Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB87C/63D90312FC0211E9A419F340C4F9AE02/E8644FB6D31411EB8F5FF43CC4F9AE02.roa
File: E8644FB6D31411EB8F5FF43CC4F9AE02.roa (raw, json)
Hash identifier: IA8xW4ygcKa+w3gNRgLwcSFomml6bEEYa14SUursqZ4=
Subject key identifier: A4:DE:3C:FA:A7:07:B9:02:14:68:2F:39:5B:04:A9:CB:09:DC:66:21
Certificate issuer: /CN=A91BB87C/serialNumber=EAA96DCA7430DFA471CA29B843836C1C80E5439E
Certificate serial: 0B32
Authority key identifier: EA:A9:6D:CA:74:30:DF:A4:71:CA:29:B8:43:83:6C:1C:80:E5:43:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qltynQw36Rxyim4Q4NsHIDlQ54.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB87C/63D90312FC0211E9A419F340C4F9AE02/E8644FB6D31411EB8F5FF43CC4F9AE02.roa
Signing time: Fri 28 Jul 2023 18:56:30 +0000
ROA not before: Fri 28 Jul 2023 18:56:30 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 134204
IP address blocks: 103.58.72.0/22 maxlen: 24
203.76.220.0/22 maxlen: 24
2400:4d40::/32 maxlen: 32
2400:4d40:1::/48 maxlen: 48
2400:4d40:201::/48 maxlen: 48
2400:4d40:202::/48 maxlen: 48
2400:4d40:254::/48 maxlen: 48
2400:4d40:256::/48 maxlen: 48
2400:4d40:258::/48 maxlen: 48
2400:4d40:259::/48 maxlen: 48
2400:4d40:269::/48 maxlen: 48
2400:4d40:301::/48 maxlen: 48
2400:4d40:308::/48 maxlen: 48
2400:4d40:1001::/48 maxlen: 48
2400:4d40:1002::/48 maxlen: 48
2400:4d40:1003::/48 maxlen: 48
2400:4d40:d000::/48 maxlen: 48
2400:4d40:e000::/48 maxlen: 48
2400:4d40:f000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Feb 2024 07:57:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2866 (0xb32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB87C/serialNumber=EAA96DCA7430DFA471CA29B843836C1C80E5439E
Validity
Not Before: Jul 28 18:56:30 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64c40f5d-d0da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4b:c8:fd:a6:a5:b6:2e:a7:5f:65:12:10:52:
9f:d4:33:38:a6:86:8b:00:2c:97:f7:84:91:9d:fa:
c5:aa:f8:b5:0d:65:a3:ae:84:1c:d3:bc:7e:a7:be:
e1:5d:39:a8:17:72:4d:48:6a:bd:0d:1a:0c:e1:c1:
1d:f2:59:a4:73:8e:5a:0a:f7:60:e1:5b:ea:19:10:
ac:39:89:d8:04:5f:63:28:50:59:f8:11:24:dd:3a:
12:55:8a:b7:85:c6:fd:37:67:52:6d:e7:3d:a6:23:
df:94:1f:8c:e4:4b:29:90:a1:fa:53:da:fa:c4:ad:
50:24:4d:c3:7c:26:de:bd:44:7c:47:32:ea:6b:32:
31:14:92:e6:42:b2:a4:be:c1:0a:51:fe:de:81:62:
43:ff:ed:48:64:5c:ef:1d:3f:4c:7a:9a:44:4e:8b:
88:49:e6:2d:6b:9e:40:55:31:b9:72:33:69:8c:c8:
8b:a6:31:1a:be:26:dd:55:72:0e:ad:40:6b:6d:6d:
16:5c:17:f0:fd:e4:9e:30:a7:fa:05:7c:5c:0f:00:
90:bb:7d:73:d6:1b:d2:d4:8f:4c:28:73:59:97:02:
cd:6a:0c:38:e2:c4:21:dc:76:0d:62:53:80:d3:f4:
96:ac:6f:b7:f6:ed:c3:d5:a6:4f:da:a4:2a:47:5b:
aa:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DE:3C:FA:A7:07:B9:02:14:68:2F:39:5B:04:A9:CB:09:DC:66:21
X509v3 Authority Key Identifier:
keyid:EA:A9:6D:CA:74:30:DF:A4:71:CA:29:B8:43:83:6C:1C:80:E5:43:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB87C/63D90312FC0211E9A419F340C4F9AE02/6qltynQw36Rxyim4Q4NsHIDlQ54.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qltynQw36Rxyim4Q4NsHIDlQ54.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB87C/63D90312FC0211E9A419F340C4F9AE02/E8644FB6D31411EB8F5FF43CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.58.72.0/22
203.76.220.0/22
IPv6:
2400:4d40::/32
Signature Algorithm: sha256WithRSAEncryption
46:e3:a1:85:49:97:ee:e4:10:a3:c6:78:18:6f:35:b8:66:05:
60:54:a6:28:0f:1b:89:06:e5:6f:45:62:ab:f0:86:65:34:31:
29:0b:71:94:c0:2c:6d:27:84:8d:d7:74:2d:f7:ed:b4:27:b3:
e8:9c:cb:d1:e6:ce:11:e9:78:3b:09:54:a3:1b:bb:7e:c1:42:
f9:9f:32:47:10:a1:ca:92:7a:04:89:3c:ae:f1:95:a9:6e:76:
6a:7f:b3:d7:f9:eb:4f:19:8b:22:9a:2e:bb:e4:87:f8:9e:f0:
24:6c:7f:5b:3c:63:c7:99:7e:29:76:90:27:1f:61:6d:cc:40:
cd:54:71:c5:d8:fd:2f:95:cd:9c:10:6b:24:d8:c5:cf:02:bf:
c6:2a:cb:5b:ce:1f:51:51:25:0e:1a:07:c6:5e:97:c3:e1:99:
0d:76:32:7e:0d:0f:ff:09:6a:db:9d:9e:a6:db:49:79:45:e6:
7b:0b:aa:0a:80:e3:c0:98:fa:82:8a:3e:14:cc:cd:23:ec:26:
2a:3f:af:e2:d7:70:fe:dd:21:d4:f6:46:cf:25:6b:aa:bb:e0:
31:5d:b4:b9:b1:63:11:52:e9:a8:38:44:e7:92:52:dd:7f:80:
89:aa:8c:53:70:c1:56:76:24:9e:01:f8:29:11:9c:a8:3f:42:
8d:8d:8f:85
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkI4N0MxMTAvBgNVBAUTKEVBQTk2RENBNzQzMERGQTQ3MUNBMjlCODQzODM2QzFD
ODBFNTQzOUUwHhcNMjMwNzI4MTg1NjMwWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM0MGY1ZC1kMGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvkvI/aalti6nX2USEFKf1DM4poaLACyX94SRnfrFqvi1DWWjroQc07x+p77h
XTmoF3JNSGq9DRoM4cEd8lmkc45aCvdg4VvqGRCsOYnYBF9jKFBZ+BEk3ToSVYq3
hcb9N2dSbec9piPflB+M5EspkKH6U9r6xK1QJE3DfCbevUR8RzLqazIxFJLmQrKk
vsEKUf7egWJD/+1IZFzvHT9MeppETouISeYta55AVTG5cjNpjMiLpjEavibdVXIO
rUBrbW0WXBfw/eSeMKf6BXxcDwCQu31z1hvS1I9MKHNZlwLNagw44sQh3HYNYlOA
0/SWrG+39u3D1aZP2qQqR1uqTQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKTePPqn
B7kCFGgvOVsEqcsJ3GYhMB8GA1UdIwQYMBaAFOqpbcp0MN+kccopuEODbByA5UOe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjg3Qy82M0Q5MDMxMkZD
MDIxMUU5QTQxOUYzNDBDNEY5QUUwMi82cWx0eW5RdzM2Unh5aW00UTROc0hJRGxR
NTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZxbHR5blF3MzZSeHlpbTRRNE5zSElEbFE1NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkI4N0MvNjNEOTAzMTJGQzAyMTFFOUE0MTlGMzQwQzRGOUFFMDIvRTg2NDRGQjZE
MzE0MTFFQjhGNUZGNDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnOkgDBALLTNwwDQQCAAIwBwMFACQATUAwDQYJKoZIhvcN
AQELBQADggEBAEbjoYVJl+7kEKPGeBhvNbhmBWBUpigPG4kG5W9FYqvwhmU0MSkL
cZTALG0nhI3XdC337bQns+icy9HmzhHpeDsJVKMbu37BQvmfMkcQocqSegSJPK7x
laludmp/s9f5608ZiyKaLrvkh/ie8CRsf1s8Y8eZfil2kCcfYW3MQM1UccXY/S+V
zZwQayTYxc8Cv8Yqy1vOH1FRJQ4aB8Zel8PhmQ12Mn4ND/8JatudnqbbSXlF5nsL
qgqA48CY+oKKPhTMzSPsJio/r+LXcP7dIdT2Rs8la6q74DFdtLmxYxFS6ag4ROeS
Ut1/gImqjFNwwVZ2JJ4B+CkRnKg/Qo2Nj4U=
-----END CERTIFICATE-----
Generated at Thu Feb 22 13:04:08 2024 by rpki-client on console-ams.rpki-client.org