Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ECA2/02827CF8E43711EDA865631AC4F9AE02/AD3F6A08E43B11EDB26BF01DC4F9AE02.roa
File: AD3F6A08E43B11EDB26BF01DC4F9AE02.roa (raw, json)
Hash identifier: J4BQFlY3eRMnezs5peHWrqFieDzAVtWUjVVLlBfx9dA=
Subject key identifier: 5D:EB:80:84:00:E6:FA:B9:BB:64:BC:F7:26:AA:D0:17:7A:C1:FA:68
Certificate issuer: /CN=A917ECA2/serialNumber=36CF5CC0A60E0B7D54612A12EB5B989284686DB0
Certificate serial: 14
Authority key identifier: 36:CF:5C:C0:A6:0E:0B:7D:54:61:2A:12:EB:5B:98:92:84:68:6D:B0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ns9cwKYOC31UYSoS61uYkoRobbA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ECA2/02827CF8E43711EDA865631AC4F9AE02/AD3F6A08E43B11EDB26BF01DC4F9AE02.roa
Signing time: Sat 27 May 2023 15:47:15 +0000
ROA not before: Sat 27 May 2023 15:47:15 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 137259
IP address blocks: 103.31.222.0/23 maxlen: 24
2001:df2:50c0::/48 maxlen: 48
2001:df2:50c0::/50 maxlen: 50
2001:df2:50c0:4000::/50 maxlen: 50
2001:df2:50c0:8000::/50 maxlen: 50
2001:df2:50c0:c000::/50 maxlen: 50
Validation: Failed, certificate revoked on Tue 30 May 2023 11:47:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ECA2/serialNumber=36CF5CC0A60E0B7D54612A12EB5B989284686DB0
Validity
Not Before: May 27 15:47:15 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64722602-4117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:76:75:7f:e0:7c:89:08:88:c2:be:84:19:78:
8b:1e:ec:50:5a:24:73:4f:c8:31:7e:a0:57:1d:7b:
72:13:b8:53:47:d1:5c:50:ad:12:eb:9a:5e:22:e8:
61:6c:9f:5c:18:e8:a5:68:5b:dd:ce:e8:38:0a:6e:
59:02:29:82:0e:04:a1:30:2b:b9:6d:08:ec:e5:e3:
26:40:76:4c:dc:3f:ba:bf:c6:88:f7:c1:6b:75:64:
84:39:4e:05:bb:fb:ef:46:7a:1d:7c:df:af:c8:8c:
2e:7d:88:6b:7e:e9:f8:2a:79:06:8b:53:83:b1:65:
4b:4d:6b:ec:07:dc:83:5c:0d:f9:a2:b8:a1:96:aa:
eb:20:b1:fb:fb:d1:87:a0:2c:46:51:62:ea:31:5a:
b3:c6:2d:82:b4:a4:9b:8a:64:e6:97:4d:21:0d:38:
a2:e6:e8:1a:b5:e9:47:5d:2f:84:65:f0:1c:d6:d1:
0e:da:89:64:ae:31:1a:52:01:84:1d:be:84:0f:3d:
17:da:c2:f3:f7:9f:da:12:c3:59:f6:86:72:ec:e9:
4c:b1:ed:cb:0a:f8:0d:71:c3:e9:f3:cf:6a:39:30:
86:27:f4:f7:35:46:87:83:64:31:df:5d:cc:27:64:
b3:df:ca:4a:91:da:49:a0:65:1e:fb:dd:e7:85:6c:
4c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:EB:80:84:00:E6:FA:B9:BB:64:BC:F7:26:AA:D0:17:7A:C1:FA:68
X509v3 Authority Key Identifier:
keyid:36:CF:5C:C0:A6:0E:0B:7D:54:61:2A:12:EB:5B:98:92:84:68:6D:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ECA2/02827CF8E43711EDA865631AC4F9AE02/Ns9cwKYOC31UYSoS61uYkoRobbA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ns9cwKYOC31UYSoS61uYkoRobbA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ECA2/02827CF8E43711EDA865631AC4F9AE02/AD3F6A08E43B11EDB26BF01DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.31.222.0/23
IPv6:
2001:df2:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
26:75:47:6a:7c:f2:13:7b:34:59:2f:4a:15:1e:47:0d:0f:b8:
f5:8e:ec:c5:9f:50:bb:e3:46:4b:39:e6:7c:61:f2:96:25:b4:
df:d1:4a:e3:50:3f:a3:16:e7:df:7e:9c:c0:8a:51:0b:08:b3:
50:08:7b:23:ca:99:2c:21:47:21:80:6c:af:a4:69:df:98:e3:
8e:7e:f5:dc:1d:37:db:c4:1b:37:18:7a:06:1f:2e:0c:b5:36:
79:be:57:4d:a3:de:87:a2:63:21:fb:b9:da:21:f5:2f:fd:b8:
a0:cb:a5:85:33:79:08:aa:e3:e6:b2:c4:0a:41:ac:18:09:51:
81:d4:c5:b8:e0:7a:22:bb:3f:35:91:18:30:6c:64:4d:b7:d3:
8f:2e:74:c4:2c:9c:4f:70:69:9d:fb:cf:14:7c:91:a7:a7:a0:
4c:f9:07:89:06:e0:6c:cf:ba:54:76:28:2c:46:1b:59:3c:51:
74:c3:cd:81:3c:6f:a7:c7:bf:c1:d0:1a:bd:d8:3d:d4:5c:88:
73:18:a3:16:9c:f2:5c:57:ca:d0:fe:11:6f:5a:e7:16:15:03:
60:c3:04:62:81:ca:86:ed:49:de:63:6e:c5:31:6f:84:a1:f4:
cc:89:49:be:b0:8a:83:03:5e:63:b7:b3:50:bc:e8:8a:ec:2d:
1b:a0:e9:89
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RUNBMjExMC8GA1UEBRMoMzZDRjVDQzBBNjBFMEI3RDU0NjEyQTEyRUI1Qjk4OTI4
NDY4NkRCMDAeFw0yMzA1MjcxNTQ3MTVaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NzIyNjAyLTQxMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/dnV/4HyJCIjCvoQZeIse7FBaJHNPyDF+oFcde3ITuFNH0VxQrRLrml4i6GFs
n1wY6KVoW93O6DgKblkCKYIOBKEwK7ltCOzl4yZAdkzcP7q/xoj3wWt1ZIQ5TgW7
++9Geh1836/IjC59iGt+6fgqeQaLU4OxZUtNa+wH3INcDfmiuKGWqusgsfv70Yeg
LEZRYuoxWrPGLYK0pJuKZOaXTSENOKLm6Bq16UddL4Rl8BzW0Q7aiWSuMRpSAYQd
voQPPRfawvP3n9oSw1n2hnLs6Uyx7csK+A1xw+nzz2o5MIYn9Pc1RoeDZDHfXcwn
ZLPfykqR2kmgZR773eeFbEzLAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUXeuAhADm
+rm7ZLz3JqrQF3rB+mgwHwYDVR0jBBgwFoAUNs9cwKYOC31UYSoS61uYkoRobbAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFQ0EyLzAyODI3Q0Y4RTQz
NzExRURBODY1NjMxQUM0RjlBRTAyL05zOWN3S1lPQzMxVVlTb1M2MXVZa29Sb2Ji
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTnM5Y3dLWU9DMzFVWVNvUzYxdVlrb1JvYmJBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RUNBMi8wMjgyN0NGOEU0MzcxMUVEQTg2NTYzMUFDNEY5QUUwMi9BRDNGNkEwOEU0
M0IxMUVEQjI2QkYwMURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWcf3jAPBAIAAjAJAwcAIAEN8lDAMA0GCSqGSIb3DQEBCwUA
A4IBAQAmdUdqfPITezRZL0oVHkcND7j1juzFn1C740ZLOeZ8YfKWJbTf0UrjUD+j
FufffpzAilELCLNQCHsjypksIUchgGyvpGnfmOOOfvXcHTfbxBs3GHoGHy4MtTZ5
vldNo96HomMh+7naIfUv/bigy6WFM3kIquPmssQKQawYCVGB1MW44Hoiuz81kRgw
bGRNt9OPLnTELJxPcGmd+88UfJGnp6BM+QeJBuBsz7pUdigsRhtZPFF0w82BPG+n
x7/B0Bq92D3UXIhzGKMWnPJcV8rQ/hFvWucWFQNgwwRigcqG7UneY27FMW+EofTM
iUm+sIqDA15jt7NQvOiK7C0boOmJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org