Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/49D86A5A03D911EFB0B03B6EC4F9AE02.roa
File: 49D86A5A03D911EFB0B03B6EC4F9AE02.roa (raw, json)
Hash identifier: vvq38Kp0dBbw7aaxelPLbG0LeEQy4AApIy59iYiq7UI=
Subject key identifier: AE:8B:E4:5B:A0:E0:6E:51:90:AA:ED:9B:17:E7:FB:8F:7F:0C:D6:AE
Certificate issuer: /CN=A91E2F80/serialNumber=F410C483A4C8C916FFD4CF420C4C110889798891
Certificate serial: 16
Authority key identifier: F4:10:C4:83:A4:C8:C9:16:FF:D4:CF:42:0C:4C:11:08:89:79:88:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9BDEg6TIyRb_1M9CDEwRCIl5iJE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/49D86A5A03D911EFB0B03B6EC4F9AE02.roa
Signing time: Fri 26 Apr 2024 14:28:45 +0000
ROA not before: Fri 26 Apr 2024 14:28:45 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 151609
IP address blocks: 103.51.62.0/24 maxlen: 24
103.51.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 14:21:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2F80/serialNumber=F410C483A4C8C916FFD4CF420C4C110889798891
Validity
Not Before: Apr 26 14:28:45 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=662bba1d-78fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:77:68:20:47:07:bf:a4:4b:76:d4:74:c4:1d:
be:85:09:7a:d6:77:6a:db:0b:5f:4e:62:a3:74:c1:
f5:25:5d:a1:49:52:d9:f4:be:3d:ae:b2:57:4f:23:
c2:78:7e:2b:0e:18:da:4e:ac:3a:63:6a:9b:10:f6:
6f:8b:1b:32:9c:7b:ec:25:53:49:7d:aa:86:6f:40:
b1:18:94:dd:65:75:ac:c0:4d:e6:42:43:95:0b:4a:
d5:5e:ec:ba:72:9d:5c:fe:0b:88:c6:e7:aa:71:29:
64:d1:ca:bb:e6:d7:ea:77:27:cb:cb:82:9e:22:ab:
ea:73:68:b1:70:6e:2e:fa:35:f2:e1:46:98:6c:06:
d2:00:28:26:6b:36:be:0a:e2:ae:b2:e6:6f:f8:c0:
47:2c:bd:97:90:ed:b4:cd:72:8f:68:f3:99:10:13:
9c:51:1e:ad:33:f1:ae:60:1e:90:69:be:30:2e:5d:
1c:e1:78:96:71:28:87:90:95:eb:07:45:f5:d1:57:
32:31:b6:ca:5d:6d:c0:18:51:77:dd:23:9f:f7:c5:
5b:81:ba:7a:13:2a:a2:20:df:fe:4f:1c:59:a2:4e:
cd:30:cd:3e:2d:10:da:30:4b:ec:20:39:ab:9d:7f:
a9:2e:d2:11:5d:02:d2:c0:80:f7:fa:8f:5e:9c:9e:
51:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:8B:E4:5B:A0:E0:6E:51:90:AA:ED:9B:17:E7:FB:8F:7F:0C:D6:AE
X509v3 Authority Key Identifier:
keyid:F4:10:C4:83:A4:C8:C9:16:FF:D4:CF:42:0C:4C:11:08:89:79:88:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/9BDEg6TIyRb_1M9CDEwRCIl5iJE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9BDEg6TIyRb_1M9CDEwRCIl5iJE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/49D86A5A03D911EFB0B03B6EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.51.62.0/23
Signature Algorithm: sha256WithRSAEncryption
68:41:50:e6:71:6b:16:4e:ea:15:29:3e:1c:03:a3:17:68:a1:
c2:19:bc:0f:44:6a:7a:54:a8:08:40:6c:ec:eb:51:36:59:f2:
94:60:68:c2:97:22:0e:86:d0:77:fd:59:10:85:10:93:ec:95:
10:67:ab:15:96:19:3c:f0:28:a6:30:24:a2:5a:1f:ca:7f:9a:
e3:5f:0a:ec:d5:5b:3d:a2:f6:5f:b3:9a:1c:25:c3:06:9d:1a:
fd:83:07:59:9d:ff:61:4d:c9:26:97:43:9a:12:5f:d1:48:84:
b7:2c:c1:cd:e7:5a:ed:05:5d:99:4e:77:9d:48:b0:38:51:dd:
c3:c8:d7:3a:21:68:a3:58:ae:3c:c6:83:c0:8f:63:06:2c:d3:
8d:f6:10:4a:93:5a:01:d0:99:75:60:10:98:db:56:b0:e0:64:
ba:d4:18:c2:02:c6:7e:3e:2f:20:4e:0e:b6:6f:1d:a9:f3:40:
4f:42:bc:19:2e:60:ee:f4:2c:ce:80:06:30:ba:e2:c3:7e:83:
9a:17:bb:5e:c4:2a:0b:9e:5b:e7:57:8e:60:e6:fa:29:a9:d2:
16:bc:70:ab:a2:d8:f2:4f:61:fc:ee:4a:23:c9:08:7a:67:2a:
6a:e6:34:6d:a6:33:b8:21:2b:c2:52:54:e8:f1:7c:e1:42:b4:
36:55:54:cf
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MkY4MDExMC8GA1UEBRMoRjQxMEM0ODNBNEM4QzkxNkZGRDRDRjQyMEM0QzExMDg4
OTc5ODg5MTAeFw0yNDA0MjYxNDI4NDVaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MmJiYTFkLTc4ZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCed2ggRwe/pEt21HTEHb6FCXrWd2rbC19OYqN0wfUlXaFJUtn0vj2usldPI8J4
fisOGNpOrDpjapsQ9m+LGzKce+wlU0l9qoZvQLEYlN1ldazATeZCQ5ULStVe7Lpy
nVz+C4jG56pxKWTRyrvm1+p3J8vLgp4iq+pzaLFwbi76NfLhRphsBtIAKCZrNr4K
4q6y5m/4wEcsvZeQ7bTNco9o85kQE5xRHq0z8a5gHpBpvjAuXRzheJZxKIeQlesH
RfXRVzIxtspdbcAYUXfdI5/3xVuBunoTKqIg3/5PHFmiTs0wzT4tENowS+wgOaud
f6ku0hFdAtLAgPf6j16cnlFzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUrovkW6Dg
blGQqu2bF+f7j38M1q4wHwYDVR0jBBgwFoAU9BDEg6TIyRb/1M9CDEwRCIl5iJEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUyRjgwLzk0QzU0QjgwMDM5
NTExRUY4NUI2OUY0RUM0RjlBRTAyLzlCREVnNlRJeVJiXzFNOUNERXdSQ0lsNWlK
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOUJERWc2VEl5UmJfMU05Q0RFd1JDSWw1aUpFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MkY4MC85NEM1NEI4MDAzOTUxMUVGODVCNjlGNEVDNEY5QUUwMi80OUQ4NkE1QTAz
RDkxMUVGQjBCMDNCNkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWczPjANBgkqhkiG9w0BAQsFAAOCAQEAaEFQ5nFrFk7qFSk+
HAOjF2ihwhm8D0RqelSoCEBs7OtRNlnylGBowpciDobQd/1ZEIUQk+yVEGerFZYZ
PPAopjAkolofyn+a418K7NVbPaL2X7OaHCXDBp0a/YMHWZ3/YU3JJpdDmhJf0UiE
tyzBzeda7QVdmU53nUiwOFHdw8jXOiFoo1iuPMaDwI9jBizTjfYQSpNaAdCZdWAQ
mNtWsOBkutQYwgLGfj4vIE4Otm8dqfNAT0K8GS5g7vQszoAGMLriw36Dmhe7XsQq
C55b51eOYOb6KanSFrxwq6LY8k9h/O5KI8kIemcqauY0baYzuCErwlJU6PF84UK0
NlVUzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org