Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/FF2DE168D5E511EE98F01D2AC4F9AE02.roa
File: FF2DE168D5E511EE98F01D2AC4F9AE02.roa (raw, json)
Hash identifier: JAx0FUsxlhMh/nM1Oez0BdV2vGH5IX6bQnKksEX8/nQ=
Subject key identifier: F8:98:4F:A1:DB:E9:8C:F5:5F:27:FE:98:A5:C1:5B:86:0C:CE:DD:03
Certificate issuer: /CN=A91B036A/serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A
Certificate serial: 2F
Authority key identifier: 0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/FF2DE168D5E511EE98F01D2AC4F9AE02.roa
Signing time: Wed 28 Feb 2024 03:03:50 +0000
ROA not before: Wed 28 Feb 2024 03:03:50 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 24334
IP address blocks: 103.11.88.0/22 maxlen: 24
202.171.208.0/21 maxlen: 21
202.171.208.0/24 maxlen: 24
202.171.209.0/24 maxlen: 24
202.171.210.0/24 maxlen: 24
202.171.211.0/24 maxlen: 24
202.171.212.0/24 maxlen: 24
202.171.213.0/24 maxlen: 24
202.171.214.0/24 maxlen: 24
202.171.215.0/24 maxlen: 24
203.142.88.0/21 maxlen: 21
203.142.88.0/24 maxlen: 24
203.142.89.0/24 maxlen: 24
203.142.90.0/24 maxlen: 24
203.142.91.0/24 maxlen: 24
203.142.92.0/24 maxlen: 24
203.142.93.0/24 maxlen: 24
203.142.94.0/24 maxlen: 24
203.142.95.0/24 maxlen: 24
2404:1a0::/30 maxlen: 32
Validation: Failed, certificate revoked on Wed 28 Feb 2024 03:13:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47 (0x2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B036A/serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A
Validity
Not Before: Feb 28 03:03:50 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65dea296-4f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8f:ae:28:6d:bc:b7:d0:22:ac:99:0d:71:7c:
0c:39:c0:e7:67:c7:0d:cd:8e:9c:16:1c:27:11:ef:
a9:bb:dd:8f:71:9f:30:ad:4f:84:28:f3:f6:d1:30:
78:4a:af:8c:a9:95:b5:2c:3d:90:8d:20:fb:19:35:
2a:2a:f5:db:16:3c:23:70:7a:4a:d6:62:b6:9e:7e:
97:4a:6c:4f:f8:1a:90:6a:5a:8b:48:40:8a:1c:df:
8b:68:9a:a0:af:92:1a:f1:13:1c:e5:8d:3c:b0:ba:
8c:fb:b1:52:89:39:17:8f:69:6b:19:79:4c:92:2a:
9b:5a:54:7e:ab:d7:61:30:8c:df:06:5f:e3:4f:1a:
9d:25:00:f7:fa:5a:de:28:28:bb:07:4e:dc:50:f3:
d3:25:dd:66:08:8c:7e:fb:0c:b8:c1:cf:91:13:cc:
70:c9:8b:ba:b8:4b:5d:38:68:ff:d3:b4:65:0d:2d:
a3:42:0c:35:cd:f6:f9:3f:68:b2:97:88:20:62:57:
a1:f4:d0:9e:2e:16:f8:83:8a:77:88:1f:34:1f:aa:
db:db:05:7b:95:59:51:6c:6f:a6:37:c0:45:93:54:
c0:ad:9c:ba:0a:2e:43:7d:2e:70:52:5b:c5:ce:4a:
75:f9:4a:de:5c:81:19:c7:23:83:ad:c3:ac:c2:a1:
ba:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:98:4F:A1:DB:E9:8C:F5:5F:27:FE:98:A5:C1:5B:86:0C:CE:DD:03
X509v3 Authority Key Identifier:
keyid:0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/FF2DE168D5E511EE98F01D2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.88.0/22
202.171.208.0/21
203.142.88.0/21
IPv6:
2404:1a0::/30
Signature Algorithm: sha256WithRSAEncryption
35:10:e3:f0:d5:33:90:9a:98:41:c4:5e:b7:38:3b:20:0e:10:
43:4d:4c:78:e6:b1:9d:8e:b6:97:d0:1b:67:25:14:16:e7:96:
de:43:30:2a:ec:7f:96:97:0d:be:67:c7:f8:e9:b1:00:87:9c:
91:6f:e2:eb:9c:20:f8:8b:29:bc:18:e8:fe:59:d5:74:60:33:
1c:57:5c:57:a1:c6:5c:b7:e6:54:11:43:37:59:a7:5c:a3:b7:
0b:6c:71:65:a4:bb:25:91:41:9f:59:ca:1b:70:00:50:31:05:
cb:47:7f:4d:c2:a8:61:0b:8b:93:67:cf:57:30:5c:d3:a7:de:
a1:df:6a:7a:be:8b:56:2c:ee:49:b7:5a:cc:a7:be:c4:be:f8:
ff:c1:d6:f4:0b:e6:80:f0:7e:20:15:bc:da:17:64:10:d9:b4:
0e:f3:6d:40:11:af:18:fc:34:3e:c2:ff:53:b2:ff:70:7c:59:
19:72:4f:bb:e3:ef:73:a5:d6:58:9f:a6:6b:0e:bb:0f:38:a0:
99:a5:ee:f5:a1:71:0c:4b:01:02:b2:3a:f8:f1:b8:04:07:ff:
18:1a:56:9d:80:90:07:d6:20:5b:5b:a7:ff:1b:4b:47:bf:40:
19:14:0f:df:80:f6:e3:5e:3a:06:de:0a:87:82:d7:c6:cf:8a:
f3:ed:4f:ea
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIBLzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
MDM2QTExMC8GA1UEBRMoMEYxN0YzN0RCQzk0ODREOTZFMUEwQUJDNzhBNEY5Q0FD
RDVFREE4QTAeFw0yNDAyMjgwMzAzNTBaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZGVhMjk2LTRmNGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6j64obby30CKsmQ1xfAw5wOdnxw3NjpwWHCcR76m73Y9xnzCtT4Qo8/bRMHhK
r4yplbUsPZCNIPsZNSoq9dsWPCNwekrWYraefpdKbE/4GpBqWotIQIoc34tomqCv
khrxExzljTywuoz7sVKJORePaWsZeUySKptaVH6r12EwjN8GX+NPGp0lAPf6Wt4o
KLsHTtxQ89Ml3WYIjH77DLjBz5ETzHDJi7q4S104aP/TtGUNLaNCDDXN9vk/aLKX
iCBiV6H00J4uFviDineIHzQfqtvbBXuVWVFsb6Y3wEWTVMCtnLoKLkN9LnBSW8XO
SnX5St5cgRnHI4Otw6zCobqrAgMBAAGjggKwMIICrDAdBgNVHQ4EFgQU+JhPodvp
jPVfJ/6YpcFbhgzO3QMwHwYDVR0jBBgwFoAUDxfzfbyUhNluGgq8eKT5ys1e2oow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwMzZBL0JCQzJGNzc2RDFG
MTExRUU4NjA1MUE2MUM0RjlBRTAyL0R4ZnpmYnlVaE5sdUdncThlS1Q1eXMxZTJv
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRHhmemZieVVoTmx1R2dxOGVLVDV5czFlMm9vLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MDM2QS9CQkMyRjc3NkQxRjExMUVFODYwNTFBNjFDNEY5QUUwMi9GRjJERTE2OEQ1
RTUxMUVFOThGMDFEMkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEAmcLWAMEA8qr0AMEA8uOWDANBAIAAjAHAwUCJAQBoDANBgkq
hkiG9w0BAQsFAAOCAQEANRDj8NUzkJqYQcRetzg7IA4QQ01MeOaxnY62l9AbZyUU
FueW3kMwKux/lpcNvmfH+OmxAIeckW/i65wg+IspvBjo/lnVdGAzHFdcV6HGXLfm
VBFDN1mnXKO3C2xxZaS7JZFBn1nKG3AAUDEFy0d/TcKoYQuLk2fPVzBc06feod9q
er6LVizuSbdazKe+xL74/8HW9AvmgPB+IBW82hdkENm0DvNtQBGvGPw0PsL/U7L/
cHxZGXJPu+Pvc6XWWJ+maw67DzigmaXu9aFxDEsBArI6+PG4BAf/GBpWnYCQB9Yg
W1un/xtLR79AGRQP34D24146Bt4Kh4LXxs+K8+1P6g==
-----END CERTIFICATE-----
Generated at Wed Feb 28 05:08:00 2024 by rpki-client on console-fra.rpki-client.org