Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/5CC82B66ECE411EE90944D7CC4F9AE02.roa
File: 5CC82B66ECE411EE90944D7CC4F9AE02.roa (raw, json)
Hash identifier: e3vmIZzKQOXmsdZJXm4mQ4OCLl81G1Bsq4S6aKzwfTE=
Subject key identifier: FE:46:4E:95:A8:2E:86:6D:6C:BD:82:02:D5:B9:CC:BA:D9:83:FC:73
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 093A
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/5CC82B66ECE411EE90944D7CC4F9AE02.roa
Signing time: Thu 28 Mar 2024 09:20:05 +0000
ROA not before: Thu 28 Mar 2024 09:20:05 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 141432
IP address blocks: 103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 20:17:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2362 (0x93a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Mar 28 09:20:05 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=66053645-d01c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:64:03:97:7f:69:35:56:12:2d:2a:87:45:
cc:ff:e6:ae:7d:9f:34:7c:1c:5b:08:5b:d8:36:db:
c9:36:95:21:34:0b:0b:33:cf:0e:94:dc:7e:bf:45:
4e:90:65:f0:53:29:1a:d6:ee:82:ac:f9:42:55:47:
c9:b9:a8:55:1d:e8:0f:71:8d:0b:f8:b9:a3:28:c8:
53:5b:fb:22:36:37:55:62:61:39:e6:d1:de:47:2c:
9c:82:50:02:3a:05:9a:ed:40:6e:a7:87:65:37:92:
f9:64:10:d4:5d:32:dd:05:21:8c:4b:40:ff:c5:64:
f1:7d:94:37:8e:88:b0:d5:04:f0:7b:a4:37:2a:f4:
84:c9:a0:50:95:f7:65:5a:e9:56:6c:40:68:29:8d:
f0:25:21:58:75:4b:cf:1b:a2:59:15:ab:f0:95:36:
1e:df:f0:9c:fe:ad:ff:86:4d:3d:59:9e:e8:e3:63:
a4:24:b0:78:dc:82:ce:f7:d6:f5:6b:ff:cc:70:48:
3c:2d:19:76:2b:9b:b1:1d:70:d7:52:f9:75:9d:41:
57:47:d9:0f:ed:e6:6d:8b:fa:c9:8a:29:7a:93:f2:
9a:08:a5:39:71:08:9f:7c:2c:05:8f:0f:4c:14:c4:
08:82:75:f9:67:d4:d4:4f:0f:99:6e:7b:8e:0b:ce:
2e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:46:4E:95:A8:2E:86:6D:6C:BD:82:02:D5:B9:CC:BA:D9:83:FC:73
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/5CC82B66ECE411EE90944D7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.132.0-103.20.134.255
Signature Algorithm: sha256WithRSAEncryption
58:86:67:7e:43:34:9d:bc:48:80:3b:e9:c4:7a:07:36:9a:f4:
12:da:55:79:13:6c:f3:23:ab:11:92:2d:da:fe:4c:79:fd:36:
52:8e:a0:94:31:aa:86:d4:6b:f7:e8:49:ae:83:34:58:9e:68:
3c:26:5d:d8:8b:7b:7f:e4:a5:b4:b4:41:6e:c8:82:47:c3:de:
3a:eb:95:dd:2e:6a:1e:57:fa:f2:db:40:05:ea:14:d5:84:5f:
8b:03:3c:1d:5d:69:68:ca:73:19:48:57:ce:b5:61:7d:97:3d:
ef:31:2d:1f:a9:17:05:ef:a6:0f:23:37:18:b3:80:f0:5b:43:
2b:8b:9d:6e:8e:c9:de:9b:3f:34:e7:57:ac:5e:9d:3e:00:35:
05:f2:50:e2:52:a3:14:54:27:ae:33:75:c9:df:0a:68:3d:65:
c5:62:c5:cd:10:bb:85:ac:b7:77:50:90:aa:72:f0:3e:a6:e6:
8e:cb:62:38:39:3f:34:ed:42:79:6e:44:ce:80:16:33:0d:2d:
5c:52:59:8f:c8:66:97:4f:62:ed:c4:b0:70:54:ab:04:20:38:
55:2c:e9:ab:e7:40:42:71:97:e2:fc:6f:45:a8:1e:99:96:e6:
47:d5:2f:20:35:4c:0b:34:16:3a:cd:33:b9:e0:18:3d:61:75:
6c:bc:2c:a2
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCTowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwMzI4MDkyMDA1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA1MzY0NS1kMDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApThkA5d/aTVWEi0qh0XM/+aufZ80fBxbCFvYNtvJNpUhNAsLM88OlNx+v0VO
kGXwUyka1u6CrPlCVUfJuahVHegPcY0L+LmjKMhTW/siNjdVYmE55tHeRyycglAC
OgWa7UBup4dlN5L5ZBDUXTLdBSGMS0D/xWTxfZQ3joiw1QTwe6Q3KvSEyaBQlfdl
WulWbEBoKY3wJSFYdUvPG6JZFavwlTYe3/Cc/q3/hk09WZ7o42OkJLB43ILO99b1
a//McEg8LRl2K5uxHXDXUvl1nUFXR9kP7eZti/rJiil6k/KaCKU5cQiffCwFjw9M
FMQIgnX5Z9TUTw+ZbnuOC84uBwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFP5GTpWo
LoZtbL2CAtW5zLrZg/xzMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNUNDODJCNjZF
Q0U0MTFFRTkwOTQ0RDdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAmcUhAMEAGcUhjANBgkqhkiG9w0BAQsFAAOCAQEAWIZn
fkM0nbxIgDvpxHoHNpr0EtpVeRNs8yOrEZIt2v5Mef02Uo6glDGqhtRr9+hJroM0
WJ5oPCZd2It7f+SltLRBbsiCR8PeOuuV3S5qHlf68ttABeoU1YRfiwM8HV1paMpz
GUhXzrVhfZc97zEtH6kXBe+mDyM3GLOA8FtDK4udbo7J3ps/NOdXrF6dPgA1BfJQ
4lKjFFQnrjN1yd8KaD1lxWLFzRC7hay3d1CQqnLwPqbmjstiODk/NO1CeW5EzoAW
Mw0tXFJZj8hml09i7cSwcFSrBCA4VSzpq+dAQnGX4vxvRagemZbmR9UvIDVMCzQW
Os0zueAYPWF1bLwsog==
-----END CERTIFICATE-----
Generated at Mon Apr 8 23:48:07 2024 by rpki-client on console-fra.rpki-client.org