Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/D76740EC0F7511EF82EE7F49C4F9AE02.roa
File: D76740EC0F7511EF82EE7F49C4F9AE02.roa (raw, json)
Hash identifier: ETW1JVWqYYvIMzxXpJV/JZ0nASfIWd6zebSMgiuXMxs=
Subject key identifier: E6:59:22:B5:A0:2E:66:F8:55:65:AC:61:9D:40:62:2D:2C:02:6C:4D
Certificate issuer: /CN=A91B74D6/serialNumber=77464A846F77D1C4D366A306B806939FCF2A601A
Certificate serial: 08
Authority key identifier: 77:46:4A:84:6F:77:D1:C4:D3:66:A3:06:B8:06:93:9F:CF:2A:60:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0ZKhG930cTTZqMGuAaTn88qYBo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/D76740EC0F7511EF82EE7F49C4F9AE02.roa
Signing time: Sat 11 May 2024 09:07:07 +0000
ROA not before: Sat 11 May 2024 09:07:07 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 24298
IP address blocks: 103.123.144.0/22 maxlen: 24
202.60.8.0/21 maxlen: 21
202.60.8.0/24 maxlen: 24
202.60.9.0/24 maxlen: 24
202.60.10.0/24 maxlen: 24
202.60.11.0/24 maxlen: 24
202.60.12.0/24 maxlen: 24
202.60.13.0/24 maxlen: 24
202.60.14.0/24 maxlen: 24
202.60.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 11:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B74D6/serialNumber=77464A846F77D1C4D366A306B806939FCF2A601A
Validity
Not Before: May 11 09:07:07 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=663f353b-f326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3a:a1:d2:6e:25:5d:64:43:83:fc:1d:2c:42:
20:a3:db:07:d2:36:b6:a9:74:28:22:57:49:0e:1e:
76:4c:c0:4c:90:1e:ef:94:0f:af:14:c8:ea:4d:dc:
1a:9e:e7:b5:bd:85:02:53:83:ff:40:e1:b2:68:d0:
5c:2d:a8:82:dc:3b:a4:29:77:f8:f8:52:2a:e9:3d:
8d:c4:1b:d1:60:6d:a8:62:39:e0:97:64:b0:20:10:
12:3e:b2:70:94:da:89:67:7a:05:ba:d1:fc:07:54:
35:46:ba:f1:0f:e7:53:7c:a3:71:17:f6:a8:c1:2a:
04:33:17:ba:0b:a6:c1:2f:eb:fe:9c:20:15:73:d2:
ea:23:5d:1d:04:06:4e:79:df:60:60:86:69:ce:43:
fe:7c:ad:03:aa:6c:0c:8c:38:67:dc:5a:97:8f:62:
bc:20:43:e9:d2:50:76:03:eb:d5:b7:f6:a3:78:0b:
a5:1f:8d:70:f2:00:94:a5:14:9a:08:d7:d9:a3:a1:
00:47:53:80:d2:7e:8b:e1:eb:6a:5f:0e:8f:29:02:
1c:8e:bf:93:ce:bb:0b:e8:f7:02:bb:4e:71:49:7d:
ff:c0:a8:45:a2:67:5e:46:92:1d:5a:25:b6:80:1e:
b4:f0:65:71:56:4e:bb:66:1f:c7:d6:2c:9b:02:45:
a8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:59:22:B5:A0:2E:66:F8:55:65:AC:61:9D:40:62:2D:2C:02:6C:4D
X509v3 Authority Key Identifier:
keyid:77:46:4A:84:6F:77:D1:C4:D3:66:A3:06:B8:06:93:9F:CF:2A:60:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/d0ZKhG930cTTZqMGuAaTn88qYBo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0ZKhG930cTTZqMGuAaTn88qYBo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/D76740EC0F7511EF82EE7F49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.144.0/22
202.60.8.0/21
Signature Algorithm: sha256WithRSAEncryption
96:bb:60:03:6a:48:19:39:fe:21:fe:39:ab:34:40:fd:54:8a:
49:1f:ed:c7:6c:ba:f7:29:05:05:6b:82:f1:18:99:ad:f9:9f:
58:b6:47:ab:c3:45:0d:39:4d:62:4a:d1:3e:8b:06:dc:f5:7b:
83:8c:fc:57:87:d9:bc:3f:4c:33:8e:4f:fa:01:a4:a8:60:2c:
83:3e:28:c7:31:5c:55:59:96:5d:6d:ee:d4:d5:a8:22:a9:b9:
47:40:3e:d7:8c:4f:ca:6b:ed:c4:25:a8:a9:32:79:45:33:27:
cf:a2:eb:2e:95:78:d8:ce:27:4e:f5:8a:dc:7d:35:47:dc:b2:
01:0b:c0:9c:69:4b:4f:e9:e1:07:dd:12:c9:61:90:31:81:d8:
d9:c9:5f:ff:f6:08:c3:76:11:5e:89:54:93:d1:de:71:d6:29:
03:12:b7:1b:1d:19:86:82:4f:e0:7c:c7:40:18:ac:6e:ab:97:
33:f9:6f:13:d3:90:01:ca:b2:c9:56:84:d8:a8:90:c7:c2:70:
49:67:2e:52:d4:6c:74:4b:9b:94:a1:47:d2:40:3f:e3:86:1b:
a4:bc:6e:ca:89:7c:6b:a8:1a:bc:1f:ab:07:89:b3:36:e5:f2:
47:f7:c1:15:db:35:74:1d:cd:72:cd:a2:8d:79:de:43:99:b7:
46:13:af:ff
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NzRENjExMC8GA1UEBRMoNzc0NjRBODQ2Rjc3RDFDNEQzNjZBMzA2QjgwNjkzOUZD
RjJBNjAxQTAeFw0yNDA1MTEwOTA3MDdaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2M2YzNTNiLWYzMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCpOqHSbiVdZEOD/B0sQiCj2wfSNrapdCgiV0kOHnZMwEyQHu+UD68UyOpN3Bqe
57W9hQJTg/9A4bJo0FwtqILcO6Qpd/j4UirpPY3EG9FgbahiOeCXZLAgEBI+snCU
2olnegW60fwHVDVGuvEP51N8o3EX9qjBKgQzF7oLpsEv6/6cIBVz0uojXR0EBk55
32BghmnOQ/58rQOqbAyMOGfcWpePYrwgQ+nSUHYD69W39qN4C6UfjXDyAJSlFJoI
19mjoQBHU4DSfovh62pfDo8pAhyOv5POuwvo9wK7TnFJff/AqEWiZ15Gkh1aJbaA
HrTwZXFWTrtmH8fWLJsCRagFAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU5lkitaAu
ZvhVZaxhnUBiLSwCbE0wHwYDVR0jBBgwFoAUd0ZKhG930cTTZqMGuAaTn88qYBow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3NEQ2L0RFMjJBRDI0MENE
RjExRUY5NDg0RTYyQUM0RjlBRTAyL2QwWktoRzkzMGNUVFpxTUd1QWFUbjg4cVlC
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZDBaS2hHOTMwY1RUWnFNR3VBYVRuODhxWUJvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NzRENi9ERTIyQUQyNDBDREYxMUVGOTQ4NEU2MkFDNEY5QUUwMi9ENzY3NDBFQzBG
NzUxMUVGODJFRTdGNDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmd7kAMEA8o8CDANBgkqhkiG9w0BAQsFAAOCAQEAlrtgA2pI
GTn+If45qzRA/VSKSR/tx2y69ykFBWuC8RiZrfmfWLZHq8NFDTlNYkrRPosG3PV7
g4z8V4fZvD9MM45P+gGkqGAsgz4oxzFcVVmWXW3u1NWoIqm5R0A+14xPymvtxCWo
qTJ5RTMnz6LrLpV42M4nTvWK3H01R9yyAQvAnGlLT+nhB90SyWGQMYHY2clf//YI
w3YRXolUk9HecdYpAxK3Gx0ZhoJP4HzHQBisbquXM/lvE9OQAcqyyVaE2KiQx8Jw
SWcuUtRsdEublKFH0kA/44YbpLxuyol8a6gavB+rB4mzNuXyR/fBFds1dB3Ncs2i
jXneQ5m3RhOv/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org