Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C984B/F32F001401D811ED9C85F851C4F9AE02/2AF3B12C01DC11EDA4B7F257C4F9AE02.roa
File: 2AF3B12C01DC11EDA4B7F257C4F9AE02.roa (raw, json)
Hash identifier: XPZd1/IDR9dHakpClFsD84nVB6EMbijOytinlCp4Qkg=
Subject key identifier: 3F:E7:3E:46:1C:FC:74:20:BF:E2:9D:DF:6A:0E:26:CF:10:18:D9:61
Certificate issuer: /CN=A91C984B/serialNumber=3A830242E84EDC765A073120AC24F0400E4F6046
Certificate serial: 01D2
Authority key identifier: 3A:83:02:42:E8:4E:DC:76:5A:07:31:20:AC:24:F0:40:0E:4F:60:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OoMCQuhO3HZaBzEgrCTwQA5PYEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C984B/F32F001401D811ED9C85F851C4F9AE02/2AF3B12C01DC11EDA4B7F257C4F9AE02.roa
Signing time: Wed 01 May 2024 05:07:10 +0000
ROA not before: Wed 01 May 2024 05:07:10 +0000
ROA not after: Thu 29 Aug 2024 00:00:00 +0000
asID: 59327
IP address blocks: 103.226.208.0/24 maxlen: 24
103.226.209.0/24 maxlen: 24
103.226.210.0/24 maxlen: 24
103.226.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 05:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 466 (0x1d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C984B/serialNumber=3A830242E84EDC765A073120AC24F0400E4F6046
Validity
Not Before: May 1 05:07:10 2024 GMT
Not After : Aug 29 00:00:00 2024 GMT
Subject: CN=6631cdfe-725f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:9d:ec:de:ad:a7:97:15:5d:a0:51:e9:e1:52:
ee:52:d7:c5:9c:b9:49:da:d5:d5:b2:d2:e8:ba:14:
63:1a:94:41:37:53:27:90:cf:58:bd:c7:c5:31:20:
59:d1:ae:19:07:53:ac:04:d5:c7:c5:ec:6d:d8:86:
1a:82:5c:22:5e:72:97:8f:5d:22:56:ca:72:f3:f4:
9d:02:55:09:ae:26:d9:2f:41:87:10:21:9b:38:3a:
6b:09:fb:ea:3e:e8:e3:8e:e8:b4:fd:4d:be:9f:51:
45:92:4b:ef:50:11:c0:a3:70:84:8c:0f:e1:a8:e4:
79:2f:0d:74:97:f9:0c:98:92:f5:fd:3b:d7:fb:96:
8f:d4:48:51:80:72:0c:f2:fa:cc:ce:87:88:27:b6:
a4:1c:02:7a:e1:b6:53:a7:e9:a4:c6:0d:13:de:d2:
3d:6e:00:8c:85:16:46:a7:ef:a5:6d:e5:ee:cb:52:
1d:a7:39:4b:81:e1:78:00:66:cb:9c:51:51:83:dd:
28:ed:a0:e1:f8:da:9d:2a:cc:bf:7a:08:8e:eb:72:
34:93:74:57:2a:0d:3e:66:52:c6:8d:67:8c:92:ff:
c6:0b:a6:db:6e:aa:96:f3:30:7f:79:ad:4a:17:0e:
db:a0:73:a4:9f:73:0d:1e:95:ad:cb:a5:15:1f:f3:
0c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E7:3E:46:1C:FC:74:20:BF:E2:9D:DF:6A:0E:26:CF:10:18:D9:61
X509v3 Authority Key Identifier:
keyid:3A:83:02:42:E8:4E:DC:76:5A:07:31:20:AC:24:F0:40:0E:4F:60:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C984B/F32F001401D811ED9C85F851C4F9AE02/OoMCQuhO3HZaBzEgrCTwQA5PYEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OoMCQuhO3HZaBzEgrCTwQA5PYEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C984B/F32F001401D811ED9C85F851C4F9AE02/2AF3B12C01DC11EDA4B7F257C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.226.208.0/22
Signature Algorithm: sha256WithRSAEncryption
16:20:81:d9:d7:cb:30:47:34:01:2d:44:d1:fd:ca:78:6c:d5:
c7:a0:09:cd:25:20:99:8f:8f:d6:39:ce:f7:0e:c7:7e:28:b8:
cc:3e:bf:09:94:56:69:cc:7a:ec:7e:15:d4:4b:2a:5e:18:61:
15:ad:88:55:38:85:c2:89:b6:4c:c6:25:2f:fd:52:a7:44:a4:
65:bf:0a:6a:05:16:cc:d5:14:c8:ad:38:2b:25:26:8d:83:8b:
b0:71:27:14:67:9d:6b:6f:f1:d1:6b:4d:11:dc:fa:c6:1b:99:
d3:9a:b8:67:85:e6:19:46:8c:c2:cb:c6:69:ca:06:2d:1b:e5:
58:6c:26:4f:c1:d7:dc:ec:b5:c4:0d:d2:26:5a:a7:f0:e1:0b:
b4:9b:bf:e5:ea:1e:a7:d8:83:59:6d:13:01:71:ea:19:ac:5e:
f1:d6:0c:14:ec:46:a0:c7:de:d6:2d:5d:18:fe:a5:dc:d9:8e:
71:1f:3e:f5:6e:16:84:b7:e0:56:08:64:7f:e6:77:2e:cf:5b:
24:69:56:f5:63:9f:37:a8:53:b5:64:ee:34:3f:82:66:23:12:
23:27:c3:d7:eb:89:83:5f:ab:54:7a:f0:ca:af:38:72:5a:cd:
86:ff:d0:18:b9:41:84:44:d4:b9:3c:db:3f:03:48:da:81:67:
20:38:a7:84
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzk4NEIxMTAvBgNVBAUTKDNBODMwMjQyRTg0RURDNzY1QTA3MzEyMEFDMjRGMDQw
MEU0RjYwNDYwHhcNMjQwNTAxMDUwNzEwWhcNMjQwODI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxY2RmZS03MjVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA653s3q2nlxVdoFHp4VLuUtfFnLlJ2tXVstLouhRjGpRBN1MnkM9YvcfFMSBZ
0a4ZB1OsBNXHxext2IYaglwiXnKXj10iVspy8/SdAlUJribZL0GHECGbODprCfvq
Pujjjui0/U2+n1FFkkvvUBHAo3CEjA/hqOR5Lw10l/kMmJL1/TvX+5aP1EhRgHIM
8vrMzoeIJ7akHAJ64bZTp+mkxg0T3tI9bgCMhRZGp++lbeXuy1IdpzlLgeF4AGbL
nFFRg90o7aDh+NqdKsy/egiO63I0k3RXKg0+ZlLGjWeMkv/GC6bbbqqW8zB/ea1K
Fw7boHOkn3MNHpWty6UVH/MMBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD/nPkYc
/HQgv+Kd32oOJs8QGNlhMB8GA1UdIwQYMBaAFDqDAkLoTtx2WgcxIKwk8EAOT2BG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTg0Qi9GMzJGMDAxNDAx
RDgxMUVEOUM4NUY4NTFDNEY5QUUwMi9Pb01DUXVoTzNIWmFCekVnckNUd1FBNVBZ
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09vTUNRdWhPM0haYUJ6RWdyQ1R3UUE1UFlFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzk4NEIvRjMyRjAwMTQwMUQ4MTFFRDlDODVGODUxQzRGOUFFMDIvMkFGM0IxMkMw
MURDMTFFREE0QjdGMjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn4tAwDQYJKoZIhvcNAQELBQADggEBABYggdnXyzBHNAEt
RNH9ynhs1cegCc0lIJmPj9Y5zvcOx34ouMw+vwmUVmnMeux+FdRLKl4YYRWtiFU4
hcKJtkzGJS/9UqdEpGW/CmoFFszVFMitOCslJo2Di7BxJxRnnWtv8dFrTRHc+sYb
mdOauGeF5hlGjMLLxmnKBi0b5VhsJk/B19zstcQN0iZap/DhC7Sbv+XqHqfYg1lt
EwFx6hmsXvHWDBTsRqDH3tYtXRj+pdzZjnEfPvVuFoS34FYIZH/mdy7PWyRpVvVj
nzeoU7Vk7jQ/gmYjEiMnw9friYNfq1R68MqvOHJazYb/0Bi5QYRE1Lk82z8DSNqB
ZyA4p4Q=
-----END CERTIFICATE-----
Generated at Fri Jun 21 08:06:40 2024 by rpki-client on console-ams.rpki-client.org