Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/A16BFA9CE03011EE9FD7291DC4F9AE02.roa
File: A16BFA9CE03011EE9FD7291DC4F9AE02.roa (raw, json)
Hash identifier: OKUB1S+qDYeFUc1kb7xpOUTrPm9FqnkD5ZuYg/M3Vbk=
Subject key identifier: FF:A7:7A:3B:E5:58:4E:C7:7F:0C:8F:6B:09:FD:CA:A3:5F:8F:90:A0
Certificate issuer: /CN=A91EFBA1/serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6
Certificate serial: 1811
Authority key identifier: 41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/A16BFA9CE03011EE9FD7291DC4F9AE02.roa
Signing time: Tue 30 Apr 2024 17:25:16 +0000
ROA not before: Tue 30 Apr 2024 17:25:16 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 136435
IP address blocks: 103.87.248.0/22 maxlen: 22
103.87.248.0/23 maxlen: 23
103.87.248.0/24 maxlen: 24
103.87.249.0/24 maxlen: 24
103.87.250.0/23 maxlen: 23
103.87.250.0/24 maxlen: 24
103.87.251.0/24 maxlen: 24
203.96.225.0/24 maxlen: 24
203.96.226.0/23 maxlen: 23
203.96.226.0/24 maxlen: 24
203.96.227.0/24 maxlen: 24
2400:dac0::/48 maxlen: 48
2400:dac0:1::/48 maxlen: 48
2400:dac0:2::/48 maxlen: 48
2400:dac0:3::/48 maxlen: 48
2400:dac0:4::/48 maxlen: 48
2400:dac0:5::/48 maxlen: 48
2400:dac0:6::/48 maxlen: 48
2400:dac0:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 May 2024 16:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6161 (0x1811)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EFBA1/serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6
Validity
Not Before: Apr 30 17:25:16 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6631297c-4e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d6:22:5e:a8:8d:5d:1f:91:07:b3:c4:c5:d6:
40:94:a6:f1:d4:b7:62:be:a5:45:a5:56:45:cc:03:
95:4f:fc:0c:61:80:fb:5a:3e:39:5f:0c:90:fe:b5:
85:5f:38:ca:2b:b3:b9:67:0b:a3:53:fb:13:5b:34:
ea:e4:34:81:15:92:04:e2:e2:af:16:11:b9:4a:b2:
6d:69:00:5c:2e:c7:3e:85:bd:6b:e5:54:d7:c1:ac:
f0:8a:bc:c6:37:8d:cb:24:97:37:29:77:e6:4d:e6:
1b:af:ff:27:50:f3:ce:b2:29:06:50:35:f8:d3:e4:
2f:6a:21:fa:fe:e3:5a:7c:5d:6f:f6:5f:ce:a2:3d:
7e:ab:f1:a0:a4:00:83:60:91:69:49:a1:0b:dc:9f:
65:17:45:a3:cf:e9:95:a7:d6:2e:d1:c1:ae:3b:7e:
fa:c2:eb:19:34:c2:ab:7d:43:e7:7c:79:bf:58:47:
f8:bb:8f:53:f8:24:29:f9:9c:14:6a:9f:9a:2e:35:
ae:49:ae:c0:fc:50:e2:26:c8:c8:35:04:0e:42:1e:
d6:e6:5f:79:0c:dd:df:60:97:b3:77:6d:dc:30:37:
8e:1f:79:3d:09:78:27:84:2c:f1:b5:f7:24:46:51:
af:d1:7d:2d:73:e4:29:5e:05:ae:d9:82:62:ae:05:
0b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A7:7A:3B:E5:58:4E:C7:7F:0C:8F:6B:09:FD:CA:A3:5F:8F:90:A0
X509v3 Authority Key Identifier:
keyid:41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/A16BFA9CE03011EE9FD7291DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.87.248.0/22
203.96.225.0-203.96.227.255
IPv6:
2400:dac0::/45
Signature Algorithm: sha256WithRSAEncryption
95:87:52:08:2d:fe:e9:ad:59:7d:aa:b9:f5:a1:51:a6:37:e2:
42:68:7c:9e:e3:89:b2:91:3b:de:3f:c9:74:92:b7:f6:ac:84:
02:fe:7d:0c:82:bc:f7:3e:92:d8:de:ea:fe:80:a7:31:6e:3b:
b2:0f:cf:aa:ff:2d:e2:f7:9c:3c:fc:e6:12:bf:8f:59:38:37:
fe:ac:9a:a6:d4:65:08:4e:1e:c6:81:9f:8f:98:fe:8d:5c:da:
76:b7:f6:5f:59:2b:6d:bc:d7:a6:92:b8:5e:db:06:88:e6:fe:
4a:e9:ca:54:ff:dc:5e:49:c0:aa:9f:cd:72:18:f5:97:23:7c:
17:73:1f:be:c6:df:04:f6:f1:ab:dc:cf:28:bd:d6:30:4f:92:
e4:c1:ee:b4:5f:28:1b:99:88:8f:1d:2d:5d:47:f8:3d:c7:b6:
69:af:fa:b3:b7:5c:72:37:4b:90:9c:30:14:c6:92:3a:ac:06:
2e:bb:9e:19:a7:9e:d8:65:35:76:8d:e9:ff:d6:30:0d:ab:52:
5a:ce:21:99:19:eb:4d:76:9b:72:1a:93:de:0a:8f:25:e6:02:
75:65:af:11:6c:fa:99:fe:42:29:10:10:c3:ad:a7:32:49:04:
25:84:31:21:c9:d1:a7:dd:78:9d:21:9f:cb:a0:d8:a8:8b:01:
6d:2c:31:e9
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgICGBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUZCQTExMTAvBgNVBAUTKDQxNTQwNkVEODBCNEQ5MjdBNDc5QThCQTA0MjExNkFF
MkQxMUExQTYwHhcNMjQwNDMwMTcyNTE2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxMjk3Yy00ZTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4dYiXqiNXR+RB7PExdZAlKbx1LdivqVFpVZFzAOVT/wMYYD7Wj45XwyQ/rWF
XzjKK7O5ZwujU/sTWzTq5DSBFZIE4uKvFhG5SrJtaQBcLsc+hb1r5VTXwazwirzG
N43LJJc3KXfmTeYbr/8nUPPOsikGUDX40+QvaiH6/uNafF1v9l/Ooj1+q/GgpACD
YJFpSaEL3J9lF0Wjz+mVp9Yu0cGuO376wusZNMKrfUPnfHm/WEf4u49T+CQp+ZwU
ap+aLjWuSa7A/FDiJsjINQQOQh7W5l95DN3fYJezd23cMDeOH3k9CXgnhCzxtfck
RlGv0X0tc+QpXgWu2YJirgULcwIDAQABo4ICtDCCArAwHQYDVR0OBBYEFP+nejvl
WE7HfwyPawn9yqNfj5CgMB8GA1UdIwQYMBaAFEFUBu2AtNknpHmougQhFq4tEaGm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkJBMS8yQUQ1MUY0Qzk5
MDMxMUU3QTVFOTVDNkZDNEY5QUUwMi9RVlFHN1lDMDJTZWtlYWk2QkNFV3JpMFJv
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FWUUc3WUMwMlNla2VhaTZCQ0VXcmkwUm9hWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUZCQTEvMkFENTFGNEM5OTAzMTFFN0E1RTk1QzZGQzRGOUFFMDIvQTE2QkZBOUNF
MDMwMTFFRTlGRDcyOTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E
LzAtMBoEAgABMBQDBAJnV/gwDAMEAMtg4QMEAstg4DAPBAIAAjAJAwcDJADawAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCVh1IILf7prVl9qrn1oVGmN+JCaHye44mykTve
P8l0krf2rIQC/n0Mgrz3PpLY3ur+gKcxbjuyD8+q/y3i95w8/OYSv49ZODf+rJqm
1GUITh7GgZ+PmP6NXNp2t/ZfWSttvNemkrhe2waI5v5K6cpU/9xeScCqn81yGPWX
I3wXcx++xt8E9vGr3M8ovdYwT5Lkwe60XygbmYiPHS1dR/g9x7Zpr/qzt1xyN0uQ
nDAUxpI6rAYuu54Zp57YZTV2jen/1jANq1JaziGZGetNdptyGpPeCo8l5gJ1Za8R
bPqZ/kIpEBDDracySQQlhDEhydGn3XidIZ/LoNioiwFtLDHp
-----END CERTIFICATE-----
Generated at Wed May 22 20:06:29 2024 by rpki-client on console-fra.rpki-client.org