Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/478F59500CE111EF9EA3B555C4F9AE02.roa
File: 478F59500CE111EF9EA3B555C4F9AE02.roa (raw, json)
Hash identifier: 46wGGRSxi4rOLWarOzbcVaqxkvFeQSQBwaS0lt5E9GU=
Subject key identifier: F0:BD:E2:1C:CC:77:E5:90:F7:56:57:D7:BE:80:AF:FD:EF:55:EC:F7
Certificate issuer: /CN=A91B74D6/serialNumber=77464A846F77D1C4D366A306B806939FCF2A601A
Certificate serial: 05
Authority key identifier: 77:46:4A:84:6F:77:D1:C4:D3:66:A3:06:B8:06:93:9F:CF:2A:60:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0ZKhG930cTTZqMGuAaTn88qYBo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/478F59500CE111EF9EA3B555C4F9AE02.roa
Signing time: Thu 09 May 2024 05:13:25 +0000
ROA not before: Thu 09 May 2024 05:13:25 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 24298
IP address blocks: 103.123.144.0/22 maxlen: 22
202.60.8.0/21 maxlen: 21
202.60.8.0/24 maxlen: 24
202.60.9.0/24 maxlen: 24
202.60.10.0/24 maxlen: 24
202.60.11.0/24 maxlen: 24
202.60.13.0/24 maxlen: 24
202.60.14.0/24 maxlen: 24
202.60.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 09:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B74D6/serialNumber=77464A846F77D1C4D366A306B806939FCF2A601A
Validity
Not Before: May 9 05:13:25 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=663c5b75-b29a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:16:20:19:8e:e9:76:c4:d3:5a:f5:4b:aa:d9:
4c:9c:d3:c7:aa:59:c3:a9:86:db:84:79:b4:58:9c:
f4:3f:59:4a:a5:3e:93:17:59:26:f7:4e:43:85:68:
14:cd:7c:97:76:63:55:1b:59:cf:3b:b6:95:b5:45:
c5:57:f6:34:3b:c4:e1:e7:a5:6b:9f:14:12:59:58:
c9:54:b2:89:44:0e:d2:6c:4d:9a:22:52:6d:11:9c:
99:5c:9c:f3:78:2a:d2:32:91:b3:38:e3:ab:35:98:
73:58:45:29:7b:08:2b:0d:a8:d6:d3:db:6f:8e:f6:
2e:2c:7f:b2:7a:7d:a8:95:cd:76:21:29:77:b3:85:
69:a9:59:70:6a:02:09:6e:c7:4a:da:cd:9a:bc:67:
54:ea:83:c5:5d:df:f0:a8:32:2f:0e:41:57:41:90:
bb:ce:a4:10:4f:70:1f:15:13:0d:1b:6d:50:f8:03:
8e:5b:f8:5f:3a:b5:ae:68:3e:f6:5d:75:24:00:0a:
07:67:27:09:cc:8d:0e:df:50:b2:e6:9a:bb:dd:ed:
f4:da:a2:36:a7:48:bd:63:70:ac:43:fd:e3:ee:cc:
a5:0e:38:77:47:cb:06:76:47:35:eb:d7:af:e8:51:
e0:4d:ad:dc:b3:09:e4:53:e1:4e:90:a3:83:71:66:
9d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:BD:E2:1C:CC:77:E5:90:F7:56:57:D7:BE:80:AF:FD:EF:55:EC:F7
X509v3 Authority Key Identifier:
keyid:77:46:4A:84:6F:77:D1:C4:D3:66:A3:06:B8:06:93:9F:CF:2A:60:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/d0ZKhG930cTTZqMGuAaTn88qYBo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0ZKhG930cTTZqMGuAaTn88qYBo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/478F59500CE111EF9EA3B555C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.144.0/22
202.60.8.0/21
Signature Algorithm: sha256WithRSAEncryption
28:ac:56:43:cf:2c:9f:69:45:ef:e0:09:85:c2:45:5a:81:33:
43:04:a8:10:b5:04:e8:59:f9:6f:dc:82:25:30:0a:44:ee:7a:
f9:ca:e8:3a:4f:29:fd:11:b3:6a:60:d8:df:e2:8e:76:ce:9a:
06:d2:89:bc:e0:d8:fa:f6:e2:79:53:cc:b6:d2:bd:3d:eb:4b:
41:7a:f8:e1:63:f2:58:84:ca:cb:8c:b5:72:27:bb:66:6a:da:
da:f5:8e:87:ff:8a:2f:6b:34:01:a5:45:ef:b7:c3:ac:f8:e3:
ce:bd:12:ac:d8:e7:79:15:03:35:26:0c:11:3f:1b:b7:51:9c:
dd:06:7b:1b:23:17:4a:6c:ce:b4:10:1a:7b:58:3c:c1:d0:2b:
c8:6c:26:32:4c:f7:48:07:32:99:de:45:5c:2d:11:2b:11:24:
15:5e:ed:0c:52:7e:36:48:b9:e3:54:f4:33:ad:5b:e9:be:3f:
7a:b3:7f:51:52:ba:38:78:37:dd:4b:a6:0c:a5:b2:4c:c5:82:
1b:db:61:29:32:cf:0c:b9:79:ad:60:9e:a2:18:78:a4:84:85:
1b:fa:f9:ee:69:aa:e7:36:2f:2d:eb:de:4d:cb:59:ac:84:8a:
7f:08:97:25:c4:54:21:a8:96:41:24:00:28:f3:99:31:6b:29:
96:99:ea:be
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NzRENjExMC8GA1UEBRMoNzc0NjRBODQ2Rjc3RDFDNEQzNjZBMzA2QjgwNjkzOUZD
RjJBNjAxQTAeFw0yNDA1MDkwNTEzMjVaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2M2M1Yjc1LWIyOWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQFiAZjul2xNNa9Uuq2Uyc08eqWcOphtuEebRYnPQ/WUqlPpMXWSb3TkOFaBTN
fJd2Y1UbWc87tpW1RcVX9jQ7xOHnpWufFBJZWMlUsolEDtJsTZoiUm0RnJlcnPN4
KtIykbM446s1mHNYRSl7CCsNqNbT22+O9i4sf7J6faiVzXYhKXezhWmpWXBqAglu
x0razZq8Z1Tqg8Vd3/CoMi8OQVdBkLvOpBBPcB8VEw0bbVD4A45b+F86ta5oPvZd
dSQACgdnJwnMjQ7fULLmmrvd7fTaojanSL1jcKxD/ePuzKUOOHdHywZ2RzXr16/o
UeBNrdyzCeRT4U6Qo4NxZp0hAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU8L3iHMx3
5ZD3VlfXvoCv/e9V7PcwHwYDVR0jBBgwFoAUd0ZKhG930cTTZqMGuAaTn88qYBow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3NEQ2L0RFMjJBRDI0MENE
RjExRUY5NDg0RTYyQUM0RjlBRTAyL2QwWktoRzkzMGNUVFpxTUd1QWFUbjg4cVlC
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZDBaS2hHOTMwY1RUWnFNR3VBYVRuODhxWUJvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NzRENi9ERTIyQUQyNDBDREYxMUVGOTQ4NEU2MkFDNEY5QUUwMi80NzhGNTk1MDBD
RTExMUVGOUVBM0I1NTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmd7kAMEA8o8CDANBgkqhkiG9w0BAQsFAAOCAQEAKKxWQ88s
n2lF7+AJhcJFWoEzQwSoELUE6Fn5b9yCJTAKRO56+croOk8p/RGzamDY3+KOds6a
BtKJvODY+vbieVPMttK9PetLQXr44WPyWITKy4y1cie7Zmra2vWOh/+KL2s0AaVF
77fDrPjjzr0SrNjneRUDNSYMET8bt1Gc3QZ7GyMXSmzOtBAae1g8wdAryGwmMkz3
SAcymd5FXC0RKxEkFV7tDFJ+Nki541T0M61b6b4/erN/UVK6OHg33UumDKWyTMWC
G9thKTLPDLl5rWCeohh4pISFG/r57mmq5zYvLeveTctZrISKfwiXJcRUIaiWQSQA
KPOZMWsplpnqvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org