Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912DFFA/CE81A514032C11EDA8CB406EC4F9AE02/F47441C4033011EDAB29E50DC4F9AE02.roa
File: F47441C4033011EDAB29E50DC4F9AE02.roa (raw, json)
Hash identifier: 4g/5gMrq6d4XAyu8coYJen7EjiTyTsR5YvLQIlT+hdw=
Subject key identifier: 44:C0:38:A1:46:FD:F4:FC:2E:2F:5B:5C:F1:C1:39:43:5E:4E:0F:63
Certificate issuer: /CN=A912DFFA/serialNumber=F9F7E9B4CC31F395C5CDB8FAC9F52FCA57524DE1
Certificate serial: 01D1
Authority key identifier: F9:F7:E9:B4:CC:31:F3:95:C5:CD:B8:FA:C9:F5:2F:CA:57:52:4D:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-ffptMwx85XFzbj6yfUvyldSTeE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912DFFA/CE81A514032C11EDA8CB406EC4F9AE02/F47441C4033011EDAB29E50DC4F9AE02.roa
Signing time: Wed 01 May 2024 05:07:35 +0000
ROA not before: Wed 01 May 2024 05:07:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17483
IP address blocks: 103.227.208.0/24 maxlen: 24
103.227.209.0/24 maxlen: 24
103.227.210.0/24 maxlen: 24
103.227.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 07:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 465 (0x1d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912DFFA/serialNumber=F9F7E9B4CC31F395C5CDB8FAC9F52FCA57524DE1
Validity
Not Before: May 1 05:07:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6631ce17-14cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:23:68:15:70:fb:ba:6a:d3:00:a2:be:1f:36:
b3:0f:c4:75:a2:32:1c:ba:d8:e6:a9:86:a9:26:89:
68:3c:84:61:31:5c:f4:0d:61:8c:36:b2:af:32:27:
a1:cc:10:05:ec:7c:39:9f:5d:a7:05:b2:16:41:c2:
81:64:3f:26:73:94:4c:28:76:37:c4:52:ad:51:22:
e0:c0:e7:4e:13:8c:3d:14:39:a4:e5:7c:ae:c6:bd:
79:19:30:cc:c0:c4:b4:d9:f3:cd:40:ce:0f:f8:99:
d0:7c:b7:44:65:88:21:b6:b0:84:93:88:18:ba:a9:
87:20:df:c5:af:60:68:24:d7:29:3a:0a:90:53:ed:
99:3a:c4:aa:f6:9b:be:96:21:2c:4c:f1:75:21:91:
d6:17:8b:24:3d:de:d4:e2:15:81:df:b6:b1:3d:ad:
01:9a:9c:a1:75:9d:3b:6c:e1:42:75:38:f7:14:61:
de:07:53:97:e5:80:1e:0e:50:23:17:68:6c:e5:31:
f5:57:d9:be:4e:ed:08:18:09:e7:82:a1:d1:3b:e2:
7d:fe:8f:51:5c:c8:2a:9f:05:59:ff:97:ad:70:3d:
1c:70:4a:03:03:ac:5d:f7:2d:b8:ae:e4:27:72:d7:
ca:27:b6:ec:9a:cc:61:04:09:63:c4:9c:78:25:ff:
ec:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C0:38:A1:46:FD:F4:FC:2E:2F:5B:5C:F1:C1:39:43:5E:4E:0F:63
X509v3 Authority Key Identifier:
keyid:F9:F7:E9:B4:CC:31:F3:95:C5:CD:B8:FA:C9:F5:2F:CA:57:52:4D:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912DFFA/CE81A514032C11EDA8CB406EC4F9AE02/-ffptMwx85XFzbj6yfUvyldSTeE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-ffptMwx85XFzbj6yfUvyldSTeE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DFFA/CE81A514032C11EDA8CB406EC4F9AE02/F47441C4033011EDAB29E50DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.227.208.0/22
Signature Algorithm: sha256WithRSAEncryption
20:cb:7c:de:37:d7:d6:18:ab:77:bb:a1:76:c2:f1:22:20:95:
84:21:70:c7:e5:00:cd:c6:a5:0e:57:17:4c:82:75:bc:78:ad:
8e:8c:d8:33:cb:d8:85:6a:f3:2f:be:86:87:5e:85:80:eb:da:
40:ec:80:77:c4:cd:00:a0:72:32:a9:31:58:f9:c6:7c:ec:37:
b6:3e:63:a2:65:be:e9:ba:e8:59:8c:89:10:7d:aa:1f:cc:83:
6f:47:ac:64:0e:eb:3a:33:8b:bc:12:da:73:1a:d9:d6:38:74:
7c:05:53:1e:ab:56:a4:53:6b:0c:72:c9:b8:85:b8:4f:34:3b:
26:cc:a9:68:ba:19:52:51:e3:1a:45:f3:b5:fe:90:50:d7:73:
5b:a7:22:f1:02:72:8f:39:c3:e3:ef:b6:10:1c:16:e0:d4:7b:
3a:0e:27:78:98:44:55:cc:24:42:ef:e1:e8:2d:2b:44:72:4f:
c9:8f:f0:27:fe:db:6d:19:af:de:95:6d:02:5d:da:ae:32:41:
c4:59:cd:ed:57:6e:82:26:2b:24:01:0e:be:b1:fc:94:b4:9b:
ca:0b:74:5e:2d:15:db:74:9c:1e:a7:7a:2d:65:53:30:bd:34:
a8:c3:0b:f3:39:b2:37:6d:de:4b:88:0a:ca:cb:20:0d:e7:2b:
84:10:29:c3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkRGRkExMTAvBgNVBAUTKEY5RjdFOUI0Q0MzMUYzOTVDNUNEQjhGQUM5RjUyRkNB
NTc1MjRERTEwHhcNMjQwNTAxMDUwNzM1WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxY2UxNy0xNGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuiNoFXD7umrTAKK+HzazD8R1ojIcutjmqYapJoloPIRhMVz0DWGMNrKvMieh
zBAF7Hw5n12nBbIWQcKBZD8mc5RMKHY3xFKtUSLgwOdOE4w9FDmk5Xyuxr15GTDM
wMS02fPNQM4P+JnQfLdEZYghtrCEk4gYuqmHIN/Fr2BoJNcpOgqQU+2ZOsSq9pu+
liEsTPF1IZHWF4skPd7U4hWB37axPa0BmpyhdZ07bOFCdTj3FGHeB1OX5YAeDlAj
F2hs5TH1V9m+Tu0IGAnngqHRO+J9/o9RXMgqnwVZ/5etcD0ccEoDA6xd9y24ruQn
ctfKJ7bsmsxhBAljxJx4Jf/sAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFETAOKFG
/fT8Li9bXPHBOUNeTg9jMB8GA1UdIwQYMBaAFPn36bTMMfOVxc24+sn1L8pXUk3h
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyREZGQS9DRTgxQTUxNDAz
MkMxMUVEQThDQjQwNkVDNEY5QUUwMi8tZmZwdE13eDg1WEZ6Ymo2eWZVdnlsZFNU
ZUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1mZnB0TXd4ODVYRnpiajZ5ZlV2eWxkU1RlRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkRGRkEvQ0U4MUE1MTQwMzJDMTFFREE4Q0I0MDZFQzRGOUFFMDIvRjQ3NDQxQzQw
MzMwMTFFREFCMjlFNTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn49AwDQYJKoZIhvcNAQELBQADggEBACDLfN4319YYq3e7
oXbC8SIglYQhcMflAM3GpQ5XF0yCdbx4rY6M2DPL2IVq8y++hodehYDr2kDsgHfE
zQCgcjKpMVj5xnzsN7Y+Y6Jlvum66FmMiRB9qh/Mg29HrGQO6zozi7wS2nMa2dY4
dHwFUx6rVqRTawxyybiFuE80OybMqWi6GVJR4xpF87X+kFDXc1unIvECco85w+Pv
thAcFuDUezoOJ3iYRFXMJELv4egtK0RyT8mP8Cf+220Zr96VbQJd2q4yQcRZze1X
boImKyQBDr6x/JS0m8oLdF4tFdt0nB6nei1lUzC9NKjDC/M5sjdt3kuICsrLIA3n
K4QQKcM=
-----END CERTIFICATE-----
Generated at Tue Sep 10 08:57:20 2024 by rpki-client on console-fra.rpki-client.org