Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/63EE3A2C6ABC11ECBF056A71C4F9AE02.roa
File: 63EE3A2C6ABC11ECBF056A71C4F9AE02.roa (raw, json)
Hash identifier: UOgevMaeaYkFmAC3UWeAz4b81Qr7h043dnfzPRQVZsM=
Subject key identifier: 65:00:48:C1:6B:E6:24:94:47:74:23:54:9B:37:02:28:A5:4C:D9:30
Certificate issuer: /CN=A91A16CF/serialNumber=829F0F40884DD991121005B07D09A2CBFFB4DEC6
Certificate serial: 0AD1
Authority key identifier: 82:9F:0F:40:88:4D:D9:91:12:10:05:B0:7D:09:A2:CB:FF:B4:DE:C6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gp8PQIhN2ZESEAWwfQmiy_-03sY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/63EE3A2C6ABC11ECBF056A71C4F9AE02.roa
Signing time: Tue 12 Dec 2023 19:47:50 +0000
ROA not before: Tue 12 Dec 2023 19:47:50 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 134734
IP address blocks: 103.198.132.0/22 maxlen: 24
2403:60c0::/32 maxlen: 36
Validation: Failed, certificate revoked on Mon 02 Sep 2024 07:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2769 (0xad1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A16CF/serialNumber=829F0F40884DD991121005B07D09A2CBFFB4DEC6
Validity
Not Before: Dec 12 19:47:50 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6578b8e6-6440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c5:3a:b9:12:5a:33:b8:e2:db:53:c3:f7:c6:
50:42:95:66:9b:ef:6b:0d:c3:53:b0:6b:29:97:d5:
3a:f0:f6:9b:4a:9b:6d:c6:4f:c6:73:8d:3a:cd:e8:
04:3f:be:74:30:60:f4:97:ad:1b:1c:6d:79:3b:db:
d6:f7:5c:70:b4:4d:65:78:b7:e4:ed:5b:45:eb:f8:
1a:9f:c6:31:4c:85:94:25:88:30:61:67:7d:66:ae:
9a:6f:e2:ca:b5:92:03:9f:6e:0d:7e:3e:59:bf:b3:
e2:da:da:2a:92:63:b4:7c:ed:af:24:55:0d:2c:20:
f0:47:06:d2:d4:d8:f9:f1:8c:f9:4c:9d:c7:95:38:
9c:12:2a:05:fd:db:e9:27:5b:9c:b1:af:6c:5b:7f:
4f:c2:a6:17:81:c6:84:42:af:c5:49:6e:c1:66:d6:
95:18:f5:8a:cc:7b:42:6d:4e:9d:5f:82:2b:08:7a:
09:98:e2:1e:22:69:2d:04:54:1d:cf:4e:b9:d9:af:
6e:77:9a:2d:f6:72:61:96:7e:13:eb:6d:6c:a3:c7:
d1:c8:a3:9d:f8:32:00:4d:d3:9f:81:9f:8d:09:55:
e7:15:68:6c:c6:77:42:19:df:c7:2a:a3:6b:c9:25:
b0:2b:2a:f7:0a:44:93:00:1a:be:63:b7:3a:b9:21:
15:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:00:48:C1:6B:E6:24:94:47:74:23:54:9B:37:02:28:A5:4C:D9:30
X509v3 Authority Key Identifier:
keyid:82:9F:0F:40:88:4D:D9:91:12:10:05:B0:7D:09:A2:CB:FF:B4:DE:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/gp8PQIhN2ZESEAWwfQmiy_-03sY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gp8PQIhN2ZESEAWwfQmiy_-03sY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/63EE3A2C6ABC11ECBF056A71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.198.132.0/22
IPv6:
2403:60c0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:1b:fc:9e:6b:a8:72:73:b6:f2:7b:21:5e:90:2b:53:05:97:
09:be:d1:b2:3e:52:d6:af:69:d3:75:3e:94:57:da:60:7d:97:
4f:1a:5d:fa:b4:2b:88:ca:43:ba:27:f1:eb:2c:da:bf:d8:b2:
3c:6b:bb:b4:6a:4d:a8:c7:98:d9:e4:90:99:7d:b1:9c:a1:06:
19:f3:98:5d:41:13:65:57:de:aa:cd:95:a9:64:6d:92:2e:13:
e5:c9:02:a7:68:4f:ce:0b:77:bc:e8:42:03:1b:d4:c0:53:e2:
ec:57:66:5d:67:b8:7e:58:b3:be:c2:fb:78:6c:0f:c3:33:1d:
a2:74:2a:ff:99:2b:41:c9:72:00:ce:fd:15:33:4b:65:9d:7b:
6d:a5:ab:15:e7:c7:ec:c3:1b:85:f8:67:93:71:fa:88:ac:db:
af:f6:21:50:00:55:28:48:6f:58:5e:99:b4:f6:90:ae:dd:13:
5d:dc:c1:d4:a2:c1:25:9c:57:8a:59:c8:9e:d5:0a:22:7a:9f:
02:6b:bf:04:a8:ea:cd:3e:19:50:96:f6:c9:3a:25:ea:5b:02:
8e:6f:aa:d3:20:2b:f2:db:1f:f0:30:07:8a:89:54:cd:24:57:
51:28:4a:02:c4:2e:88:ca:9f:7f:b0:33:93:6e:02:de:01:07:
85:32:bb:97
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCtEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTE2Q0YxMTAvBgNVBAUTKDgyOUYwRjQwODg0REQ5OTExMjEwMDVCMDdEMDlBMkNC
RkZCNERFQzYwHhcNMjMxMjEyMTk0NzUwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTc4YjhlNi02NDQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzsU6uRJaM7ji21PD98ZQQpVmm+9rDcNTsGspl9U68PabSpttxk/Gc406zegE
P750MGD0l60bHG15O9vW91xwtE1leLfk7VtF6/gan8YxTIWUJYgwYWd9Zq6ab+LK
tZIDn24Nfj5Zv7Pi2toqkmO0fO2vJFUNLCDwRwbS1Nj58Yz5TJ3HlTicEioF/dvp
J1ucsa9sW39PwqYXgcaEQq/FSW7BZtaVGPWKzHtCbU6dX4IrCHoJmOIeImktBFQd
z0652a9ud5ot9nJhln4T621so8fRyKOd+DIATdOfgZ+NCVXnFWhsxndCGd/HKqNr
ySWwKyr3CkSTABq+Y7c6uSEVmQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGUASMFr
5iSUR3QjVJs3AiilTNkwMB8GA1UdIwQYMBaAFIKfD0CITdmREhAFsH0Josv/tN7G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTZDRi8yQ0FENTA4ODE5
QTIxMUVBQUU4MTFDNzFDNEY5QUUwMi9ncDhQUUloTjJaRVNFQVd3ZlFtaXlfLTAz
c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dwOFBRSWhOMlpFU0VBV3dmUW1peV8tMDNzWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTE2Q0YvMkNBRDUwODgxOUEyMTFFQUFFODExQzcxQzRGOUFFMDIvNjNFRTNBMkM2
QUJDMTFFQ0JGMDU2QTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnxoQwDQQCAAIwBwMFACQDYMAwDQYJKoZIhvcNAQELBQAD
ggEBACsb/J5rqHJztvJ7IV6QK1MFlwm+0bI+UtavadN1PpRX2mB9l08aXfq0K4jK
Q7on8ess2r/Ysjxru7RqTajHmNnkkJl9sZyhBhnzmF1BE2VX3qrNlalkbZIuE+XJ
AqdoT84Ld7zoQgMb1MBT4uxXZl1nuH5Ys77C+3hsD8MzHaJ0Kv+ZK0HJcgDO/RUz
S2Wde22lqxXnx+zDG4X4Z5Nx+ois26/2IVAAVShIb1hembT2kK7dE13cwdSiwSWc
V4pZyJ7VCiJ6nwJrvwSo6s0+GVCW9sk6JepbAo5vqtMgK/LbH/AwB4qJVM0kV1Eo
SgLELojKn3+wM5NuAt4BB4Uyu5c=
-----END CERTIFICATE-----
Generated at Mon Sep 2 08:06:43 2024 by rpki-client on console-fra.rpki-client.org