Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/B12D673ECE1C11EE9F4BB65AC4F9AE02.roa
File: B12D673ECE1C11EE9F4BB65AC4F9AE02.roa (raw, json)
Hash identifier: VwStVHC+r2VLTDukqYBlg8Zk23HCsQ1cyMWGCHkOdMI=
Subject key identifier: 36:51:24:9F:84:B2:51:E0:4C:6D:24:8F:D6:3B:D2:FF:4F:FD:4A:DA
Certificate issuer: /CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Certificate serial: C5
Authority key identifier: 10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/B12D673ECE1C11EE9F4BB65AC4F9AE02.roa
Signing time: Tue 07 May 2024 14:53:57 +0000
ROA not before: Tue 07 May 2024 14:53:57 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 151403
IP address blocks: 103.221.67.0/24 maxlen: 24
2401:aa0::/32 maxlen: 32
2401:aa0::/34 maxlen: 34
2401:aa0::/48 maxlen: 48
2401:aa0:1::/48 maxlen: 48
2401:aa0:2::/48 maxlen: 48
2401:aa0:3::/48 maxlen: 48
2401:aa0:4::/48 maxlen: 48
2401:aa0:5::/48 maxlen: 48
2401:aa0:6::/48 maxlen: 48
2401:aa0:7::/48 maxlen: 48
2401:aa0:8::/48 maxlen: 48
2401:aa0:4000::/34 maxlen: 34
2401:aa0:8000::/34 maxlen: 34
2401:aa0:c000::/34 maxlen: 34
Validation: Failed, certificate revoked on Thu 16 May 2024 07:18:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197 (0xc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Validity
Not Before: May 7 14:53:57 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=663a4084-fac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:20:d3:61:54:aa:e1:28:45:c8:16:42:35:e5:
21:a8:15:28:f1:64:2e:7e:82:a0:fa:83:a2:69:bc:
91:a3:d7:f0:0c:b7:a6:df:58:9a:f4:2c:ae:e6:97:
f1:c9:1f:8a:d9:8c:fb:37:98:e0:84:43:d8:78:1f:
e0:5a:51:d2:05:29:d6:85:d6:93:99:c4:4a:92:98:
be:7f:1a:ca:07:98:e8:9d:5a:59:f4:f3:8a:55:67:
a5:f1:4f:78:69:17:43:05:a9:c3:e5:60:12:f8:ca:
09:97:95:90:03:17:97:20:76:e0:9f:99:73:ad:96:
6c:cf:d3:3c:7c:e2:1f:bd:77:d5:b9:19:ae:e3:08:
bc:1a:ba:a4:d0:97:52:be:69:22:01:d5:d4:19:e8:
1d:60:b3:05:75:a0:1c:5c:b6:fc:57:5c:ed:78:a6:
b3:7f:09:b6:da:f1:51:7b:39:8b:2c:a3:a4:03:05:
a0:52:9d:66:94:dd:70:06:6f:87:f6:de:19:f0:c7:
6f:cd:23:c7:c4:22:39:cb:0e:bb:59:11:7d:88:6b:
5d:6b:d3:35:6a:ce:c6:29:57:23:3d:cf:13:97:20:
67:4a:fa:9b:ec:0d:9e:fa:94:f9:3b:75:38:21:23:
26:5d:f0:c6:e3:ec:6a:9f:74:f9:a1:d2:ca:57:d9:
da:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:51:24:9F:84:B2:51:E0:4C:6D:24:8F:D6:3B:D2:FF:4F:FD:4A:DA
X509v3 Authority Key Identifier:
keyid:10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/B12D673ECE1C11EE9F4BB65AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.67.0/24
IPv6:
2401:aa0::/32
Signature Algorithm: sha256WithRSAEncryption
b8:6f:0e:47:0a:2b:43:ee:ab:60:d1:ba:d3:16:a8:60:d8:fe:
58:c9:07:44:45:4c:67:6e:8d:55:76:e0:3e:b6:ed:1d:99:9c:
d6:75:cf:59:46:00:89:57:1c:64:3c:16:73:1f:f0:d5:32:4a:
44:00:96:1f:c9:62:78:95:10:80:da:75:b3:fc:15:34:35:61:
28:ad:13:d8:3d:40:eb:ce:64:72:5e:2b:db:f8:ee:4e:66:73:
4b:c2:7d:87:6b:82:7d:23:05:96:60:c3:f0:dd:e1:3f:cb:8b:
15:77:a2:b0:a1:1a:c8:a0:44:5a:dc:a6:c9:db:f5:96:fb:23:
50:b3:c6:56:87:33:f3:91:72:65:31:c7:2b:fc:c1:f7:86:7d:
ad:b2:61:53:3f:ed:20:ae:b1:f3:9a:c7:6c:67:b0:7f:76:b1:
eb:e0:37:37:b0:8c:60:56:0f:6c:50:22:36:15:00:d0:52:9b:
85:4d:c3:ce:c4:57:c7:b8:97:25:c9:72:97:66:9c:ff:26:fb:
d2:8b:1b:8d:dc:ac:d4:58:e4:d9:0b:1d:3d:c9:35:5e:bf:85:
2b:0e:c8:ca:76:af:5b:e9:c5:b7:52:17:e1:a9:9d:81:aa:43:
ea:46:30:fe:ec:31:25:3a:98:88:2e:18:1a:3c:7b:1e:a0:8b:
d3:f4:90:a5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzgzRjAxMTAvBgNVBAUTKDEwMzZDMUUwRkZFMUNGQzM3RDY1NUQ4OUZBNjVENjVG
RTIyRTFGN0EwHhcNMjQwNTA3MTQ1MzU3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNhNDA4NC1mYWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtiDTYVSq4ShFyBZCNeUhqBUo8WQufoKg+oOiabyRo9fwDLem31ia9Cyu5pfx
yR+K2Yz7N5jghEPYeB/gWlHSBSnWhdaTmcRKkpi+fxrKB5jonVpZ9POKVWel8U94
aRdDBanD5WAS+MoJl5WQAxeXIHbgn5lzrZZsz9M8fOIfvXfVuRmu4wi8Grqk0JdS
vmkiAdXUGegdYLMFdaAcXLb8V1zteKazfwm22vFRezmLLKOkAwWgUp1mlN1wBm+H
9t4Z8MdvzSPHxCI5yw67WRF9iGtda9M1as7GKVcjPc8TlyBnSvqb7A2e+pT5O3U4
ISMmXfDG4+xqn3T5odLKV9naHQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDZRJJ+E
slHgTG0kj9Y70v9P/UraMB8GA1UdIwQYMBaAFBA2weD/4c/DfWVdifpl1l/iLh96
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODNGMC9EQ0ZDQTZBMjBB
ODMxMUVFOUU2QTkyNTBDNEY5QUUwMi9FRGJCNFBfaHo4TjlaVjJKLW1YV1gtSXVI
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VEYkI0UF9oejhOOVpWMkotbVhXWC1JdUgzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzgzRjAvRENGQ0E2QTIwQTgzMTFFRTlFNkE5MjUwQzRGOUFFMDIvQjEyRDY3M0VD
RTFDMTFFRTlGNEJCNjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABn3UMwDQQCAAIwBwMFACQBCqAwDQYJKoZIhvcNAQELBQAD
ggEBALhvDkcKK0Puq2DRutMWqGDY/ljJB0RFTGdujVV24D627R2ZnNZ1z1lGAIlX
HGQ8FnMf8NUySkQAlh/JYniVEIDadbP8FTQ1YSitE9g9QOvOZHJeK9v47k5mc0vC
fYdrgn0jBZZgw/Dd4T/LixV3orChGsigRFrcpsnb9Zb7I1CzxlaHM/ORcmUxxyv8
wfeGfa2yYVM/7SCusfOax2xnsH92sevgNzewjGBWD2xQIjYVANBSm4VNw87EV8e4
lyXJcpdmnP8m+9KLG43crNRY5NkLHT3JNV6/hSsOyMp2r1vpxbdSF+GpnYGqQ+pG
MP7sMSU6mIguGBo8ex6gi9P0kKU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org