Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/398C7DEE01E711EDB2C82D0FC4F9AE02.roa
File: 398C7DEE01E711EDB2C82D0FC4F9AE02.roa (raw, json)
Hash identifier: cZdCzrMLzzG7PbWjeFcCcD9G6ybVMZoWW/78IP7lC8I=
Subject key identifier: 9A:94:B0:39:D0:6B:AB:06:DC:00:91:F3:1D:D1:11:B6:D1:40:35:9B
Certificate issuer: /CN=A91546FB/serialNumber=DA5C8F2728408FEEF8256E20388DEB9601E5B510
Certificate serial: 01E5
Authority key identifier: DA:5C:8F:27:28:40:8F:EE:F8:25:6E:20:38:8D:EB:96:01:E5:B5:10
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lyPJyhAj-74JW4gOI3rlgHltRA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/398C7DEE01E711EDB2C82D0FC4F9AE02.roa
Signing time: Mon 03 Jun 2024 05:22:09 +0000
ROA not before: Mon 03 Jun 2024 05:22:09 +0000
ROA not after: Tue 01 Oct 2024 00:00:00 +0000
asID: 17483
IP address blocks: 103.227.156.0/24 maxlen: 24
103.227.157.0/24 maxlen: 24
103.227.158.0/24 maxlen: 24
103.227.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 05:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 485 (0x1e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91546FB/serialNumber=DA5C8F2728408FEEF8256E20388DEB9601E5B510
Validity
Not Before: Jun 3 05:22:09 2024 GMT
Not After : Oct 1 00:00:00 2024 GMT
Subject: CN=665d5301-2d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dd:73:7b:20:98:50:1f:8f:f0:be:a3:8b:cd:
53:8f:ba:09:91:1c:35:5b:c1:ef:6f:fc:4c:51:b4:
31:92:9f:73:38:9a:3f:61:91:de:f5:35:ae:8e:0f:
12:aa:c3:ff:a9:58:1f:17:d7:3d:13:c6:d6:53:1e:
84:2c:88:cb:04:b5:af:51:f6:1a:23:7d:2b:40:4c:
fe:41:77:7f:69:a5:02:68:9e:02:08:67:cf:b4:b8:
51:90:ec:60:f8:a4:b4:bf:8e:7e:15:95:56:84:cb:
ab:b8:51:75:16:28:59:2e:d3:d7:9d:8d:8a:26:e0:
d8:6a:5a:bd:77:49:b7:7b:17:49:32:bb:a1:02:56:
5a:8f:63:f8:1c:c4:73:ab:69:3d:a4:68:2a:f1:67:
3a:95:d7:91:f0:ca:12:ee:39:a5:32:9b:30:60:f3:
c6:45:06:ed:b7:63:c6:c1:f5:7e:0d:f2:e8:e2:76:
6e:4a:de:72:3a:3a:4b:c5:c3:aa:74:a3:f6:4a:28:
b8:e2:06:ad:c1:1f:b2:3a:67:96:f0:5e:c9:4a:16:
fc:1a:2f:24:21:c5:31:2e:92:8b:a2:cb:bb:78:7e:
59:f0:f2:ce:4a:2e:5f:5e:c8:82:4f:8d:a6:f9:52:
23:ab:86:bc:98:eb:c3:ae:e1:98:53:47:51:3e:68:
04:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:94:B0:39:D0:6B:AB:06:DC:00:91:F3:1D:D1:11:B6:D1:40:35:9B
X509v3 Authority Key Identifier:
keyid:DA:5C:8F:27:28:40:8F:EE:F8:25:6E:20:38:8D:EB:96:01:E5:B5:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/2lyPJyhAj-74JW4gOI3rlgHltRA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lyPJyhAj-74JW4gOI3rlgHltRA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/398C7DEE01E711EDB2C82D0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.227.156.0/22
Signature Algorithm: sha256WithRSAEncryption
34:3b:10:f3:8e:6b:61:98:73:55:01:f4:54:ec:e1:61:d9:86:
48:be:e0:0a:f1:ec:fd:db:37:14:ec:bf:ad:8d:d1:bc:97:71:
ca:28:0a:f0:21:d6:1f:93:b1:fe:c5:86:1a:73:0b:43:e5:36:
c7:f3:f8:be:2f:51:dc:9e:31:04:9c:76:f7:93:70:ad:7d:9a:
99:2a:10:e1:9d:c4:31:36:ca:db:5d:88:90:07:bc:52:47:c9:
95:af:c9:10:5a:3e:4b:78:4f:fc:8f:60:92:e1:9c:fe:2c:2a:
13:46:78:94:6d:5b:b3:54:87:68:f4:66:11:aa:e8:c7:d9:c0:
aa:3f:f5:ad:a0:37:54:4d:5a:c7:47:d3:f8:1b:37:a4:1b:4f:
4b:d3:35:b2:85:bc:bf:e4:c9:29:c1:58:cc:24:2d:1f:49:6f:
27:db:3c:d4:ba:6c:fe:51:12:ed:d3:31:3c:58:68:a2:3d:eb:
6b:24:b1:43:1c:1e:f7:e5:b3:f0:7b:a2:33:24:82:d1:87:eb:
62:2f:d5:c3:5b:bf:f2:bc:e3:4d:b0:f8:b9:b6:a0:5c:da:c4:
2a:27:64:39:b0:56:21:02:c5:97:e8:d8:cf:90:bd:4c:43:43:
53:55:42:ea:e3:84:14:ce:7a:e6:5d:bb:4f:c6:bf:e4:ed:de:
19:ae:f3:03
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQ2RkIxMTAvBgNVBAUTKERBNUM4RjI3Mjg0MDhGRUVGODI1NkUyMDM4OERFQjk2
MDFFNUI1MTAwHhcNMjQwNjAzMDUyMjA5WhcNMjQxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkNTMwMS0yZDU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo91zeyCYUB+P8L6ji81Tj7oJkRw1W8Hvb/xMUbQxkp9zOJo/YZHe9TWujg8S
qsP/qVgfF9c9E8bWUx6ELIjLBLWvUfYaI30rQEz+QXd/aaUCaJ4CCGfPtLhRkOxg
+KS0v45+FZVWhMuruFF1FihZLtPXnY2KJuDYalq9d0m3exdJMruhAlZaj2P4HMRz
q2k9pGgq8Wc6ldeR8MoS7jmlMpswYPPGRQbtt2PGwfV+DfLo4nZuSt5yOjpLxcOq
dKP2Sii44gatwR+yOmeW8F7JShb8Gi8kIcUxLpKLosu7eH5Z8PLOSi5fXsiCT42m
+VIjq4a8mOvDruGYU0dRPmgErwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJqUsDnQ
a6sG3ACR8x3REbbRQDWbMB8GA1UdIwQYMBaAFNpcjycoQI/u+CVuIDiN65YB5bUQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDZGQi8xRTVDOTM4QTAx
RTUxMUVEQkE3QkE5MEVDNEY5QUUwMi8ybHlQSnloQWotNzRKVzRnT0kzcmxnSGx0
UkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJseVBKeWhBai03NEpXNGdPSTNybGdIbHRSQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQ2RkIvMUU1QzkzOEEwMUU1MTFFREJBN0JBOTBFQzRGOUFFMDIvMzk4QzdERUUw
MUU3MTFFREIyQzgyRDBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn45wwDQYJKoZIhvcNAQELBQADggEBADQ7EPOOa2GYc1UB
9FTs4WHZhki+4Arx7P3bNxTsv62N0byXccooCvAh1h+Tsf7FhhpzC0PlNsfz+L4v
UdyeMQScdveTcK19mpkqEOGdxDE2yttdiJAHvFJHyZWvyRBaPkt4T/yPYJLhnP4s
KhNGeJRtW7NUh2j0ZhGq6MfZwKo/9a2gN1RNWsdH0/gbN6QbT0vTNbKFvL/kySnB
WMwkLR9JbyfbPNS6bP5REu3TMTxYaKI962sksUMcHvfls/B7ojMkgtGH62Iv1cNb
v/K8402w+Lm2oFzaxConZDmwViECxZfo2M+QvUxDQ1NVQurjhBTOeuZdu0/Gv+Tt
3hmu8wM=
-----END CERTIFICATE-----
Generated at Fri Jun 21 08:54:26 2024 by rpki-client on console-fra.rpki-client.org