Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/B837B23E454211EBAE62CF6BC4F9AE02.roa
File: B837B23E454211EBAE62CF6BC4F9AE02.roa (raw, json)
Hash identifier: wp0Z602McIoGNqbrle8tmHTNDsGbKKg46E2yzJZQnXM=
Subject key identifier: 1A:B5:A5:04:CC:BB:ED:C4:AC:9C:7A:20:DE:04:41:53:E2:1D:2C:2A
Certificate issuer: /CN=A911DFB8/serialNumber=AEBB93EA7A2FC69E2C19CCE782EEF5DDB1CA32BD
Certificate serial: 0626
Authority key identifier: AE:BB:93:EA:7A:2F:C6:9E:2C:19:CC:E7:82:EE:F5:DD:B1:CA:32:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rruT6novxp4sGczngu713bHKMr0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/B837B23E454211EBAE62CF6BC4F9AE02.roa
Signing time: Sat 02 Mar 2024 23:42:32 +0000
ROA not before: Sat 02 Mar 2024 23:42:32 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 138995
IP address blocks: 103.108.185.0/24 maxlen: 24
2001:df4:1500::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 27 Jun 2024 03:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1574 (0x626)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DFB8/serialNumber=AEBB93EA7A2FC69E2C19CCE782EEF5DDB1CA32BD
Validity
Not Before: Mar 2 23:42:32 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65e3b968-c7eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f7:f6:9d:78:1c:2e:e0:aa:b0:27:fb:52:01:
1c:57:9b:12:1a:ff:5e:72:e4:4e:e4:88:a4:25:55:
87:6d:31:92:d7:51:b2:76:98:af:30:d0:be:b7:c4:
55:89:c7:92:aa:d2:14:f3:f2:db:04:43:7d:1f:50:
b7:82:f3:0c:d6:3b:9f:a3:d9:62:80:b4:88:78:1d:
a2:c1:17:27:2c:c3:d0:fb:14:4c:9a:4f:e5:44:10:
b1:0c:5d:00:ae:4c:09:09:45:ed:4c:5a:72:4d:11:
ed:d8:95:f0:86:90:5b:fc:b2:82:b5:ce:89:7d:28:
48:40:27:14:61:18:12:31:ea:1b:ab:5d:49:63:68:
df:88:ef:df:e1:68:41:02:75:e9:15:0d:31:4e:3a:
57:70:32:70:af:35:9c:4b:9b:fc:55:14:ce:fe:0a:
95:1a:ff:46:64:62:1d:3a:79:ce:62:da:95:bd:0e:
68:b1:aa:81:f6:e3:be:35:98:f4:d2:fe:b6:b0:74:
ca:65:54:f4:51:83:72:f4:66:bb:be:e3:93:bb:2e:
b4:20:dd:70:e4:98:13:13:f3:c5:be:c7:66:be:ea:
48:90:3f:3b:0f:d5:d8:4a:46:74:13:9c:4c:07:40:
be:64:8f:bf:74:85:a8:b7:c3:8b:e0:69:7a:a7:b0:
60:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B5:A5:04:CC:BB:ED:C4:AC:9C:7A:20:DE:04:41:53:E2:1D:2C:2A
X509v3 Authority Key Identifier:
keyid:AE:BB:93:EA:7A:2F:C6:9E:2C:19:CC:E7:82:EE:F5:DD:B1:CA:32:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/rruT6novxp4sGczngu713bHKMr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rruT6novxp4sGczngu713bHKMr0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/B837B23E454211EBAE62CF6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.185.0/24
IPv6:
2001:df4:1500::/48
Signature Algorithm: sha256WithRSAEncryption
33:14:e6:da:a7:69:3c:c5:f3:2f:e2:ef:fa:9a:df:a0:08:f9:
61:3b:02:a2:3b:8d:b3:06:50:0a:e3:e0:dc:2b:30:7f:83:5f:
3f:36:10:32:dc:7a:4d:77:6a:92:59:89:6d:f0:25:ef:64:b1:
4a:0f:33:51:d8:e7:56:1f:77:da:95:42:c7:53:ae:20:0f:dc:
71:44:d4:25:1c:cc:80:2a:96:77:65:94:63:22:24:7c:50:0f:
d3:a0:83:61:5b:bb:d3:d5:7a:c1:52:92:20:8d:d5:fe:b0:03:
bd:eb:f5:1c:58:ae:67:24:dd:15:22:0e:b4:b4:52:f1:27:54:
fa:fb:8b:5d:0e:10:46:fc:69:bf:7f:e6:d5:e2:84:e4:8d:cf:
d6:43:cf:ae:b0:24:6c:63:6d:91:ea:07:76:33:48:2f:68:23:
4f:bb:49:59:c4:91:d6:da:df:d3:d9:2c:b9:ab:14:e3:44:7b:
f7:3f:a5:c9:03:65:56:a3:c1:45:a5:ed:93:81:8b:24:5f:56:
7f:95:2e:bd:12:9f:02:b6:ea:fc:11:c2:ee:67:24:8d:ca:eb:
d9:1f:7a:23:90:68:79:83:b4:09:46:07:c0:ce:bc:a5:63:f0:
4c:34:bc:a9:84:7f:19:8e:ad:e4:9c:56:cf:47:96:d4:ce:10:
f4:1c:8f:f5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MURGQjgxMTAvBgNVBAUTKEFFQkI5M0VBN0EyRkM2OUUyQzE5Q0NFNzgyRUVGNURE
QjFDQTMyQkQwHhcNMjQwMzAyMjM0MjMyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUzYjk2OC1jN2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApPf2nXgcLuCqsCf7UgEcV5sSGv9ecuRO5IikJVWHbTGS11GydpivMNC+t8RV
iceSqtIU8/LbBEN9H1C3gvMM1jufo9ligLSIeB2iwRcnLMPQ+xRMmk/lRBCxDF0A
rkwJCUXtTFpyTRHt2JXwhpBb/LKCtc6JfShIQCcUYRgSMeobq11JY2jfiO/f4WhB
AnXpFQ0xTjpXcDJwrzWcS5v8VRTO/gqVGv9GZGIdOnnOYtqVvQ5osaqB9uO+NZj0
0v62sHTKZVT0UYNy9Ga7vuOTuy60IN1w5JgTE/PFvsdmvupIkD87D9XYSkZ0E5xM
B0C+ZI+/dIWot8OL4Gl6p7BgLQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBq1pQTM
u+3ErJx6IN4EQVPiHSwqMB8GA1UdIwQYMBaAFK67k+p6L8aeLBnM54Lu9d2xyjK9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExREZCOC85MDBFQUM1NDQ1
M0QxMUVCQjU1QTYyMjVDNEY5QUUwMi9ycnVUNm5vdnhwNHNHY3puZ3U3MTNiSEtN
cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JydVQ2bm92eHA0c0djem5ndTcxM2JIS01yMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MURGQjgvOTAwRUFDNTQ0NTNEMTFFQkI1NUE2MjI1QzRGOUFFMDIvQjgzN0IyM0U0
NTQyMTFFQkFFNjJDRjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnbLkwDwQCAAIwCQMHACABDfQVADANBgkqhkiG9w0BAQsF
AAOCAQEAMxTm2qdpPMXzL+Lv+prfoAj5YTsCojuNswZQCuPg3Cswf4NfPzYQMtx6
TXdqklmJbfAl72SxSg8zUdjnVh932pVCx1OuIA/ccUTUJRzMgCqWd2WUYyIkfFAP
06CDYVu709V6wVKSII3V/rADvev1HFiuZyTdFSIOtLRS8SdU+vuLXQ4QRvxpv3/m
1eKE5I3P1kPPrrAkbGNtkeoHdjNIL2gjT7tJWcSR1trf09ksuasU40R79z+lyQNl
VqPBRaXtk4GLJF9Wf5UuvRKfArbq/BHC7mckjcrr2R96I5BoeYO0CUYHwM68pWPw
TDS8qYR/GY6t5JxWz0eW1M4Q9ByP9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 27 07:39:38 2024 by rpki-client on console-ams.rpki-client.org