Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/3DC474F2D8E311EC8F274181C4F9AE02.roa
File: 3DC474F2D8E311EC8F274181C4F9AE02.roa (raw, json)
Hash identifier: A6dC1oQwjVjK17L1PsRzA60HbGHHKJ15P8DdO5wmH/c=
Subject key identifier: EF:DA:8C:3E:F9:04:06:21:8E:7E:4D:04:6C:C9:5E:2E:6E:58:83:6B
Certificate issuer: /CN=A917F051/serialNumber=84DA8927CDEF503396F52720194EB931209D3F3A
Certificate serial: 0229
Authority key identifier: 84:DA:89:27:CD:EF:50:33:96:F5:27:20:19:4E:B9:31:20:9D:3F:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hNqJJ83vUDOW9ScgGU65MSCdPzo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/3DC474F2D8E311EC8F274181C4F9AE02.roa
Signing time: Sun 31 Mar 2024 03:55:49 +0000
ROA not before: Sun 31 Mar 2024 03:55:49 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 132165
IP address blocks: 103.249.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 19:09:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 553 (0x229)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F051/serialNumber=84DA8927CDEF503396F52720194EB931209D3F3A
Validity
Not Before: Mar 31 03:55:49 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6608dec5-7904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:da:6f:32:fa:ca:06:f6:33:18:84:66:fd:7b:
7b:00:28:20:4c:1d:dc:b5:f2:b7:36:ed:99:ae:64:
2b:df:a0:7d:be:86:71:6a:16:ec:8b:dc:42:8e:b3:
d6:ef:c2:66:94:e1:f5:76:b2:b0:a3:4f:77:58:ae:
7f:43:f1:0d:1c:1c:07:f5:ec:8b:e1:82:0f:2c:54:
23:9d:39:fd:fe:20:f5:17:fc:f0:3a:56:3f:fd:99:
f3:95:01:f8:88:55:0a:64:ca:ee:95:ad:bf:1b:37:
53:4f:8e:a2:f0:b6:29:89:3b:cd:e8:ac:de:ad:a6:
bf:f5:74:d8:d6:0a:14:bc:d5:31:6b:64:fb:2e:06:
75:d3:47:2d:65:3a:9e:9f:fa:7f:a0:c6:b5:91:ae:
72:83:f4:5a:ee:2a:d9:8f:f2:0d:dc:7b:85:7f:54:
ef:d2:1a:07:c1:ff:51:9a:e5:e6:ae:6f:da:37:ab:
93:bc:cd:5b:46:6a:d5:9a:5d:e4:74:6e:76:31:e6:
2f:57:84:02:1e:10:d0:9b:8a:38:96:13:7a:c3:b4:
76:f1:81:37:ff:82:18:45:12:95:6a:c0:6f:3f:e2:
95:83:59:af:1c:69:90:22:3c:ee:d7:92:b1:e5:58:
28:e7:96:08:e1:cd:59:02:e7:34:3f:71:be:34:ac:
25:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:DA:8C:3E:F9:04:06:21:8E:7E:4D:04:6C:C9:5E:2E:6E:58:83:6B
X509v3 Authority Key Identifier:
keyid:84:DA:89:27:CD:EF:50:33:96:F5:27:20:19:4E:B9:31:20:9D:3F:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/hNqJJ83vUDOW9ScgGU65MSCdPzo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hNqJJ83vUDOW9ScgGU65MSCdPzo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/3DC474F2D8E311EC8F274181C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.249.228.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:40:2c:c4:68:f5:08:7e:49:8a:6b:9b:e4:33:7b:e3:aa:6f:
fb:42:5b:36:6d:b8:6f:05:6f:48:79:d3:49:89:52:e4:58:6f:
b4:65:d6:6a:e4:7b:86:70:56:16:3f:98:7a:75:a3:80:32:36:
87:a6:62:ad:0f:15:cd:e5:e8:ab:ca:0f:16:92:f9:ba:52:f3:
d5:c1:40:96:9b:91:4c:dc:77:99:b4:b2:a2:7c:d0:79:ce:f1:
62:30:af:51:65:1d:17:39:f0:f7:db:79:2e:7e:66:cc:98:04:
80:2f:b8:96:b9:3c:97:7e:14:68:2d:8b:4c:78:be:e3:62:06:
66:93:13:9b:2c:56:a0:56:38:f2:fa:37:54:7d:2c:d3:9b:d2:
a3:bb:dc:db:15:1b:cb:fb:0c:8a:5f:a4:63:12:d1:2b:bf:ae:
31:0e:16:bc:f0:06:99:08:2b:8f:b7:c1:a9:6d:17:1d:bf:90:
e0:0b:54:19:11:34:4f:ca:d4:63:ab:62:ac:b6:fd:e6:f3:78:
66:f9:b9:3a:8d:97:64:1d:88:eb:a0:32:1d:d1:3f:18:59:c4:
6d:45:90:03:13:fa:8b:16:84:be:b2:46:c7:af:8d:f2:51:df:
61:04:5c:92:68:e6:b7:f8:e7:1f:d2:69:83:63:36:a2:e5:f4:
d6:ad:c4:46
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0YwNTExMTAvBgNVBAUTKDg0REE4OTI3Q0RFRjUwMzM5NkY1MjcyMDE5NEVCOTMx
MjA5RDNGM0EwHhcNMjQwMzMxMDM1NTQ5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA4ZGVjNS03OTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1dpvMvrKBvYzGIRm/Xt7ACggTB3ctfK3Nu2ZrmQr36B9voZxahbsi9xCjrPW
78JmlOH1drKwo093WK5/Q/ENHBwH9eyL4YIPLFQjnTn9/iD1F/zwOlY//ZnzlQH4
iFUKZMrula2/GzdTT46i8LYpiTvN6Kzeraa/9XTY1goUvNUxa2T7LgZ100ctZTqe
n/p/oMa1ka5yg/Ra7irZj/IN3HuFf1Tv0hoHwf9RmuXmrm/aN6uTvM1bRmrVml3k
dG52MeYvV4QCHhDQm4o4lhN6w7R28YE3/4IYRRKVasBvP+KVg1mvHGmQIjzu15Kx
5Vgo55YI4c1ZAuc0P3G+NKwl6wIDAQABo4IClTCCApEwHQYDVR0OBBYEFO/ajD75
BAYhjn5NBGzJXi5uWINrMB8GA1UdIwQYMBaAFITaiSfN71AzlvUnIBlOuTEgnT86
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjA1MS81QUFEOUQ3RUQ4
REQxMUVDQTVERDBDNTBDNEY5QUUwMi9oTnFKSjgzdlVET1c5U2NnR1U2NU1TQ2RQ
em8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hOcUpKODN2VURPVzlTY2dHVTY1TVNDZFB6by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0YwNTEvNUFBRDlEN0VEOEREMTFFQ0E1REQwQzUwQzRGOUFFMDIvM0RDNDc0RjJE
OEUzMTFFQzhGMjc0MTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn+eQwDQYJKoZIhvcNAQELBQADggEBAK1ALMRo9Qh+SYpr
m+Qze+Oqb/tCWzZtuG8Fb0h500mJUuRYb7Rl1mrke4ZwVhY/mHp1o4AyNoemYq0P
Fc3l6KvKDxaS+bpS89XBQJabkUzcd5m0sqJ80HnO8WIwr1FlHRc58PfbeS5+ZsyY
BIAvuJa5PJd+FGgti0x4vuNiBmaTE5ssVqBWOPL6N1R9LNOb0qO73NsVG8v7DIpf
pGMS0Su/rjEOFrzwBpkIK4+3waltFx2/kOALVBkRNE/K1GOrYqy2/ebzeGb5uTqN
l2QdiOugMh3RPxhZxG1FkAMT+osWhL6yRsevjfJR32EEXJJo5rf45x/SaYNjNqLl
9NatxEY=
-----END CERTIFICATE-----
Generated at Mon Apr 8 22:42:01 2024 by rpki-client on console-fra.rpki-client.org