Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DFADF/585320DE8BD811EA95AAEB83C4F9AE02/6C3807ACED3A11ECABFC542BC4F9AE02.roa
File: 6C3807ACED3A11ECABFC542BC4F9AE02.roa (raw, json)
Hash identifier: BfYBsfYcVi5bfchEKl8di+/Q19eLkXQVEQQrecpfABY=
Subject key identifier: 09:51:F1:CD:82:63:D8:B4:FB:FB:2B:E2:0C:F9:3C:34:B4:BD:CC:04
Certificate issuer: /CN=A91DFADF/serialNumber=2E7283A8FDD5CF0B3D9FAA2BE9742881989193A5
Certificate serial: 08CE
Authority key identifier: 2E:72:83:A8:FD:D5:CF:0B:3D:9F:AA:2B:E9:74:28:81:98:91:93:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnKDqP3Vzws9n6or6XQogZiRk6U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DFADF/585320DE8BD811EA95AAEB83C4F9AE02/6C3807ACED3A11ECABFC542BC4F9AE02.roa
Signing time: Thu 18 Apr 2024 21:29:53 +0000
ROA not before: Thu 18 Apr 2024 21:29:53 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 140612
IP address blocks: 103.151.0.0/23 maxlen: 24
2400:8860::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 19 Sep 2024 08:55:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2254 (0x8ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DFADF/serialNumber=2E7283A8FDD5CF0B3D9FAA2BE9742881989193A5
Validity
Not Before: Apr 18 21:29:53 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=662190d1-4a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:d9:22:70:b5:8d:d8:8b:e0:0f:69:98:80:
1b:f6:eb:bc:3b:c4:cb:c3:c0:06:83:81:03:53:a1:
26:df:ae:73:b6:6d:79:cb:b2:10:5b:31:3b:4f:be:
80:17:67:f0:b5:9d:e5:24:af:a7:50:fc:f8:f8:2b:
4b:a0:7e:f9:c2:50:4c:4a:74:32:7c:7f:58:2d:6a:
18:86:ed:b9:48:2b:b0:ba:20:5e:f2:1d:00:d6:74:
56:86:e8:bb:60:6b:f2:1e:4a:56:2d:68:1c:e8:52:
99:4e:06:38:9d:75:55:01:4e:0f:35:10:dd:57:8f:
66:7b:63:26:a6:3a:e5:5f:67:c7:d0:5e:ea:b4:77:
4d:9a:cc:42:9c:11:a6:77:5b:4b:30:51:34:de:ab:
0f:f8:14:eb:98:65:a1:4c:92:36:2d:14:48:ec:33:
78:80:ce:f1:f9:ea:0b:ec:fd:eb:0d:80:a6:95:27:
e9:7a:31:43:0b:b0:84:a1:b8:8b:74:16:b9:45:31:
91:cc:35:85:15:a9:45:af:f4:82:81:b9:26:2b:56:
89:e2:c4:10:d4:85:be:8f:06:df:e0:b4:50:b5:a7:
e2:42:f4:4c:95:41:7c:d9:63:81:1e:7e:1c:11:50:
23:c3:92:01:e4:63:60:7b:84:67:0e:4e:aa:02:ab:
90:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:51:F1:CD:82:63:D8:B4:FB:FB:2B:E2:0C:F9:3C:34:B4:BD:CC:04
X509v3 Authority Key Identifier:
keyid:2E:72:83:A8:FD:D5:CF:0B:3D:9F:AA:2B:E9:74:28:81:98:91:93:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DFADF/585320DE8BD811EA95AAEB83C4F9AE02/LnKDqP3Vzws9n6or6XQogZiRk6U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnKDqP3Vzws9n6or6XQogZiRk6U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DFADF/585320DE8BD811EA95AAEB83C4F9AE02/6C3807ACED3A11ECABFC542BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.0.0/23
IPv6:
2400:8860::/32
Signature Algorithm: sha256WithRSAEncryption
c4:6b:8b:5f:ce:fc:e4:04:ff:46:bd:f7:e0:40:79:61:2b:55:
60:c7:fe:d9:5e:84:b1:f3:81:ba:0f:45:0a:59:33:65:55:38:
11:60:e1:ee:81:3b:ad:6d:21:39:5a:2a:22:73:7c:be:d1:fb:
f7:9d:e0:26:4d:b7:5b:8f:20:62:41:2c:7b:de:7a:ef:aa:1c:
38:a0:69:03:b1:cc:da:79:fb:c2:af:85:8b:a8:9d:58:31:96:
37:c8:df:ff:6d:bc:1a:0a:56:d0:3b:95:b3:3c:7c:b4:da:fb:
a8:ea:7a:e0:2b:5a:25:66:77:f6:8e:d5:e2:7f:a1:14:e4:de:
4d:30:f8:b7:7d:eb:56:27:7c:57:be:8b:29:93:11:2a:0b:50:
8d:fb:2d:50:f2:8c:74:1f:d1:d2:f3:51:6a:ae:00:98:0e:64:
83:68:57:98:f1:76:df:68:98:85:a9:32:ac:ba:ef:82:a0:7b:
94:eb:ed:c0:ea:7a:97:88:99:75:ca:0e:cb:9e:38:6a:fd:60:
28:ad:64:55:6b:8a:bc:20:cf:48:cf:11:90:b0:40:5c:7a:4a:
e4:f6:44:a4:ee:18:78:33:d4:92:c6:dc:c9:7e:03:48:24:5d:
18:dc:e4:dd:0c:bb:ba:4f:05:31:cc:fd:86:d3:b0:3a:dc:c3:
03:9b:89:6e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REZBREYxMTAvBgNVBAUTKDJFNzI4M0E4RkRENUNGMEIzRDlGQUEyQkU5NzQyODgx
OTg5MTkzQTUwHhcNMjQwNDE4MjEyOTUzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIxOTBkMS00YTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArn7ZInC1jdiL4A9pmIAb9uu8O8TLw8AGg4EDU6Em365ztm15y7IQWzE7T76A
F2fwtZ3lJK+nUPz4+CtLoH75wlBMSnQyfH9YLWoYhu25SCuwuiBe8h0A1nRWhui7
YGvyHkpWLWgc6FKZTgY4nXVVAU4PNRDdV49me2MmpjrlX2fH0F7qtHdNmsxCnBGm
d1tLMFE03qsP+BTrmGWhTJI2LRRI7DN4gM7x+eoL7P3rDYCmlSfpejFDC7CEobiL
dBa5RTGRzDWFFalFr/SCgbkmK1aJ4sQQ1IW+jwbf4LRQtafiQvRMlUF82WOBHn4c
EVAjw5IB5GNge4RnDk6qAquQZQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAlR8c2C
Y9i0+/sr4gz5PDS0vcwEMB8GA1UdIwQYMBaAFC5yg6j91c8LPZ+qK+l0KIGYkZOl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERkFERi81ODUzMjBERThC
RDgxMUVBOTVBQUVCODNDNEY5QUUwMi9MbktEcVAzVnp3czluNm9yNlhRb2daaVJr
NlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xuS0RxUDNWendzOW42b3I2WFFvZ1ppUms2VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REZBREYvNTg1MzIwREU4QkQ4MTFFQTk1QUFFQjgzQzRGOUFFMDIvNkMzODA3QUNF
RDNBMTFFQ0FCRkM1NDJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnlwAwDQQCAAIwBwMFACQAiGAwDQYJKoZIhvcNAQELBQAD
ggEBAMRri1/O/OQE/0a99+BAeWErVWDH/tlehLHzgboPRQpZM2VVOBFg4e6BO61t
ITlaKiJzfL7R+/ed4CZNt1uPIGJBLHveeu+qHDigaQOxzNp5+8KvhYuonVgxljfI
3/9tvBoKVtA7lbM8fLTa+6jqeuArWiVmd/aO1eJ/oRTk3k0w+Ld961YnfFe+iymT
ESoLUI37LVDyjHQf0dLzUWquAJgOZINoV5jxdt9omIWpMqy674Kge5Tr7cDqepeI
mXXKDsueOGr9YCitZFVrirwgz0jPEZCwQFx6SuT2RKTuGHgz1JLG3Ml+A0gkXRjc
5N0Mu7pPBTHM/YbTsDrcwwObiW4=
-----END CERTIFICATE-----
Generated at Thu Sep 19 10:53:27 2024 by rpki-client on console-fra.rpki-client.org