Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/4A476E0003D911EFB0B03B6EC4F9AE02.roa
File: 4A476E0003D911EFB0B03B6EC4F9AE02.roa (raw, json)
Hash identifier: zsJ8eNrOz/rETYPEfgRmMspl3IhaQRtaYYNkKgb6vhI=
Subject key identifier: D6:73:61:C6:E0:A7:C4:9C:9F:7F:D2:B3:58:A7:1F:8C:91:18:92:DC
Certificate issuer: /CN=A91E2F80/serialNumber=F410C483A4C8C916FFD4CF420C4C110889798891
Certificate serial: 17
Authority key identifier: F4:10:C4:83:A4:C8:C9:16:FF:D4:CF:42:0C:4C:11:08:89:79:88:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9BDEg6TIyRb_1M9CDEwRCIl5iJE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/4A476E0003D911EFB0B03B6EC4F9AE02.roa
Signing time: Fri 26 Apr 2024 14:28:46 +0000
ROA not before: Fri 26 Apr 2024 14:28:46 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152711
IP address blocks: 103.51.62.0/24 maxlen: 24
103.51.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 14:23:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2F80/serialNumber=F410C483A4C8C916FFD4CF420C4C110889798891
Validity
Not Before: Apr 26 14:28:46 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=662bba1e-b678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:21:2a:97:b6:a5:de:f9:fe:d2:54:bf:e0:04:
08:ae:ab:6f:a4:2c:80:6d:78:45:85:f9:3e:38:3d:
d4:34:21:34:d1:93:8a:50:f1:06:b3:4c:50:c1:67:
9f:7d:8e:7d:8c:c2:e4:fe:7f:af:ce:a7:be:5d:0b:
d8:c6:05:1d:d1:c2:3e:de:e5:bf:52:fb:54:b2:a3:
ac:92:32:55:5a:4e:43:80:52:93:4b:ef:c3:f1:18:
5f:d2:56:1c:60:40:1e:cd:42:04:25:e7:b1:85:b9:
1a:51:b4:cb:67:94:8a:bb:01:19:b8:21:21:e9:11:
88:40:51:cd:97:08:ef:cd:39:85:ea:dc:b1:dd:0f:
ab:bc:d8:f2:0a:24:67:08:71:af:bd:42:10:20:74:
aa:4d:c9:b7:5d:54:e7:ce:a2:5b:3d:dc:a1:04:6c:
8c:b7:25:b9:1a:fb:7b:83:0c:50:67:08:1b:46:39:
31:72:ba:23:aa:79:6a:61:23:f0:55:f0:a0:db:0e:
2f:d8:d5:89:85:65:13:00:f7:1b:e8:d0:c8:f0:79:
fe:39:4c:7d:98:f9:fe:af:44:f8:27:72:0e:d7:14:
27:30:71:4f:66:d0:86:81:5b:14:11:0f:06:a0:86:
48:a0:61:75:93:3e:b6:19:a9:67:ae:03:55:80:c2:
d4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:73:61:C6:E0:A7:C4:9C:9F:7F:D2:B3:58:A7:1F:8C:91:18:92:DC
X509v3 Authority Key Identifier:
keyid:F4:10:C4:83:A4:C8:C9:16:FF:D4:CF:42:0C:4C:11:08:89:79:88:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/9BDEg6TIyRb_1M9CDEwRCIl5iJE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9BDEg6TIyRb_1M9CDEwRCIl5iJE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/4A476E0003D911EFB0B03B6EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.51.62.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:4d:2b:91:74:b3:5b:76:ee:af:9f:2c:d8:f4:b5:36:f7:f4:
b3:f4:8c:a1:26:15:40:f0:d2:4c:85:07:d5:8d:27:c4:e0:13:
b7:80:b4:cf:92:d6:9a:b4:55:c6:28:42:50:a3:3c:8e:ad:08:
a5:a1:40:fd:d8:f4:83:d2:a0:10:1c:64:5c:84:0d:c5:85:d1:
99:5f:27:d5:10:e1:65:7d:c5:1b:c2:a0:47:69:28:9a:4e:ad:
e3:5d:5d:9f:5e:6a:15:18:e8:24:ec:1f:b1:23:49:69:ab:b2:
5f:ce:f5:ab:53:25:9c:3e:ab:58:dd:61:e4:76:86:e3:41:49:
8c:03:df:cc:58:ff:9c:ed:ce:bf:94:ec:68:79:ab:dd:7d:10:
95:4e:73:2c:c8:03:58:39:6a:54:d3:df:eb:2c:ff:7a:d6:00:
7c:4f:35:db:24:5e:b9:25:7e:d7:87:20:b4:b2:ca:78:75:05:
ad:1e:27:62:33:22:8e:05:c9:d8:52:89:52:cf:83:57:d3:59:
0e:f5:66:43:45:6f:d8:df:65:80:46:a2:2e:24:5b:7d:ce:47:
65:fd:93:70:ee:46:3f:1e:0c:42:2f:db:00:44:4a:cc:a9:53:
b7:51:25:5c:10:df:72:04:e0:9c:80:9e:25:62:17:63:51:3e:
9a:56:f8:48
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MkY4MDExMC8GA1UEBRMoRjQxMEM0ODNBNEM4QzkxNkZGRDRDRjQyMEM0QzExMDg4
OTc5ODg5MTAeFw0yNDA0MjYxNDI4NDZaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MmJiYTFlLWI2NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuISqXtqXe+f7SVL/gBAiuq2+kLIBteEWF+T44PdQ0ITTRk4pQ8QazTFDBZ599
jn2MwuT+f6/Op75dC9jGBR3Rwj7e5b9S+1Syo6ySMlVaTkOAUpNL78PxGF/SVhxg
QB7NQgQl57GFuRpRtMtnlIq7ARm4ISHpEYhAUc2XCO/NOYXq3LHdD6u82PIKJGcI
ca+9QhAgdKpNybddVOfOols93KEEbIy3Jbka+3uDDFBnCBtGOTFyuiOqeWphI/BV
8KDbDi/Y1YmFZRMA9xvo0Mjwef45TH2Y+f6vRPgncg7XFCcwcU9m0IaBWxQRDwag
hkigYXWTPrYZqWeuA1WAwtS5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU1nNhxuCn
xJyff9KzWKcfjJEYktwwHwYDVR0jBBgwFoAU9BDEg6TIyRb/1M9CDEwRCIl5iJEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUyRjgwLzk0QzU0QjgwMDM5
NTExRUY4NUI2OUY0RUM0RjlBRTAyLzlCREVnNlRJeVJiXzFNOUNERXdSQ0lsNWlK
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOUJERWc2VEl5UmJfMU05Q0RFd1JDSWw1aUpFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MkY4MC85NEM1NEI4MDAzOTUxMUVGODVCNjlGNEVDNEY5QUUwMi80QTQ3NkUwMDAz
RDkxMUVGQjBCMDNCNkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWczPjANBgkqhkiG9w0BAQsFAAOCAQEAo00rkXSzW3bur58s
2PS1Nvf0s/SMoSYVQPDSTIUH1Y0nxOATt4C0z5LWmrRVxihCUKM8jq0IpaFA/dj0
g9KgEBxkXIQNxYXRmV8n1RDhZX3FG8KgR2komk6t411dn15qFRjoJOwfsSNJaauy
X871q1MlnD6rWN1h5HaG40FJjAPfzFj/nO3Ov5TsaHmr3X0QlU5zLMgDWDlqVNPf
6yz/etYAfE812yReuSV+14cgtLLKeHUFrR4nYjMijgXJ2FKJUs+DV9NZDvVmQ0Vv
2N9lgEaiLiRbfc5HZf2TcO5GPx4MQi/bAERKzKlTt1ElXBDfcgTgnICeJWIXY1E+
mlb4SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org