Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF8C3/D0E33FA402C311EB8ADC3238C4F9AE02/8231616802C511EBBBAF893DC4F9AE02.roa
File: 8231616802C511EBBBAF893DC4F9AE02.roa (raw, json)
Hash identifier: Yqo/jv7ZDdxJWqKbe8Erwsv4rPtZ8qHguSLhMNwmILo=
Subject key identifier: E3:55:8F:D1:D2:95:F9:76:6D:82:4B:3E:99:E8:DD:C1:2B:1E:85:3B
Certificate issuer: /CN=A91BF8C3/serialNumber=6A4DBBA36D4C767D5BD72B6EE970A8000FC5495E
Certificate serial: 06A1
Authority key identifier: 6A:4D:BB:A3:6D:4C:76:7D:5B:D7:2B:6E:E9:70:A8:00:0F:C5:49:5E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ak27o21Mdn1b1ytu6XCoAA_FSV4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BF8C3/D0E33FA402C311EB8ADC3238C4F9AE02/8231616802C511EBBBAF893DC4F9AE02.roa
Signing time: Thu 02 Nov 2023 22:50:05 +0000
ROA not before: Thu 02 Nov 2023 22:50:05 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 141226
IP address blocks: 103.5.108.0/22 maxlen: 24
103.156.192.0/23 maxlen: 24
118.67.192.0/21 maxlen: 24
163.47.188.0/22 maxlen: 24
202.36.209.0/24 maxlen: 24
2407:c9c0::/32 maxlen: 36
Validation: Failed, certificate revoked on Fri 16 Feb 2024 22:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1697 (0x6a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BF8C3/serialNumber=6A4DBBA36D4C767D5BD72B6EE970A8000FC5495E
Validity
Not Before: Nov 2 22:50:05 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6544279d-99b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:25:63:45:14:65:28:31:cb:59:09:ef:4c:f5:
93:5b:c8:8d:76:26:d3:07:5c:c5:2e:9d:25:47:5b:
d6:ba:e8:6e:d5:e1:ac:39:77:6c:28:72:41:fa:91:
de:2d:cb:9d:32:ee:07:38:0d:40:2c:b4:a3:9e:85:
3d:8d:d8:9e:92:37:f6:7d:e2:e0:94:38:ff:96:ad:
2e:a5:5d:82:e9:7a:d5:0b:8a:c2:66:d7:c1:43:6a:
99:06:40:44:c2:79:d1:a1:2d:7d:88:3f:23:be:38:
83:99:bc:34:43:14:07:94:a7:20:42:72:1e:4e:13:
a8:be:62:cb:c5:fd:e8:70:5b:54:23:3e:a5:d8:cc:
39:7a:e0:79:61:89:61:9b:69:1e:db:c2:1d:9c:27:
12:ba:8b:3f:5d:86:6f:5e:79:c0:9d:e9:5d:c1:1e:
86:0b:55:df:7c:39:bd:e5:95:b7:e5:8c:5e:76:f0:
73:97:ba:a3:12:20:a5:06:f5:62:0e:27:f6:62:0e:
c9:ec:22:22:8a:7b:bb:01:1e:99:41:19:36:53:38:
a2:d9:74:ed:01:b4:cc:05:82:07:81:81:d8:8f:7c:
bc:1c:30:15:ea:21:21:9d:90:17:f3:30:f5:fd:5c:
0e:b0:94:bf:f8:31:e9:15:2e:26:36:5a:2c:72:c6:
b2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:55:8F:D1:D2:95:F9:76:6D:82:4B:3E:99:E8:DD:C1:2B:1E:85:3B
X509v3 Authority Key Identifier:
keyid:6A:4D:BB:A3:6D:4C:76:7D:5B:D7:2B:6E:E9:70:A8:00:0F:C5:49:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BF8C3/D0E33FA402C311EB8ADC3238C4F9AE02/ak27o21Mdn1b1ytu6XCoAA_FSV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ak27o21Mdn1b1ytu6XCoAA_FSV4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF8C3/D0E33FA402C311EB8ADC3238C4F9AE02/8231616802C511EBBBAF893DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.5.108.0/22
103.156.192.0/23
118.67.192.0/21
163.47.188.0/22
202.36.209.0/24
IPv6:
2407:c9c0::/32
Signature Algorithm: sha256WithRSAEncryption
a9:86:c8:76:44:ce:03:9d:fc:98:79:9f:42:f5:1a:9e:4a:24:
8c:fa:e1:f2:5f:c4:27:95:cd:3c:41:3a:44:12:b5:ec:00:fa:
7a:ee:88:00:9b:05:c0:8a:e0:3f:42:f7:c7:a8:03:40:b5:07:
b5:d6:b3:12:dd:6f:1f:bc:ba:90:9e:1e:d4:0b:46:dd:d8:f3:
d2:8f:64:d2:17:88:64:4b:65:92:e5:ce:b9:53:02:98:04:1a:
b4:d2:c5:a6:90:3f:2a:10:07:69:83:30:cf:05:ac:eb:d1:f4:
87:80:46:f3:f1:5b:9b:b4:ea:b4:51:92:1c:ad:60:c2:e8:49:
6b:32:d3:57:b1:1d:c6:ef:14:49:be:a5:9c:6a:05:2d:b8:54:
05:3e:63:02:b2:e2:f3:37:84:e8:41:c8:18:19:cb:16:9c:cf:
cc:db:d1:09:05:44:a6:b1:93:da:0a:05:c3:bc:d5:41:91:13:
b3:27:91:4e:47:78:4c:ec:19:19:5f:2e:32:a7:16:ec:1f:c7:
69:a8:f7:b6:77:0a:09:63:5c:de:69:2c:f8:50:da:9a:fd:89:
ee:0d:6f:3c:b6:20:91:ca:6c:1e:c9:1b:d0:9a:e6:4e:98:6c:
65:13:5d:20:63:ad:64:2e:b8:ea:6e:02:24:1d:58:33:44:da:
cc:7d:32:2f
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkY4QzMxMTAvBgNVBAUTKDZBNERCQkEzNkQ0Qzc2N0Q1QkQ3MkI2RUU5NzBBODAw
MEZDNTQ5NUUwHhcNMjMxMTAyMjI1MDA1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0Mjc5ZC05OWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5iVjRRRlKDHLWQnvTPWTW8iNdibTB1zFLp0lR1vWuuhu1eGsOXdsKHJB+pHe
LcudMu4HOA1ALLSjnoU9jdiekjf2feLglDj/lq0upV2C6XrVC4rCZtfBQ2qZBkBE
wnnRoS19iD8jvjiDmbw0QxQHlKcgQnIeThOovmLLxf3ocFtUIz6l2Mw5euB5YYlh
m2ke28IdnCcSuos/XYZvXnnAneldwR6GC1XffDm95ZW35YxedvBzl7qjEiClBvVi
Dif2Yg7J7CIiinu7AR6ZQRk2Uzii2XTtAbTMBYIHgYHYj3y8HDAV6iEhnZAX8zD1
/VwOsJS/+DHpFS4mNloscsay6QIDAQABo4ICvDCCArgwHQYDVR0OBBYEFONVj9HS
lfl2bYJLPpno3cErHoU7MB8GA1UdIwQYMBaAFGpNu6NtTHZ9W9crbulwqAAPxUle
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjhDMy9EMEUzM0ZBNDAy
QzMxMUVCOEFEQzMyMzhDNEY5QUUwMi9hazI3bzIxTWRuMWIxeXR1NlhDb0FBX0ZT
VjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FrMjdvMjFNZG4xYjF5dHU2WENvQUFfRlNWNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkY4QzMvRDBFMzNGQTQwMkMzMTFFQjhBREMzMjM4QzRGOUFFMDIvODIzMTYxNjgw
MkM1MTFFQkJCQUY4OTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnBWwDBAFnnMADBAN2Q8ADBAKjL7wDBADKJNEwDQQCAAIw
BwMFACQHycAwDQYJKoZIhvcNAQELBQADggEBAKmGyHZEzgOd/Jh5n0L1Gp5KJIz6
4fJfxCeVzTxBOkQStewA+nruiACbBcCK4D9C98eoA0C1B7XWsxLdbx+8upCeHtQL
Rt3Y89KPZNIXiGRLZZLlzrlTApgEGrTSxaaQPyoQB2mDMM8FrOvR9IeARvPxW5u0
6rRRkhytYMLoSWsy01exHcbvFEm+pZxqBS24VAU+YwKy4vM3hOhByBgZyxacz8zb
0QkFRKaxk9oKBcO81UGRE7MnkU5HeEzsGRlfLjKnFuwfx2mo97Z3CgljXN5pLPhQ
2pr9ie4Nbzy2IJHKbB7JG9Ca5k6YbGUTXSBjrWQuuOpuAiQdWDNE2sx9Mi8=
-----END CERTIFICATE-----
Generated at Sat Feb 17 00:15:49 2024 by rpki-client on console-ams.rpki-client.org