Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4DC7/F3F1020EBB1011ECB675EF51C4F9AE02/2B78AC2C9AE511EDB13EDC68C4F9AE02.roa
File: 2B78AC2C9AE511EDB13EDC68C4F9AE02.roa (raw, json)
Hash identifier: aAiCiJycfRboMmHRnSxAMWVPPI7cWWmGMF2dCjMB4Kk=
Subject key identifier: 30:53:33:10:E2:33:B7:9C:97:3F:25:C8:F6:8C:E2:36:DA:44:C1:02
Certificate issuer: /CN=A91B4DC7/serialNumber=B88911178068D575DFDDF84940CABEAF451C8C2B
Certificate serial: 0261
Authority key identifier: B8:89:11:17:80:68:D5:75:DF:DD:F8:49:40:CA:BE:AF:45:1C:8C:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uIkRF4Bo1XXf3fhJQMq-r0UcjCs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B4DC7/F3F1020EBB1011ECB675EF51C4F9AE02/2B78AC2C9AE511EDB13EDC68C4F9AE02.roa
Signing time: Thu 01 Feb 2024 03:35:22 +0000
ROA not before: Thu 01 Feb 2024 03:35:22 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 38200
IP address blocks: 103.177.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 11:45:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 609 (0x261)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B4DC7/serialNumber=B88911178068D575DFDDF84940CABEAF451C8C2B
Validity
Not Before: Feb 1 03:35:22 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65bb1179-2c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:03:6f:f7:c1:0e:c1:8b:9b:21:26:de:b2:99:
32:e9:8a:dc:da:15:5c:97:68:9d:f1:13:69:7a:43:
d1:34:64:67:31:91:fa:31:44:63:87:0d:46:94:f2:
63:12:9b:71:ed:44:b2:8a:92:a3:e0:69:55:c9:4a:
b8:41:f6:f2:e7:43:7b:39:62:10:45:0f:d6:04:3e:
92:86:ba:94:fd:94:8b:99:a5:bf:7f:b4:12:a6:91:
a9:be:8f:be:47:e0:d3:41:05:b1:af:5b:5d:fe:1d:
5f:6f:a8:5c:dc:a3:0c:31:91:b5:39:d3:6e:a9:4b:
80:30:92:70:a6:c9:5c:1c:8a:c4:bf:17:2f:05:97:
70:60:61:63:0c:a6:5b:f8:ef:40:5e:52:3a:72:44:
8c:97:be:b2:89:b7:f6:49:83:b0:dc:a0:bb:53:a1:
d1:69:b3:ab:21:5f:3e:4c:3f:e6:e7:92:7e:31:76:
fa:8e:7e:3b:e4:3b:d3:9d:9e:64:cb:8c:c0:bf:43:
ad:5d:9d:f7:5e:37:39:a2:bb:c3:f6:3f:57:27:43:
ae:b1:98:08:20:31:ea:15:88:30:0c:86:86:48:a6:
04:e2:8f:e8:07:40:fd:4d:46:7c:62:57:b7:7f:e5:
66:41:27:b2:09:f4:ca:f8:48:4a:c5:7d:e4:13:47:
b2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:53:33:10:E2:33:B7:9C:97:3F:25:C8:F6:8C:E2:36:DA:44:C1:02
X509v3 Authority Key Identifier:
keyid:B8:89:11:17:80:68:D5:75:DF:DD:F8:49:40:CA:BE:AF:45:1C:8C:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B4DC7/F3F1020EBB1011ECB675EF51C4F9AE02/uIkRF4Bo1XXf3fhJQMq-r0UcjCs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uIkRF4Bo1XXf3fhJQMq-r0UcjCs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4DC7/F3F1020EBB1011ECB675EF51C4F9AE02/2B78AC2C9AE511EDB13EDC68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.138.0/24
Signature Algorithm: sha256WithRSAEncryption
53:19:6f:8f:e1:b4:20:c6:5f:f7:d8:35:ba:e6:13:14:aa:15:
60:85:71:7d:31:bc:46:e8:13:9b:c6:18:80:48:98:b9:9c:fe:
04:c8:3c:8e:9f:77:c8:bf:82:76:ff:b5:94:cc:85:79:fd:33:
27:be:dd:33:8c:54:ff:eb:bb:2c:13:ef:c9:2e:a7:0c:e4:3b:
6c:02:71:3c:7e:35:0e:ec:8c:78:4d:0b:1b:00:fa:4a:37:37:
8f:44:49:a5:3a:78:b6:49:26:70:92:8a:7b:86:05:01:6f:95:
59:92:dc:de:d3:ea:53:4c:67:c9:df:6c:3a:96:f3:8b:82:d9:
a8:5f:74:88:f5:12:bc:87:32:60:99:75:1c:17:26:11:11:45:
69:d1:75:0c:02:5f:d2:3d:ae:72:6e:39:31:0d:e1:ee:91:26:
b5:b8:29:f9:8e:63:84:a8:55:fe:46:dc:f5:31:4f:13:28:bc:
3e:db:8c:ee:1b:33:10:fd:b2:07:49:3d:bb:97:e0:37:f1:f4:
09:f8:9f:87:57:41:41:94:45:84:f8:1f:98:2b:28:ce:ec:8a:
b4:61:cd:fe:35:72:9e:20:d9:df:ec:b2:ad:06:13:a0:98:29:
98:56:96:3c:b2:bf:75:3c:7a:4b:d4:d1:1e:a0:18:33:b0:84:
d2:1c:b1:94
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAmEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjREQzcxMTAvBgNVBAUTKEI4ODkxMTE3ODA2OEQ1NzVERkRERjg0OTQwQ0FCRUFG
NDUxQzhDMkIwHhcNMjQwMjAxMDMzNTIyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJiMTE3OS0yYzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmwNv98EOwYubISbespky6Yrc2hVcl2id8RNpekPRNGRnMZH6MURjhw1GlPJj
Eptx7USyipKj4GlVyUq4Qfby50N7OWIQRQ/WBD6ShrqU/ZSLmaW/f7QSppGpvo++
R+DTQQWxr1td/h1fb6hc3KMMMZG1OdNuqUuAMJJwpslcHIrEvxcvBZdwYGFjDKZb
+O9AXlI6ckSMl76yibf2SYOw3KC7U6HRabOrIV8+TD/m55J+MXb6jn475DvTnZ5k
y4zAv0OtXZ33Xjc5orvD9j9XJ0OusZgIIDHqFYgwDIaGSKYE4o/oB0D9TUZ8Yle3
f+VmQSeyCfTK+EhKxX3kE0eyywIDAQABo4IClTCCApEwHQYDVR0OBBYEFDBTMxDi
M7eclz8lyPaM4jbaRMECMB8GA1UdIwQYMBaAFLiJEReAaNV13934SUDKvq9FHIwr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNERDNy9GM0YxMDIwRUJC
MTAxMUVDQjY3NUVGNTFDNEY5QUUwMi91SWtSRjRCbzFYWGYzZmhKUU1xLXIwVWNq
Q3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VJa1JGNEJvMVhYZjNmaEpRTXEtcjBVY2pDcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjREQzcvRjNGMTAyMEVCQjEwMTFFQ0I2NzVFRjUxQzRGOUFFMDIvMkI3OEFDMkM5
QUU1MTFFREIxM0VEQzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnsYowDQYJKoZIhvcNAQELBQADggEBAFMZb4/htCDGX/fY
NbrmExSqFWCFcX0xvEboE5vGGIBImLmc/gTIPI6fd8i/gnb/tZTMhXn9Mye+3TOM
VP/ruywT78kupwzkO2wCcTx+NQ7sjHhNCxsA+ko3N49ESaU6eLZJJnCSinuGBQFv
lVmS3N7T6lNMZ8nfbDqW84uC2ahfdIj1EryHMmCZdRwXJhERRWnRdQwCX9I9rnJu
OTEN4e6RJrW4KfmOY4SoVf5G3PUxTxMovD7bjO4bMxD9sgdJPbuX4Dfx9An4n4dX
QUGURYT4H5grKM7sirRhzf41cp4g2d/ssq0GE6CYKZhWljyyv3U8ekvU0R6gGDOw
hNIcsZQ=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:37 2024 by rpki-client on console-fra.rpki-client.org