Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/B4A76862BE0411EC9D7B3E3BC4F9AE02.roa
File: B4A76862BE0411EC9D7B3E3BC4F9AE02.roa (raw, json)
Hash identifier: MS/EwJpvYPYvh9FmKWkAZkoewX4iT2zeAKIpUo3tGoY=
Subject key identifier: C0:B5:9C:2A:66:E1:04:73:5A:3F:E5:CB:1D:0C:EB:E6:08:33:42:5D
Certificate issuer: /CN=A915B2EC/serialNumber=46922C565440040BD99AFD4E329ED9DEB6F92573
Certificate serial: 03E4
Authority key identifier: 46:92:2C:56:54:40:04:0B:D9:9A:FD:4E:32:9E:D9:DE:B6:F9:25:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RpIsVlRABAvZmv1OMp7Z3rb5JXM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/B4A76862BE0411EC9D7B3E3BC4F9AE02.roa
Signing time: Sat 25 Nov 2023 01:52:38 +0000
ROA not before: Sat 25 Nov 2023 01:52:38 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 147293
IP address blocks: 103.172.182.0/23 maxlen: 24
2407:d840:3::/48 maxlen: 48
2407:d840:40::/48 maxlen: 48
2407:d840:41::/48 maxlen: 48
2407:d840:42::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Feb 2024 07:10:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 996 (0x3e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915B2EC/serialNumber=46922C565440040BD99AFD4E329ED9DEB6F92573
Validity
Not Before: Nov 25 01:52:38 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65615365-4ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c4:aa:8e:40:f9:11:43:d0:a4:4b:f2:04:fa:
cc:70:65:f5:20:c9:56:a7:66:5d:09:fc:e6:7b:93:
d0:2d:6b:cb:dd:ea:3f:34:01:26:65:c1:ae:43:8b:
82:30:9b:46:5d:d1:aa:ee:76:b0:70:7f:d7:3c:f3:
52:93:f0:e3:23:83:33:c3:c6:d2:b5:b4:56:5d:79:
ab:54:44:8d:45:6c:d0:21:77:2e:67:32:26:32:a7:
b0:d7:b5:03:b8:ac:1c:95:c0:ed:86:06:e4:5c:4d:
aa:c3:93:92:c5:52:50:3c:b9:5d:70:f8:06:16:0e:
e2:51:6c:36:8e:85:f9:4f:33:f0:0b:c3:dc:b7:c3:
f2:42:c4:fd:f2:79:c4:98:c0:34:04:cf:fd:5c:6b:
4d:3b:0a:cf:0b:3a:43:a5:c7:c4:f2:b6:fb:16:04:
74:7f:81:f3:78:a5:1c:e5:d9:3f:d4:81:47:30:50:
af:78:10:f6:20:08:3f:42:08:2f:3e:56:de:18:ec:
6d:47:7f:4e:40:b1:79:05:20:90:d5:51:07:5e:52:
7f:4a:57:b5:8b:21:8c:9a:3f:36:bc:b8:80:8d:33:
3c:62:73:10:75:f6:d4:ae:d6:04:90:35:84:f4:16:
89:20:89:72:b4:19:2e:58:a5:33:3d:e1:60:34:7e:
a7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B5:9C:2A:66:E1:04:73:5A:3F:E5:CB:1D:0C:EB:E6:08:33:42:5D
X509v3 Authority Key Identifier:
keyid:46:92:2C:56:54:40:04:0B:D9:9A:FD:4E:32:9E:D9:DE:B6:F9:25:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/RpIsVlRABAvZmv1OMp7Z3rb5JXM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RpIsVlRABAvZmv1OMp7Z3rb5JXM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/B4A76862BE0411EC9D7B3E3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.182.0/23
IPv6:
2407:d840:3::/48
2407:d840:40::-2407:d840:42:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
38:1c:62:6a:3c:19:47:19:ca:6f:ad:ec:7e:d3:6b:8d:4d:68:
d4:4b:22:c6:77:b9:29:f6:57:03:dc:28:b6:5c:0b:0f:b7:c8:
d7:2c:48:89:8b:90:2f:57:cf:64:17:bf:19:44:2a:02:08:77:
a0:d3:aa:98:5c:b8:3a:5f:5b:17:e0:47:fd:48:66:0a:72:b7:
1b:29:18:11:13:39:ae:82:df:17:e4:57:83:d8:bf:4a:90:8f:
8a:6c:be:a9:a3:5b:9d:5b:1a:d1:55:eb:76:07:54:0c:36:7a:
77:8e:0c:e4:14:80:46:d1:e3:d7:5d:f6:46:ad:b3:73:95:8f:
f9:26:f2:5d:64:5c:67:f7:64:1d:e7:9e:a7:6e:d9:5f:8f:54:
25:f8:33:6c:e7:b8:89:02:e8:7d:27:ab:a7:08:ba:5a:36:cc:
65:22:d2:86:17:c3:33:b7:69:ef:a9:5d:65:81:a9:30:b6:b5:
78:c9:c6:a2:6a:81:e8:38:40:b7:55:fa:0a:e5:1b:75:58:86:
f4:46:2f:58:e5:a2:5f:59:54:81:60:89:cc:8d:e0:25:91:60:
79:a3:6f:d0:0a:0c:92:6e:58:e6:4e:87:c4:91:89:18:9c:85:
5f:fa:0a:30:51:66:4f:9a:2d:75:44:db:b2:95:ee:4f:3e:e6:
b7:10:97:57
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICA+QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUIyRUMxMTAvBgNVBAUTKDQ2OTIyQzU2NTQ0MDA0MEJEOTlBRkQ0RTMyOUVEOURF
QjZGOTI1NzMwHhcNMjMxMTI1MDE1MjM4WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTYxNTM2NS00Y2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5MSqjkD5EUPQpEvyBPrMcGX1IMlWp2ZdCfzme5PQLWvL3eo/NAEmZcGuQ4uC
MJtGXdGq7nawcH/XPPNSk/DjI4Mzw8bStbRWXXmrVESNRWzQIXcuZzImMqew17UD
uKwclcDthgbkXE2qw5OSxVJQPLldcPgGFg7iUWw2joX5TzPwC8Pct8PyQsT98nnE
mMA0BM/9XGtNOwrPCzpDpcfE8rb7FgR0f4HzeKUc5dk/1IFHMFCveBD2IAg/Qggv
PlbeGOxtR39OQLF5BSCQ1VEHXlJ/Sle1iyGMmj82vLiAjTM8YnMQdfbUrtYEkDWE
9BaJIIlytBkuWKUzPeFgNH6nOQIDAQABo4ICujCCArYwHQYDVR0OBBYEFMC1nCpm
4QRzWj/lyx0M6+YIM0JdMB8GA1UdIwQYMBaAFEaSLFZUQAQL2Zr9TjKe2d62+SVz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjJFQy84NDI3NTk1NjJC
MDkxMUVDODUxQjk4MEVDNEY5QUUwMi9ScElzVmxSQUJBdlptdjFPTXA3WjNyYjVK
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JwSXNWbFJBQkF2Wm12MU9NcDdaM3JiNUpYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUIyRUMvODQyNzU5NTYyQjA5MTFFQzg1MUI5ODBFQzRGOUFFMDIvQjRBNzY4NjJC
RTA0MTFFQzlEN0IzRTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMAwEAgABMAYDBAFnrLYwIwQCAAIwHQMHACQH2EAAAzASAwcGJAfYQABAAwcA
JAfYQABCMA0GCSqGSIb3DQEBCwUAA4IBAQA4HGJqPBlHGcpvrex+02uNTWjUSyLG
d7kp9lcD3Ci2XAsPt8jXLEiJi5AvV89kF78ZRCoCCHeg06qYXLg6X1sX4Ef9SGYK
crcbKRgREzmugt8X5FeD2L9KkI+KbL6po1udWxrRVet2B1QMNnp3jgzkFIBG0ePX
XfZGrbNzlY/5JvJdZFxn92Qd556nbtlfj1Ql+DNs57iJAuh9J6unCLpaNsxlItKG
F8Mzt2nvqV1lgakwtrV4ycaiaoHoOEC3VfoK5Rt1WIb0Ri9Y5aJfWVSBYInMjeAl
kWB5o2/QCgySbljmTofEkYkYnIVf+gowUWZPmi11RNuyle5PPua3EJdX
-----END CERTIFICATE-----
Generated at Thu Feb 22 12:14:37 2024 by rpki-client on console-fra.rpki-client.org