Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9177BBE/4659591C02A411ED87D29C87C4F9AE02/0B862DF202A811EDAFD60F37C4F9AE02.roa
File: 0B862DF202A811EDAFD60F37C4F9AE02.roa (raw, json)
Hash identifier: VZVb6eZ5sZsKLf5aEzqKvjH+5BLVwUnBXt5wuOmZZ9Y=
Subject key identifier: A5:E4:14:98:DE:20:87:3A:C7:6C:0B:63:7C:FF:59:A3:21:01:19:50
Certificate issuer: /CN=A9177BBE/serialNumber=C86280885892DDB490D9AF0AC1DD2D86EF9B3BE5
Certificate serial: 01CA
Authority key identifier: C8:62:80:88:58:92:DD:B4:90:D9:AF:0A:C1:DD:2D:86:EF:9B:3B:E5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yGKAiFiS3bSQ2a8Kwd0thu-bO-U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9177BBE/4659591C02A411ED87D29C87C4F9AE02/0B862DF202A811EDAFD60F37C4F9AE02.roa
Signing time: Wed 03 Apr 2024 05:07:02 +0000
ROA not before: Wed 03 Apr 2024 05:07:02 +0000
ROA not after: Thu 01 Aug 2024 00:00:00 +0000
asID: 64060
IP address blocks: 103.18.248.0/24 maxlen: 24
103.18.249.0/24 maxlen: 24
103.18.250.0/24 maxlen: 24
103.18.251.0/24 maxlen: 24
2001:df7:2c00::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 19 May 2024 22:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 458 (0x1ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9177BBE/serialNumber=C86280885892DDB490D9AF0AC1DD2D86EF9B3BE5
Validity
Not Before: Apr 3 05:07:02 2024 GMT
Not After : Aug 1 00:00:00 2024 GMT
Subject: CN=660ce3f6-4432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ff:61:ad:30:10:53:15:60:86:c0:79:0a:79:
41:97:60:43:5b:78:a9:42:d9:54:d5:87:95:e9:44:
e2:21:7f:84:4d:2f:c7:94:e6:6d:db:6b:a4:28:da:
4e:af:81:c7:24:5f:45:40:cc:0f:1f:76:96:dc:66:
6b:81:7e:f2:e5:8d:68:99:9b:71:db:0c:0c:f9:8f:
6d:ef:ca:25:29:a3:51:fe:5d:6b:be:da:eb:9b:dc:
c3:fb:4f:f1:50:ea:c9:bd:26:fa:33:4e:3a:5d:b2:
ec:74:ea:87:52:03:c4:91:8d:1a:2b:60:8e:92:37:
0d:33:8d:de:fc:e4:f5:31:e2:82:e2:b2:ac:e2:c8:
3f:56:a4:ec:0f:ae:f8:8b:eb:b9:1f:3d:78:a1:2f:
7d:4a:ef:ac:03:9e:85:63:d4:10:e3:fb:10:55:e3:
58:82:59:a1:3d:38:c6:30:07:55:0f:8f:2c:d2:98:
62:77:bb:40:87:bd:35:cd:0c:be:09:6a:cc:2e:05:
e3:aa:45:17:64:ba:ce:b8:6a:d5:c9:81:2c:e9:1d:
f8:8e:8c:8b:e6:d8:b8:e5:59:b4:3a:0e:fc:81:33:
6e:c0:fd:66:78:57:d4:f5:e4:a3:22:2a:7c:fc:5a:
38:8e:7e:f0:f3:4c:87:75:ce:74:58:4b:2c:9f:ba:
f0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E4:14:98:DE:20:87:3A:C7:6C:0B:63:7C:FF:59:A3:21:01:19:50
X509v3 Authority Key Identifier:
keyid:C8:62:80:88:58:92:DD:B4:90:D9:AF:0A:C1:DD:2D:86:EF:9B:3B:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9177BBE/4659591C02A411ED87D29C87C4F9AE02/yGKAiFiS3bSQ2a8Kwd0thu-bO-U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yGKAiFiS3bSQ2a8Kwd0thu-bO-U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9177BBE/4659591C02A411ED87D29C87C4F9AE02/0B862DF202A811EDAFD60F37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.18.248.0/22
IPv6:
2001:df7:2c00::/48
Signature Algorithm: sha256WithRSAEncryption
35:bb:38:4d:28:59:a7:2e:1f:4e:2e:15:8b:b7:0f:c5:d2:19:
27:c2:bc:3c:53:f4:f0:7b:57:53:66:49:16:74:3b:b4:f1:ba:
cc:b9:87:e7:dd:94:08:18:9c:24:b5:c4:97:2f:e1:a4:37:a7:
5b:c3:22:e9:42:3a:12:db:d7:ae:92:11:d4:a8:af:41:07:72:
65:2f:e5:81:7f:69:53:e1:c5:74:62:dd:1e:51:9a:d9:77:3f:
c9:0b:b9:0d:6c:78:1f:7d:5e:c2:cb:66:72:dc:b1:56:32:08:
97:c1:89:6a:23:c7:32:2b:12:c4:13:5b:97:72:90:b8:19:57:
26:ac:1b:dc:b3:5f:d5:b3:df:a0:f5:4c:c8:dc:2e:c6:6e:eb:
a7:41:1c:0a:d5:48:3d:16:32:1c:85:09:ff:62:10:47:74:34:
a5:65:ec:e9:76:2a:a4:fb:f1:3a:45:91:ac:e0:3d:ef:cd:fa:
87:b1:84:c8:4a:3f:87:b4:4c:2a:30:3d:ed:ae:1b:85:bb:0b:
1d:cf:99:44:47:a7:c0:48:bb:44:9f:57:d3:88:4a:77:e2:83:
f9:7f:7a:34:74:d9:97:19:0e:a2:1a:cd:ea:be:0f:88:64:f6:
9b:9f:db:69:75:58:dd:2b:fc:ec:c0:16:15:0c:0b:40:a7:e0:
78:a7:0b:2c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzdCQkUxMTAvBgNVBAUTKEM4NjI4MDg4NTg5MkREQjQ5MEQ5QUYwQUMxREQyRDg2
RUY5QjNCRTUwHhcNMjQwNDAzMDUwNzAyWhcNMjQwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjZTNmNi00NDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmf9hrTAQUxVghsB5CnlBl2BDW3ipQtlU1YeV6UTiIX+ETS/HlOZt22ukKNpO
r4HHJF9FQMwPH3aW3GZrgX7y5Y1omZtx2wwM+Y9t78olKaNR/l1rvtrrm9zD+0/x
UOrJvSb6M046XbLsdOqHUgPEkY0aK2COkjcNM43e/OT1MeKC4rKs4sg/VqTsD674
i+u5Hz14oS99Su+sA56FY9QQ4/sQVeNYglmhPTjGMAdVD48s0phid7tAh701zQy+
CWrMLgXjqkUXZLrOuGrVyYEs6R34joyL5ti45Vm0Og78gTNuwP1meFfU9eSjIip8
/Fo4jn7w80yHdc50WEssn7rwQQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKXkFJje
IIc6x2wLY3z/WaMhARlQMB8GA1UdIwQYMBaAFMhigIhYkt20kNmvCsHdLYbvmzvl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3N0JCRS80NjU5NTkxQzAy
QTQxMUVEODdEMjlDODdDNEY5QUUwMi95R0tBaUZpUzNiU1EyYThLd2QwdGh1LWJP
LVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lHS0FpRmlTM2JTUTJhOEt3ZDB0aHUtYk8tVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzdCQkUvNDY1OTU5MUMwMkE0MTFFRDg3RDI5Qzg3QzRGOUFFMDIvMEI4NjJERjIw
MkE4MTFFREFGRDYwRjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJnEvgwDwQCAAIwCQMHACABDfcsADANBgkqhkiG9w0BAQsF
AAOCAQEANbs4TShZpy4fTi4Vi7cPxdIZJ8K8PFP08HtXU2ZJFnQ7tPG6zLmH592U
CBicJLXEly/hpDenW8Mi6UI6EtvXrpIR1KivQQdyZS/lgX9pU+HFdGLdHlGa2Xc/
yQu5DWx4H31ewstmctyxVjIIl8GJaiPHMisSxBNbl3KQuBlXJqwb3LNf1bPfoPVM
yNwuxm7rp0EcCtVIPRYyHIUJ/2IQR3Q0pWXs6XYqpPvxOkWRrOA97836h7GEyEo/
h7RMKjA97a4bhbsLHc+ZREenwEi7RJ9X04hKd+KD+X96NHTZlxkOohrN6r4PiGT2
m5/baXVY3Sv87MAWFQwLQKfgeKcLLA==
-----END CERTIFICATE-----
Generated at Sun May 19 23:43:30 2024 by rpki-client on console-fra.rpki-client.org