Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF59C/735DC4D61D8D11E29A7543EB08B02CD2/A11EA6CC27C811EFAD0ED686C4F9AE02.roa
File: A11EA6CC27C811EFAD0ED686C4F9AE02.roa (raw, json)
Hash identifier: ZXyPLJvrvpNaDM13o3ChK5RbFqF8gmQcDQCWIkOpGtk=
Subject key identifier: EB:27:4D:32:A1:2F:70:05:37:7E:6F:58:6B:34:B0:3D:F3:A4:80:0C
Certificate issuer: /CN=A91AF59C/serialNumber=C1296FFAD34F29F04E0EFAD5D9244C02A7D87D8D
Certificate serial: 3413
Authority key identifier: C1:29:6F:FA:D3:4F:29:F0:4E:0E:FA:D5:D9:24:4C:02:A7:D8:7D:8D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wSlv-tNPKfBODvrV2SRMAqfYfY0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AF59C/735DC4D61D8D11E29A7543EB08B02CD2/A11EA6CC27C811EFAD0ED686C4F9AE02.roa
Signing time: Tue 11 Jun 2024 08:00:12 +0000
ROA not before: Tue 11 Jun 2024 08:00:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132145
IP address blocks: 103.6.12.0/22 maxlen: 22
103.6.12.0/24 maxlen: 24
103.6.13.0/24 maxlen: 24
103.6.14.0/24 maxlen: 24
103.6.15.0/24 maxlen: 24
180.233.128.0/24 maxlen: 24
180.233.129.0/24 maxlen: 24
180.233.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 23:11:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13331 (0x3413)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AF59C/serialNumber=C1296FFAD34F29F04E0EFAD5D9244C02A7D87D8D
Validity
Not Before: Jun 11 08:00:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6668040c-4f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a6:a2:d2:5b:65:41:3f:e8:4e:b4:65:c8:ee:
a8:92:45:b0:ec:ed:22:52:a4:be:84:06:9b:ea:9a:
0c:7c:45:c2:4a:f6:20:2c:db:92:d0:94:fc:33:a0:
4b:ed:15:0e:4e:d5:25:f0:4d:7e:42:92:3a:6a:39:
34:b4:78:b4:fc:09:4b:cf:56:73:8f:80:72:11:7b:
ae:b2:ce:c5:74:ca:e2:4d:a0:cb:eb:35:a1:1c:93:
a1:49:b9:d5:64:48:e2:ff:23:d0:c3:0a:ae:d3:47:
19:e4:c4:c3:6d:d5:4a:4e:cd:5e:3c:7b:09:88:6c:
40:74:97:57:55:5e:5c:8b:67:21:bf:c0:fa:e4:36:
78:b8:4d:4b:a4:5a:c8:65:53:32:4f:b9:70:1b:e8:
b0:61:1d:3a:d3:ae:04:b6:05:73:54:58:65:ff:46:
69:24:e7:5d:0e:31:fd:cb:64:b3:24:b7:b3:85:b8:
6a:32:2b:40:b0:b2:78:d5:78:c7:c9:e1:e7:e1:64:
52:1e:2e:64:ef:ec:37:95:6a:03:46:e4:64:79:81:
99:10:40:41:37:2b:bc:d6:c6:58:74:6d:30:7c:9a:
f8:8c:60:91:24:33:3a:de:cf:e1:36:a4:3f:b1:77:
c3:ff:e6:87:d7:2c:2b:6a:a2:ad:4a:a4:09:be:e6:
ca:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:27:4D:32:A1:2F:70:05:37:7E:6F:58:6B:34:B0:3D:F3:A4:80:0C
X509v3 Authority Key Identifier:
keyid:C1:29:6F:FA:D3:4F:29:F0:4E:0E:FA:D5:D9:24:4C:02:A7:D8:7D:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AF59C/735DC4D61D8D11E29A7543EB08B02CD2/wSlv-tNPKfBODvrV2SRMAqfYfY0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wSlv-tNPKfBODvrV2SRMAqfYfY0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF59C/735DC4D61D8D11E29A7543EB08B02CD2/A11EA6CC27C811EFAD0ED686C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.12.0/22
180.233.128.0-180.233.130.255
Signature Algorithm: sha256WithRSAEncryption
4e:2b:a4:35:32:d4:d7:7a:5b:c7:6c:d0:e1:3b:14:f6:96:67:
1b:5c:46:9a:ba:d5:c9:2f:e9:69:23:ce:fe:d8:63:1e:b9:f2:
da:dd:b9:62:ef:3d:8c:d5:f3:10:e1:a0:9d:6e:e1:98:32:35:
77:01:ef:26:86:b2:b4:d7:7e:f9:fa:c4:26:3f:97:12:66:af:
14:80:57:9f:a8:a4:60:2d:d9:b7:2d:2c:e2:64:8a:a4:36:94:
18:cc:96:3c:cc:6a:63:98:c3:31:c3:9c:a8:68:ee:d6:a0:ba:
b1:fe:36:0c:94:8d:8b:bf:59:00:ba:a6:da:f9:d7:99:c6:17:
9b:20:30:b7:fa:ad:9e:b0:56:75:1b:14:04:2c:e7:4c:a4:e5:
db:dd:58:20:f5:fe:ae:a9:de:d0:52:56:23:22:32:07:52:bb:
f5:57:cd:4c:74:ef:d4:74:62:56:18:e3:17:ee:e2:ab:9c:98:
ce:e7:cf:ce:d0:a3:93:99:d1:db:5a:fb:61:e2:82:52:b2:d3:
dc:4e:2a:ae:53:5a:6b:41:27:e5:27:e4:61:61:00:ff:9b:7d:
2a:95:25:39:14:df:ff:c2:aa:3d:eb:ef:a3:49:25:f9:fb:d7:
b8:28:63:ff:fc:db:62:15:23:b9:03:54:df:68:5b:f8:32:12:
6c:db:5a:6c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICNBMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUY1OUMxMTAvBgNVBAUTKEMxMjk2RkZBRDM0RjI5RjA0RTBFRkFENUQ5MjQ0QzAy
QTdEODdEOEQwHhcNMjQwNjExMDgwMDEyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjY4MDQwYy00ZjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsqai0ltlQT/oTrRlyO6okkWw7O0iUqS+hAab6poMfEXCSvYgLNuS0JT8M6BL
7RUOTtUl8E1+QpI6ajk0tHi0/AlLz1Zzj4ByEXuuss7FdMriTaDL6zWhHJOhSbnV
ZEji/yPQwwqu00cZ5MTDbdVKTs1ePHsJiGxAdJdXVV5ci2chv8D65DZ4uE1LpFrI
ZVMyT7lwG+iwYR06064EtgVzVFhl/0ZpJOddDjH9y2SzJLezhbhqMitAsLJ41XjH
yeHn4WRSHi5k7+w3lWoDRuRkeYGZEEBBNyu81sZYdG0wfJr4jGCRJDM63s/hNqQ/
sXfD/+aH1ywraqKtSqQJvubKRwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFOsnTTKh
L3AFN35vWGs0sD3zpIAMMB8GA1UdIwQYMBaAFMEpb/rTTynwTg761dkkTAKn2H2N
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjU5Qy83MzVEQzRENjFE
OEQxMUUyOUE3NTQzRUIwOEIwMkNEMi93U2x2LXROUEtmQk9EdnJWMlNSTUFxZllm
WTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dTbHYtdE5QS2ZCT0R2clYyU1JNQXFmWWZZMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUY1OUMvNzM1REM0RDYxRDhEMTFFMjlBNzU0M0VCMDhCMDJDRDIvQTExRUE2Q0My
N0M4MTFFRkFEMEVENjg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAJnBgwwDAMEB7TpgAMEALTpgjANBgkqhkiG9w0BAQsFAAOC
AQEATiukNTLU13pbx2zQ4TsU9pZnG1xGmrrVyS/paSPO/thjHrny2t25Yu89jNXz
EOGgnW7hmDI1dwHvJoaytNd++frEJj+XEmavFIBXn6ikYC3Zty0s4mSKpDaUGMyW
PMxqY5jDMcOcqGju1qC6sf42DJSNi79ZALqm2vnXmcYXmyAwt/qtnrBWdRsUBCzn
TKTl291YIPX+rqne0FJWIyIyB1K79VfNTHTv1HRiVhjjF+7iq5yYzufPztCjk5nR
21r7YeKCUrLT3E4qrlNaa0En5SfkYWEA/5t9KpUlORTf/8KqPevvo0kl+fvXuChj
//zbYhUjuQNU32hb+DISbNtabA==
-----END CERTIFICATE-----
Generated at Wed Jun 12 00:55:02 2024 by rpki-client on console-ams.rpki-client.org