Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/763C6FD691EE11EE88E19D67C4F9AE02.roa
File: 763C6FD691EE11EE88E19D67C4F9AE02.roa (raw, json)
Hash identifier: 3XRZ4YJIAlSL8hvrSiCQofg+d4+2pMGa1OK6Ti3HZRE=
Subject key identifier: 0F:87:53:C8:ED:7D:24:E1:3C:AD:4C:80:81:AE:75:9D:8E:BD:A1:A6
Certificate issuer: /CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Certificate serial: 02F8
Authority key identifier: 1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/763C6FD691EE11EE88E19D67C4F9AE02.roa
Signing time: Wed 29 May 2024 04:09:12 +0000
ROA not before: Wed 29 May 2024 04:09:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 149058
IP address blocks: 103.138.146.0/23 maxlen: 23
103.138.146.0/24 maxlen: 24
103.138.147.0/24 maxlen: 24
2407:3b40::/32 maxlen: 32
2407:3b40::/36 maxlen: 36
2407:3b40:1000::/36 maxlen: 36
2407:3b40:2000::/36 maxlen: 36
2407:3b40:3000::/36 maxlen: 36
2407:3b40:4000::/36 maxlen: 36
2407:3b40:5000::/36 maxlen: 36
2407:3b40:6000::/36 maxlen: 36
2407:3b40:7000::/36 maxlen: 36
2407:3b40:9000::/36 maxlen: 36
2407:3b40:a000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 05 Jun 2024 17:59:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 760 (0x2f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Validity
Not Before: May 29 04:09:12 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6656aa68-5ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:35:f4:c8:30:0a:0e:15:fd:ce:ba:84:a1:a6:
36:4d:46:82:42:16:ca:2e:da:8a:1d:97:fb:6c:37:
4d:93:e7:aa:55:43:b7:67:d1:16:c1:5a:62:cf:26:
98:cc:eb:25:a1:47:eb:25:87:cb:a4:1a:da:c7:01:
55:da:61:ad:37:4d:94:b4:2d:cf:91:96:c3:58:01:
be:fc:71:de:ae:35:0b:9a:e6:a5:c4:81:d0:8f:5d:
70:b3:5d:45:62:c0:2d:04:cd:0f:85:ed:95:f2:85:
f4:96:ef:8d:45:b4:68:3b:67:7a:af:c5:a1:aa:f4:
fc:87:03:8d:87:a8:63:a4:09:0a:a3:34:71:4b:6d:
ba:78:e1:aa:7b:fb:c5:b8:de:dd:e5:2e:d3:58:27:
af:dc:b6:a3:38:af:bc:10:21:fa:da:09:74:0b:f5:
0a:15:f6:89:53:d7:c1:2b:e7:63:66:8e:1a:3c:3d:
49:49:24:31:82:67:f0:ad:ca:d9:91:5d:e0:c8:06:
f2:95:07:a5:e7:94:e8:e2:5c:7a:ef:84:f9:a8:9e:
c7:c6:d1:20:0c:77:d3:39:1f:de:1f:d5:ea:9d:b3:
1d:2a:87:5f:87:3c:71:05:4c:7a:ee:35:2e:f5:bc:
66:d7:ff:ba:b8:e2:fa:35:57:c6:77:12:8e:ed:56:
2d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:87:53:C8:ED:7D:24:E1:3C:AD:4C:80:81:AE:75:9D:8E:BD:A1:A6
X509v3 Authority Key Identifier:
keyid:1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/GwNr_4eAfL_G6RI2ywhtT-KwmT0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/763C6FD691EE11EE88E19D67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.146.0/23
IPv6:
2407:3b40::/32
Signature Algorithm: sha256WithRSAEncryption
56:9b:fa:87:bb:52:f0:b8:66:2d:83:54:13:20:30:8b:05:4e:
0e:f9:69:7e:97:c9:24:54:5a:0b:08:cd:7b:67:fb:e6:e1:61:
8c:65:d5:00:e1:3a:15:78:e8:79:d2:6f:8c:ed:b0:dd:07:e0:
13:5a:88:d9:52:bc:e9:74:cf:cb:5c:e5:aa:e0:dc:27:0b:77:
8e:53:a1:2c:66:25:37:b6:b4:5c:ab:37:86:de:52:86:3e:d7:
f1:cd:b0:ba:1e:84:28:91:54:cf:1a:9c:fb:2f:7a:61:00:d3:
7f:c4:d2:c8:81:c4:0f:53:a1:3a:92:a3:b8:03:9c:1b:a7:b5:
1d:51:f7:39:b4:73:34:ca:ea:1b:c5:49:6c:1f:09:e2:eb:b4:
64:fa:74:ea:a0:42:e4:bb:7d:0c:09:63:64:72:71:49:ff:a6:
89:05:b0:3d:84:cf:68:0d:2f:9f:bc:b1:d3:90:02:21:24:fe:
94:32:b5:47:44:e3:3f:e4:f1:24:a8:50:b2:ab:45:8c:cb:d1:
47:13:8e:57:28:e1:a9:fa:cc:14:d5:e8:8f:80:88:9a:bb:a6:
a2:6f:ac:90:c8:e6:8c:f5:22:1a:48:54:ad:0e:0d:8a:67:e2:
24:22:56:99:12:bc:03:56:92:3d:1a:e3:f2:f0:1f:ef:80:80:
41:a6:1d:f2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAvgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3MjAxMTAvBgNVBAUTKDFCMDM2QkZGODc4MDdDQkZDNkU5MTIzNkNCMDg2RDRG
RTJCMDk5M0QwHhcNMjQwNTI5MDQwOTEyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU2YWE2OC01YmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3jX0yDAKDhX9zrqEoaY2TUaCQhbKLtqKHZf7bDdNk+eqVUO3Z9EWwVpizyaY
zOsloUfrJYfLpBraxwFV2mGtN02UtC3PkZbDWAG+/HHerjULmualxIHQj11ws11F
YsAtBM0Phe2V8oX0lu+NRbRoO2d6r8WhqvT8hwONh6hjpAkKozRxS226eOGqe/vF
uN7d5S7TWCev3LajOK+8ECH62gl0C/UKFfaJU9fBK+djZo4aPD1JSSQxgmfwrcrZ
kV3gyAbylQel55To4lx674T5qJ7HxtEgDHfTOR/eH9XqnbMdKodfhzxxBUx67jUu
9bxm1/+6uOL6NVfGdxKO7VYtDwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFA+HU8jt
fSThPK1MgIGudZ2OvaGmMB8GA1UdIwQYMBaAFBsDa/+HgHy/xukSNssIbU/isJk9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDcyMC8yMDlGOEI3NEE3
OUIxMUVDOEREMkIxNTdDNEY5QUUwMi9Hd05yXzRlQWZMX0c2UkkyeXdodFQtS3dt
VDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d3TnJfNGVBZkxfRzZSSTJ5d2h0VC1Ld21UMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3MjAvMjA5RjhCNzRBNzlCMTFFQzhERDJCMTU3QzRGOUFFMDIvNzYzQzZGRDY5
MUVFMTFFRTg4RTE5RDY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnipIwDQQCAAIwBwMFACQHO0AwDQYJKoZIhvcNAQELBQAD
ggEBAFab+oe7UvC4Zi2DVBMgMIsFTg75aX6XySRUWgsIzXtn++bhYYxl1QDhOhV4
6HnSb4ztsN0H4BNaiNlSvOl0z8tc5arg3CcLd45ToSxmJTe2tFyrN4beUoY+1/HN
sLoehCiRVM8anPsvemEA03/E0siBxA9ToTqSo7gDnBuntR1R9zm0czTK6hvFSWwf
CeLrtGT6dOqgQuS7fQwJY2RycUn/pokFsD2Ez2gNL5+8sdOQAiEk/pQytUdE4z/k
8SSoULKrRYzL0UcTjlco4an6zBTV6I+AiJq7pqJvrJDI5oz1IhpIVK0ODYpn4iQi
VpkSvANWkj0a4/LwH++AgEGmHfI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org