Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143BD2/D077C4A69B5011EB9B69B525C4F9AE02/992B412E9B5211EBB9E83D28C4F9AE02.roa
File: 992B412E9B5211EBB9E83D28C4F9AE02.roa (raw, json)
Hash identifier: HlAgtRp8QObS4e5v8S8O2ho2tVkE/1Pf0JSB3aPcle8=
Subject key identifier: 2B:83:DA:B8:8B:9F:FC:3C:96:69:64:F0:90:B3:6A:D3:45:3C:2F:71
Certificate issuer: /CN=A9143BD2/serialNumber=A5DBD7DA8069F3E3D2D00FCA415A164053B7DAA6
Certificate serial: 04B7
Authority key identifier: A5:DB:D7:DA:80:69:F3:E3:D2:D0:0F:CA:41:5A:16:40:53:B7:DA:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pdvX2oBp8-PS0A_KQVoWQFO32qY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143BD2/D077C4A69B5011EB9B69B525C4F9AE02/992B412E9B5211EBB9E83D28C4F9AE02.roa
Signing time: Wed 07 Jun 2023 02:09:56 +0000
ROA not before: Wed 07 Jun 2023 02:09:56 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 135343
IP address blocks: 103.214.192.0/22 maxlen: 22
103.214.192.0/24 maxlen: 24
103.214.193.0/24 maxlen: 24
103.214.194.0/24 maxlen: 24
103.214.195.0/24 maxlen: 24
144.48.140.0/22 maxlen: 22
144.48.140.0/24 maxlen: 24
144.48.141.0/24 maxlen: 24
144.48.142.0/24 maxlen: 24
144.48.143.0/24 maxlen: 24
2001:df1:b200::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jan 2024 10:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1207 (0x4b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143BD2/serialNumber=A5DBD7DA8069F3E3D2D00FCA415A164053B7DAA6
Validity
Not Before: Jun 7 02:09:56 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=647fe6f4-0eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:20:a6:7d:1a:ff:49:98:67:91:25:89:fc:2f:
87:07:a0:93:0c:db:ad:93:a2:93:95:45:90:66:f8:
04:c0:ad:c8:80:62:52:a2:8a:c0:ce:c7:e1:4b:1d:
10:3d:2c:bb:fd:c5:e0:27:b2:c8:1c:0a:25:6e:50:
85:89:6e:c9:02:7a:9a:c0:69:0f:f8:00:21:97:95:
5b:20:a8:bb:58:6c:73:a6:2d:8c:d2:b0:9c:75:8d:
7d:82:4b:60:c9:af:83:cc:83:0a:49:90:55:cd:55:
af:56:c5:5d:e7:7b:e5:48:c4:cd:c8:5d:d1:e0:c8:
b9:95:14:37:79:f4:43:9d:7c:53:ba:eb:55:b0:19:
ce:f5:99:14:65:70:83:bf:77:ea:0e:0d:d4:e4:91:
9b:24:dd:6f:6b:3a:ae:25:76:bf:f9:63:0f:32:2f:
a4:7b:43:92:32:83:a6:4a:74:6b:5c:12:8c:65:8e:
a5:83:5c:6b:38:28:ee:47:d7:d3:63:2b:51:11:20:
f7:5d:59:df:6a:b6:d3:21:69:84:34:77:15:ad:47:
fe:cd:e1:41:f3:44:66:73:fc:44:88:bd:f7:98:2b:
e6:10:15:b1:f6:4e:75:3d:61:f2:0d:44:aa:1f:49:
ea:6d:dc:e4:8f:84:56:ef:8d:49:1d:68:2b:43:98:
62:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:83:DA:B8:8B:9F:FC:3C:96:69:64:F0:90:B3:6A:D3:45:3C:2F:71
X509v3 Authority Key Identifier:
keyid:A5:DB:D7:DA:80:69:F3:E3:D2:D0:0F:CA:41:5A:16:40:53:B7:DA:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143BD2/D077C4A69B5011EB9B69B525C4F9AE02/pdvX2oBp8-PS0A_KQVoWQFO32qY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pdvX2oBp8-PS0A_KQVoWQFO32qY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143BD2/D077C4A69B5011EB9B69B525C4F9AE02/992B412E9B5211EBB9E83D28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.192.0/22
144.48.140.0/22
IPv6:
2001:df1:b200::/48
Signature Algorithm: sha256WithRSAEncryption
01:1a:3e:85:90:5f:70:54:c4:80:b6:dd:26:ab:a6:75:24:ec:
36:74:e9:a2:d1:a9:96:9b:3d:64:21:b5:0d:66:de:08:7a:7d:
69:dc:cb:1f:09:0b:bf:f4:45:b5:2b:5f:9e:a7:0c:f9:6e:d4:
43:b1:7b:1b:ce:87:c1:21:9a:df:33:3a:ea:30:a3:de:48:fc:
36:c6:8a:82:65:ce:3e:3f:56:5e:ac:e3:66:e1:f5:c4:9d:17:
a0:ec:75:0f:de:df:21:5d:49:32:f1:cf:84:9c:67:93:d9:cb:
51:9f:f5:3b:ff:ef:d1:c8:5e:27:58:5f:ad:4a:e9:0a:cd:b3:
a1:0a:49:2e:c1:79:dd:dd:98:b3:37:10:8b:44:4b:a0:d7:7f:
bc:2a:da:4f:6b:f6:d0:f5:d9:f5:d0:82:8b:76:71:ab:4d:da:
ac:7f:9e:28:44:6b:57:25:93:17:15:1b:c5:b4:47:e0:ff:96:
da:63:67:27:b6:2a:e8:6a:07:c5:fa:36:59:14:9b:e0:c1:58:
b4:4f:4a:33:2a:9f:54:8a:7b:b0:79:0f:34:40:aa:22:26:39:
ee:8e:cc:6f:90:3d:a6:37:bb:48:ad:3d:ec:a8:22:6c:06:6a:
92:12:08:bf:0a:7b:c2:3d:26:82:78:6e:07:2e:7d:bf:fd:6c:
c0:50:63:f5
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBLcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNCRDIxMTAvBgNVBAUTKEE1REJEN0RBODA2OUYzRTNEMkQwMEZDQTQxNUExNjQw
NTNCN0RBQTYwHhcNMjMwNjA3MDIwOTU2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdmZTZmNC0wZWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7CCmfRr/SZhnkSWJ/C+HB6CTDNutk6KTlUWQZvgEwK3IgGJSoorAzsfhSx0Q
PSy7/cXgJ7LIHAolblCFiW7JAnqawGkP+AAhl5VbIKi7WGxzpi2M0rCcdY19gktg
ya+DzIMKSZBVzVWvVsVd53vlSMTNyF3R4Mi5lRQ3efRDnXxTuutVsBnO9ZkUZXCD
v3fqDg3U5JGbJN1vazquJXa/+WMPMi+ke0OSMoOmSnRrXBKMZY6lg1xrOCjuR9fT
YytRESD3XVnfarbTIWmENHcVrUf+zeFB80Rmc/xEiL33mCvmEBWx9k51PWHyDUSq
H0nqbdzkj4RW741JHWgrQ5hi7wIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFCuD2riL
n/w8lmlk8JCzatNFPC9xMB8GA1UdIwQYMBaAFKXb19qAafPj0tAPykFaFkBTt9qm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0JEMi9EMDc3QzRBNjlC
NTAxMUVCOUI2OUI1MjVDNEY5QUUwMi9wZHZYMm9CcDgtUFMwQV9LUVZvV1FGTzMy
cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Bkdlgyb0JwOC1QUzBBX0tRVm9XUUZPMzJxWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNCRDIvRDA3N0M0QTY5QjUwMTFFQjlCNjlCNTI1QzRGOUFFMDIvOTkyQjQxMkU5
QjUyMTFFQkI5RTgzRDI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJn1sADBAKQMIwwDwQCAAIwCQMHACABDfGyADANBgkqhkiG
9w0BAQsFAAOCAQEAARo+hZBfcFTEgLbdJqumdSTsNnTpotGplps9ZCG1DWbeCHp9
adzLHwkLv/RFtStfnqcM+W7UQ7F7G86HwSGa3zM66jCj3kj8NsaKgmXOPj9WXqzj
ZuH1xJ0XoOx1D97fIV1JMvHPhJxnk9nLUZ/1O//v0cheJ1hfrUrpCs2zoQpJLsF5
3d2YszcQi0RLoNd/vCraT2v20PXZ9dCCi3Zxq03arH+eKERrVyWTFxUbxbRH4P+W
2mNnJ7Yq6GoHxfo2WRSb4MFYtE9KMyqfVIp7sHkPNECqIiY57o7Mb5A9pje7SK09
7KgibAZqkhIIvwp7wj0mgnhuBy59v/1swFBj9Q==
-----END CERTIFICATE-----
Generated at Tue Jan 30 13:50:31 2024 by rpki-client on console-fra.rpki-client.org