Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/3A84FA5A01E711EDB2C82D0FC4F9AE02.roa
File: 3A84FA5A01E711EDB2C82D0FC4F9AE02.roa (raw, json)
Hash identifier: 3haIoQApxc2abcJN1poGSJZ65QMrSRil1TCcf1gFRyM=
Subject key identifier: A9:07:00:24:26:CD:2F:90:A9:2B:0F:8E:B5:1D:F9:26:FB:05:FB:99
Certificate issuer: /CN=A91546FB/serialNumber=DA5C8F2728408FEEF8256E20388DEB9601E5B510
Certificate serial: 01E6
Authority key identifier: DA:5C:8F:27:28:40:8F:EE:F8:25:6E:20:38:8D:EB:96:01:E5:B5:10
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lyPJyhAj-74JW4gOI3rlgHltRA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/3A84FA5A01E711EDB2C82D0FC4F9AE02.roa
Signing time: Mon 03 Jun 2024 05:22:10 +0000
ROA not before: Mon 03 Jun 2024 05:22:10 +0000
ROA not after: Tue 01 Oct 2024 00:00:00 +0000
asID: 59215
IP address blocks: 103.227.156.0/24 maxlen: 24
103.227.157.0/24 maxlen: 24
103.227.158.0/24 maxlen: 24
103.227.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 05:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 486 (0x1e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91546FB/serialNumber=DA5C8F2728408FEEF8256E20388DEB9601E5B510
Validity
Not Before: Jun 3 05:22:10 2024 GMT
Not After : Oct 1 00:00:00 2024 GMT
Subject: CN=665d5302-0057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:50:23:9e:c3:71:0a:1f:59:57:af:f0:97:01:
54:3b:b1:71:0a:38:6e:f5:2b:44:77:47:89:7e:8f:
93:cd:1a:e2:5c:35:d8:16:87:68:8b:15:df:c7:1f:
e5:9c:5b:b6:9f:a9:b2:8d:03:11:91:86:b0:03:76:
98:7b:38:5a:d8:56:ea:2e:4a:08:32:6d:14:c0:f0:
73:c0:58:17:4e:cf:a7:d5:ce:78:0d:76:a6:0a:8d:
7d:0c:d7:87:fc:73:0d:57:f0:13:b9:9d:4f:1b:ee:
f8:dd:65:7c:14:43:57:50:3e:32:e3:3a:84:36:08:
d7:e5:46:05:6b:ef:ce:4a:5a:70:9d:40:13:66:fa:
33:49:35:a2:13:9f:3f:58:81:75:bd:59:3b:47:91:
48:51:02:6a:61:42:c2:4b:d9:03:2d:c3:45:4b:b2:
fd:2e:4d:e6:d3:a0:d3:c3:93:15:a6:9b:f2:2f:8a:
6b:e6:49:da:e3:4b:dc:24:05:b4:11:3e:47:1a:b2:
93:d1:e1:00:a2:c4:86:e8:44:72:2d:2d:3d:67:89:
e5:4b:46:45:3e:b3:b5:67:ab:b0:58:36:07:50:50:
b3:57:2f:6f:df:02:1d:d4:b2:85:03:b8:60:ce:9a:
c3:f7:47:b7:06:87:e1:dc:0b:26:22:39:83:f8:02:
37:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:07:00:24:26:CD:2F:90:A9:2B:0F:8E:B5:1D:F9:26:FB:05:FB:99
X509v3 Authority Key Identifier:
keyid:DA:5C:8F:27:28:40:8F:EE:F8:25:6E:20:38:8D:EB:96:01:E5:B5:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/2lyPJyhAj-74JW4gOI3rlgHltRA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lyPJyhAj-74JW4gOI3rlgHltRA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/3A84FA5A01E711EDB2C82D0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.227.156.0/22
Signature Algorithm: sha256WithRSAEncryption
96:ef:38:f4:15:7d:43:92:0e:18:15:c6:f0:8f:70:f3:31:e9:
8f:ba:a7:d4:7d:ae:a4:5f:17:7e:d1:47:99:fc:22:c6:0b:7b:
11:00:9d:bf:bd:98:31:2e:f5:99:3a:ca:9c:6f:25:a1:87:81:
8d:b1:4f:98:02:57:89:1e:64:51:d2:17:ad:33:bc:97:8e:cb:
6a:59:85:73:e4:49:fd:18:f5:81:1d:24:5e:75:94:ef:6f:aa:
56:85:40:28:3c:b8:05:08:da:ca:91:5f:a4:1b:5f:7c:04:2d:
6b:47:0a:4e:07:e1:9b:bc:35:ee:d1:2f:8d:f5:7d:f5:bb:1b:
e8:a2:80:c1:ff:18:bb:8a:c0:03:3e:c8:0d:5e:cc:6a:39:6e:
8e:75:95:c6:0e:ab:c6:37:ed:90:37:93:92:74:d6:ce:cc:f5:
a1:83:2c:35:bf:8a:f0:9e:12:87:ab:53:97:5e:3d:ac:12:76:
12:5f:cb:6b:30:61:77:f3:6b:57:17:4f:51:c8:d2:d3:d8:0e:
06:50:e6:77:0a:b5:0f:46:57:c1:a1:6b:ed:29:08:92:00:90:
88:4f:4a:f2:b3:1e:12:b1:d3:40:24:9d:5b:99:6b:2d:23:93:
0e:b1:ee:4d:96:7a:a1:cc:36:d9:69:d0:b0:e1:10:85:5e:65:
5b:51:a1:53
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAeYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQ2RkIxMTAvBgNVBAUTKERBNUM4RjI3Mjg0MDhGRUVGODI1NkUyMDM4OERFQjk2
MDFFNUI1MTAwHhcNMjQwNjAzMDUyMjEwWhcNMjQxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkNTMwMi0wMDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr1AjnsNxCh9ZV6/wlwFUO7FxCjhu9StEd0eJfo+TzRriXDXYFodoixXfxx/l
nFu2n6myjQMRkYawA3aYezha2FbqLkoIMm0UwPBzwFgXTs+n1c54DXamCo19DNeH
/HMNV/ATuZ1PG+743WV8FENXUD4y4zqENgjX5UYFa+/OSlpwnUATZvozSTWiE58/
WIF1vVk7R5FIUQJqYULCS9kDLcNFS7L9Lk3m06DTw5MVppvyL4pr5kna40vcJAW0
ET5HGrKT0eEAosSG6ERyLS09Z4nlS0ZFPrO1Z6uwWDYHUFCzVy9v3wId1LKFA7hg
zprD90e3Bofh3AsmIjmD+AI3XQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKkHACQm
zS+QqSsPjrUd+Sb7BfuZMB8GA1UdIwQYMBaAFNpcjycoQI/u+CVuIDiN65YB5bUQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDZGQi8xRTVDOTM4QTAx
RTUxMUVEQkE3QkE5MEVDNEY5QUUwMi8ybHlQSnloQWotNzRKVzRnT0kzcmxnSGx0
UkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJseVBKeWhBai03NEpXNGdPSTNybGdIbHRSQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQ2RkIvMUU1QzkzOEEwMUU1MTFFREJBN0JBOTBFQzRGOUFFMDIvM0E4NEZBNUEw
MUU3MTFFREIyQzgyRDBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn45wwDQYJKoZIhvcNAQELBQADggEBAJbvOPQVfUOSDhgV
xvCPcPMx6Y+6p9R9rqRfF37RR5n8IsYLexEAnb+9mDEu9Zk6ypxvJaGHgY2xT5gC
V4keZFHSF60zvJeOy2pZhXPkSf0Y9YEdJF51lO9vqlaFQCg8uAUI2sqRX6QbX3wE
LWtHCk4H4Zu8Ne7RL431ffW7G+iigMH/GLuKwAM+yA1ezGo5bo51lcYOq8Y37ZA3
k5J01s7M9aGDLDW/ivCeEoerU5dePawSdhJfy2swYXfza1cXT1HI0tPYDgZQ5ncK
tQ9GV8Gha+0pCJIAkIhPSvKzHhKx00AknVuZay0jkw6x7k2WeqHMNtlp0LDhEIVe
ZVtRoVM=
-----END CERTIFICATE-----
Generated at Fri Jun 21 08:54:26 2024 by rpki-client on console-fra.rpki-client.org