Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/933878EECFC111EEAA0BC146C4F9AE02.roa
File: 933878EECFC111EEAA0BC146C4F9AE02.roa (raw, json)
Hash identifier: 3GYbgBGAo0lR7k8J/InJfxIJSqkBplJuKck85lqRKxE=
Subject key identifier: 30:2E:ED:C7:69:10:9A:31:D9:CC:68:7F:11:44:D4:DA:E9:D9:EE:36
Certificate issuer: /CN=A911486F/serialNumber=E632D38C5A32C217C6EE71D52DEF9F38CA166C51
Certificate serial: E0
Authority key identifier: E6:32:D3:8C:5A:32:C2:17:C6:EE:71:D5:2D:EF:9F:38:CA:16:6C:51
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5jLTjFoywhfG7nHVLe-fOMoWbFE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/933878EECFC111EEAA0BC146C4F9AE02.roa
Signing time: Wed 21 Feb 2024 09:28:07 +0000
ROA not before: Wed 21 Feb 2024 09:28:07 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 150696
IP address blocks: 103.60.204.0/23 maxlen: 23
103.60.204.0/24 maxlen: 24
2400:cf60::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 21 Feb 2024 15:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224 (0xe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911486F/serialNumber=E632D38C5A32C217C6EE71D52DEF9F38CA166C51
Validity
Not Before: Feb 21 09:28:07 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65d5c227-6ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:46:40:de:6a:9b:dc:ca:1a:86:92:e6:fb:64:
61:33:88:cd:16:aa:ec:7c:99:3f:f3:15:6f:f1:af:
4e:a9:5e:a0:52:5b:bb:e9:f8:a2:65:79:29:8e:c7:
64:fb:5a:ec:bb:a9:aa:fd:57:b2:1f:f3:b8:34:ad:
95:a7:8f:66:fe:d1:44:f1:40:ea:cf:5f:5e:2d:ac:
d7:43:45:c3:c3:73:f6:f1:aa:d0:fb:05:e9:25:d1:
c9:4c:6c:c7:9f:fe:fe:f5:ca:b8:9d:31:0f:d0:17:
e1:70:2d:42:e8:79:43:7f:e5:4d:6c:cc:3f:e1:32:
a5:37:25:44:01:e9:38:d4:c3:df:ee:3a:e9:f6:af:
c3:ea:2a:6a:a3:79:94:6c:ba:06:8e:1b:78:b7:30:
8f:e2:4d:4d:31:3f:4e:f8:3d:05:a9:26:94:56:ea:
17:cf:cb:18:bb:1b:0d:2f:ae:b5:f2:09:73:ca:71:
61:01:5a:02:a6:cc:31:96:09:91:0a:32:ba:25:cd:
69:2f:1d:a4:43:b7:9b:16:80:1a:95:ed:27:d4:d4:
f7:f3:57:93:a9:8a:e2:79:de:63:c2:94:26:9d:9d:
46:8b:9e:33:ff:cb:7c:13:69:d4:fd:de:11:51:b2:
58:fa:eb:ce:ff:77:2a:3c:cd:5c:09:24:14:5a:60:
46:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2E:ED:C7:69:10:9A:31:D9:CC:68:7F:11:44:D4:DA:E9:D9:EE:36
X509v3 Authority Key Identifier:
keyid:E6:32:D3:8C:5A:32:C2:17:C6:EE:71:D5:2D:EF:9F:38:CA:16:6C:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/5jLTjFoywhfG7nHVLe-fOMoWbFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5jLTjFoywhfG7nHVLe-fOMoWbFE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/933878EECFC111EEAA0BC146C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.60.204.0/23
IPv6:
2400:cf60::/32
Signature Algorithm: sha256WithRSAEncryption
29:6a:fb:ce:7a:f0:8b:3c:a0:b2:73:1c:33:0e:f0:ff:1a:7f:
c0:3c:bb:a1:54:eb:5a:78:dd:5c:7f:d2:75:50:ee:8f:3f:f9:
ce:99:af:ef:c2:67:e1:9d:d8:b4:38:c5:6c:20:b8:95:77:80:
fb:53:61:6e:18:eb:c6:ef:26:96:79:92:49:6a:c0:1d:bd:51:
46:f3:e5:69:9f:59:37:58:40:63:8b:5b:d9:fd:6b:52:cc:37:
17:36:21:b6:2e:bd:86:8f:d9:ce:58:0f:10:1b:dc:e9:fe:e7:
b8:b2:88:48:cf:d5:65:a5:a2:c7:fd:37:ea:e2:1a:26:87:be:
e2:99:0a:45:7b:36:5c:79:3a:eb:6b:f5:89:8e:bf:9a:d5:02:
4e:67:30:db:e3:55:30:11:0d:24:5f:d9:23:7f:c7:a8:1e:58:
f2:b7:8d:9a:81:56:8b:a7:a6:43:9c:85:cf:94:c4:4d:0b:47:
66:50:fd:b9:82:2d:ad:77:a8:9f:2d:e0:79:04:fd:a3:5b:7e:
76:6c:64:11:ff:aa:8d:86:20:bc:51:56:1b:42:b6:72:39:bb:
81:90:18:e8:42:b9:49:0e:f9:e6:00:fd:e6:e4:87:fd:5c:f0:
a9:85:e8:f7:f9:f5:72:49:6d:34:a0:d5:c7:0d:40:5f:3f:19:
9b:7d:1c:dd
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTQ4NkYxMTAvBgNVBAUTKEU2MzJEMzhDNUEzMkMyMTdDNkVFNzFENTJERUY5RjM4
Q0ExNjZDNTEwHhcNMjQwMjIxMDkyODA3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ1YzIyNy02YWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA30ZA3mqb3MoahpLm+2RhM4jNFqrsfJk/8xVv8a9OqV6gUlu76fiiZXkpjsdk
+1rsu6mq/VeyH/O4NK2Vp49m/tFE8UDqz19eLazXQ0XDw3P28arQ+wXpJdHJTGzH
n/7+9cq4nTEP0BfhcC1C6HlDf+VNbMw/4TKlNyVEAek41MPf7jrp9q/D6ipqo3mU
bLoGjht4tzCP4k1NMT9O+D0FqSaUVuoXz8sYuxsNL6618glzynFhAVoCpswxlgmR
CjK6Jc1pLx2kQ7ebFoAale0n1NT381eTqYried5jwpQmnZ1Gi54z/8t8E2nU/d4R
UbJY+uvO/3cqPM1cCSQUWmBGJQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDAu7cdp
EJox2cxofxFE1Nrp2e42MB8GA1UdIwQYMBaAFOYy04xaMsIXxu5x1S3vnzjKFmxR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNDg2Ri8yMkNGMzQ0ODg2
NkMxMUVEQUZBNUE0NzFDNEY5QUUwMi81akxUakZveXdoZkc3bkhWTGUtZk9Nb1di
RkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVqTFRqRm95d2hmRzduSFZMZS1mT01vV2JGRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTQ4NkYvMjJDRjM0NDg4NjZDMTFFREFGQTVBNDcxQzRGOUFFMDIvOTMzODc4RUVD
RkMxMTFFRUFBMEJDMTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnPMwwDQQCAAIwBwMFACQAz2AwDQYJKoZIhvcNAQELBQAD
ggEBAClq+8568Is8oLJzHDMO8P8af8A8u6FU61p43Vx/0nVQ7o8/+c6Zr+/CZ+Gd
2LQ4xWwguJV3gPtTYW4Y68bvJpZ5kklqwB29UUbz5WmfWTdYQGOLW9n9a1LMNxc2
IbYuvYaP2c5YDxAb3On+57iyiEjP1WWlosf9N+riGiaHvuKZCkV7Nlx5Outr9YmO
v5rVAk5nMNvjVTARDSRf2SN/x6geWPK3jZqBVounpkOchc+UxE0LR2ZQ/bmCLa13
qJ8t4HkE/aNbfnZsZBH/qo2GILxRVhtCtnI5u4GQGOhCuUkO+eYA/ebkh/1c8KmF
6Pf59XJJbTSg1ccNQF8/GZt9HN0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org