Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916701E/785D7ED21C0811EA8576B151C4F9AE02/C4F45E681C1311EA91F32F75C4F9AE02.roa
File: C4F45E681C1311EA91F32F75C4F9AE02.roa (raw, json)
Hash identifier: K8OgU05soGMoyfV6JVuzpiu55ruAMOYh9kn9783aRo8=
Subject key identifier: 89:25:A6:2A:69:B4:93:D1:68:C8:FF:6F:E7:90:88:C8:3C:F1:B1:D5
Certificate issuer: /CN=A916701E/serialNumber=50DE1C60733EA2B8B76E840360918E1F25C46E43
Certificate serial: 0B0E
Authority key identifier: 50:DE:1C:60:73:3E:A2:B8:B7:6E:84:03:60:91:8E:1F:25:C4:6E:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UN4cYHM-ori3boQDYJGOHyXEbkM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916701E/785D7ED21C0811EA8576B151C4F9AE02/C4F45E681C1311EA91F32F75C4F9AE02.roa
Signing time: Thu 09 May 2024 03:59:44 +0000
ROA not before: Thu 09 May 2024 03:59:44 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 58504
IP address blocks: 103.28.84.0/22 maxlen: 22
103.28.84.0/24 maxlen: 24
103.28.85.0/24 maxlen: 24
103.28.86.0/24 maxlen: 24
103.28.87.0/24 maxlen: 24
150.107.204.0/22 maxlen: 22
150.107.204.0/24 maxlen: 24
150.107.205.0/24 maxlen: 24
150.107.206.0/24 maxlen: 24
150.107.207.0/24 maxlen: 24
2406:b700::/32 maxlen: 32
2406:b700:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 May 2024 06:44:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2830 (0xb0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916701E/serialNumber=50DE1C60733EA2B8B76E840360918E1F25C46E43
Validity
Not Before: May 9 03:59:44 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=663c4a2f-191b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3b:5a:41:0b:94:85:47:b9:fd:d2:0f:00:70:
01:42:e7:d0:83:de:aa:39:0b:68:ea:19:b0:a8:c0:
40:1b:fe:de:a6:81:ac:af:82:88:38:7b:21:0d:a6:
b4:d0:99:84:cf:33:0b:fe:41:08:33:69:1d:df:f9:
f2:e6:06:ec:6d:b2:0b:a6:77:5a:c3:4e:c1:c6:a9:
af:01:e9:bb:d9:e7:47:eb:cd:94:66:a5:4b:a7:b2:
40:2c:dd:6f:73:5a:b0:ad:59:56:cf:c6:8a:78:32:
52:91:ea:92:a3:7d:2e:75:87:89:9a:46:3b:f0:9f:
38:9c:5c:1e:e6:8a:5f:d4:b5:a0:76:cc:65:e8:0b:
44:5e:a7:4d:6e:96:fc:01:ab:0e:d0:65:19:af:07:
1b:26:7c:75:64:b0:1b:04:36:1a:07:49:a8:28:ad:
d5:09:05:22:78:12:90:ea:2c:29:33:56:4e:2b:cd:
98:2f:a9:27:9e:4c:7f:bb:8c:a2:55:1f:ed:c8:dd:
63:a6:4f:88:4a:e7:ec:73:c0:9f:b0:a8:cd:cd:7d:
f8:27:58:02:03:86:fd:0d:a5:b0:d8:3d:a2:c9:f1:
1a:73:63:73:13:e4:c3:2f:11:b0:04:a0:b5:db:17:
14:95:1a:09:2e:b1:44:93:8c:bf:da:e8:33:9d:06:
e9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:25:A6:2A:69:B4:93:D1:68:C8:FF:6F:E7:90:88:C8:3C:F1:B1:D5
X509v3 Authority Key Identifier:
keyid:50:DE:1C:60:73:3E:A2:B8:B7:6E:84:03:60:91:8E:1F:25:C4:6E:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916701E/785D7ED21C0811EA8576B151C4F9AE02/UN4cYHM-ori3boQDYJGOHyXEbkM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UN4cYHM-ori3boQDYJGOHyXEbkM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916701E/785D7ED21C0811EA8576B151C4F9AE02/C4F45E681C1311EA91F32F75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.28.84.0/22
150.107.204.0/22
IPv6:
2406:b700::/32
Signature Algorithm: sha256WithRSAEncryption
62:5c:ed:9f:27:bd:41:b6:e1:e1:76:8e:e3:cb:15:dc:33:cb:
a6:0b:93:34:e7:57:92:ee:d6:83:7a:03:c8:f5:fc:0a:13:85:
29:43:67:86:2e:af:87:0f:27:a1:01:87:d0:3a:fb:2e:ac:0e:
96:65:29:c9:80:3e:a4:e8:15:c0:7d:cc:56:66:f0:b4:f4:0c:
69:db:54:30:97:6b:bf:af:f1:f1:ac:19:78:d2:ab:b9:65:ff:
75:d2:2a:89:5f:a3:1c:df:93:88:c7:46:75:0d:5d:80:e0:77:
01:d5:52:fa:44:18:fd:e1:bb:c4:41:53:81:19:55:17:0b:18:
12:f5:1d:ca:3b:3d:f8:e9:5b:3f:dd:fc:1e:0a:cd:64:d9:c0:
e2:2f:f1:0d:ba:16:13:d0:c0:3e:a3:d7:40:31:d4:90:8a:2d:
db:b4:b2:05:35:2f:6d:ad:9c:f1:65:73:d7:6a:39:ea:d6:2a:
5a:fe:f7:aa:e5:29:9d:23:5e:50:4d:b3:8d:63:14:e3:f0:29:
55:ae:79:79:dc:9a:50:f2:f2:6a:c6:fc:62:fc:ec:a1:d8:0c:
5e:5b:1c:7a:0d:17:86:ea:99:89:3a:58:30:32:57:dd:ba:c8:
61:ac:67:3d:d5:50:e9:c9:1f:f3:f8:e6:18:06:99:45:68:b4:
54:98:24:8a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCw4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjcwMUUxMTAvBgNVBAUTKDUwREUxQzYwNzMzRUEyQjhCNzZFODQwMzYwOTE4RTFG
MjVDNDZFNDMwHhcNMjQwNTA5MDM1OTQ0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNjNGEyZi0xOTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxTtaQQuUhUe5/dIPAHABQufQg96qOQto6hmwqMBAG/7epoGsr4KIOHshDaa0
0JmEzzML/kEIM2kd3/ny5gbsbbILpndaw07BxqmvAem72edH682UZqVLp7JALN1v
c1qwrVlWz8aKeDJSkeqSo30udYeJmkY78J84nFwe5opf1LWgdsxl6AtEXqdNbpb8
AasO0GUZrwcbJnx1ZLAbBDYaB0moKK3VCQUieBKQ6iwpM1ZOK82YL6knnkx/u4yi
VR/tyN1jpk+ISufsc8CfsKjNzX34J1gCA4b9DaWw2D2iyfEac2NzE+TDLxGwBKC1
2xcUlRoJLrFEk4y/2ugznQbpnwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIklpipp
tJPRaMj/b+eQiMg88bHVMB8GA1UdIwQYMBaAFFDeHGBzPqK4t26EA2CRjh8lxG5D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NzAxRS83ODVEN0VEMjFD
MDgxMUVBODU3NkIxNTFDNEY5QUUwMi9VTjRjWUhNLW9yaTNib1FEWUpHT0h5WEVi
a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VONGNZSE0tb3JpM2JvUURZSkdPSHlYRWJrTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjcwMUUvNzg1RDdFRDIxQzA4MTFFQTg1NzZCMTUxQzRGOUFFMDIvQzRGNDVFNjgx
QzEzMTFFQTkxRjMyRjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnHFQDBAKWa8wwDQQCAAIwBwMFACQGtwAwDQYJKoZIhvcN
AQELBQADggEBAGJc7Z8nvUG24eF2juPLFdwzy6YLkzTnV5Lu1oN6A8j1/AoThSlD
Z4Yur4cPJ6EBh9A6+y6sDpZlKcmAPqToFcB9zFZm8LT0DGnbVDCXa7+v8fGsGXjS
q7ll/3XSKolfoxzfk4jHRnUNXYDgdwHVUvpEGP3hu8RBU4EZVRcLGBL1Hco7Pfjp
Wz/d/B4KzWTZwOIv8Q26FhPQwD6j10Ax1JCKLdu0sgU1L22tnPFlc9dqOerWKlr+
96rlKZ0jXlBNs41jFOPwKVWueXncmlDy8mrG/GL87KHYDF5bHHoNF4bqmYk6WDAy
V926yGGsZz3VUOnJH/P45hgGmUVotFSYJIo=
-----END CERTIFICATE-----
Generated at Thu May 9 09:43:33 2024 by rpki-client on console-fra.rpki-client.org