Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B46B5/D8A525EA18D511EB81B6E441C4F9AE02/E1CFAE4AD84C11EDBF27B62BC4F9AE02.roa
File: E1CFAE4AD84C11EDBF27B62BC4F9AE02.roa (raw, json)
Hash identifier: svIgtkJV5krjbNGHUZLP7e/z6k133PDLb9Z/YWoKvQM=
Subject key identifier: 53:D2:03:60:68:AC:7E:05:14:F3:65:31:16:58:9F:D6:76:55:BC:0E
Certificate issuer: /CN=A91B46B5/serialNumber=1F0F9996977A7AEF84B54F3DAD3B96461EE49CDE
Certificate serial: 061C
Authority key identifier: 1F:0F:99:96:97:7A:7A:EF:84:B5:4F:3D:AD:3B:96:46:1E:E4:9C:DE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hw-Zlpd6eu-EtU89rTuWRh7knN4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B46B5/D8A525EA18D511EB81B6E441C4F9AE02/E1CFAE4AD84C11EDBF27B62BC4F9AE02.roa
Signing time: Wed 07 Jun 2023 00:37:01 +0000
ROA not before: Wed 07 Jun 2023 00:37:01 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 9310
IP address blocks: 45.248.196.0/22 maxlen: 24
103.217.164.0/22 maxlen: 22
103.217.164.0/24 maxlen: 24
103.217.165.0/24 maxlen: 24
103.217.166.0/23 maxlen: 24
2405:180::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 14 May 2024 21:56:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1564 (0x61c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B46B5/serialNumber=1F0F9996977A7AEF84B54F3DAD3B96461EE49CDE
Validity
Not Before: Jun 7 00:37:01 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=647fd12c-5ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c3:96:2f:48:eb:90:b8:0b:95:95:53:6f:a4:
17:fa:3e:d4:09:8b:ee:6d:c8:7e:57:ee:8d:ed:27:
03:9a:fe:a9:d8:dc:a7:f0:11:74:68:54:18:41:f5:
e4:d8:51:8a:e7:75:3f:2e:d0:74:a2:ed:d7:56:ef:
04:a5:d8:7d:17:15:d7:78:a9:a1:57:04:b9:c7:27:
ce:3c:04:65:6b:4b:1d:56:d4:04:1d:e8:d6:73:05:
02:e2:89:b6:48:80:d2:ac:7f:36:2a:2d:25:ac:57:
a4:9c:0e:b3:81:0a:d6:de:08:d2:61:66:9f:0c:07:
73:95:7d:81:be:33:2d:92:ac:a4:19:84:25:80:23:
83:54:c5:96:e5:0d:ff:23:f8:12:af:26:f1:9c:b0:
f1:0c:e2:31:de:53:f7:b0:de:4e:4e:6d:e7:28:c5:
50:5a:2b:08:ef:0d:26:38:81:a9:b0:c8:c3:08:ad:
51:a8:20:20:a5:8d:21:c2:14:3d:53:ea:dd:cf:3b:
bd:84:1a:ef:64:32:8e:ea:e0:2e:16:e5:5e:fa:d3:
cb:21:53:b2:98:1c:54:45:5b:20:01:6c:4c:f0:d2:
49:85:b9:cf:1b:e8:a9:7a:83:22:a8:79:b5:f1:59:
2f:96:dc:11:1f:39:9d:39:aa:e6:f1:f5:91:22:08:
bf:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D2:03:60:68:AC:7E:05:14:F3:65:31:16:58:9F:D6:76:55:BC:0E
X509v3 Authority Key Identifier:
keyid:1F:0F:99:96:97:7A:7A:EF:84:B5:4F:3D:AD:3B:96:46:1E:E4:9C:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B46B5/D8A525EA18D511EB81B6E441C4F9AE02/Hw-Zlpd6eu-EtU89rTuWRh7knN4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hw-Zlpd6eu-EtU89rTuWRh7knN4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B46B5/D8A525EA18D511EB81B6E441C4F9AE02/E1CFAE4AD84C11EDBF27B62BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.196.0/22
103.217.164.0/22
IPv6:
2405:180::/32
Signature Algorithm: sha256WithRSAEncryption
39:a5:2f:76:06:c6:a6:c9:a0:37:aa:9d:f5:c9:57:0c:d7:6d:
ee:2c:93:67:b6:f3:00:c9:0f:da:da:82:98:e8:e5:bb:58:ad:
9d:f8:39:ce:bc:88:25:fd:77:78:74:e3:47:2e:71:9f:d4:44:
ca:d9:8b:bc:cd:11:ec:ed:e6:c0:b2:c8:49:b6:f1:85:66:34:
30:85:a1:03:eb:76:33:aa:5e:e4:ab:88:2c:cc:aa:96:95:df:
48:ea:18:fe:5d:ad:0e:da:c6:6c:2f:c0:7a:f3:d7:f7:bc:86:
43:7b:74:60:88:bb:e0:1e:fe:37:e0:2e:25:7c:4d:e4:c5:93:
cd:0c:0a:d0:4c:73:dd:1c:09:58:73:ac:f7:2b:a5:08:ab:31:
73:b8:9c:77:e3:6b:2b:a7:c5:11:bc:90:f5:f0:29:29:00:f4:
79:18:04:4a:84:b9:c6:f9:e0:a4:f1:84:af:29:3a:1b:6b:17:
8b:e3:75:45:07:ce:e9:8d:39:35:4f:ae:e1:68:9a:b7:c1:49:
cd:20:bb:f0:f6:0d:f2:f4:92:f9:bb:6b:0a:1a:2d:27:f8:e6:
a3:2b:a0:82:e8:53:1b:32:e3:02:aa:28:6b:b9:44:05:28:93:
f5:fd:af:57:03:bc:17:a1:65:c8:49:b4:97:bd:48:0f:ec:7e:
d9:7d:92:18
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ2QjUxMTAvBgNVBAUTKDFGMEY5OTk2OTc3QTdBRUY4NEI1NEYzREFEM0I5NjQ2
MUVFNDlDREUwHhcNMjMwNjA3MDAzNzAxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdmZDEyYy01ZmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA48OWL0jrkLgLlZVTb6QX+j7UCYvubch+V+6N7ScDmv6p2Nyn8BF0aFQYQfXk
2FGK53U/LtB0ou3XVu8Epdh9FxXXeKmhVwS5xyfOPARla0sdVtQEHejWcwUC4om2
SIDSrH82Ki0lrFeknA6zgQrW3gjSYWafDAdzlX2BvjMtkqykGYQlgCODVMWW5Q3/
I/gSrybxnLDxDOIx3lP3sN5OTm3nKMVQWisI7w0mOIGpsMjDCK1RqCAgpY0hwhQ9
U+rdzzu9hBrvZDKO6uAuFuVe+tPLIVOymBxURVsgAWxM8NJJhbnPG+ipeoMiqHm1
8VkvltwRHzmdOarm8fWRIgi/kwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFPSA2Bo
rH4FFPNlMRZYn9Z2VbwOMB8GA1UdIwQYMBaAFB8PmZaXenrvhLVPPa07lkYe5Jze
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDZCNS9EOEE1MjVFQTE4
RDUxMUVCODFCNkU0NDFDNEY5QUUwMi9Idy1abHBkNmV1LUV0VTg5clR1V1JoN2tu
TjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h3LVpscGQ2ZXUtRXRVODlyVHVXUmg3a25ONC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQ2QjUvRDhBNTI1RUExOEQ1MTFFQjgxQjZFNDQxQzRGOUFFMDIvRTFDRkFFNEFE
ODRDMTFFREJGMjdCNjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIt+MQDBAJn2aQwDQQCAAIwBwMFACQFAYAwDQYJKoZIhvcN
AQELBQADggEBADmlL3YGxqbJoDeqnfXJVwzXbe4sk2e28wDJD9ragpjo5btYrZ34
Oc68iCX9d3h040cucZ/URMrZi7zNEezt5sCyyEm28YVmNDCFoQPrdjOqXuSriCzM
qpaV30jqGP5drQ7axmwvwHrz1/e8hkN7dGCIu+Ae/jfgLiV8TeTFk80MCtBMc90c
CVhzrPcrpQirMXO4nHfjayunxRG8kPXwKSkA9HkYBEqEucb54KTxhK8pOhtrF4vj
dUUHzumNOTVPruFomrfBSc0gu/D2DfL0kvm7awoaLSf45qMroILoUxsy4wKqKGu5
RAUok/X9r1cDvBehZchJtJe9SA/sftl9khg=
-----END CERTIFICATE-----
Generated at Tue May 14 23:08:58 2024 by rpki-client on console-fra.rpki-client.org