Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916DB8E/FF80276C3BCC11EC8A6BCD7EC4F9AE02/81C6ECD03BD011ECBCB98F83C4F9AE02.roa
File: 81C6ECD03BD011ECBCB98F83C4F9AE02.roa (raw, json)
Hash identifier: K/enEXvyW9RKREdQSkfVthO0cj+nse8yaC1fm8xXr9Y=
Subject key identifier: D5:6D:57:08:3B:03:63:02:3B:7F:8C:CA:6E:73:4A:A0:23:AF:17:9C
Certificate issuer: /CN=A916DB8E/serialNumber=9DE3DA7A0AC6940D32ABB9CFFCB061F2AEE5661D
Certificate serial: 03C8
Authority key identifier: 9D:E3:DA:7A:0A:C6:94:0D:32:AB:B9:CF:FC:B0:61:F2:AE:E5:66:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nePaegrGlA0yq7nP_LBh8q7lZh0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916DB8E/FF80276C3BCC11EC8A6BCD7EC4F9AE02/81C6ECD03BD011ECBCB98F83C4F9AE02.roa
Signing time: Wed 03 Apr 2024 03:04:41 +0000
ROA not before: Wed 03 Apr 2024 03:04:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399955
IP address blocks: 45.113.0.0/22 maxlen: 24
103.52.152.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 11:28:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 968 (0x3c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916DB8E/serialNumber=9DE3DA7A0AC6940D32ABB9CFFCB061F2AEE5661D
Validity
Not Before: Apr 3 03:04:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660cc749-d072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ca:72:a5:d1:91:d7:c9:3e:58:b1:6f:06:74:
f8:9a:11:dd:eb:47:e9:6a:da:85:bc:5b:76:35:07:
5b:06:9f:4a:63:f0:6a:29:30:ff:b4:6b:50:89:11:
29:21:50:cd:9d:28:e4:f6:00:a5:e3:b8:5f:cc:7f:
52:ad:3a:7c:f5:cf:0c:f7:d8:ba:3b:6c:74:8b:d9:
dd:f1:d8:b6:46:5d:5d:94:5c:da:f2:7d:cf:dc:23:
6d:ef:9a:3e:5f:72:28:ec:fa:50:0e:5a:9b:61:59:
23:db:59:4d:86:31:b6:a1:cf:d4:8e:8c:d9:c1:03:
c7:b8:57:98:4c:86:bc:64:26:13:79:10:e3:f6:40:
db:8b:47:7d:20:be:af:ed:49:13:1b:46:c9:df:41:
e1:92:a9:c5:1e:fa:8f:f2:56:c7:13:55:24:dd:06:
fd:0f:55:0a:a2:d6:07:6d:be:20:90:77:c8:78:1c:
d5:fa:84:4a:8a:ea:d2:49:8d:48:57:3e:6a:62:9b:
fa:8a:67:ea:5c:30:0c:d8:38:38:1d:f3:36:c9:eb:
4a:34:be:5c:29:60:57:0d:8a:bb:60:98:22:f1:86:
f8:c7:0a:dc:7c:ee:0d:01:42:5d:f8:31:c6:09:d2:
c0:35:f1:82:d7:e9:a1:0a:f9:51:9f:ab:b0:4a:9f:
f8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:6D:57:08:3B:03:63:02:3B:7F:8C:CA:6E:73:4A:A0:23:AF:17:9C
X509v3 Authority Key Identifier:
keyid:9D:E3:DA:7A:0A:C6:94:0D:32:AB:B9:CF:FC:B0:61:F2:AE:E5:66:1D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916DB8E/FF80276C3BCC11EC8A6BCD7EC4F9AE02/nePaegrGlA0yq7nP_LBh8q7lZh0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nePaegrGlA0yq7nP_LBh8q7lZh0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DB8E/FF80276C3BCC11EC8A6BCD7EC4F9AE02/81C6ECD03BD011ECBCB98F83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.113.0.0/22
103.52.152.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:25:7a:2c:a5:b8:0b:0c:2a:10:fb:1d:35:c6:02:e3:4a:49:
bf:b1:e8:00:e8:f2:b1:29:f8:2c:32:22:61:59:09:7e:68:ec:
70:e0:c2:86:dd:a1:f3:dd:f8:79:ca:c5:a5:cd:b8:e0:39:44:
e6:b1:f6:e1:06:0e:a7:b5:e2:a6:c6:9e:71:81:dd:7f:8d:69:
25:f5:1f:fa:b9:a5:dc:80:1d:9f:00:ed:91:93:fc:f8:00:6b:
0a:ba:7b:4d:ea:41:b6:76:0f:a7:05:ba:7b:33:46:45:19:dc:
bc:7e:fa:d8:24:df:a8:0d:bb:f5:72:a4:d6:ea:15:a0:1d:7a:
3c:5b:f5:ea:ab:8a:b7:04:cf:db:49:1a:34:b9:08:c0:e4:3d:
67:28:71:e4:a3:c2:46:db:8c:51:23:05:7b:89:43:4c:26:32:
41:6f:73:15:fd:dc:d4:04:57:47:23:b0:39:2e:82:4a:e3:ba:
e1:15:f5:88:4f:93:1f:38:dd:0f:08:4e:d8:92:67:26:95:c6:
4a:64:4c:14:dd:f0:92:c2:c6:0c:36:59:5c:85:09:76:45:91:
38:e4:58:cb:70:52:40:c2:93:be:3e:48:ad:d7:d4:6e:6e:6e:
6e:b1:1f:55:16:2f:06:2b:ff:37:ec:f7:07:91:be:f9:f3:6b:
08:ff:38:18
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA8gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkRCOEUxMTAvBgNVBAUTKDlERTNEQTdBMEFDNjk0MEQzMkFCQjlDRkZDQjA2MUYy
QUVFNTY2MUQwHhcNMjQwNDAzMDMwNDQxWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjYzc0OS1kMDcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmcpypdGR18k+WLFvBnT4mhHd60fpatqFvFt2NQdbBp9KY/BqKTD/tGtQiREp
IVDNnSjk9gCl47hfzH9SrTp89c8M99i6O2x0i9nd8di2Rl1dlFza8n3P3CNt75o+
X3Io7PpQDlqbYVkj21lNhjG2oc/UjozZwQPHuFeYTIa8ZCYTeRDj9kDbi0d9IL6v
7UkTG0bJ30HhkqnFHvqP8lbHE1Uk3Qb9D1UKotYHbb4gkHfIeBzV+oRKiurSSY1I
Vz5qYpv6imfqXDAM2Dg4HfM2yetKNL5cKWBXDYq7YJgi8Yb4xwrcfO4NAUJd+DHG
CdLANfGC1+mhCvlRn6uwSp/4/wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNVtVwg7
A2MCO3+Mym5zSqAjrxecMB8GA1UdIwQYMBaAFJ3j2noKxpQNMqu5z/ywYfKu5WYd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2REI4RS9GRjgwMjc2QzNC
Q0MxMUVDOEE2QkNEN0VDNEY5QUUwMi9uZVBhZWdyR2xBMHlxN25QX0xCaDhxN2xa
aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25lUGFlZ3JHbEEweXE3blBfTEJoOHE3bFpoMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkRCOEUvRkY4MDI3NkMzQkNDMTFFQzhBNkJDRDdFQzRGOUFFMDIvODFDNkVDRDAz
QkQwMTFFQ0JDQjk4RjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItcQADBAJnNJgwDQYJKoZIhvcNAQELBQADggEBAL8leiyl
uAsMKhD7HTXGAuNKSb+x6ADo8rEp+CwyImFZCX5o7HDgwobdofPd+HnKxaXNuOA5
ROax9uEGDqe14qbGnnGB3X+NaSX1H/q5pdyAHZ8A7ZGT/PgAawq6e03qQbZ2D6cF
unszRkUZ3Lx++tgk36gNu/VypNbqFaAdejxb9eqrircEz9tJGjS5CMDkPWcoceSj
wkbbjFEjBXuJQ0wmMkFvcxX93NQEV0cjsDkugkrjuuEV9YhPkx843Q8ITtiSZyaV
xkpkTBTd8JLCxgw2WVyFCXZFkTjkWMtwUkDCk74+SK3X1G5ubm6xH1UWLwYr/zfs
9weRvvnzawj/OBg=
-----END CERTIFICATE-----
Generated at Mon Jun 24 15:20:45 2024 by rpki-client on console-fra.rpki-client.org