Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/64BCC2E4FAE811ED8DE54E2AC4F9AE02.roa
File: 64BCC2E4FAE811ED8DE54E2AC4F9AE02.roa (raw, json)
Hash identifier: XxPvh6kpmi23hsgggGzuyvex/7idGWZcB8eCvgct+ww=
Subject key identifier: 71:C5:3D:3F:D2:86:B6:53:39:90:6E:F7:99:92:26:20:43:14:16:C0
Certificate issuer: /CN=A91D226F/serialNumber=87F0596871B515BBB3D2982DC6FB9C12DEF4C234
Certificate serial: 6C
Authority key identifier: 87:F0:59:68:71:B5:15:BB:B3:D2:98:2D:C6:FB:9C:12:DE:F4:C2:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_BZaHG1Fbuz0pgtxvucEt70wjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/64BCC2E4FAE811ED8DE54E2AC4F9AE02.roa
Signing time: Fri 15 Dec 2023 13:52:13 +0000
ROA not before: Fri 15 Dec 2023 13:52:13 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 202662
IP address blocks: 103.176.0.0/23 maxlen: 24
2001:df2:7cc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Jun 2024 14:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108 (0x6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D226F/serialNumber=87F0596871B515BBB3D2982DC6FB9C12DEF4C234
Validity
Not Before: Dec 15 13:52:13 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=657c5a0c-923b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f0:83:86:43:46:3d:23:c8:82:9e:e7:26:f0:
a6:b3:5f:72:d9:fb:5e:47:41:69:c1:10:14:2f:e8:
e6:9a:dc:8d:72:33:b0:4f:15:11:86:c2:dc:e6:c4:
ea:96:ad:99:95:2f:8b:b2:6c:ad:bb:40:ca:0a:da:
bb:fe:67:cb:b5:35:af:b1:39:53:d4:f1:bf:04:3b:
46:a4:40:8c:5c:7c:0f:ec:ae:e7:94:c2:bc:26:a4:
7a:c2:e3:fe:8a:99:70:34:1d:eb:1e:78:c0:9a:be:
b8:77:87:88:4a:f4:2f:b1:ec:da:d6:03:bf:91:d7:
e6:a8:3e:d4:ec:1e:f5:f6:27:55:5a:64:58:2d:f4:
bd:40:68:c8:5c:05:c7:da:86:02:64:4f:eb:45:0b:
a4:74:e2:b4:fa:25:73:89:9a:e9:8f:a9:ae:2f:25:
7e:98:01:e7:14:37:86:a8:f0:f4:92:90:8a:51:a3:
9a:41:4e:93:33:6d:68:75:c6:42:fc:a0:80:6d:ad:
85:b4:0a:c1:41:58:7c:19:49:e7:05:87:66:4d:09:
5d:0d:9e:ef:2b:84:a9:54:1e:fd:66:ca:5d:c6:43:
16:ab:8b:5a:96:a6:cb:01:50:d3:ce:a3:27:7f:58:
c8:9f:b2:33:6e:f3:38:4f:23:3e:7e:78:e5:d3:87:
3d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C5:3D:3F:D2:86:B6:53:39:90:6E:F7:99:92:26:20:43:14:16:C0
X509v3 Authority Key Identifier:
keyid:87:F0:59:68:71:B5:15:BB:B3:D2:98:2D:C6:FB:9C:12:DE:F4:C2:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/h_BZaHG1Fbuz0pgtxvucEt70wjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_BZaHG1Fbuz0pgtxvucEt70wjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/64BCC2E4FAE811ED8DE54E2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.0.0/23
IPv6:
2001:df2:7cc0::/48
Signature Algorithm: sha256WithRSAEncryption
6b:a1:26:77:0e:90:5b:d2:0c:10:94:18:7a:d6:71:7b:2e:0b:
b2:ff:a3:17:7b:4c:18:d4:e2:74:15:7f:72:99:45:a2:16:a4:
37:37:5e:ba:f9:0c:28:6b:cd:92:8e:b4:21:26:10:57:6f:d8:
98:f5:25:94:09:1d:0e:57:75:a1:af:3f:a0:53:d6:45:a9:8c:
25:a0:7a:03:a0:c9:c6:36:79:92:89:75:65:21:08:a0:f2:eb:
2d:a5:b8:ac:78:c2:51:b3:93:5e:70:af:e2:f8:3c:c0:10:f5:
fb:1c:0a:1e:57:31:eb:19:ee:79:85:20:91:d8:26:39:da:d5:
1b:3a:cc:84:eb:e9:01:bb:7c:d9:a3:ae:88:85:a0:ff:91:38:
e6:f3:52:57:0e:d9:b3:e1:09:55:62:bf:3f:6e:86:34:00:56:
ed:4e:34:b4:e5:87:19:44:04:68:76:08:04:db:a4:93:56:1d:
4d:e5:13:e2:39:f2:95:1d:f6:65:a4:c8:76:f7:b7:89:12:11:
01:0e:e4:15:a7:f5:72:79:e9:52:b1:37:bb:5d:23:95:a9:a4:
e6:8c:df:83:e0:ce:83:bf:78:f4:eb:f9:64:9d:7d:ec:97:8f:
f1:ef:7f:f2:e0:10:c1:57:90:57:85:79:53:64:e7:c8:13:a2:
c8:03:c5:5b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBbDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MjI2RjExMC8GA1UEBRMoODdGMDU5Njg3MUI1MTVCQkIzRDI5ODJEQzZGQjlDMTJE
RUY0QzIzNDAeFw0yMzEyMTUxMzUyMTNaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1N2M1YTBjLTkyM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCv8IOGQ0Y9I8iCnucm8KazX3LZ+15HQWnBEBQv6Oaa3I1yM7BPFRGGwtzmxOqW
rZmVL4uybK27QMoK2rv+Z8u1Na+xOVPU8b8EO0akQIxcfA/srueUwrwmpHrC4/6K
mXA0HeseeMCavrh3h4hK9C+x7NrWA7+R1+aoPtTsHvX2J1VaZFgt9L1AaMhcBcfa
hgJkT+tFC6R04rT6JXOJmumPqa4vJX6YAecUN4ao8PSSkIpRo5pBTpMzbWh1xkL8
oIBtrYW0CsFBWHwZSecFh2ZNCV0Nnu8rhKlUHv1myl3GQxari1qWpssBUNPOoyd/
WMifsjNu8zhPIz5+eOXThz1RAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUccU9P9KG
tlM5kG73mZImIEMUFsAwHwYDVR0jBBgwFoAUh/BZaHG1Fbuz0pgtxvucEt70wjQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQyMjZGL0Q1QzU2RTI4RkFE
NDExRUQ4MEVFRDA1RkM0RjlBRTAyL2hfQlphSEcxRmJ1ejBwZ3R4dnVjRXQ3MHdq
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaF9CWmFIRzFGYnV6MHBndHh2dWNFdDcwd2pRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MjI2Ri9ENUM1NkUyOEZBRDQxMUVEODBFRUQwNUZDNEY5QUUwMi82NEJDQzJFNEZB
RTgxMUVEOERFNTRFMkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWewADAPBAIAAjAJAwcAIAEN8nzAMA0GCSqGSIb3DQEBCwUA
A4IBAQBroSZ3DpBb0gwQlBh61nF7Lguy/6MXe0wY1OJ0FX9ymUWiFqQ3N166+Qwo
a82SjrQhJhBXb9iY9SWUCR0OV3Whrz+gU9ZFqYwloHoDoMnGNnmSiXVlIQig8ust
pbiseMJRs5NecK/i+DzAEPX7HAoeVzHrGe55hSCR2CY52tUbOsyE6+kBu3zZo66I
haD/kTjm81JXDtmz4QlVYr8/boY0AFbtTjS05YcZRARodggE26STVh1N5RPiOfKV
HfZlpMh297eJEhEBDuQVp/VyeelSsTe7XSOVqaTmjN+D4M6Dv3j06/lknX3sl4/x
73/y4BDBV5BXhXlTZOfIE6LIA8Vb
-----END CERTIFICATE-----
Generated at Mon Jun 10 18:28:27 2024 by rpki-client on console-ams.rpki-client.org