Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9111F34/F960D1B401E311ED812E500BC4F9AE02/33A6EB6201E711EDB2C82D0FC4F9AE02.roa
File: 33A6EB6201E711EDB2C82D0FC4F9AE02.roa (raw, json)
Hash identifier: 2hcJYoDU8zN1BgrZgwluPZQpJdlAVF2gUpGtRatTP2Q=
Subject key identifier: CF:F3:FE:AA:CB:11:F4:E8:21:0B:1A:9A:BD:34:85:31:C5:49:A6:AF
Certificate issuer: /CN=A9111F34/serialNumber=460FA8FAFFC8BE409EC2BDF8463705863A45E8E8
Certificate serial: 01D5
Authority key identifier: 46:0F:A8:FA:FF:C8:BE:40:9E:C2:BD:F8:46:37:05:86:3A:45:E8:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Rg-o-v_IvkCewr34RjcFhjpF6Og.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9111F34/F960D1B401E311ED812E500BC4F9AE02/33A6EB6201E711EDB2C82D0FC4F9AE02.roa
Signing time: Wed 01 May 2024 05:07:24 +0000
ROA not before: Wed 01 May 2024 05:07:24 +0000
ROA not after: Thu 29 Aug 2024 00:00:00 +0000
asID: 133427
IP address blocks: 103.227.56.0/24 maxlen: 24
103.227.57.0/24 maxlen: 24
103.227.58.0/24 maxlen: 24
103.227.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 02:45:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 469 (0x1d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9111F34/serialNumber=460FA8FAFFC8BE409EC2BDF8463705863A45E8E8
Validity
Not Before: May 1 05:07:24 2024 GMT
Not After : Aug 29 00:00:00 2024 GMT
Subject: CN=6631ce0c-4473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e3:67:70:65:d3:bb:bf:7a:f7:1c:1d:8a:22:
c3:77:16:4b:19:0b:92:dd:1c:47:2d:1c:c3:0e:c3:
c7:ba:cf:66:b4:e0:62:ef:cc:b9:5d:9d:20:99:1f:
56:15:2b:ca:7e:ad:9b:e0:fe:cf:53:39:63:b6:31:
0b:fb:dc:24:b0:72:bf:d9:97:74:c1:5b:96:1f:89:
59:de:0c:fc:ef:ad:36:26:bb:c7:45:45:18:92:43:
36:15:d2:4f:00:63:c5:61:d5:75:80:87:d1:22:38:
74:94:06:98:99:e0:e3:8a:bf:d6:40:68:1c:e6:b2:
b0:6a:c5:4e:7f:98:25:73:c7:a8:65:d4:36:f8:22:
2c:a0:bd:d4:15:d0:4e:2f:f0:f4:0e:12:2e:fe:a0:
0c:63:30:e1:9b:26:9e:2b:d0:24:bb:27:06:66:b9:
b1:3e:b7:0f:f7:7e:1e:4d:19:a3:8d:96:d7:25:77:
c6:70:a1:a6:18:ed:8f:f3:f5:08:16:4d:63:9c:a5:
9c:05:0c:2e:c0:a2:8d:20:4e:96:55:b3:4c:a9:19:
a0:9e:30:d8:d0:e2:03:8f:8f:86:1a:95:66:3c:d9:
61:02:6d:75:ba:e9:16:1c:02:25:4b:0b:07:08:63:
23:d5:3c:75:6b:0b:b4:d4:d9:97:1f:fe:fa:1a:96:
62:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F3:FE:AA:CB:11:F4:E8:21:0B:1A:9A:BD:34:85:31:C5:49:A6:AF
X509v3 Authority Key Identifier:
keyid:46:0F:A8:FA:FF:C8:BE:40:9E:C2:BD:F8:46:37:05:86:3A:45:E8:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9111F34/F960D1B401E311ED812E500BC4F9AE02/Rg-o-v_IvkCewr34RjcFhjpF6Og.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Rg-o-v_IvkCewr34RjcFhjpF6Og.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111F34/F960D1B401E311ED812E500BC4F9AE02/33A6EB6201E711EDB2C82D0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.227.56.0/22
Signature Algorithm: sha256WithRSAEncryption
45:99:1e:45:c1:07:b0:d2:d6:b1:9c:65:ba:03:4b:22:5f:6c:
f5:4f:b5:8d:74:09:12:17:09:e8:33:f9:9e:29:c8:54:80:6b:
9f:65:de:bb:47:e7:e8:6b:5c:8c:c1:a4:a8:e1:0c:97:54:0d:
57:3a:e7:e5:4b:29:76:6e:f4:7f:5b:d5:43:54:14:67:78:c2:
27:92:42:37:cc:1d:e0:95:d3:89:a5:e0:69:ef:e4:e7:95:89:
d9:05:92:d6:1c:8a:22:43:ed:bd:fb:d3:00:c1:5d:04:74:38:
89:8f:2a:08:4c:7d:4f:4d:23:ef:e7:9a:b4:3d:40:5d:55:f5:
f4:ce:67:ba:39:95:cb:5a:ff:67:dc:c2:0f:09:dc:8e:7e:06:
c8:c9:38:9b:0b:f4:11:b5:c1:5d:4e:ad:aa:0f:e4:75:fb:70:
2b:61:5e:d3:b5:e2:59:48:de:5e:a7:ae:cd:af:d9:ee:05:e8:
fb:67:8e:06:3c:e2:90:c5:07:95:8e:31:ab:25:e4:cf:ac:90:
61:98:8c:c8:6f:9a:dc:78:09:18:69:2b:e1:ff:13:dc:51:06:
93:ef:7d:8b:92:66:30:bb:0b:d3:ad:7b:c8:6c:b9:f7:fd:49:
4d:a7:13:1b:15:ea:ee:0d:3c:06:e7:76:14:b9:b7:77:3f:63:
19:a3:5b:7d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTFGMzQxMTAvBgNVBAUTKDQ2MEZBOEZBRkZDOEJFNDA5RUMyQkRGODQ2MzcwNTg2
M0E0NUU4RTgwHhcNMjQwNTAxMDUwNzI0WhcNMjQwODI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxY2UwYy00NDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ONncGXTu7969xwdiiLDdxZLGQuS3RxHLRzDDsPHus9mtOBi78y5XZ0gmR9W
FSvKfq2b4P7PUzljtjEL+9wksHK/2Zd0wVuWH4lZ3gz87602JrvHRUUYkkM2FdJP
AGPFYdV1gIfRIjh0lAaYmeDjir/WQGgc5rKwasVOf5glc8eoZdQ2+CIsoL3UFdBO
L/D0DhIu/qAMYzDhmyaeK9AkuycGZrmxPrcP934eTRmjjZbXJXfGcKGmGO2P8/UI
Fk1jnKWcBQwuwKKNIE6WVbNMqRmgnjDY0OIDj4+GGpVmPNlhAm11uukWHAIlSwsH
CGMj1Tx1awu01NmXH/76GpZinwIDAQABo4IClTCCApEwHQYDVR0OBBYEFM/z/qrL
EfToIQsamr00hTHFSaavMB8GA1UdIwQYMBaAFEYPqPr/yL5AnsK9+EY3BYY6Rejo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMUYzNC9GOTYwRDFCNDAx
RTMxMUVEODEyRTUwMEJDNEY5QUUwMi9SZy1vLXZfSXZrQ2V3cjM0UmpjRmhqcEY2
T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JnLW8tdl9JdmtDZXdyMzRSamNGaGpwRjZPZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTFGMzQvRjk2MEQxQjQwMUUzMTFFRDgxMkU1MDBCQzRGOUFFMDIvMzNBNkVCNjIw
MUU3MTFFREIyQzgyRDBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn4zgwDQYJKoZIhvcNAQELBQADggEBAEWZHkXBB7DS1rGc
ZboDSyJfbPVPtY10CRIXCegz+Z4pyFSAa59l3rtH5+hrXIzBpKjhDJdUDVc65+VL
KXZu9H9b1UNUFGd4wieSQjfMHeCV04ml4Gnv5OeVidkFktYciiJD7b370wDBXQR0
OImPKghMfU9NI+/nmrQ9QF1V9fTOZ7o5lcta/2fcwg8J3I5+BsjJOJsL9BG1wV1O
raoP5HX7cCthXtO14llI3l6nrs2v2e4F6PtnjgY84pDFB5WOMasl5M+skGGYjMhv
mtx4CRhpK+H/E9xRBpPvfYuSZjC7C9Ote8hsuff9SU2nExsV6u4NPAbndhS5t3c/
YxmjW30=
-----END CERTIFICATE-----
Generated at Tue Jul 23 04:36:19 2024 by rpki-client on console-fra.rpki-client.org