Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/825AC1E8981311EEB2CAB072C4F9AE02.roa
File: 825AC1E8981311EEB2CAB072C4F9AE02.roa (raw, json)
Hash identifier: 0D9ialiTaSM7SHIq3q0c0kNMgPTAWaYVbk2mrgu+EHo=
Subject key identifier: ED:43:0A:C8:D9:BC:77:FE:43:19:25:9A:32:FC:3A:CD:7F:2F:A7:5B
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 346E
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/825AC1E8981311EEB2CAB072C4F9AE02.roa
Signing time: Thu 04 Jan 2024 14:50:33 +0000
ROA not before: Thu 04 Jan 2024 14:50:32 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 140607
IP address blocks: 103.207.85.0/24 maxlen: 24
116.90.118.0/24 maxlen: 24
116.90.119.0/24 maxlen: 24
116.90.121.0/24 maxlen: 24
116.90.122.0/24 maxlen: 24
202.142.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 07:56:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13422 (0x346e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Jan 4 14:50:32 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6596c5b8-901c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4a:10:b8:75:9d:6b:92:d6:03:e0:76:8e:cc:
39:4c:4c:f7:fa:94:ed:83:f1:c4:f3:66:d3:94:00:
a9:24:ff:09:0b:10:db:36:12:77:83:1a:73:65:f3:
1e:0a:82:3f:8f:6e:df:c1:28:f6:49:46:1b:56:e6:
cc:ae:57:e2:38:00:0d:27:85:67:80:73:f8:30:98:
de:72:ea:d9:b5:3e:56:e2:ac:59:84:6d:89:fb:91:
60:bf:b3:2c:ef:c4:54:84:da:8e:c4:49:44:b2:ac:
4b:c4:50:8f:68:52:78:0a:b4:77:c5:66:1f:50:5c:
d9:1a:de:ee:e6:35:43:19:8e:9c:1e:4d:b1:37:97:
c4:6b:4f:cd:7a:1e:d4:63:97:1e:3c:f6:7d:a4:5d:
a6:51:00:20:5a:0f:aa:e2:f4:be:f8:ae:3e:ca:b7:
89:d3:0a:d1:ac:a4:4a:24:02:e3:d9:51:41:b7:f0:
14:70:58:b1:cb:95:13:92:28:68:14:33:32:7e:da:
9e:95:e1:ac:4a:fb:7a:fc:72:bd:27:a8:2e:b6:88:
f3:ed:d9:4a:ab:1e:9c:8a:9b:a2:9a:72:19:6a:5d:
87:ef:3f:80:e1:cb:32:98:43:c9:81:60:af:58:3a:
69:aa:ea:cc:02:fe:17:fb:ac:d1:12:50:1c:f0:d4:
ac:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:43:0A:C8:D9:BC:77:FE:43:19:25:9A:32:FC:3A:CD:7F:2F:A7:5B
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/825AC1E8981311EEB2CAB072C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.207.85.0/24
116.90.118.0/23
116.90.121.0-116.90.122.255
202.142.151.0/24
Signature Algorithm: sha256WithRSAEncryption
47:6c:00:32:0a:a8:13:b0:5e:6c:9d:99:ae:9f:2f:65:58:0f:
0b:c7:18:27:13:9e:43:fd:d7:ce:c7:15:41:ba:c3:b9:6c:fb:
ca:4f:fb:c6:0c:53:c6:82:7f:e0:6a:20:61:ce:ef:06:2c:90:
47:05:98:2a:20:9f:8c:88:5b:83:14:36:e0:88:90:c9:96:1b:
3b:a1:9b:b5:20:03:da:ed:d0:df:7a:4a:2a:d8:96:42:9b:23:
3b:86:aa:5e:a7:fd:41:b0:63:58:bd:49:de:d9:2a:dd:1a:b4:
d7:ee:2d:0f:e5:25:00:13:44:55:51:5a:ee:85:56:bb:fc:ce:
92:e6:41:76:b3:3a:e3:69:1e:93:a4:81:ff:32:2a:36:6b:5e:
ad:94:fb:68:03:8e:0d:cf:e7:c4:ad:18:af:38:69:eb:75:38:
2c:e0:6e:3a:ce:02:7f:39:d7:cd:3e:1d:56:b8:45:33:d8:ec:
f6:1e:b6:31:89:f4:ae:4c:6f:63:3a:f5:ae:40:94:eb:11:c9:
85:df:e9:df:15:aa:14:e1:84:87:bc:70:26:d1:fd:b6:8e:4c:
56:98:60:1c:08:38:d4:93:c1:f8:c4:5f:67:84:5e:97:ef:82:
f7:6a:dc:85:4c:50:4e:25:42:70:7b:a3:39:72:68:23:b1:f7:
d8:78:61:9b
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICNG4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQwMTA0MTQ1MDMyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk2YzViOC05MDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyUoQuHWda5LWA+B2jsw5TEz3+pTtg/HE82bTlACpJP8JCxDbNhJ3gxpzZfMe
CoI/j27fwSj2SUYbVubMrlfiOAANJ4VngHP4MJjecurZtT5W4qxZhG2J+5Fgv7Ms
78RUhNqOxElEsqxLxFCPaFJ4CrR3xWYfUFzZGt7u5jVDGY6cHk2xN5fEa0/Neh7U
Y5cePPZ9pF2mUQAgWg+q4vS++K4+yreJ0wrRrKRKJALj2VFBt/AUcFixy5UTkiho
FDMyftqeleGsSvt6/HK9J6gutojz7dlKqx6cipuimnIZal2H7z+A4csymEPJgWCv
WDppqurMAv4X+6zRElAc8NSsswIDAQABo4ICrzCCAqswHQYDVR0OBBYEFO1DCsjZ
vHf+QxklmjL8Os1/L6dbMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvODI1QUMxRTg5
ODEzMTFFRUIyQ0FCMDcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBABnz1UDBAF0WnYwDAMEAHRaeQMEAHRaegMEAMqOlzANBgkq
hkiG9w0BAQsFAAOCAQEAR2wAMgqoE7BebJ2Zrp8vZVgPC8cYJxOeQ/3XzscVQbrD
uWz7yk/7xgxTxoJ/4GogYc7vBiyQRwWYKiCfjIhbgxQ24IiQyZYbO6GbtSAD2u3Q
33pKKtiWQpsjO4aqXqf9QbBjWL1J3tkq3Rq01+4tD+UlABNEVVFa7oVWu/zOkuZB
drM642kek6SB/zIqNmterZT7aAOODc/nxK0Yrzhp63U4LOBuOs4CfznXzT4dVrhF
M9js9h62MYn0rkxvYzr1rkCU6xHJhd/p3xWqFOGEh7xwJtH9to5MVphgHAg41JPB
+MRfZ4Rel++C92rchUxQTiVCcHujOXJoI7H32Hhhmw==
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:42 2024 by rpki-client on console-fra.rpki-client.org