Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/2E0B41C00A9311EEB13EAF44C4F9AE02.roa
File: 2E0B41C00A9311EEB13EAF44C4F9AE02.roa (raw, json)
Hash identifier: NCeWrRGnuJQsk3fUivqzL/dmKJb14fvv55wg4XbIp3Q=
Subject key identifier: 3A:7A:B5:E3:10:85:79:3F:96:C9:CC:B7:91:AE:B0:52:4D:72:DD:A3
Certificate issuer: /CN=A91BBD7E/serialNumber=653F2C6B7956BB614509B8F15C1F1DC3398218BD
Certificate serial: 02
Authority key identifier: 65:3F:2C:6B:79:56:BB:61:45:09:B8:F1:5C:1F:1D:C3:39:82:18:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/2E0B41C00A9311EEB13EAF44C4F9AE02.roa
Signing time: Wed 14 Jun 2023 09:09:35 +0000
ROA not before: Wed 14 Jun 2023 09:09:35 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 151402
IP address blocks: 103.219.224.0/23 maxlen: 23
103.219.224.0/24 maxlen: 24
103.219.225.0/24 maxlen: 24
2401:a20::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 21 Jun 2023 11:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BBD7E/serialNumber=653F2C6B7956BB614509B8F15C1F1DC3398218BD
Validity
Not Before: Jun 14 09:09:35 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=648983ce-6efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:99:d1:06:03:be:28:7b:6d:75:2f:82:78:52:
3f:21:31:94:98:bc:50:17:8c:03:ad:1c:5b:6b:ce:
04:f2:9c:ef:23:f1:0f:60:8a:6a:d2:e3:bf:fb:35:
d0:e1:dd:a3:99:2b:7b:2b:04:31:e6:31:40:e5:1c:
00:d8:a2:c6:02:b9:be:7d:ea:26:50:71:f6:d2:60:
fa:33:3c:2f:d8:ab:84:c7:49:83:cc:d1:bd:1c:df:
90:aa:6b:33:b4:5f:75:a3:bf:af:1f:29:21:6a:07:
b9:59:c8:50:2b:cc:c6:f9:ee:02:5c:2c:fb:72:cb:
fd:26:35:8c:b7:c0:54:67:27:16:62:b2:d1:33:ac:
4e:f8:9f:8d:fc:71:99:40:14:9a:5c:43:b4:ce:46:
e8:f9:a6:71:5a:49:d2:79:45:0a:ab:ef:87:30:19:
f6:c5:b4:58:b4:3a:de:73:cf:42:fb:65:37:34:a1:
7b:f7:3b:2c:04:1f:b5:fc:02:76:c1:af:c3:8c:a6:
09:88:d2:73:1a:74:c4:59:26:32:a1:5a:63:61:60:
07:2f:98:68:e2:9f:28:f4:7e:f4:b3:94:55:f7:d7:
90:01:79:62:f8:45:c2:1d:22:2a:d0:c3:a3:65:dc:
70:c8:d2:06:05:29:0e:95:93:80:4c:75:1f:bc:47:
3c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7A:B5:E3:10:85:79:3F:96:C9:CC:B7:91:AE:B0:52:4D:72:DD:A3
X509v3 Authority Key Identifier:
keyid:65:3F:2C:6B:79:56:BB:61:45:09:B8:F1:5C:1F:1D:C3:39:82:18:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/2E0B41C00A9311EEB13EAF44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.219.224.0/23
IPv6:
2401:a20::/32
Signature Algorithm: sha256WithRSAEncryption
03:0b:82:73:5d:8b:4e:17:9f:26:c5:0f:78:82:cc:b3:59:e1:
95:c1:f6:c8:95:2a:46:c1:4c:ac:ac:a2:1c:2c:10:b6:ac:1d:
49:6c:1a:1f:c6:88:49:c7:19:5b:5c:f1:1b:24:9c:cb:0d:b7:
cc:6c:45:4d:29:05:ce:0b:e9:a2:26:a2:2f:e0:48:11:ae:ee:
ef:8f:51:ed:85:45:f4:e1:e1:cb:29:1d:a8:28:89:95:66:f0:
6b:38:21:f6:5a:e1:4b:f4:95:2f:6d:26:68:47:9e:4d:be:b7:
a4:d2:1a:45:1e:6d:1c:f2:39:fa:be:bc:6c:99:c2:51:ca:e3:
86:ce:56:77:85:b7:29:47:be:46:ef:5d:6c:9d:90:69:7e:1d:
a9:b3:8b:35:9b:c2:29:80:4e:02:73:13:62:ac:d0:20:a8:82:
b0:a4:6d:f8:80:e8:2f:02:a6:dc:ea:da:e8:0c:2c:68:59:70:
2a:9e:c2:ce:ea:94:35:f2:c3:6e:3c:cb:aa:26:8a:b0:cf:fe:
02:f7:7b:b9:a0:6f:37:2e:ff:91:4a:99:91:78:55:f3:1d:79:
29:83:c4:58:a6:bd:f7:22:59:99:24:fe:c0:62:78:82:6c:3a:
b2:ed:bb:13:aa:2a:e7:6b:0e:e0:d8:1b:3a:a4:cc:0e:18:8f:
06:92:bf:39
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
QkQ3RTExMC8GA1UEBRMoNjUzRjJDNkI3OTU2QkI2MTQ1MDlCOEYxNUMxRjFEQzMz
OTgyMThCRDAeFw0yMzA2MTQwOTA5MzVaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ODk4M2NlLTZlZmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZmdEGA74oe211L4J4Uj8hMZSYvFAXjAOtHFtrzgTynO8j8Q9gimrS47/7NdDh
3aOZK3srBDHmMUDlHADYosYCub596iZQcfbSYPozPC/Yq4THSYPM0b0c35CqazO0
X3Wjv68fKSFqB7lZyFArzMb57gJcLPtyy/0mNYy3wFRnJxZistEzrE74n438cZlA
FJpcQ7TORuj5pnFaSdJ5RQqr74cwGfbFtFi0Ot5zz0L7ZTc0oXv3OywEH7X8AnbB
r8OMpgmI0nMadMRZJjKhWmNhYAcvmGjinyj0fvSzlFX315ABeWL4RcIdIirQw6Nl
3HDI0gYFKQ6Vk4BMdR+8RzwpAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUOnq14xCF
eT+Wycy3ka6wUk1y3aMwHwYDVR0jBBgwFoAUZT8sa3lWu2FFCbjxXB8dwzmCGL0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJCRDdFLzFBRUQwOUM0MEE4
QTExRUU5M0UxQTc3MEM0RjlBRTAyL1pUOHNhM2xXdTJGRkNianhYQjhkd3ptQ0dM
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWlQ4c2EzbFd1MkZGQ2JqeFhCOGR3em1DR0wwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QkQ3RS8xQUVEMDlDNDBBOEExMUVFOTNFMUE3NzBDNEY5QUUwMi8yRTBCNDFDMDBB
OTMxMUVFQjEzRUFGNDRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWfb4DANBAIAAjAHAwUAJAEKIDANBgkqhkiG9w0BAQsFAAOC
AQEAAwuCc12LThefJsUPeILMs1nhlcH2yJUqRsFMrKyiHCwQtqwdSWwaH8aISccZ
W1zxGyScyw23zGxFTSkFzgvpoiaiL+BIEa7u749R7YVF9OHhyykdqCiJlWbwazgh
9lrhS/SVL20maEeeTb63pNIaRR5tHPI5+r68bJnCUcrjhs5Wd4W3KUe+Ru9dbJ2Q
aX4dqbOLNZvCKYBOAnMTYqzQIKiCsKRt+IDoLwKm3Ora6AwsaFlwKp7CzuqUNfLD
bjzLqiaKsM/+Avd7uaBvNy7/kUqZkXhV8x15KYPEWKa99yJZmST+wGJ4gmw6su27
E6oq52sO4NgbOqTMDhiPBpK/OQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:23 2024 by rpki-client on console-ams.rpki-client.org