Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/B2E83AC619E011EFB2E3B033C4F9AE02.roa
File: B2E83AC619E011EFB2E3B033C4F9AE02.roa (raw, json)
Hash identifier: 8dKklsd0QWELs+XPWJH0riaI1q/ghPSnhIhzyMgSnRM=
Subject key identifier: F8:DC:C2:FF:14:B5:1A:8E:AF:49:6B:FD:30:92:EC:D8:1F:6E:8B:5D
Certificate issuer: /CN=A91F4FB0/serialNumber=876E6813BF2C1811CD11DE99281ACD44BEC0DE73
Certificate serial: 13
Authority key identifier: 87:6E:68:13:BF:2C:18:11:CD:11:DE:99:28:1A:CD:44:BE:C0:DE:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/B2E83AC619E011EFB2E3B033C4F9AE02.roa
Signing time: Fri 24 May 2024 15:26:14 +0000
ROA not before: Fri 24 May 2024 15:26:14 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 149172
IP address blocks: 103.177.196.0/23 maxlen: 23
2400:3d20::/36 maxlen: 36
2400:3d20:1000::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 24 May 2024 19:55:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F4FB0/serialNumber=876E6813BF2C1811CD11DE99281ACD44BEC0DE73
Validity
Not Before: May 24 15:26:14 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6650b196-523c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1c:3c:f7:b1:7a:2f:f4:1a:62:7b:86:ae:24:
a7:7b:b5:23:eb:48:d6:74:77:3a:39:db:0d:f5:8b:
0c:13:35:92:dc:3a:7e:52:0c:35:fa:ad:b8:10:e2:
34:de:87:65:db:3c:8d:e4:dd:cc:a6:4d:2e:fa:91:
bc:be:d2:6f:08:f2:ea:11:68:94:6a:dc:6f:48:c7:
9d:9f:29:4e:45:6d:b9:ee:f1:dc:19:ed:8b:d5:79:
25:ac:dd:22:03:8d:ac:53:c3:6e:9f:fe:a9:9a:ef:
d7:84:5b:7c:e5:cd:eb:a1:35:1f:5c:09:15:10:64:
3e:b3:7f:c9:29:a6:59:27:ec:60:7a:6c:85:e3:58:
87:da:0b:f3:07:75:96:7e:b0:ce:cc:8d:55:0a:7f:
ae:87:bb:d2:9c:58:2d:d6:16:da:d8:97:a8:0a:35:
e9:93:87:ec:81:61:ff:de:88:4c:6e:e9:05:37:83:
59:e1:c1:44:48:92:bb:b5:d3:31:36:d4:dc:b8:40:
42:66:3d:6a:20:32:23:14:2f:2d:a4:5c:98:cf:d5:
85:cf:82:b0:4a:b0:e5:fd:95:34:ce:3f:2b:8c:39:
58:41:ac:4f:2b:fd:fd:89:91:99:0c:06:7a:94:01:
c3:38:f0:d7:fc:cb:c7:2c:91:95:21:5d:97:90:9b:
2b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DC:C2:FF:14:B5:1A:8E:AF:49:6B:FD:30:92:EC:D8:1F:6E:8B:5D
X509v3 Authority Key Identifier:
keyid:87:6E:68:13:BF:2C:18:11:CD:11:DE:99:28:1A:CD:44:BE:C0:DE:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/h25oE78sGBHNEd6ZKBrNRL7A3nM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/B2E83AC619E011EFB2E3B033C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.196.0/23
IPv6:
2400:3d20::-2400:3d20:10ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:33:a7:c1:65:1b:23:97:45:44:22:d5:d3:ed:25:de:21:31:
2a:28:70:82:0d:9d:90:ef:dc:3c:2e:2b:bc:7e:28:28:2f:27:
dc:c1:af:eb:8d:21:0b:7e:e9:51:96:84:31:8a:20:f7:a4:35:
e6:d8:2b:e2:2a:c9:3a:07:7f:e1:09:78:3e:1f:09:49:21:fb:
f6:a3:f8:97:10:78:8a:95:9d:34:72:b8:df:fa:1c:cd:0b:ec:
d2:09:fe:91:07:b6:b4:04:6d:41:e2:ba:f4:a3:a0:8f:6a:c0:
fb:ad:63:8d:3e:be:be:87:ab:87:5d:5a:bb:51:7a:b1:a5:06:
c4:b1:fa:e5:4c:f0:54:3e:fc:37:07:00:6e:1b:86:59:e0:cb:
1e:43:d5:19:f1:9f:37:a2:df:71:08:c4:4a:6e:a8:c9:2d:36:
85:31:76:0b:29:11:0a:c7:db:c3:74:79:00:93:f6:1a:e8:f1:
a2:0a:66:ea:ef:01:8c:69:10:bd:db:14:ad:e9:a2:b3:91:60:
74:cc:94:49:f6:b2:63:08:46:e0:93:d0:84:92:db:4a:3d:ed:
81:ad:f7:05:62:b2:48:f1:9c:09:09:18:74:8d:e5:98:69:20:
88:76:fd:f9:14:bd:7e:a6:0e:39:f2:75:6d:23:8d:c4:f2:97:
ea:00:d9:6b
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
NEZCMDExMC8GA1UEBRMoODc2RTY4MTNCRjJDMTgxMUNEMTFERTk5MjgxQUNENDRC
RUMwREU3MzAeFw0yNDA1MjQxNTI2MTRaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTBiMTk2LTUyM2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcHDz3sXov9Bpie4auJKd7tSPrSNZ0dzo52w31iwwTNZLcOn5SDDX6rbgQ4jTe
h2XbPI3k3cymTS76kby+0m8I8uoRaJRq3G9Ix52fKU5Fbbnu8dwZ7YvVeSWs3SID
jaxTw26f/qma79eEW3zlzeuhNR9cCRUQZD6zf8kpplkn7GB6bIXjWIfaC/MHdZZ+
sM7MjVUKf66Hu9KcWC3WFtrYl6gKNemTh+yBYf/eiExu6QU3g1nhwURIkru10zE2
1Ny4QEJmPWogMiMULy2kXJjP1YXPgrBKsOX9lTTOPyuMOVhBrE8r/f2JkZkMBnqU
AcM48Nf8y8cskZUhXZeQmyudAgMBAAGjggKuMIICqjAdBgNVHQ4EFgQU+NzC/xS1
Go6vSWv9MJLs2B9ui10wHwYDVR0jBBgwFoAUh25oE78sGBHNEd6ZKBrNRL7A3nMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY0RkIwLzA1OENFQzE0MTlC
RDExRUZCRDMzRTA4MkM0RjlBRTAyL2gyNW9FNzhzR0JITkVkNlpLQnJOUkw3QTNu
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaDI1b0U3OHNHQkhORWQ2WktCck5STDdBM25NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NEZCMC8wNThDRUMxNDE5QkQxMUVGQkQzM0UwODJDNEY5QUUwMi9CMkU4M0FDNjE5
RTAxMUVGQjJFM0IwMzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA4BggrBgEFBQcBBwEB/wQp
MCcwDAQCAAEwBgMEAWexxDAXBAIAAjARMA8DBQUkAD0gAwYAJAA9IBAwDQYJKoZI
hvcNAQELBQADggEBAEMzp8FlGyOXRUQi1dPtJd4hMSoocIINnZDv3DwuK7x+KCgv
J9zBr+uNIQt+6VGWhDGKIPekNebYK+IqyToHf+EJeD4fCUkh+/aj+JcQeIqVnTRy
uN/6HM0L7NIJ/pEHtrQEbUHiuvSjoI9qwPutY40+vr6Hq4ddWrtRerGlBsSx+uVM
8FQ+/DcHAG4bhlngyx5D1Rnxnzei33EIxEpuqMktNoUxdgspEQrH28N0eQCT9hro
8aIKZurvAYxpEL3bFK3porORYHTMlEn2smMIRuCT0ISS20o97YGt9wViskjxnAkJ
GHSN5ZhpIIh2/fkUvX6mDjnydW0jjcTyl+oA2Ws=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:48 2024 by rpki-client on console-fra.rpki-client.org