:39:13:44:b7:43:2c:32:21:e8:ae:00:e3:78:
88:e2:93:5d:eb:65:73:02:79:52:f5:de:1c:84:4f:
69:c1:a7:b2:08:95:c1:49:5e:41:32:b3:9a:16:0c:
62:1c:7f:33:98:11:b2:a9:4e:cc:7f:cc:bb:b9:47:
83:49:05:43:8a:95:d1:44:8b:f6:d7:70:0f:77:1f:
f0:1c:b1:d7:92:36:04:f8:61:dd:51:af:68:fd:0a:
88:c7:3a:c6:04:b5:e5:5e:03:c8:77:06:87:a2:85:
f6:72:54:45:fb:08:fa:37:c8:d3:15:11:18:80:4d:
16:a2:28:75:00:a7:66:ee:c7:65:6b:30:fb:fe:7a:
5d:20:0f:dd:70:36:d5:e5:77:2d:90:be:5c:e7:02:
bd:cf:db:90:4d:9b:2f:b5:61:9d:d3:c5:cb:c1:0a:
b2:d0:ac:c1:36:a2:74:24:bd:d8:a0:8f:a1:2f:ea:
77:c0:df:b6:b9:77:94:20:84:d2:42:d0:e9:63:87:
ca:aa:84:dd:c1:01:49:c9:4b:11:77:00:a5:e3:21:
ba:d6:d5:9c:b5:2a:5b:46:e8:83:02:fe:bf:34:82:
7d:70:0f:e9:70:e6:b9:34:2c:ba:6c:14:c7:f2:8a:
28:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A3:FE:61:DF:50:BB:A2:1C:60:E3:D0:4A:63:FE:A6:4A:47:C6:47
X509v3 Authority Key Identifier:
keyid:39:DD:63:35:39:9F:12:B8:19:21:1C:E9:1A:A7:DC:F6:2F:6D:81:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBB2D/965BD57EB89511EC8242D27EC4F9AE02/Od1jNTmfErgZIRzpGqfc9i9tgbw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Od1jNTmfErgZIRzpGqfc9i9tgbw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBB2D/965BD57EB89511EC8242D27EC4F9AE02/3998E978B89811ECB89A3A27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.20.0/23
IPv6:
2400:6c60::/32
Signature Algorithm: sha256WithRSAEncryption
de:da:8d:a5:bd:f4:bc:a1:9d:44:75:49:06:bb:bf:ec:1e:d1:
8a:cd:bb:4d:b7:d1:d4:ca:3a:bc:d4:3e:6d:f9:dd:53:e3:75:
a3:8b:a3:79:9e:60:3f:0b:d3:35:ea:e4:32:b0:48:65:c7:f5:
b1:36:33:84:62:ee:45:a8:fc:36:81:13:c6:2f:92:c5:56:bb:
d6:e2:81:a7:e7:b5:d6:77:4a:1f:fb:50:78:cb:2f:47:47:ce:
b2:4b:51:a4:55:c5:55:05:65:da:86:09:6a:11:00:47:1e:59:
fa:ce:72:79:79:5f:4e:c8:43:9c:a0:aa:49:f2:57:0d:d6:48:
4f:01:c2:aa:49:f4:be:62:75:ff:37:b7:78:a7:a2:76:ac:99:
a9:06:01:a8:d1:39:07:82:71:6b:4e:53:ba:55:18:e4:33:3a:
49:43:29:ee:5b:d2:1c:af:4b:83:e9:cf:7c:c0:77:31:c8:5a:
1a:c0:f9:6f:d6:8b:7c:4a:d9:6e:bb:73:ca:f3:c0:ef:8f:91:
11:26:2f:d7:a8:20:67:b6:ab:ef:c6:3a:68:84:fc:90:4c:44:
1f:a2:a4:40:07:ab:f6:fb:60:99:cf:8c:b2:7a:86:c3:da:b2:
29:1a:b3:27:a9:8c:cc:df:0f:21:d7:1a:9b:33:51:e3:b5:54:
54:3f:b9:ed
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJCMkQxMTAvBgNVBAUTKDM5REQ2MzM1Mzk5RjEyQjgxOTIxMUNFOTFBQTdEQ0Y2
MkY2RDgxQkMwHhcNMjMwODExMDI0MzA4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ1YTAzYy0xYzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuz/7n8r61XS2nw7+G6EUKDkTRLdDLDIh6K4A43iI4pNd62VzAnlS9d4chE9p
waeyCJXBSV5BMrOaFgxiHH8zmBGyqU7Mf8y7uUeDSQVDipXRRIv213APdx/wHLHX
kjYE+GHdUa9o/QqIxzrGBLXlXgPIdwaHooX2clRF+wj6N8jTFREYgE0Woih1AKdm
7sdlazD7/npdIA/dcDbV5XctkL5c5wK9z9uQTZsvtWGd08XLwQqy0KzBNqJ0JL3Y
oI+hL+p3wN+2uXeUIITSQtDpY4fKqoTdwQFJyUsRdwCl4yG61tWctSpbRuiDAv6/
NIJ9cA/pcOa5NCy6bBTH8ooo8QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFE+j/mHf
ULuiHGDj0Epj/qZKR8ZHMB8GA1UdIwQYMBaAFDndYzU5nxK4GSEc6Rqn3PYvbYG8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkIyRC85NjVCRDU3RUI4
OTUxMUVDODI0MkQyN0VDNEY5QUUwMi9PZDFqTlRtZkVyZ1pJUnpwR3FmYzlpOXRn
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09kMWpOVG1mRXJnWklSenBHcWZjOWk5dGdidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJCMkQvOTY1QkQ1N0VCODk1MTFFQzgyNDJEMjdFQzRGOUFFMDIvMzk5OEU5NzhC
ODk4MTFFQ0I4OUEzQTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnuhQwDQQCAAIwBwMFACQAbGAwDQYJKoZIhvcNAQELBQAD
ggEBAN7ajaW99LyhnUR1SQa7v+we0YrNu0230dTKOrzUPm353VPjdaOLo3meYD8L
0zXq5DKwSGXH9bE2M4Ri7kWo/DaBE8YvksVWu9bigafntdZ3Sh/7UHjLL0dHzrJL
UaRVxVUFZdqGCWoRAEceWfrOcnl5X07IQ5ygqknyVw3WSE8BwqpJ9L5idf83t3in
onasmakGAajROQeCcWtOU7pVGOQzOklDKe5b0hyvS4Ppz3zAdzHIWhrA+W/Wi3xK
2W67c8rzwO+PkREmL9eoIGe2q+/GOmiE/JBMRB+ipEAHq/b7YJnPjLJ6hsPasika
syepjMzfDyHXGpszUeO1VFQ/ue0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org