Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C08FA/ADCB15FE95C311EAAE620149C4F9AE02/D53608E822BD11EF96778716C4F9AE02.roa
File: D53608E822BD11EF96778716C4F9AE02.roa (raw, json)
Hash identifier: aQS/38eNwATmM/wAYv96HEcfukW9siFUVo+sW/vNtdQ=
Subject key identifier: 9B:5B:DA:BE:D9:FE:95:FA:EE:B4:09:D4:AD:48:A4:81:63:04:3B:82
Certificate issuer: /CN=A91C08FA/serialNumber=A11E2C2179B36A9647B951FC602D779307BFAE6E
Certificate serial: 08B6
Authority key identifier: A1:1E:2C:21:79:B3:6A:96:47:B9:51:FC:60:2D:77:93:07:BF:AE:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oR4sIXmzapZHuVH8YC13kwe_rm4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C08FA/ADCB15FE95C311EAAE620149C4F9AE02/D53608E822BD11EF96778716C4F9AE02.roa
Signing time: Tue 04 Jun 2024 22:00:19 +0000
ROA not before: Tue 04 Jun 2024 22:00:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9876
IP address blocks: 103.8.140.0/22 maxlen: 24
163.47.236.0/22 maxlen: 24
202.56.32.0/20 maxlen: 22
202.56.48.0/21 maxlen: 24
202.137.240.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 00:44:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2230 (0x8b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C08FA/serialNumber=A11E2C2179B36A9647B951FC602D779307BFAE6E
Validity
Not Before: Jun 4 22:00:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=665f8e73-9663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:83:4d:80:0b:24:37:e9:81:17:c4:eb:2c:81:
b0:04:53:00:8d:8e:db:96:bd:3f:73:6f:2d:ff:71:
a4:00:95:23:77:e4:67:4a:88:3e:05:93:30:c5:9d:
25:f3:00:0e:9f:77:7e:6c:31:c0:1d:4b:05:01:ef:
02:de:17:d7:d7:a7:ac:30:eb:fe:54:a6:cc:ff:dc:
a6:57:50:04:7a:37:58:14:89:3b:a6:d4:dd:64:0e:
aa:0b:f6:7c:fe:cc:97:3d:08:68:ca:e6:5e:30:5a:
76:39:be:85:ae:00:94:55:6b:2f:2a:6e:82:ff:c2:
0b:db:a7:13:f5:47:eb:3c:a8:21:ce:6a:02:fc:80:
eb:42:72:07:1e:a0:99:fd:a3:a2:14:56:b0:e6:71:
88:08:7c:50:2f:b4:0c:36:7d:52:e8:8e:cd:21:da:
18:ab:8f:45:8c:65:8b:48:98:f4:ac:0b:97:2b:50:
3c:8b:54:00:6c:57:11:84:b3:ce:46:83:07:85:03:
d5:b7:64:96:51:b3:94:55:c7:01:a8:c1:7c:f5:4f:
cf:f9:e6:07:10:64:72:fe:51:77:a8:62:e3:48:77:
e7:b0:3f:b0:2a:b8:ed:bf:69:21:e5:12:ff:13:5f:
f4:b3:4d:70:12:8a:15:42:15:2e:12:30:17:51:31:
10:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:5B:DA:BE:D9:FE:95:FA:EE:B4:09:D4:AD:48:A4:81:63:04:3B:82
X509v3 Authority Key Identifier:
keyid:A1:1E:2C:21:79:B3:6A:96:47:B9:51:FC:60:2D:77:93:07:BF:AE:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C08FA/ADCB15FE95C311EAAE620149C4F9AE02/oR4sIXmzapZHuVH8YC13kwe_rm4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oR4sIXmzapZHuVH8YC13kwe_rm4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C08FA/ADCB15FE95C311EAAE620149C4F9AE02/D53608E822BD11EF96778716C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.8.140.0/22
163.47.236.0/22
202.56.32.0-202.56.55.255
202.137.240.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:90:15:c4:80:3f:23:23:32:1b:88:d3:21:9b:7c:cb:8c:7a:
1e:6e:9f:e3:48:5b:35:9a:c4:af:9d:23:8a:e9:90:02:6b:6a:
83:5e:c7:a7:4a:67:15:7b:27:5b:88:41:70:3e:dd:2a:ba:ee:
91:ba:7a:6c:30:9d:f3:f1:e0:8a:92:19:77:b9:1a:4f:9e:e8:
fc:3a:6d:07:56:1e:9b:65:91:ff:14:3a:66:1a:3e:db:ec:d0:
3d:3f:6b:87:19:b6:3d:18:ce:35:cd:42:5c:95:9c:71:53:d3:
c7:39:3c:9c:91:a7:54:1c:82:17:04:ce:62:48:e5:a0:b0:fe:
7e:a9:45:67:d3:01:af:bb:99:4a:7b:0b:f3:b9:e3:ac:d0:f1:
90:2a:3d:af:5e:cb:74:42:8c:a8:f4:be:f4:34:0c:d1:31:b5:
c3:23:8a:7b:4e:08:57:67:1b:c8:cc:45:af:8f:c5:b3:64:5d:
ad:00:a5:be:6e:28:47:a7:2d:e8:5a:83:49:62:bd:34:f2:0e:
af:54:25:93:3a:be:5d:0a:e1:2d:a2:8b:68:f1:dd:c7:75:5e:
00:a9:87:93:7f:7a:ec:df:e5:66:1c:ad:cf:6d:49:46:3f:7b:
78:93:81:0e:3a:75:8e:a6:68:98:12:34:61:bb:17:57:de:7f:
62:c1:3b:91
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICCLYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzA4RkExMTAvBgNVBAUTKEExMUUyQzIxNzlCMzZBOTY0N0I5NTFGQzYwMkQ3Nzkz
MDdCRkFFNkUwHhcNMjQwNjA0MjIwMDE5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVmOGU3My05NjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvINNgAskN+mBF8TrLIGwBFMAjY7blr0/c28t/3GkAJUjd+RnSog+BZMwxZ0l
8wAOn3d+bDHAHUsFAe8C3hfX16esMOv+VKbM/9ymV1AEejdYFIk7ptTdZA6qC/Z8
/syXPQhoyuZeMFp2Ob6FrgCUVWsvKm6C/8IL26cT9UfrPKghzmoC/IDrQnIHHqCZ
/aOiFFaw5nGICHxQL7QMNn1S6I7NIdoYq49FjGWLSJj0rAuXK1A8i1QAbFcRhLPO
RoMHhQPVt2SWUbOUVccBqMF89U/P+eYHEGRy/lF3qGLjSHfnsD+wKrjtv2kh5RL/
E1/0s01wEooVQhUuEjAXUTEQeQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFJtb2r7Z
/pX67rQJ1K1IpIFjBDuCMB8GA1UdIwQYMBaAFKEeLCF5s2qWR7lR/GAtd5MHv65u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMDhGQS9BRENCMTVGRTk1
QzMxMUVBQUU2MjAxNDlDNEY5QUUwMi9vUjRzSVhtemFwWkh1Vkg4WUMxM2t3ZV9y
bTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29SNHNJWG16YXBaSHVWSDhZQzEza3dlX3JtNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzA4RkEvQURDQjE1RkU5NUMzMTFFQUFFNjIwMTQ5QzRGOUFFMDIvRDUzNjA4RTgy
MkJEMTFFRjk2Nzc4NzE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAJnCIwDBAKjL+wwDAMEBco4IAMEA8o4MAMEA8qJ8DANBgkq
hkiG9w0BAQsFAAOCAQEASpAVxIA/IyMyG4jTIZt8y4x6Hm6f40hbNZrEr50jiumQ
Amtqg17Hp0pnFXsnW4hBcD7dKrrukbp6bDCd8/HgipIZd7kaT57o/DptB1Yem2WR
/xQ6Zho+2+zQPT9rhxm2PRjONc1CXJWccVPTxzk8nJGnVByCFwTOYkjloLD+fqlF
Z9MBr7uZSnsL87njrNDxkCo9r17LdEKMqPS+9DQM0TG1wyOKe04IV2cbyMxFr4/F
s2RdrQClvm4oR6ct6FqDSWK9NPIOr1Qlkzq+XQrhLaKLaPHdx3VeAKmHk3967N/l
Zhytz21JRj97eJOBDjp1jqZomBI0YbsXV95/YsE7kQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 02:45:34 2024 by rpki-client on console-fra.rpki-client.org