Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/FDD5F132D27A11EBA814BF52C4F9AE02.roa
File: FDD5F132D27A11EBA814BF52C4F9AE02.roa (raw, json)
Hash identifier: 62DgO8z5j9DdLt0pKPwbHRo/e0hRXDUJsAVMVqxuM0U=
Subject key identifier: B1:9C:2E:C9:F7:11:F1:E8:91:3E:C0:30:8E:B0:44:FD:B1:75:85:61
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 2670
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/FDD5F132D27A11EBA814BF52C4F9AE02.roa
Signing time: Thu 07 Sep 2023 13:16:58 +0000
ROA not before: Thu 07 Sep 2023 13:16:58 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 7489
IP address blocks: 27.100.36.0/23 maxlen: 24
27.100.38.0/23 maxlen: 24
45.124.64.0/22 maxlen: 24
45.249.88.0/22 maxlen: 23
103.192.176.0/22 maxlen: 24
103.196.20.0/23 maxlen: 24
103.217.252.0/22 maxlen: 22
103.217.253.0/24 maxlen: 24
103.217.255.0/24 maxlen: 24
2402:9e80::/48 maxlen: 48
2402:9e80:1::/48 maxlen: 48
2402:9e80:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 19:22:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9840 (0x2670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Sep 7 13:16:58 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64f9cd4a-fd80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:56:fc:9d:79:87:19:d9:3f:7f:37:6d:42:e6:
6d:2a:26:1f:24:c2:10:72:7c:71:0d:bc:7b:43:78:
ef:3a:84:91:2a:4e:37:2c:15:7b:31:89:6e:77:a4:
08:bc:56:6a:94:09:79:5c:c2:f3:65:61:cd:1b:92:
30:29:9f:d2:79:56:b8:9d:8e:52:43:b6:82:dd:05:
9a:11:d4:ff:f6:18:54:c4:40:63:3b:94:6a:06:29:
58:21:b9:97:c6:ae:e4:1c:4f:e9:f0:be:53:20:95:
92:1d:4d:48:a1:14:7c:ed:9d:d9:b9:8f:9c:39:97:
36:20:5d:2a:f5:99:ae:48:10:f1:3c:be:5b:d3:21:
4b:25:14:12:eb:2b:5f:d3:14:a0:68:82:82:dd:5b:
3d:f3:f8:64:d6:d6:4e:02:f3:55:e7:fd:c1:de:3c:
e1:58:7b:68:19:51:d9:87:0a:14:d0:49:7d:2d:83:
cb:da:6f:1c:ca:b5:db:f3:d9:ce:00:48:b0:75:c6:
51:93:42:8f:2d:60:f8:67:6b:41:84:68:ba:d8:e0:
df:c0:8f:e0:67:a9:9f:3c:d8:4d:ba:bc:37:7f:a8:
74:82:ec:36:ab:de:47:59:40:b2:db:8d:24:e9:50:
04:5f:69:ee:cf:f2:32:4a:6f:a5:70:87:a7:10:4a:
5c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:9C:2E:C9:F7:11:F1:E8:91:3E:C0:30:8E:B0:44:FD:B1:75:85:61
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/FDD5F132D27A11EBA814BF52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.100.36.0/22
45.124.64.0/22
45.249.88.0/22
103.192.176.0/22
103.196.20.0/23
103.217.252.0/22
IPv6:
2402:9e80::/47
2402:9e80:5::/48
Signature Algorithm: sha256WithRSAEncryption
75:5b:42:73:17:58:9a:19:ea:21:7b:82:08:4e:74:13:53:71:
af:65:d8:b1:d8:a3:77:0c:a5:51:9c:34:78:c1:4d:1a:ea:2d:
09:60:4b:e7:ec:69:db:21:f7:83:ab:e4:0d:cb:5f:83:5f:4b:
bf:7e:3d:22:e3:49:9f:16:78:6e:57:8b:46:a8:8c:fe:a6:a8:
ee:15:94:fd:68:b8:27:65:54:58:a5:9e:a6:f0:28:b6:a6:97:
7e:5a:ca:56:21:58:91:2a:f2:b6:9d:41:b3:fe:fd:7f:46:90:
d1:41:22:67:2b:f2:ff:a7:74:d7:4f:63:33:b6:56:2b:6f:50:
0b:aa:38:17:67:87:5f:eb:43:94:d2:b6:0b:89:da:5e:a6:c8:
c1:cb:d9:b3:14:7a:ac:77:2e:82:72:fe:c3:02:63:07:24:a5:
88:dc:36:14:1d:d9:da:a9:69:ac:64:88:7f:dc:77:f5:72:b5:
a4:6a:16:b0:88:a5:84:7a:5d:91:f4:fd:9d:dc:60:70:cc:1b:
42:9c:7e:15:ed:96:ba:0d:43:82:1b:9b:aa:bd:01:f4:5c:58:
3a:52:96:39:46:d9:cf:e4:76:c2:aa:36:ca:73:93:ca:d0:9f:
0b:d3:d1:51:7d:3e:14:1d:43:0f:1c:62:1d:52:c5:56:4f:56:
1b:bd:33:7d
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICJnAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjMwOTA3MTMxNjU4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY5Y2Q0YS1mZDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvVb8nXmHGdk/fzdtQuZtKiYfJMIQcnxxDbx7Q3jvOoSRKk43LBV7MYlud6QI
vFZqlAl5XMLzZWHNG5IwKZ/SeVa4nY5SQ7aC3QWaEdT/9hhUxEBjO5RqBilYIbmX
xq7kHE/p8L5TIJWSHU1IoRR87Z3ZuY+cOZc2IF0q9ZmuSBDxPL5b0yFLJRQS6ytf
0xSgaIKC3Vs98/hk1tZOAvNV5/3B3jzhWHtoGVHZhwoU0El9LYPL2m8cyrXb89nO
AEiwdcZRk0KPLWD4Z2tBhGi62ODfwI/gZ6mfPNhNurw3f6h0guw2q95HWUCy240k
6VAEX2nuz/IySm+lcIenEEpctQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFLGcLsn3
EfHokT7AMI6wRP2xdYVhMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvRkRENUYxMzJE
MjdBMTFFQkE4MTRCRjUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMCoEAgABMCQDBAIbZCQDBAItfEADBAIt+VgDBAJnwLADBAFnxBQDBAJn2fww
GAQCAAIwEgMHASQCnoAAAAMHACQCnoAABTANBgkqhkiG9w0BAQsFAAOCAQEAdVtC
cxdYmhnqIXuCCE50E1Nxr2XYsdijdwylUZw0eMFNGuotCWBL5+xp2yH3g6vkDctf
g19Lv349IuNJnxZ4bleLRqiM/qao7hWU/Wi4J2VUWKWepvAotqaXflrKViFYkSry
tp1Bs/79f0aQ0UEiZyvy/6d0109jM7ZWK29QC6o4F2eHX+tDlNK2C4naXqbIwcvZ
sxR6rHcugnL+wwJjBySliNw2FB3Z2qlprGSIf9x39XK1pGoWsIilhHpdkfT9ndxg
cMwbQpx+Fe2Wug1Dghubqr0B9FxYOlKWOUbZz+R2wqo2ynOTytCfC9PRUX0+FB1D
DxxiHVLFVk9WG70zfQ==
-----END CERTIFICATE-----
Generated at Wed Jan 10 21:58:39 2024 by rpki-client on console-fra.rpki-client.org