Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F39EC/1355E75266BB11EE8462EE84C4F9AE02/B5408BB266BB11EEB2022486C4F9AE02.roa
File: B5408BB266BB11EEB2022486C4F9AE02.roa (raw, json)
Hash identifier: 0p0lnf2/U/6k+gpVQvTaW1CPtX4WnPibtFZQL9RwPuM=
Subject key identifier: F5:55:F8:DC:BF:EB:05:8B:30:CB:A3:49:B5:8E:71:13:00:06:CD:2C
Certificate issuer: /CN=A91F39EC/serialNumber=E1B9A6EB0C8FAFF7F54C68C05624A28CFD3FADEC
Certificate serial: CB
Authority key identifier: E1:B9:A6:EB:0C:8F:AF:F7:F5:4C:68:C0:56:24:A2:8C:FD:3F:AD:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bmm6wyPr_f1TGjAViSijP0_rew.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F39EC/1355E75266BB11EE8462EE84C4F9AE02/B5408BB266BB11EEB2022486C4F9AE02.roa
Signing time: Fri 25 Oct 2024 04:48:16 +0000
ROA not before: Fri 25 Oct 2024 04:48:16 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 151832
IP address blocks: 103.213.220.0/23 maxlen: 23
103.213.220.0/24 maxlen: 24
103.213.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 12:51:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203 (0xcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F39EC/serialNumber=E1B9A6EB0C8FAFF7F54C68C05624A28CFD3FADEC
Validity
Not Before: Oct 25 04:48:16 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=671b2310-2821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d3:6f:bf:31:28:c8:4a:32:34:1a:a8:59:1e:
63:f7:26:67:bf:2d:ba:07:a2:b8:3d:9d:5f:4e:44:
5c:01:1b:f0:85:de:65:e7:14:f8:84:8e:23:2c:75:
73:e9:d3:2a:f1:7f:b0:3d:3d:b0:92:c9:2f:37:96:
df:e5:0f:1c:34:a3:1e:29:0f:f0:8d:c2:ff:bd:2d:
6a:23:3a:51:bf:f6:99:ae:1e:33:b3:bd:e7:55:e6:
bd:db:55:ea:61:f2:5a:53:ac:f9:f9:02:2f:87:5d:
9d:8d:9c:5b:b5:ba:e5:d6:b6:a1:f8:fa:ea:23:7a:
82:09:fa:00:ed:64:81:a6:49:73:f5:88:b3:f5:a9:
c5:50:b8:b8:d4:4d:58:5a:e9:6d:bc:eb:9f:3f:95:
8a:bd:d3:28:43:04:1e:88:11:bf:d7:97:f2:c4:62:
44:7c:cb:93:69:cc:99:94:9c:57:a1:58:a8:6d:80:
06:d6:6a:25:0e:62:ec:37:3c:b3:7e:53:2e:e1:85:
e0:ef:e0:1a:59:fb:53:18:ca:23:d4:31:4d:39:4e:
b2:72:2e:e2:ca:01:7b:3a:65:75:01:cd:c3:29:16:
39:2a:71:61:fd:07:b0:7a:2b:84:59:8f:64:c3:4d:
41:f7:90:b1:fc:92:46:8e:0f:09:57:a6:77:34:ec:
e7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:55:F8:DC:BF:EB:05:8B:30:CB:A3:49:B5:8E:71:13:00:06:CD:2C
X509v3 Authority Key Identifier:
keyid:E1:B9:A6:EB:0C:8F:AF:F7:F5:4C:68:C0:56:24:A2:8C:FD:3F:AD:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F39EC/1355E75266BB11EE8462EE84C4F9AE02/4bmm6wyPr_f1TGjAViSijP0_rew.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bmm6wyPr_f1TGjAViSijP0_rew.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F39EC/1355E75266BB11EE8462EE84C4F9AE02/B5408BB266BB11EEB2022486C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.220.0/23
Signature Algorithm: sha256WithRSAEncryption
39:38:09:57:3e:52:23:93:0a:c8:13:f5:c9:8c:90:83:62:0a:
77:e0:d3:60:46:ce:d6:ef:25:63:a0:33:9c:f6:1e:25:ab:85:
ed:f5:21:71:59:8d:7c:a6:a8:a7:92:94:a2:f8:72:5d:01:61:
72:d9:14:0d:70:c1:31:cc:8b:ba:0f:90:1f:ec:ff:85:da:13:
50:64:88:7e:3f:40:4a:2c:81:65:0b:48:eb:56:6e:ae:d3:72:
94:ea:24:5e:71:22:bf:23:5a:33:01:84:07:30:32:a3:cc:2d:
3f:ee:59:33:07:f9:4b:83:e4:fe:3b:a0:22:a9:eb:76:bc:9e:
2c:d1:88:25:14:53:2f:ae:10:99:e5:9b:95:cb:da:0c:15:0a:
e0:00:29:df:5d:b0:6c:c6:7d:d7:8d:c6:2c:86:87:29:6a:a4:
db:55:19:1b:1c:51:c7:a4:3e:d2:a4:35:1c:8e:58:b6:f1:ff:
cc:ff:5f:37:39:dc:71:0f:6f:da:e9:2c:8b:04:c4:30:31:2a:
16:6e:37:46:9a:14:15:96:36:fa:33:4d:63:5c:b5:7e:9f:71:
35:58:a4:3d:af:54:36:06:62:a9:93:ef:20:14:65:c0:b8:90:
74:fb:ae:98:d2:2d:09:a8:81:12:72:90:a6:8f:7f:35:90:92:
de:b8:09:27
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjM5RUMxMTAvBgNVBAUTKEUxQjlBNkVCMEM4RkFGRjdGNTRDNjhDMDU2MjRBMjhD
RkQzRkFERUMwHhcNMjQxMDI1MDQ0ODE2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFiMjMxMC0yODIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyNNvvzEoyEoyNBqoWR5j9yZnvy26B6K4PZ1fTkRcARvwhd5l5xT4hI4jLHVz
6dMq8X+wPT2wkskvN5bf5Q8cNKMeKQ/wjcL/vS1qIzpRv/aZrh4zs73nVea921Xq
YfJaU6z5+QIvh12djZxbtbrl1rah+PrqI3qCCfoA7WSBpklz9Yiz9anFULi41E1Y
WultvOufP5WKvdMoQwQeiBG/15fyxGJEfMuTacyZlJxXoViobYAG1molDmLsNzyz
flMu4YXg7+AaWftTGMoj1DFNOU6yci7iygF7OmV1Ac3DKRY5KnFh/QeweiuEWY9k
w01B95Cx/JJGjg8JV6Z3NOzn7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFPVV+Ny/
6wWLMMujSbWOcRMABs0sMB8GA1UdIwQYMBaAFOG5pusMj6/39UxowFYkooz9P63s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzlFQy8xMzU1RTc1MjY2
QkIxMUVFODQ2MkVFODRDNEY5QUUwMi80Ym1tNnd5UHJfZjFUR2pBVmlTaWpQMF9y
ZXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRibW02d3lQcl9mMVRHakFWaVNpalAwX3Jldy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjM5RUMvMTM1NUU3NTI2NkJCMTFFRTg0NjJFRTg0QzRGOUFFMDIvQjU0MDhCQjI2
NkJCMTFFRUIyMDIyNDg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn1dwwDQYJKoZIhvcNAQELBQADggEBADk4CVc+UiOTCsgT
9cmMkINiCnfg02BGztbvJWOgM5z2HiWrhe31IXFZjXymqKeSlKL4cl0BYXLZFA1w
wTHMi7oPkB/s/4XaE1BkiH4/QEosgWULSOtWbq7TcpTqJF5xIr8jWjMBhAcwMqPM
LT/uWTMH+UuD5P47oCKp63a8nizRiCUUUy+uEJnlm5XL2gwVCuAAKd9dsGzGfdeN
xiyGhylqpNtVGRscUcekPtKkNRyOWLbx/8z/Xzc53HEPb9rpLIsExDAxKhZuN0aa
FBWWNvozTWNctX6fcTVYpD2vVDYGYqmT7yAUZcC4kHT7rpjSLQmogRJykKaPfzWQ
kt64CSc=
-----END CERTIFICATE-----
Generated at Mon Nov 4 17:34:01 2024 by rpki-client on console-ams.rpki-client.org