Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91115D5/4EBCAF26D0AF11E8AAEB0756C4F9AE02/A0132DECE83711E888AF3B5FC4F9AE02.roa
File: A0132DECE83711E888AF3B5FC4F9AE02.roa (raw, json)
Hash identifier: XEzHI1hWDyt48W3XtsdD/1151adSZS9mQX0SQTPShNo=
Subject key identifier: F1:3A:CD:B5:9C:8C:58:21:38:95:6C:B4:DC:D8:46:89:86:95:96:40
Certificate issuer: /CN=A91115D5/serialNumber=476F572A380236AF33F62D82A5BA264D2FBBAD7C
Certificate serial: 11A3
Authority key identifier: 47:6F:57:2A:38:02:36:AF:33:F6:2D:82:A5:BA:26:4D:2F:BB:AD:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R29XKjgCNq8z9i2CpbomTS-7rXw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91115D5/4EBCAF26D0AF11E8AAEB0756C4F9AE02/A0132DECE83711E888AF3B5FC4F9AE02.roa
Signing time: Tue 26 Mar 2024 18:06:10 +0000
ROA not before: Tue 26 Mar 2024 18:06:10 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 23607
IP address blocks: 103.86.36.0/22 maxlen: 22
103.86.36.0/24 maxlen: 24
103.86.37.0/24 maxlen: 24
103.86.38.0/24 maxlen: 24
103.86.39.0/24 maxlen: 24
116.204.164.0/22 maxlen: 22
116.204.164.0/24 maxlen: 24
116.204.165.0/24 maxlen: 24
116.204.166.0/24 maxlen: 24
116.204.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 16:14:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4515 (0x11a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115D5/serialNumber=476F572A380236AF33F62D82A5BA264D2FBBAD7C
Validity
Not Before: Mar 26 18:06:10 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66030e91-7f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:01:59:6e:8f:a8:f4:2a:ad:53:9f:fc:f0:35:
ec:8a:64:f7:81:d9:76:e0:fd:6a:cc:2a:11:60:1a:
99:6c:2c:c3:81:41:ee:bc:b7:a6:9d:24:c3:15:eb:
e7:0c:7d:37:de:a3:69:0f:b6:01:da:32:65:b3:42:
57:9f:0f:0a:e2:27:b6:0e:84:09:8d:b2:66:9e:91:
33:9a:95:17:22:e0:59:50:b2:2a:88:f2:ab:b0:36:
ad:fe:12:53:60:3e:cd:c9:3c:98:bf:a6:d3:51:f0:
d8:20:84:d0:57:1a:ba:f0:e9:b9:a4:e9:5b:56:3e:
ae:bf:c3:44:69:bb:0c:ff:4f:b3:99:4e:be:18:80:
99:3d:dc:6c:e1:46:68:b4:26:ca:1f:f7:2e:ce:e2:
e8:53:43:37:5a:1b:c4:3a:1a:10:a1:c1:ef:c2:08:
07:39:26:17:f4:19:14:9d:ef:3b:93:50:b0:1d:15:
ab:c8:82:81:65:af:79:96:bd:41:28:32:d2:06:e6:
5c:6a:c2:03:8e:9e:5a:50:2b:eb:8d:e1:53:30:9b:
71:63:81:4c:b3:a3:ed:a2:4f:33:51:51:e9:f4:53:
73:28:96:48:76:08:cd:8a:b2:b3:a0:3b:fd:80:10:
72:58:f8:ed:22:86:53:8d:12:3d:0f:6f:2d:3d:23:
b5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:3A:CD:B5:9C:8C:58:21:38:95:6C:B4:DC:D8:46:89:86:95:96:40
X509v3 Authority Key Identifier:
keyid:47:6F:57:2A:38:02:36:AF:33:F6:2D:82:A5:BA:26:4D:2F:BB:AD:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91115D5/4EBCAF26D0AF11E8AAEB0756C4F9AE02/R29XKjgCNq8z9i2CpbomTS-7rXw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R29XKjgCNq8z9i2CpbomTS-7rXw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91115D5/4EBCAF26D0AF11E8AAEB0756C4F9AE02/A0132DECE83711E888AF3B5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.36.0/22
116.204.164.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:9d:e6:e1:8b:aa:12:01:36:83:dd:9c:be:24:08:7e:06:0f:
45:71:ea:8e:e8:f2:80:65:1b:bd:34:39:a4:3a:45:5e:61:56:
91:a3:0e:88:25:c5:9d:3a:e1:ef:74:50:12:d4:39:1b:79:c4:
ef:41:da:14:d1:46:ac:66:dc:fd:02:6b:1d:d8:45:2b:0a:43:
16:56:c4:28:20:31:f6:61:d0:7e:3e:a7:c0:7d:e5:af:d1:05:
7e:af:0c:c5:1e:37:69:24:94:61:e9:98:82:c9:ea:f7:f3:b6:
bd:b3:b2:91:2d:70:46:ee:58:25:6b:c4:97:27:e5:7d:28:55:
7b:b7:33:bd:e4:78:42:93:95:6c:89:4b:e3:55:2d:95:3e:fa:
61:4f:2b:6f:a7:e2:31:13:75:75:e5:fa:4e:d2:6a:b8:74:e1:
62:49:c0:5e:23:89:72:db:dc:16:d8:d0:8f:4d:0c:f7:11:83:
f5:e5:ae:50:23:29:0f:b2:54:5c:08:c8:f0:7c:8e:5a:a3:d1:
01:6e:fb:f3:99:59:87:53:c3:f0:4f:5d:97:46:f9:28:19:6a:
16:eb:39:f4:2d:84:69:cb:71:73:e4:e4:78:f7:57:ea:34:65:
e5:a3:a2:92:ae:45:d6:e9:db:d5:05:98:5e:9d:e1:3a:46:e7:
bc:68:6f:49
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEaMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTE1RDUxMTAvBgNVBAUTKDQ3NkY1NzJBMzgwMjM2QUYzM0Y2MkQ4MkE1QkEyNjRE
MkZCQkFEN0MwHhcNMjQwMzI2MTgwNjEwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzMGU5MS03ZjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5wFZbo+o9CqtU5/88DXsimT3gdl24P1qzCoRYBqZbCzDgUHuvLemnSTDFevn
DH033qNpD7YB2jJls0JXnw8K4ie2DoQJjbJmnpEzmpUXIuBZULIqiPKrsDat/hJT
YD7NyTyYv6bTUfDYIITQVxq68Om5pOlbVj6uv8NEabsM/0+zmU6+GICZPdxs4UZo
tCbKH/cuzuLoU0M3WhvEOhoQocHvwggHOSYX9BkUne87k1CwHRWryIKBZa95lr1B
KDLSBuZcasIDjp5aUCvrjeFTMJtxY4FMs6Ptok8zUVHp9FNzKJZIdgjNirKzoDv9
gBByWPjtIoZTjRI9D28tPSO1TwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPE6zbWc
jFghOJVstNzYRomGlZZAMB8GA1UdIwQYMBaAFEdvVyo4AjavM/YtgqW6Jk0vu618
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTVENS80RUJDQUYyNkQw
QUYxMUU4QUFFQjA3NTZDNEY5QUUwMi9SMjlYS2pnQ05xOHo5aTJDcGJvbVRTLTdy
WHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1IyOVhLamdDTnE4ejlpMkNwYm9tVFMtN3JYdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTE1RDUvNEVCQ0FGMjZEMEFGMTFFOEFBRUIwNzU2QzRGOUFFMDIvQTAxMzJERUNF
ODM3MTFFODg4QUYzQjVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnViQDBAJ0zKQwDQYJKoZIhvcNAQELBQADggEBAJ6d5uGL
qhIBNoPdnL4kCH4GD0Vx6o7o8oBlG700OaQ6RV5hVpGjDoglxZ064e90UBLUORt5
xO9B2hTRRqxm3P0Cax3YRSsKQxZWxCggMfZh0H4+p8B95a/RBX6vDMUeN2kklGHp
mILJ6vfztr2zspEtcEbuWCVrxJcn5X0oVXu3M73keEKTlWyJS+NVLZU++mFPK2+n
4jETdXXl+k7Sarh04WJJwF4jiXLb3BbY0I9NDPcRg/XlrlAjKQ+yVFwIyPB8jlqj
0QFu+/OZWYdTw/BPXZdG+SgZahbrOfQthGnLcXPk5Hj3V+o0ZeWjopKuRdbp29UF
mF6d4TpG57xob0k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:54 2024 by rpki-client on console-fra.rpki-client.org