Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/B2EA235E9ABE11EF85552065C4F9AE02.roa
File: B2EA235E9ABE11EF85552065C4F9AE02.roa (raw, json)
Hash identifier: 0PaqRDjJjncYlsmdUUpKmeDaGAeUujAioh5R4H84BlA=
Subject key identifier: AA:24:A8:AE:15:B6:38:91:84:B5:2E:75:62:A5:BA:07:DA:20:2D:11
Certificate issuer: /CN=A918E4B7/serialNumber=0AB6DD26515C53ECC5B0462B4C475D5A7E5A5537
Certificate serial: 04AC
Authority key identifier: 0A:B6:DD:26:51:5C:53:EC:C5:B0:46:2B:4C:47:5D:5A:7E:5A:55:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/B2EA235E9ABE11EF85552065C4F9AE02.roa
Signing time: Mon 04 Nov 2024 15:08:51 +0000
ROA not before: Mon 04 Nov 2024 15:08:51 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 38001
IP address blocks: 103.102.46.0/24 maxlen: 24
2401:df40:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 12 Nov 2024 09:24:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1196 (0x4ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918E4B7
Validity
Not Before: Nov 4 15:08:51 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6728e383-aa94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1f:2d:5f:7b:89:eb:7d:7c:29:fe:9d:7e:48:
58:0e:0a:73:a3:95:22:fd:0a:c2:b0:2a:9a:4a:50:
9a:5d:b8:6f:6e:62:40:76:08:55:ac:8d:41:61:56:
de:13:04:b7:72:c5:fb:85:e1:fb:cb:3c:27:ee:80:
ab:51:7e:8d:0b:38:1d:26:17:ca:f6:d2:1e:a7:a4:
bf:b0:71:e0:31:3f:2b:c7:5a:bc:d3:bc:06:9b:52:
96:d0:4a:c8:9e:8b:11:d9:0e:75:6d:17:4a:03:2d:
b0:13:77:03:37:14:96:b3:a5:9d:ef:dd:b7:cd:68:
7e:a7:71:c9:ae:6b:ad:11:05:5d:82:4e:66:06:ab:
7b:d5:70:32:c1:09:37:a0:10:ca:be:82:9e:49:4e:
a5:ba:e8:fe:18:b6:f9:59:d1:40:ce:aa:cc:28:b5:
f0:0e:17:f2:b2:b5:1d:8d:8b:b7:54:3e:e2:18:6b:
25:df:93:8c:19:16:8a:98:15:23:fe:78:7d:c0:c1:
ad:4d:ad:c1:83:88:82:70:64:bb:72:ad:46:79:a5:
41:f9:83:72:16:77:5f:75:17:3b:aa:12:08:10:3a:
6f:49:3e:2a:37:6b:72:cc:9b:4b:16:d3:10:82:66:
8a:5a:0c:f4:3d:6f:b7:11:91:9c:9a:50:38:d4:ba:
35:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:24:A8:AE:15:B6:38:91:84:B5:2E:75:62:A5:BA:07:DA:20:2D:11
X509v3 Authority Key Identifier:
keyid:0A:B6:DD:26:51:5C:53:EC:C5:B0:46:2B:4C:47:5D:5A:7E:5A:55:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/B2EA235E9ABE11EF85552065C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.46.0/24
IPv6:
2401:df40:2::/48
Signature Algorithm: sha256WithRSAEncryption
8e:cd:8d:b4:b2:10:6f:0c:53:a9:9e:df:0c:a8:4a:d6:e7:a2:
18:a8:3e:53:dd:2e:15:ba:da:05:78:f6:2c:43:25:88:b4:e9:
4a:c6:8f:d5:b0:36:d5:d5:f5:ee:ae:26:34:58:82:d6:09:eb:
e7:f9:8a:17:bc:aa:ba:3a:7b:e9:f6:ec:43:f3:1a:28:69:77:
26:81:8d:5a:33:da:fb:eb:93:4a:33:bc:7c:32:a2:22:5b:9a:
16:03:7a:49:f1:1d:5f:e4:6c:a2:a3:7d:fd:ed:08:6f:34:96:
8e:6e:23:71:ee:ac:80:45:9e:40:49:e4:7b:39:df:61:3e:5e:
97:b4:4b:2b:a0:34:92:3b:3c:2c:a7:a0:d4:30:41:dc:b2:54:
95:b8:54:26:fb:75:ca:bc:23:58:25:bf:53:12:f6:4e:e7:41:
4e:89:fb:53:e6:14:7b:2b:41:5e:54:dc:35:bf:f9:93:04:f7:
f9:df:c3:12:a1:20:fc:f3:ee:42:7a:ee:64:2f:ca:98:c6:bf:
3b:e9:57:64:22:82:25:47:11:7f:31:62:e3:fd:24:1e:5e:8e:
4d:40:63:02:15:81:6e:9c:02:35:77:c1:fc:f8:58:6e:4d:49:
cd:1e:a5:d4:9d:89:80:a8:45:93:3c:0b:27:cf:3c:e1:46:be:
f1:de:1c:04
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEU0QjcxMTAvBgNVBAUTKDBBQjZERDI2NTE1QzUzRUNDNUIwNDYyQjRDNDc1RDVB
N0U1QTU1MzcwHhcNMjQxMTA0MTUwODUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI4ZTM4My1hYTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1x8tX3uJ6318Kf6dfkhYDgpzo5Ui/QrCsCqaSlCaXbhvbmJAdghVrI1BYVbe
EwS3csX7heH7yzwn7oCrUX6NCzgdJhfK9tIep6S/sHHgMT8rx1q807wGm1KW0ErI
nosR2Q51bRdKAy2wE3cDNxSWs6Wd7923zWh+p3HJrmutEQVdgk5mBqt71XAywQk3
oBDKvoKeSU6luuj+GLb5WdFAzqrMKLXwDhfysrUdjYu3VD7iGGsl35OMGRaKmBUj
/nh9wMGtTa3Bg4iCcGS7cq1GeaVB+YNyFndfdRc7qhIIEDpvST4qN2tyzJtLFtMQ
gmaKWgz0PW+3EZGcmlA41Lo18QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKokqK4V
tjiRhLUudWKlugfaIC0RMB8GA1UdIwQYMBaAFAq23SZRXFPsxbBGK0xHXVp+WlU3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTRCNy9FQjMxMkYwMjFF
QUExMUVDQjc1NkJGMzBDNEY5QUUwMi9DcmJkSmxGY1UtekZzRVlyVEVkZFduNWFW
VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NyYmRKbEZjVS16RnNFWXJURWRkV241YVZUYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEU0QjcvRUIzMTJGMDIxRUFBMTFFQ0I3NTZCRjMwQzRGOUFFMDIvQjJFQTIzNUU5
QUJFMTFFRjg1NTUyMDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnZi4wDwQCAAIwCQMHACQB30AAAjANBgkqhkiG9w0BAQsF
AAOCAQEAjs2NtLIQbwxTqZ7fDKhK1ueiGKg+U90uFbraBXj2LEMliLTpSsaP1bA2
1dX17q4mNFiC1gnr5/mKF7yqujp76fbsQ/MaKGl3JoGNWjPa++uTSjO8fDKiIlua
FgN6SfEdX+RsoqN9/e0IbzSWjm4jce6sgEWeQEnkeznfYT5el7RLK6A0kjs8LKeg
1DBB3LJUlbhUJvt1yrwjWCW/UxL2TudBTon7U+YUeytBXlTcNb/5kwT3+d/DEqEg
/PPuQnruZC/KmMa/O+lXZCKCJUcRfzFi4/0kHl6OTUBjAhWBbpwCNXfB/PhYbk1J
zR6l1J2JgKhFkzwLJ8884Ua+8d4cBA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:36 2025 by rpki-client