Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9D33/C2E1CADC53C311EB8A188431C4F9AE02/2D4B9E3853C511EBBA606539C4F9AE02.roa
File: 2D4B9E3853C511EBBA606539C4F9AE02.roa (raw, json)
Hash identifier: j4EkXDapkvbTEeniRs7Fwk3kZ1tSYM5VffLIcE0f2bk=
Subject key identifier: 7C:CC:96:79:61:81:8E:05:3D:12:32:FE:8A:26:C3:E8:20:D9:4C:84
Certificate issuer: /CN=A91B9D33/serialNumber=222A4DD2D6D14C6FBF48924E66A0F8CBDF125518
Certificate serial: 05FC
Authority key identifier: 22:2A:4D:D2:D6:D1:4C:6F:BF:48:92:4E:66:A0:F8:CB:DF:12:55:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IipN0tbRTG-_SJJOZqD4y98SVRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9D33/C2E1CADC53C311EB8A188431C4F9AE02/2D4B9E3853C511EBBA606539C4F9AE02.roa
Signing time: Mon 04 Mar 2024 23:43:01 +0000
ROA not before: Mon 04 Mar 2024 23:43:01 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 132492
IP address blocks: 103.148.251.0/24 maxlen: 24
203.0.184.0/21 maxlen: 21
2001:df3:280::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 May 2024 07:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1532 (0x5fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9D33/serialNumber=222A4DD2D6D14C6FBF48924E66A0F8CBDF125518
Validity
Not Before: Mar 4 23:43:01 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65e65c84-bb17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e6:f4:d3:49:ff:fe:a0:05:b0:04:53:05:b5:
91:bc:2d:e8:4d:29:74:51:e3:00:72:75:63:b2:91:
b8:cd:01:d6:7f:f4:56:ad:61:d5:53:c7:2e:54:b2:
bc:41:41:e4:46:39:b8:7f:95:5d:02:d6:1d:b7:25:
51:8b:27:7e:c4:9c:24:eb:0d:04:44:2c:2c:33:44:
a0:77:df:a2:08:9f:75:0e:4d:aa:22:be:fd:23:a0:
ad:4c:27:f8:ed:f8:a1:23:46:be:69:10:52:42:01:
9b:bc:09:66:e2:30:49:c8:9f:a4:c7:bb:e2:81:9e:
8e:ec:de:b4:00:73:9f:ee:49:20:1b:b4:19:47:b2:
0e:2a:dd:c8:97:f4:c0:4a:db:31:1a:f8:37:c4:6e:
dc:e9:10:9e:5b:4c:f1:9a:49:77:ba:e5:e7:57:fd:
38:cc:10:ef:38:c0:9b:f5:8c:09:80:67:4b:ea:84:
8a:1b:b5:b9:97:23:d7:9a:c3:5c:c5:f8:69:df:cc:
51:ed:73:20:56:b0:3a:a8:09:67:b2:b0:6e:2a:8a:
bc:57:92:b7:ad:26:31:c5:7e:57:4e:c6:31:33:72:
d5:94:09:48:e2:d3:01:4d:27:22:f3:09:d9:c3:7a:
f7:24:a8:25:7e:be:90:56:cd:d8:58:4f:7a:07:99:
44:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CC:96:79:61:81:8E:05:3D:12:32:FE:8A:26:C3:E8:20:D9:4C:84
X509v3 Authority Key Identifier:
keyid:22:2A:4D:D2:D6:D1:4C:6F:BF:48:92:4E:66:A0:F8:CB:DF:12:55:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9D33/C2E1CADC53C311EB8A188431C4F9AE02/IipN0tbRTG-_SJJOZqD4y98SVRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IipN0tbRTG-_SJJOZqD4y98SVRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9D33/C2E1CADC53C311EB8A188431C4F9AE02/2D4B9E3853C511EBBA606539C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.251.0/24
203.0.184.0/21
IPv6:
2001:df3:280::/48
Signature Algorithm: sha256WithRSAEncryption
41:69:de:13:b0:28:7d:f8:40:40:43:b8:14:e6:4d:e2:fd:89:
ad:48:50:17:36:32:26:5f:88:48:3a:88:e2:2b:84:53:b3:cc:
9b:13:4b:31:b7:0b:d2:46:3e:65:17:4a:48:94:9c:9a:38:0f:
6d:d0:b7:42:07:8d:ad:ca:40:1e:3f:13:1b:74:1c:3c:55:3a:
d7:8b:6d:8c:11:3f:9f:c3:e3:26:d7:16:d9:b9:fc:42:97:2e:
f0:11:8a:a1:06:29:39:2f:2a:29:ec:ca:80:5c:5e:78:9d:f5:
fb:d7:4d:98:9c:3c:48:f7:9f:c8:bd:c0:d9:58:f2:ec:88:a9:
4c:b7:0a:c8:08:78:86:ac:01:c3:1f:24:c0:01:4b:f4:3c:31:
da:25:3a:f3:59:f5:00:3d:6e:a7:43:01:69:7b:8d:53:c1:0b:
c3:8e:ee:7a:69:dc:f7:a9:96:d6:a9:59:52:15:c3:c3:d8:5f:
0a:e6:ce:b3:40:ae:82:53:07:f0:3b:ac:71:18:4e:e9:ac:dc:
d6:dc:94:6a:b4:cd:d7:77:64:e9:1a:fa:4c:a8:4f:db:64:89:
ae:55:db:fd:02:46:13:50:4a:6b:86:52:fd:d6:a8:ef:39:54:
7f:3c:64:b4:a6:d1:8a:0e:f7:3a:0b:25:81:02:90:90:53:c5:
53:b0:9b:52
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlEMzMxMTAvBgNVBAUTKDIyMkE0REQyRDZEMTRDNkZCRjQ4OTI0RTY2QTBGOENC
REYxMjU1MTgwHhcNMjQwMzA0MjM0MzAxWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU2NWM4NC1iYjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5eb000n//qAFsARTBbWRvC3oTSl0UeMAcnVjspG4zQHWf/RWrWHVU8cuVLK8
QUHkRjm4f5VdAtYdtyVRiyd+xJwk6w0ERCwsM0Sgd9+iCJ91Dk2qIr79I6CtTCf4
7fihI0a+aRBSQgGbvAlm4jBJyJ+kx7vigZ6O7N60AHOf7kkgG7QZR7IOKt3Il/TA
StsxGvg3xG7c6RCeW0zxmkl3uuXnV/04zBDvOMCb9YwJgGdL6oSKG7W5lyPXmsNc
xfhp38xR7XMgVrA6qAlnsrBuKoq8V5K3rSYxxX5XTsYxM3LVlAlI4tMBTSci8wnZ
w3r3JKglfr6QVs3YWE96B5lEkQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFHzMlnlh
gY4FPRIy/oomw+gg2UyEMB8GA1UdIwQYMBaAFCIqTdLW0Uxvv0iSTmag+MvfElUY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUQzMy9DMkUxQ0FEQzUz
QzMxMUVCOEExODg0MzFDNEY5QUUwMi9JaXBOMHRiUlRHLV9TSkpPWnFENHk5OFNW
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lpcE4wdGJSVEctX1NKSk9acUQ0eTk4U1ZSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlEMzMvQzJFMUNBREM1M0MzMTFFQjhBMTg4NDMxQzRGOUFFMDIvMkQ0QjlFMzg1
M0M1MTFFQkJBNjA2NTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnlPsDBAPLALgwDwQCAAIwCQMHACABDfMCgDANBgkqhkiG
9w0BAQsFAAOCAQEAQWneE7AoffhAQEO4FOZN4v2JrUhQFzYyJl+ISDqI4iuEU7PM
mxNLMbcL0kY+ZRdKSJScmjgPbdC3QgeNrcpAHj8TG3QcPFU614ttjBE/n8PjJtcW
2bn8Qpcu8BGKoQYpOS8qKezKgFxeeJ31+9dNmJw8SPefyL3A2Vjy7IipTLcKyAh4
hqwBwx8kwAFL9Dwx2iU681n1AD1up0MBaXuNU8ELw47uemnc96mW1qlZUhXDw9hf
CubOs0CuglMH8DuscRhO6azc1tyUarTN13dk6Rr6TKhP22SJrlXb/QJGE1BKa4ZS
/dao7zlUfzxktKbRig73OgslgQKQkFPFU7CbUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org