Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/CE553AEE0F1811EEB85A1777C4F9AE02.roa
File: CE553AEE0F1811EEB85A1777C4F9AE02.roa (raw, json)
Hash identifier: sbqsxt9c2o029VmmlzEH+PVn0dUU2gQu32gBzBdQiS0=
Subject key identifier: BE:81:A1:88:2B:B5:D6:61:EF:D1:94:2A:DD:AA:A7:74:ED:FE:00:2D
Certificate issuer: /CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Certificate serial: 0F
Authority key identifier: 10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/CE553AEE0F1811EEB85A1777C4F9AE02.roa
Signing time: Tue 20 Jun 2023 03:46:01 +0000
ROA not before: Tue 20 Jun 2023 03:46:01 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 151403
IP address blocks: 103.221.66.0/23 maxlen: 24
2401:aa0::/32 maxlen: 32
2401:aa0::/34 maxlen: 34
2401:aa0::/48 maxlen: 48
2401:aa0:1::/48 maxlen: 48
2401:aa0:2::/48 maxlen: 48
2401:aa0:3::/48 maxlen: 48
2401:aa0:4::/48 maxlen: 48
2401:aa0:5::/48 maxlen: 48
2401:aa0:6::/48 maxlen: 48
2401:aa0:7::/48 maxlen: 48
2401:aa0:8::/48 maxlen: 48
2401:aa0:4000::/34 maxlen: 34
2401:aa0:8000::/34 maxlen: 34
2401:aa0:c000::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 20 Jun 2023 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Validity
Not Before: Jun 20 03:46:01 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=649120f9-5f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:17:11:6b:92:1e:d0:12:bb:2c:43:98:f7:66:
02:fa:50:e7:47:68:17:2d:fe:7b:0c:a6:ee:03:6f:
4e:cb:71:53:24:e2:b2:4e:12:3d:2e:b3:bb:0f:f1:
90:fb:c6:67:3f:10:ce:86:41:25:96:c7:15:74:fe:
ce:1f:79:96:73:ac:01:46:c3:ec:c8:38:33:61:a0:
9e:82:4a:98:57:61:7e:70:49:7b:41:73:24:e8:a7:
9f:af:c8:ba:e7:ea:9f:be:0b:0e:3e:b2:9f:be:73:
62:ad:0d:88:90:a6:ae:bc:2b:9e:5c:09:13:25:fc:
17:57:fc:67:54:61:d0:b6:dd:9c:28:4b:f1:2b:45:
e7:95:50:f5:86:78:90:e7:95:61:d6:1d:81:5d:d8:
e7:a7:f6:6d:ba:97:d2:a5:0e:b4:9f:07:b7:54:b0:
3f:34:09:3a:fc:4d:02:fa:26:43:49:30:fb:de:72:
d2:2f:3f:84:9e:3e:43:2a:63:c5:f4:cc:3e:b2:a6:
99:7f:03:9d:b2:8d:df:39:31:72:34:38:77:6f:c1:
de:d4:30:17:58:7e:06:a4:ec:ce:e0:e0:4f:ea:4b:
61:38:e8:10:51:cd:fe:c1:3c:7d:26:a1:d9:66:2c:
e0:e6:4f:64:09:53:18:7e:74:ce:31:0f:fa:03:c3:
df:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:81:A1:88:2B:B5:D6:61:EF:D1:94:2A:DD:AA:A7:74:ED:FE:00:2D
X509v3 Authority Key Identifier:
keyid:10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/CE553AEE0F1811EEB85A1777C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.66.0/23
IPv6:
2401:aa0::/32
Signature Algorithm: sha256WithRSAEncryption
33:34:b6:44:12:f9:36:61:63:7c:bc:e5:01:0e:32:ac:34:5a:
b6:a9:ef:70:25:05:a2:68:ad:68:5d:03:20:8c:67:78:8e:f6:
f9:9c:ba:8b:bb:6e:8a:57:2f:2f:bf:a3:78:d7:79:24:ce:d9:
00:04:4a:58:8f:48:bf:ff:9f:90:35:97:08:17:52:61:e9:a5:
a5:f7:ce:f1:af:66:7e:0a:7e:18:86:ee:62:52:e5:e8:a1:66:
cc:84:a3:f0:fd:e5:54:eb:90:2d:4d:e4:64:3e:94:02:d3:e0:
46:88:b2:3b:83:4d:31:93:31:88:2d:7d:de:a5:5f:a4:9e:b7:
15:c6:f3:21:e0:4f:30:4f:96:7f:2c:a9:06:50:6b:31:21:f9:
97:9a:56:41:0c:bc:af:50:75:aa:38:01:01:36:5c:06:36:7a:
c4:da:d0:bc:28:8d:b5:e4:fc:a3:60:b8:2f:d9:35:04:ad:9c:
f0:90:97:42:03:80:63:8d:92:b0:66:fc:71:07:22:d7:b8:67:
67:46:15:65:15:08:49:70:28:52:47:d4:44:53:a5:a8:78:97:
32:b6:ea:31:4c:35:00:48:99:de:22:1d:b3:8e:b1:44:99:ce:
fe:7d:21:63:28:29:c1:ff:94:06:5d:2f:01:0e:bd:a7:29:e5:
29:80:5c:7a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBDzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
ODNGMDExMC8GA1UEBRMoMTAzNkMxRTBGRkUxQ0ZDMzdENjU1RDg5RkE2NUQ2NUZF
MjJFMUY3QTAeFw0yMzA2MjAwMzQ2MDFaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OTEyMGY5LTVmMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFFxFrkh7QErssQ5j3ZgL6UOdHaBct/nsMpu4Db07LcVMk4rJOEj0us7sP8ZD7
xmc/EM6GQSWWxxV0/s4feZZzrAFGw+zIODNhoJ6CSphXYX5wSXtBcyTop5+vyLrn
6p++Cw4+sp++c2KtDYiQpq68K55cCRMl/BdX/GdUYdC23ZwoS/ErReeVUPWGeJDn
lWHWHYFd2Oen9m26l9KlDrSfB7dUsD80CTr8TQL6JkNJMPvectIvP4SePkMqY8X0
zD6yppl/A52yjd85MXI0OHdvwd7UMBdYfgak7M7g4E/qS2E46BBRzf7BPH0modlm
LODmT2QJUxh+dM4xD/oDw99/AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUvoGhiCu1
1mHv0ZQq3aqndO3+AC0wHwYDVR0jBBgwFoAUEDbB4P/hz8N9ZV2J+mXWX+IuH3ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4M0YwL0RDRkNBNkEyMEE4
MzExRUU5RTZBOTI1MEM0RjlBRTAyL0VEYkI0UF9oejhOOVpWMkotbVhXWC1JdUgz
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRURiQjRQX2h6OE45WlYySi1tWFdYLUl1SDNvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
ODNGMC9EQ0ZDQTZBMjBBODMxMUVFOUU2QTkyNTBDNEY5QUUwMi9DRTU1M0FFRTBG
MTgxMUVFQjg1QTE3NzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWfdQjANBAIAAjAHAwUAJAEKoDANBgkqhkiG9w0BAQsFAAOC
AQEAMzS2RBL5NmFjfLzlAQ4yrDRatqnvcCUFomitaF0DIIxneI72+Zy6i7tuilcv
L7+jeNd5JM7ZAARKWI9Iv/+fkDWXCBdSYemlpffO8a9mfgp+GIbuYlLl6KFmzISj
8P3lVOuQLU3kZD6UAtPgRoiyO4NNMZMxiC193qVfpJ63FcbzIeBPME+WfyypBlBr
MSH5l5pWQQy8r1B1qjgBATZcBjZ6xNrQvCiNteT8o2C4L9k1BK2c8JCXQgOAY42S
sGb8cQci17hnZ0YVZRUISXAoUkfURFOlqHiXMrbqMUw1AEiZ3iIds46xRJnO/n0h
Yygpwf+UBl0vAQ69pynlKYBceg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org