Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B517C/CD3763E6DCED11EEBDE00E30C4F9AE02/B2FA6FB8DCEE11EEAC3FDB31C4F9AE02.roa
File: B2FA6FB8DCEE11EEAC3FDB31C4F9AE02.roa (raw, json)
Hash identifier: tyamyJXf4XSQ/4d+N4I9+zf7XIXpKp1XrJLZmEcS0QY=
Subject key identifier: B8:2A:D4:63:CF:30:EF:1D:06:73:BF:9A:B4:50:77:1D:11:D8:5B:5D
Certificate issuer: /CN=A91B517C/serialNumber=9FAF8341675EF438964199362542572C8928540C
Certificate serial: 02
Authority key identifier: 9F:AF:83:41:67:5E:F4:38:96:41:99:36:25:42:57:2C:89:28:54:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n6-DQWde9DiWQZk2JUJXLIkoVAw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B517C/CD3763E6DCED11EEBDE00E30C4F9AE02/B2FA6FB8DCEE11EEAC3FDB31C4F9AE02.roa
Signing time: Fri 08 Mar 2024 01:53:46 +0000
ROA not before: Fri 08 Mar 2024 01:53:46 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 63981
IP address blocks: 45.117.96.0/22 maxlen: 22
45.117.96.0/24 maxlen: 24
45.117.97.0/24 maxlen: 24
45.117.98.0/24 maxlen: 24
45.117.99.0/24 maxlen: 24
45.251.66.0/24 maxlen: 24
103.29.140.0/24 maxlen: 24
103.29.141.0/24 maxlen: 24
103.29.142.0/24 maxlen: 24
103.29.143.0/24 maxlen: 24
103.117.76.0/22 maxlen: 22
103.220.8.0/22 maxlen: 24
203.166.220.0/22 maxlen: 22
2405:a480::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 15 Mar 2024 07:56:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B517C/serialNumber=9FAF8341675EF438964199362542572C8928540C
Validity
Not Before: Mar 8 01:53:46 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65ea6faa-7c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:27:31:a1:31:6b:f9:7c:c8:06:7c:e1:04:53:
ba:f9:8e:22:0f:e6:98:b9:e5:13:22:db:fd:12:d6:
f4:78:08:fa:da:fb:9e:37:1d:21:a0:ab:1d:9e:ca:
eb:71:b5:d5:82:75:9b:2c:c9:3a:72:62:f0:ca:93:
d2:8b:17:4d:cd:fe:22:82:d8:e8:02:42:21:eb:88:
ba:85:ec:6e:71:48:68:f4:cb:ca:ee:27:e7:f5:be:
d7:43:d6:34:32:fa:19:45:6e:a1:89:cd:67:4f:d2:
a0:2a:5c:24:24:50:11:e4:25:97:29:39:50:88:09:
b7:70:54:e1:99:b5:7c:6d:4f:41:f4:c0:a2:af:c9:
08:50:2c:c2:01:66:44:5e:e5:f7:09:38:1a:87:69:
97:e6:05:ec:fe:9d:c3:1b:f8:af:aa:25:c4:36:de:
d7:75:0a:92:58:16:8c:76:29:1d:ca:88:3a:bf:e4:
51:e3:d3:d7:21:4d:b2:9a:11:e2:31:2b:76:63:4f:
35:4c:f5:0f:6a:a4:fe:ec:1c:60:77:00:49:b6:9a:
bf:cd:35:c7:3b:e6:54:0d:09:18:0e:4a:d2:01:04:
6c:3d:ff:eb:ce:fe:ea:2a:9f:a3:62:86:77:e8:15:
d1:18:d4:49:c2:b8:68:a3:6b:bd:1a:64:67:e9:71:
f3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2A:D4:63:CF:30:EF:1D:06:73:BF:9A:B4:50:77:1D:11:D8:5B:5D
X509v3 Authority Key Identifier:
keyid:9F:AF:83:41:67:5E:F4:38:96:41:99:36:25:42:57:2C:89:28:54:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B517C/CD3763E6DCED11EEBDE00E30C4F9AE02/n6-DQWde9DiWQZk2JUJXLIkoVAw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n6-DQWde9DiWQZk2JUJXLIkoVAw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B517C/CD3763E6DCED11EEBDE00E30C4F9AE02/B2FA6FB8DCEE11EEAC3FDB31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.96.0/22
45.251.66.0/24
103.29.140.0/22
103.117.76.0/22
103.220.8.0/22
203.166.220.0/22
IPv6:
2405:a480::/32
Signature Algorithm: sha256WithRSAEncryption
0f:75:cc:be:8d:71:1d:32:ad:89:0a:e7:10:9f:99:fb:dc:06:
b0:7b:2b:aa:67:15:7f:63:50:21:87:4d:b2:5b:cf:c5:83:7c:
0b:b8:6c:23:76:5d:f3:8e:47:d2:0b:5e:1c:92:e6:f7:db:7d:
04:70:f6:f1:a9:09:d1:b3:2d:44:54:08:a8:c6:17:c5:96:84:
6d:2d:e1:7d:65:1a:8d:cb:d2:14:51:ad:ea:5e:0d:be:f9:a4:
e2:50:ec:9b:e7:28:26:24:23:26:d8:bb:9a:fc:be:f2:8c:27:
82:33:8f:95:90:13:6c:ea:30:b9:ea:31:fe:16:92:f1:be:51:
b6:49:2b:9f:90:68:38:92:a8:8f:88:41:8f:04:30:78:40:1b:
fc:7f:54:2d:57:23:a4:61:80:a6:a5:a5:9e:04:0a:37:83:e8:
8a:de:01:dc:98:5c:40:c5:c9:09:4a:ab:aa:a9:7d:c0:c9:14:
a7:dd:13:ba:46:fe:04:5d:05:bc:39:46:20:c3:1d:7d:6e:b0:
41:ee:1c:17:03:92:5d:b6:e3:b5:f7:37:2f:45:10:33:7f:26:
1e:f7:01:b1:b3:63:b8:71:b0:37:8a:2c:c5:9f:f9:6e:ef:7d:
05:d5:fb:39:cf:fd:ed:52:a6:62:9a:a9:2e:17:26:5e:e9:a2:
15:f6:4c:f6
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NTE3QzExMC8GA1UEBRMoOUZBRjgzNDE2NzVFRjQzODk2NDE5OTM2MjU0MjU3MkM4
OTI4NTQwQzAeFw0yNDAzMDgwMTUzNDZaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZWE2ZmFhLTdjNmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8JzGhMWv5fMgGfOEEU7r5jiIP5pi55RMi2/0S1vR4CPra+543HSGgqx2eyutx
tdWCdZssyTpyYvDKk9KLF03N/iKC2OgCQiHriLqF7G5xSGj0y8ruJ+f1vtdD1jQy
+hlFbqGJzWdP0qAqXCQkUBHkJZcpOVCICbdwVOGZtXxtT0H0wKKvyQhQLMIBZkRe
5fcJOBqHaZfmBez+ncMb+K+qJcQ23td1CpJYFox2KR3KiDq/5FHj09chTbKaEeIx
K3ZjTzVM9Q9qpP7sHGB3AEm2mr/NNcc75lQNCRgOStIBBGw9/+vO/uoqn6Nihnfo
FdEY1EnCuGija70aZGfpcfNpAgMBAAGjggLCMIICvjAdBgNVHQ4EFgQUuCrUY88w
7x0Gc7+atFB3HRHYW10wHwYDVR0jBBgwFoAUn6+DQWde9DiWQZk2JUJXLIkoVAww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI1MTdDL0NEMzc2M0U2RENF
RDExRUVCREUwMEUzMEM0RjlBRTAyL242LURRV2RlOURpV1FaazJKVUpYTElrb1ZB
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbjYtRFFXZGU5RGlXUVprMkpVSlhMSWtvVkF3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NTE3Qy9DRDM3NjNFNkRDRUQxMUVFQkRFMDBFMzBDNEY5QUUwMi9CMkZBNkZCOERD
RUUxMUVFQUMzRkRCMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBMBggrBgEFBQcBBwEB/wQ9
MDswKgQCAAEwJAMEAi11YAMEAC37QgMEAmcdjAMEAmd1TAMEAmfcCAMEAsum3DAN
BAIAAjAHAwUAJAWkgDANBgkqhkiG9w0BAQsFAAOCAQEAD3XMvo1xHTKtiQrnEJ+Z
+9wGsHsrqmcVf2NQIYdNslvPxYN8C7hsI3Zd845H0gteHJLm99t9BHD28akJ0bMt
RFQIqMYXxZaEbS3hfWUajcvSFFGt6l4Nvvmk4lDsm+coJiQjJti7mvy+8owngjOP
lZATbOowueox/haS8b5Rtkkrn5BoOJKoj4hBjwQweEAb/H9ULVcjpGGApqWlngQK
N4Poit4B3JhcQMXJCUqrqql9wMkUp90Tukb+BF0FvDlGIMMdfW6wQe4cFwOSXbbj
tfc3L0UQM38mHvcBsbNjuHGwN4osxZ/5bu99BdX7Oc/97VKmYpqpLhcmXumiFfZM
9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org