Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5E8B/DEC3BD7C5AD311EEA92F9320C4F9AE02/B50B7BCC5E3011EE9286D63FC4F9AE02.roa
File: B50B7BCC5E3011EE9286D63FC4F9AE02.roa (raw, json)
Hash identifier: znnwQ4HvIYNMyYwtwYjvla9CO2a5kYFepqlQOHYj4Nk=
Subject key identifier: BA:7F:1A:87:0E:94:6D:AD:01:3F:F3:A5:81:2A:EE:BF:43:01:6D:5A
Certificate issuer: /CN=A91E5E8B/serialNumber=BD9D66877D866E7C904156BE08CB4371AAE001BD
Certificate serial: C3
Authority key identifier: BD:9D:66:87:7D:86:6E:7C:90:41:56:BE:08:CB:43:71:AA:E0:01:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vZ1mh32GbnyQQVa-CMtDcargAb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E5E8B/DEC3BD7C5AD311EEA92F9320C4F9AE02/B50B7BCC5E3011EE9286D63FC4F9AE02.roa
Signing time: Thu 05 Sep 2024 14:04:10 +0000
ROA not before: Thu 05 Sep 2024 14:04:10 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 140632
IP address blocks: 103.203.236.0/23 maxlen: 23
103.203.236.0/24 maxlen: 24
103.203.237.0/24 maxlen: 24
2401:8c60::/32 maxlen: 32
2401:8c60::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Sep 2024 13:20:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 195 (0xc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5E8B/serialNumber=BD9D66877D866E7C904156BE08CB4371AAE001BD
Validity
Not Before: Sep 5 14:04:10 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66d9ba5a-aa52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6e:b1:f6:c0:70:d6:86:0f:6f:c4:de:c6:40:
0d:d3:ce:67:fa:90:a0:e2:6c:95:9a:bb:5e:39:50:
51:47:ea:03:f9:34:83:eb:50:ca:e1:57:0c:81:77:
d8:18:42:ab:c2:a3:da:46:ba:09:7c:0f:1b:3e:c6:
23:65:fa:21:14:c3:79:be:c9:e6:e1:58:fc:44:aa:
23:05:28:eb:61:98:0e:8e:13:e0:95:f1:6e:f9:7e:
d4:eb:62:5b:b0:a0:4e:51:d8:5b:7e:f9:90:77:7f:
6c:dc:a5:8b:33:99:02:b6:4b:e3:24:95:b1:5b:98:
8b:81:8d:3e:26:2e:15:69:eb:57:c6:21:24:e8:11:
9f:ab:7c:27:21:e2:6d:81:7c:b2:8f:b8:e0:2b:94:
48:9c:ed:9d:5c:5d:a1:47:08:f8:90:9e:e6:1f:0c:
f9:6e:91:25:20:f9:9f:be:17:fb:f2:4b:eb:34:45:
6b:bc:e8:bc:21:13:7d:2a:28:b6:8f:ff:49:bd:9b:
6b:e1:9d:69:43:50:0f:07:61:12:cb:97:68:1a:81:
3f:5e:3d:41:b6:3a:da:77:03:34:89:e8:e9:20:99:
b0:ba:fe:1d:79:d3:1c:47:6e:7c:f3:2f:bf:65:f6:
f3:0a:c8:34:36:9b:8d:68:08:9e:bd:81:be:0c:4b:
c4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7F:1A:87:0E:94:6D:AD:01:3F:F3:A5:81:2A:EE:BF:43:01:6D:5A
X509v3 Authority Key Identifier:
keyid:BD:9D:66:87:7D:86:6E:7C:90:41:56:BE:08:CB:43:71:AA:E0:01:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E5E8B/DEC3BD7C5AD311EEA92F9320C4F9AE02/vZ1mh32GbnyQQVa-CMtDcargAb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vZ1mh32GbnyQQVa-CMtDcargAb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5E8B/DEC3BD7C5AD311EEA92F9320C4F9AE02/B50B7BCC5E3011EE9286D63FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.236.0/23
IPv6:
2401:8c60::/32
Signature Algorithm: sha256WithRSAEncryption
5d:7b:07:71:84:25:75:3a:5b:14:fa:a7:7a:5c:21:64:42:e6:
cd:7b:3b:e9:93:5d:a0:da:09:8d:8d:fc:21:fe:c9:3a:13:2d:
64:5e:6f:13:56:d8:8e:42:c1:88:bc:f7:b4:c1:ca:d1:3a:21:
8c:50:8c:1c:60:0a:67:65:d4:d4:d9:cd:df:94:47:6d:dd:9c:
3f:5c:6d:cb:5c:11:9f:c6:ad:dc:83:2d:85:27:6e:90:b8:7e:
c2:12:f8:76:21:8c:2c:8e:ba:df:51:44:c1:d1:d2:91:d5:a3:
1f:65:97:46:3a:c1:0b:bc:72:bf:41:81:e5:89:a0:5c:9f:10:
97:c5:39:e3:6a:98:58:91:19:de:70:e4:48:7f:c2:c4:50:c9:
63:dd:c9:5d:aa:1d:50:0c:13:32:7e:89:91:90:6d:4b:13:44:
9a:f2:58:dd:c6:d9:f8:1e:ba:b7:0d:6f:7c:54:c6:42:30:be:
de:8d:35:34:87:6c:dd:2c:83:0e:16:03:b2:34:a0:17:be:74:
1c:16:e0:38:33:48:c7:c3:40:63:d0:e7:b8:fe:8f:bd:1d:27:
43:a8:2d:79:f2:5c:9e:ad:84:99:92:8a:e7:25:5a:f7:19:de:
02:79:46:5b:02:ea:b8:de:fe:12:15:16:a6:07:1b:81:f7:19:
bb:a6:19:55
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTVFOEIxMTAvBgNVBAUTKEJEOUQ2Njg3N0Q4NjZFN0M5MDQxNTZCRTA4Q0I0Mzcx
QUFFMDAxQkQwHhcNMjQwOTA1MTQwNDEwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5YmE1YS1hYTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn26x9sBw1oYPb8TexkAN085n+pCg4myVmrteOVBRR+oD+TSD61DK4VcMgXfY
GEKrwqPaRroJfA8bPsYjZfohFMN5vsnm4Vj8RKojBSjrYZgOjhPglfFu+X7U62Jb
sKBOUdhbfvmQd39s3KWLM5kCtkvjJJWxW5iLgY0+Ji4VaetXxiEk6BGfq3wnIeJt
gXyyj7jgK5RInO2dXF2hRwj4kJ7mHwz5bpElIPmfvhf78kvrNEVrvOi8IRN9Kii2
j/9JvZtr4Z1pQ1APB2ESy5doGoE/Xj1BtjradwM0iejpIJmwuv4dedMcR2588y+/
ZfbzCsg0NpuNaAievYG+DEvEIQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLp/GocO
lG2tAT/zpYEq7r9DAW1aMB8GA1UdIwQYMBaAFL2dZod9hm58kEFWvgjLQ3Gq4AG9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUU4Qi9ERUMzQkQ3QzVB
RDMxMUVFQTkyRjkzMjBDNEY5QUUwMi92WjFtaDMyR2JueVFRVmEtQ010RGNhcmdB
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZaMW1oMzJHYm55UVFWYS1DTXREY2FyZ0FiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTVFOEIvREVDM0JEN0M1QUQzMTFFRUE5MkY5MzIwQzRGOUFFMDIvQjUwQjdCQ0M1
RTMwMTFFRTkyODZENjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFny+wwDQQCAAIwBwMFACQBjGAwDQYJKoZIhvcNAQELBQAD
ggEBAF17B3GEJXU6WxT6p3pcIWRC5s17O+mTXaDaCY2N/CH+yToTLWRebxNW2I5C
wYi897TBytE6IYxQjBxgCmdl1NTZzd+UR23dnD9cbctcEZ/GrdyDLYUnbpC4fsIS
+HYhjCyOut9RRMHR0pHVox9ll0Y6wQu8cr9BgeWJoFyfEJfFOeNqmFiRGd5w5Eh/
wsRQyWPdyV2qHVAMEzJ+iZGQbUsTRJryWN3G2fgeurcNb3xUxkIwvt6NNTSHbN0s
gw4WA7I0oBe+dBwW4DgzSMfDQGPQ57j+j70dJ0OoLXnyXJ6thJmSiuclWvcZ3gJ5
RlsC6rje/hIVFqYHG4H3GbumGVU=
-----END CERTIFICATE-----
Generated at Tue Sep 10 16:43:58 2024 by rpki-client on console-ams.rpki-client.org