Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF83F/89238ECCEF4F11E99DE47F0CC4F9AE02/5CFF145EEBA511EEAE57F16FC4F9AE02.roa
File: 5CFF145EEBA511EEAE57F16FC4F9AE02.roa (raw, json)
Hash identifier: 0veR83Vo1T8nfowS9CfycZnqZEqo1mQv88h0JvNq1xQ=
Subject key identifier: B4:52:29:7C:3D:58:B7:DA:26:5C:83:D0:24:6A:3E:56:E5:F2:35:12
Certificate issuer: /CN=A91CF83F/serialNumber=929889BB5D34E860ACBF70894337A462C1D6AC2E
Certificate serial: 0BEE
Authority key identifier: 92:98:89:BB:5D:34:E8:60:AC:BF:70:89:43:37:A4:62:C1:D6:AC:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kpiJu1006GCsv3CJQzekYsHWrC4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CF83F/89238ECCEF4F11E99DE47F0CC4F9AE02/5CFF145EEBA511EEAE57F16FC4F9AE02.roa
Signing time: Tue 26 Mar 2024 19:16:36 +0000
ROA not before: Tue 26 Mar 2024 19:16:36 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 135019
IP address blocks: 103.205.232.0/22 maxlen: 22
2400:b140::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 26 Mar 2024 20:59:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3054 (0xbee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CF83F/serialNumber=929889BB5D34E860ACBF70894337A462C1D6AC2E
Validity
Not Before: Mar 26 19:16:36 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66031f14-2f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b2:3c:00:91:85:d3:61:34:e8:c5:e2:bf:0f:
b9:21:64:64:f7:05:a0:3e:03:0b:7a:43:da:a5:4b:
79:d6:92:08:17:40:42:d8:d1:bf:09:75:d6:34:5f:
3f:4e:a2:77:3c:a2:d6:27:d0:29:95:af:5f:fd:7b:
b4:74:85:e3:7a:f1:af:2c:9e:76:d9:a8:2a:49:53:
1f:59:a8:f3:5b:54:b7:42:a4:56:b3:9d:27:af:2b:
2d:5b:03:25:78:84:06:9c:18:22:c2:02:86:36:fc:
9b:50:cd:42:c5:4b:60:bf:40:d7:5d:d0:29:55:ae:
70:14:ff:7b:41:57:e7:77:a4:06:55:91:3e:b2:1b:
79:de:72:5b:38:67:c9:d2:15:e3:5d:f6:5b:b1:3f:
a8:74:51:02:10:cb:b3:db:22:52:8d:9e:d8:0f:41:
52:09:71:60:b0:cc:48:d3:f3:e0:95:40:26:63:6d:
f1:d6:91:59:72:cc:0a:50:6c:6f:05:8e:40:a7:4e:
d1:4c:54:b9:a7:d4:05:09:d5:bb:21:bd:b7:90:31:
ab:66:f5:1b:9a:5d:04:48:a9:83:59:b8:76:15:8e:
58:b0:16:9e:ad:7c:fe:4c:97:c4:26:f8:07:41:39:
4b:49:ed:5a:50:ab:b0:e5:bb:d4:ac:a2:b6:63:4e:
35:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:52:29:7C:3D:58:B7:DA:26:5C:83:D0:24:6A:3E:56:E5:F2:35:12
X509v3 Authority Key Identifier:
keyid:92:98:89:BB:5D:34:E8:60:AC:BF:70:89:43:37:A4:62:C1:D6:AC:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CF83F/89238ECCEF4F11E99DE47F0CC4F9AE02/kpiJu1006GCsv3CJQzekYsHWrC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kpiJu1006GCsv3CJQzekYsHWrC4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF83F/89238ECCEF4F11E99DE47F0CC4F9AE02/5CFF145EEBA511EEAE57F16FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.232.0/22
IPv6:
2400:b140::/32
Signature Algorithm: sha256WithRSAEncryption
09:a1:49:68:ea:01:c9:ae:96:be:c5:83:cd:34:b0:e4:99:64:
1f:04:52:bc:d6:4e:05:27:c6:a2:68:a9:a6:ba:0c:ad:84:27:
9f:30:6b:45:b6:4a:75:d7:c0:cb:d6:60:c2:b8:e6:3e:49:ff:
27:c1:59:55:10:62:38:c7:1b:bc:30:3a:e2:1f:14:98:94:4f:
7e:e5:7e:c2:76:ce:e4:e2:10:7d:31:c1:f7:96:a7:0e:c4:54:
9d:c8:79:15:ce:f1:4c:4e:f2:48:c4:06:42:8b:82:5f:09:1d:
b6:c9:db:34:1a:02:49:d6:8e:53:71:c4:cb:1a:cc:bf:44:0d:
0a:59:87:85:be:d5:9f:37:4a:36:e4:a2:37:d2:d4:da:ed:b3:
27:0e:b8:b2:4e:de:81:d1:15:9c:cb:8b:e2:bb:81:b0:54:31:
13:96:8b:ae:f4:d5:78:2a:ca:06:6d:4c:bd:c1:dd:eb:43:aa:
d5:73:96:0d:5b:44:5e:f0:85:b6:2e:fb:69:94:48:b6:a6:07:
65:b1:e7:56:1e:62:38:60:44:fd:49:f6:fe:25:57:3a:53:8c:
40:9e:e6:28:35:57:7a:a3:a6:74:ec:03:19:f4:d5:b8:e6:2e:
99:60:15:cd:c8:b4:8d:65:a3:fa:e3:f4:03:e9:aa:fb:c2:9d:
f9:04:8f:7d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC+4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Y4M0YxMTAvBgNVBAUTKDkyOTg4OUJCNUQzNEU4NjBBQ0JGNzA4OTQzMzdBNDYy
QzFENkFDMkUwHhcNMjQwMzI2MTkxNjM2WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzMWYxNC0yZjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA87I8AJGF02E06MXivw+5IWRk9wWgPgMLekPapUt51pIIF0BC2NG/CXXWNF8/
TqJ3PKLWJ9Apla9f/Xu0dIXjevGvLJ522agqSVMfWajzW1S3QqRWs50nrystWwMl
eIQGnBgiwgKGNvybUM1CxUtgv0DXXdApVa5wFP97QVfnd6QGVZE+sht53nJbOGfJ
0hXjXfZbsT+odFECEMuz2yJSjZ7YD0FSCXFgsMxI0/PglUAmY23x1pFZcswKUGxv
BY5Ap07RTFS5p9QFCdW7Ib23kDGrZvUbml0ESKmDWbh2FY5YsBaerXz+TJfEJvgH
QTlLSe1aUKuw5bvUrKK2Y041dwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLRSKXw9
WLfaJlyD0CRqPlbl8jUSMB8GA1UdIwQYMBaAFJKYibtdNOhgrL9wiUM3pGLB1qwu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjgzRi84OTIzOEVDQ0VG
NEYxMUU5OURFNDdGMENDNEY5QUUwMi9rcGlKdTEwMDZHQ3N2M0NKUXpla1lzSFdy
QzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2twaUp1MTAwNkdDc3YzQ0pRemVrWXNIV3JDNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Y4M0YvODkyMzhFQ0NFRjRGMTFFOTlERTQ3RjBDQzRGOUFFMDIvNUNGRjE0NUVF
QkE1MTFFRUFFNTdGMTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnzegwDQQCAAIwBwMFACQAsUAwDQYJKoZIhvcNAQELBQAD
ggEBAAmhSWjqAcmulr7Fg800sOSZZB8EUrzWTgUnxqJoqaa6DK2EJ58wa0W2SnXX
wMvWYMK45j5J/yfBWVUQYjjHG7wwOuIfFJiUT37lfsJ2zuTiEH0xwfeWpw7EVJ3I
eRXO8UxO8kjEBkKLgl8JHbbJ2zQaAknWjlNxxMsazL9EDQpZh4W+1Z83SjbkojfS
1NrtsycOuLJO3oHRFZzLi+K7gbBUMROWi6701XgqygZtTL3B3etDqtVzlg1bRF7w
hbYu+2mUSLamB2Wx51YeYjhgRP1J9v4lVzpTjECe5ig1V3qjpnTsAxn01bjmLplg
Fc3ItI1lo/rj9APpqvvCnfkEj30=
-----END CERTIFICATE-----
Generated at Wed Mar 27 01:46:10 2024 by rpki-client on console-fra.rpki-client.org