Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/B184AEA47E7111EEB869AD1AC4F9AE02.roa
File: B184AEA47E7111EEB869AD1AC4F9AE02.roa (raw, json)
Hash identifier: LmJGmq2Ayop0EkwRwHAPkTavbUyr6FvfHRyacUH4ESs=
Subject key identifier: A1:F4:41:8B:E4:47:1E:FD:08:28:28:6C:03:8F:38:3A:55:91:9E:E9
Certificate issuer: /CN=A911AB17/serialNumber=42F2791EEAC1FC7D7EC10B69F25E9EE95DAB34E1
Certificate serial: 65
Authority key identifier: 42:F2:79:1E:EA:C1:FC:7D:7E:C1:0B:69:F2:5E:9E:E9:5D:AB:34:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QvJ5HurB_H1-wQtp8l6e6V2rNOE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/B184AEA47E7111EEB869AD1AC4F9AE02.roa
Signing time: Thu 21 Mar 2024 09:20:46 +0000
ROA not before: Thu 21 Mar 2024 09:20:46 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 151805
IP address blocks: 103.218.226.0/23 maxlen: 23
103.218.226.0/24 maxlen: 24
103.218.227.0/24 maxlen: 24
2401:56a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jul 2024 06:15:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101 (0x65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AB17/serialNumber=42F2791EEAC1FC7D7EC10B69F25E9EE95DAB34E1
Validity
Not Before: Mar 21 09:20:46 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65fbfbed-6f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cc:d8:fb:0c:50:c5:a2:e0:74:64:69:e5:ce:
cb:33:b9:a3:36:07:c8:eb:30:cc:66:18:47:e0:c6:
bb:61:a7:47:ed:92:55:de:dc:23:86:8f:8a:a2:ae:
4b:38:ea:96:02:fe:4e:31:6f:23:a8:0f:0c:b1:0c:
f6:4d:6e:d5:bd:ab:25:15:0f:b8:d7:18:96:ce:7e:
49:02:39:9b:dd:22:8f:ad:ad:10:a2:d8:1b:c8:c1:
9a:d3:bd:50:5c:c9:d8:f6:05:58:32:85:38:e5:27:
79:78:0c:88:83:11:8f:32:14:85:80:f2:c5:54:ff:
08:ff:9c:bc:c4:1a:d0:f1:ce:f2:9e:25:a0:c1:74:
43:65:50:0c:aa:38:db:f9:10:52:55:50:40:38:c8:
9c:de:0c:19:42:f4:32:40:ec:50:02:a6:d5:47:f5:
57:9b:94:9a:47:c2:92:48:a5:54:14:ec:44:e6:b5:
ce:9f:96:3c:f2:de:b1:1f:5d:f8:a4:0c:25:4a:20:
ea:02:a6:81:63:f4:06:de:f3:5a:3b:da:b2:e6:6c:
f1:2e:e0:de:7d:46:5e:e4:4a:b4:96:cc:24:59:d5:
81:ad:cc:47:ff:09:e4:cc:96:99:5f:1a:51:0f:e4:
2c:1b:9a:a8:a3:0e:ac:6b:e7:f5:0f:cd:30:46:95:
1e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F4:41:8B:E4:47:1E:FD:08:28:28:6C:03:8F:38:3A:55:91:9E:E9
X509v3 Authority Key Identifier:
keyid:42:F2:79:1E:EA:C1:FC:7D:7E:C1:0B:69:F2:5E:9E:E9:5D:AB:34:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/QvJ5HurB_H1-wQtp8l6e6V2rNOE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QvJ5HurB_H1-wQtp8l6e6V2rNOE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/B184AEA47E7111EEB869AD1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.226.0/23
IPv6:
2401:56a0::/32
Signature Algorithm: sha256WithRSAEncryption
1f:04:34:17:3b:9f:8e:6c:0f:66:d6:26:13:d9:72:69:51:80:
76:8a:39:fa:b2:e1:c2:93:4a:b6:3f:7a:54:02:2a:07:40:73:
ef:0a:6f:24:11:99:8a:b8:bc:92:a8:e0:1e:45:47:6b:42:72:
d7:37:fc:77:53:66:e7:4f:f2:cb:a0:c9:80:ff:89:6f:b9:3e:
ca:1b:4b:86:e3:34:d8:fa:86:4f:54:37:72:9f:13:45:67:d9:
d2:8e:81:8e:7d:f6:2a:9c:ed:a6:04:1b:44:71:1c:91:e8:80:
0e:26:a4:0d:74:2f:f8:99:0e:c0:8c:74:f9:7e:1f:d8:35:4e:
8d:a5:e2:7b:6d:36:e8:8f:b3:e2:6f:15:9f:24:dd:3c:21:06:
1e:95:cc:67:28:7f:8f:31:14:68:82:35:e4:c6:a1:38:f2:56:
22:25:1a:00:95:69:17:01:15:65:42:5a:e5:4e:9e:a0:2d:27:
c2:a1:da:a4:46:1d:4b:7c:8b:c6:3d:99:98:e3:c5:c3:2f:82:
e6:52:0d:37:cc:c2:82:a3:8c:39:e8:6c:5a:10:87:15:8b:c8:
83:cc:22:13:78:c2:79:d7:a3:d9:9c:aa:d4:45:10:e3:79:5c:
77:26:0c:42:bd:bf:a4:63:02:96:a3:96:c6:7e:1b:28:9f:36:
79:6a:bc:41
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBZTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QUIxNzExMC8GA1UEBRMoNDJGMjc5MUVFQUMxRkM3RDdFQzEwQjY5RjI1RTlFRTk1
REFCMzRFMTAeFw0yNDAzMjEwOTIwNDZaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZmJmYmVkLTZmMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0zNj7DFDFouB0ZGnlzsszuaM2B8jrMMxmGEfgxrthp0ftklXe3COGj4qirks4
6pYC/k4xbyOoDwyxDPZNbtW9qyUVD7jXGJbOfkkCOZvdIo+trRCi2BvIwZrTvVBc
ydj2BVgyhTjlJ3l4DIiDEY8yFIWA8sVU/wj/nLzEGtDxzvKeJaDBdENlUAyqONv5
EFJVUEA4yJzeDBlC9DJA7FACptVH9VeblJpHwpJIpVQU7ETmtc6fljzy3rEfXfik
DCVKIOoCpoFj9Abe81o72rLmbPEu4N59Rl7kSrSWzCRZ1YGtzEf/CeTMlplfGlEP
5CwbmqijDqxr5/UPzTBGlR7XAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUofRBi+RH
Hv0IKChsA484OlWRnukwHwYDVR0jBBgwFoAUQvJ5HurB/H1+wQtp8l6e6V2rNOEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBQjE3LzU5NjZERDI2NzJB
NzExRUVCMTBCRTg1MkM0RjlBRTAyL1F2SjVIdXJCX0gxLXdRdHA4bDZlNlYyck5P
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUXZKNUh1ckJfSDEtd1F0cDhsNmU2VjJyTk9FLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QUIxNy81OTY2REQyNjcyQTcxMUVFQjEwQkU4NTJDNEY5QUUwMi9CMTg0QUVBNDdF
NzExMUVFQjg2OUFEMUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWfa4jANBAIAAjAHAwUAJAFWoDANBgkqhkiG9w0BAQsFAAOC
AQEAHwQ0FzufjmwPZtYmE9lyaVGAdoo5+rLhwpNKtj96VAIqB0Bz7wpvJBGZiri8
kqjgHkVHa0Jy1zf8d1Nm50/yy6DJgP+Jb7k+yhtLhuM02PqGT1Q3cp8TRWfZ0o6B
jn32KpztpgQbRHEckeiADiakDXQv+JkOwIx0+X4f2DVOjaXie2026I+z4m8VnyTd
PCEGHpXMZyh/jzEUaII15MahOPJWIiUaAJVpFwEVZUJa5U6eoC0nwqHapEYdS3yL
xj2ZmOPFwy+C5lINN8zCgqOMOehsWhCHFYvIg8wiE3jCedej2Zyq1EUQ43lcdyYM
Qr2/pGMClqOWxn4bKJ82eWq8QQ==
-----END CERTIFICATE-----
Generated at Tue Jul 9 08:24:17 2024 by rpki-client on console-ams.rpki-client.org