Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/8BA2E776785B11EE8CE9E50FC4F9AE02.roa
File: 8BA2E776785B11EE8CE9E50FC4F9AE02.roa (raw, json)
Hash identifier: XTlAeskcQ9GL8cAXebmnK4UuK8UNDvUPbjplRKneZZY=
Subject key identifier: 52:E3:45:F5:FE:4C:47:F5:FB:A7:0F:E4:52:97:C7:87:89:2D:C8:3E
Certificate issuer: /CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE
Certificate serial: 33DB
Authority key identifier: 6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/8BA2E776785B11EE8CE9E50FC4F9AE02.roa
Signing time: Sun 19 Nov 2023 23:53:05 +0000
ROA not before: Sun 19 Nov 2023 23:53:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132509
IP address blocks: 103.244.180.0/22 maxlen: 24
2405:f900::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Mar 2024 23:53:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13275 (0x33db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE
Validity
Not Before: Nov 19 23:53:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=655a9fe1-6dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b8:97:cb:fe:4c:e6:c6:a3:b7:12:0a:5c:14:
d4:3c:ae:3d:62:62:b9:85:24:63:8b:45:9a:8f:75:
0f:44:68:05:24:9f:94:12:02:e0:68:a5:71:ad:2f:
e9:63:54:d5:e7:dd:9c:1d:5a:fa:25:57:c1:52:1e:
26:d9:ef:7d:a0:2d:8c:03:fe:80:2a:47:b1:f8:19:
10:f3:90:79:21:d5:5d:3c:bf:96:ee:c4:d8:a5:f2:
83:ef:44:a8:83:b8:be:fe:a6:83:2c:dc:da:1c:2a:
64:a1:eb:36:01:28:cb:95:d2:1f:da:7e:8d:d0:9b:
35:d5:1f:67:65:48:59:8f:0b:bc:76:30:df:38:37:
39:3e:f8:b1:89:70:69:f2:47:16:50:cc:56:bf:dc:
df:00:dd:de:1b:75:bc:ac:83:7c:0f:26:b8:7d:a7:
22:10:3b:0d:b7:f1:46:ca:ad:b3:3e:e4:bc:42:2c:
37:95:21:ad:f2:ca:ab:f6:00:89:f2:f3:c0:09:e8:
02:88:f2:55:31:c7:1b:f1:bc:99:39:f3:4e:a6:75:
7d:d4:22:02:e3:33:e2:70:cd:4f:e8:80:0c:f5:1c:
7d:14:25:9f:32:2d:a6:84:ad:02:87:36:8c:49:e2:
45:25:2d:fb:ff:e6:f8:52:71:95:42:a4:ce:6e:40:
8e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E3:45:F5:FE:4C:47:F5:FB:A7:0F:E4:52:97:C7:87:89:2D:C8:3E
X509v3 Authority Key Identifier:
keyid:6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/8BA2E776785B11EE8CE9E50FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.244.180.0/22
IPv6:
2405:f900::/32
Signature Algorithm: sha256WithRSAEncryption
11:06:f0:d9:88:a8:cf:83:f1:13:b7:94:52:a9:45:03:7d:7e:
ee:3c:08:bb:cb:19:7a:cf:c6:d8:1f:07:7d:d9:14:61:e2:33:
bf:3a:b7:ba:3a:60:ad:97:c7:c5:68:8b:3e:7d:f6:a6:dc:7e:
42:89:49:a1:91:6c:a9:dc:f0:4a:c5:a6:f8:9b:34:cf:a6:d5:
63:f6:86:0a:f2:c8:b5:16:5c:51:7d:27:8c:93:26:43:33:2c:
d0:f7:cc:81:47:09:a0:a2:5a:a4:0d:4f:cd:f3:e2:40:47:d2:
d0:11:83:b9:8c:a4:e3:3b:51:7f:11:1d:a5:03:68:4a:17:36:
a6:8d:e3:4a:60:de:3e:a0:4e:93:f0:fc:78:51:7b:cb:bd:a4:
12:46:cf:a5:51:0d:bd:56:7c:9d:32:df:7d:f9:7b:e2:d0:c0:
38:56:57:45:d2:aa:48:cf:3e:cd:a9:a2:09:62:d6:78:d4:22:
dc:e0:df:7c:0f:12:76:05:e0:23:7c:a1:89:a8:ac:54:7c:ce:
0f:5a:c3:e7:65:4d:57:3f:cc:3e:49:62:aa:23:f8:aa:8e:68:
fa:31:5c:49:2b:e8:c5:55:31:62:9c:7e:21:a5:d0:48:41:77:
04:eb:1a:b8:09:8a:c9:73:58:41:20:13:b8:17:86:0f:4c:17:
e2:a0:25:62
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICM9swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U5NzgxMTAvBgNVBAUTKDZBMUU0RjcyODQ3RUIzNjk5NTIyQzkzRDI2NzczRjBE
RjgzOTZFQkUwHhcNMjMxMTE5MjM1MzA1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVhOWZlMS02ZGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0riXy/5M5sajtxIKXBTUPK49YmK5hSRji0Waj3UPRGgFJJ+UEgLgaKVxrS/p
Y1TV592cHVr6JVfBUh4m2e99oC2MA/6AKkex+BkQ85B5IdVdPL+W7sTYpfKD70So
g7i+/qaDLNzaHCpkoes2ASjLldIf2n6N0Js11R9nZUhZjwu8djDfODc5PvixiXBp
8kcWUMxWv9zfAN3eG3W8rIN8Dya4faciEDsNt/FGyq2zPuS8Qiw3lSGt8sqr9gCJ
8vPACegCiPJVMccb8byZOfNOpnV91CIC4zPicM1P6IAM9Rx9FCWfMi2mhK0ChzaM
SeJFJS37/+b4UnGVQqTObkCOnwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFLjRfX+
TEf1+6cP5FKXx4eJLcg+MB8GA1UdIwQYMBaAFGoeT3KEfrNplSLJPSZ3Pw34OW6+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC8zMjIzRjM1RTFE
OTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMybVZJc2s5Sm5jX0RmZzVi
cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FoNVBjb1ItczJtVklzazlKbmNfRGZnNWJyNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U5NzgvMzIyM0YzNUUxRDk4MTFFMjhBOEMyRTgyMDhCMDJDRDIvOEJBMkU3NzY3
ODVCMTFFRThDRTlFNTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJn9LQwDQQCAAIwBwMFACQF+QAwDQYJKoZIhvcNAQELBQAD
ggEBABEG8NmIqM+D8RO3lFKpRQN9fu48CLvLGXrPxtgfB33ZFGHiM786t7o6YK2X
x8Voiz599qbcfkKJSaGRbKnc8ErFpvibNM+m1WP2hgryyLUWXFF9J4yTJkMzLND3
zIFHCaCiWqQNT83z4kBH0tARg7mMpOM7UX8RHaUDaEoXNqaN40pg3j6gTpPw/HhR
e8u9pBJGz6VRDb1WfJ0y3335e+LQwDhWV0XSqkjPPs2pogli1njUItzg33wPEnYF
4CN8oYmorFR8zg9aw+dlTVc/zD5JYqoj+KqOaPoxXEkr6MVVMWKcfiGl0EhBdwTr
GrgJislzWEEgE7gXhg9MF+KgJWI=
-----END CERTIFICATE-----
Generated at Fri Mar 8 02:24:09 2024 by rpki-client on console-fra.rpki-client.org