Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/57787F4CE90211EA90508273C4F9AE02.roa
File: 57787F4CE90211EA90508273C4F9AE02.roa (raw, json)
Hash identifier: uPzmKNatWWQkNp8x+zlq+NQrlZ/SAL+Q1qeZRNXxNP8=
Subject key identifier: 38:28:12:EC:E6:5B:C8:02:CF:45:BB:79:DD:5F:DD:F5:CA:5D:38:C9
Certificate issuer: /CN=A91EEAF9/serialNumber=DEBD28537A92EB13DA80F79884AEFB7F5169A879
Certificate serial: 06E0
Authority key identifier: DE:BD:28:53:7A:92:EB:13:DA:80:F7:98:84:AE:FB:7F:51:69:A8:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3r0oU3qS6xPagPeYhK77f1FpqHk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/57787F4CE90211EA90508273C4F9AE02.roa
Signing time: Wed 06 Dec 2023 22:29:53 +0000
ROA not before: Wed 06 Dec 2023 22:29:53 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 17483
IP address blocks: 103.252.184.0/24 maxlen: 24
103.252.185.0/24 maxlen: 24
103.252.186.0/24 maxlen: 24
103.252.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 06:20:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1760 (0x6e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEAF9/serialNumber=DEBD28537A92EB13DA80F79884AEFB7F5169A879
Validity
Not Before: Dec 6 22:29:53 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6570f5e1-46b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:73:40:db:0f:42:be:e2:b3:db:12:0c:78:
4d:6c:e2:18:fb:c5:d6:18:15:2d:90:23:09:ee:21:
eb:40:73:f9:a5:6b:ea:78:50:b5:c1:b1:97:db:00:
ae:3e:38:72:1e:83:65:f7:5f:bb:1b:a5:6e:51:62:
df:2d:90:ce:06:3a:93:d4:90:f5:c6:d4:48:26:6e:
6e:85:13:72:cc:8f:6a:57:96:68:f1:6a:3e:db:98:
e2:9c:6b:5a:e5:61:4a:3b:91:cd:e6:58:8a:c5:bb:
52:2a:22:ce:11:ef:c9:d2:f8:f9:2d:3e:b1:4b:fd:
04:56:d5:99:6b:e1:81:9e:02:4e:d0:c8:62:50:b7:
5b:e2:8d:aa:b9:7c:5d:af:25:a9:e9:33:1d:d5:bd:
b5:3d:10:58:f9:f1:ef:b7:c2:b8:b5:20:9c:16:a8:
af:fd:f8:90:2f:a4:85:f8:07:4c:63:5a:15:e7:96:
0d:43:e2:18:c4:ca:84:84:58:dc:13:2e:31:8c:fe:
a7:af:40:47:a3:f3:95:4e:76:07:4f:1f:1a:e8:ab:
77:d1:26:12:b2:77:e8:93:4a:a5:94:1f:40:8e:25:
40:1b:6d:41:70:c5:86:55:2b:77:1f:3e:e0:21:6a:
5f:3f:54:d3:f7:b6:c3:8d:b8:0c:f5:bf:98:44:29:
4f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:28:12:EC:E6:5B:C8:02:CF:45:BB:79:DD:5F:DD:F5:CA:5D:38:C9
X509v3 Authority Key Identifier:
keyid:DE:BD:28:53:7A:92:EB:13:DA:80:F7:98:84:AE:FB:7F:51:69:A8:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/3r0oU3qS6xPagPeYhK77f1FpqHk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3r0oU3qS6xPagPeYhK77f1FpqHk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/57787F4CE90211EA90508273C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.184.0/22
Signature Algorithm: sha256WithRSAEncryption
01:a2:5c:5b:a5:d6:80:12:a1:b5:74:d7:b7:83:8d:e9:f4:31:
9a:fc:fb:ec:c8:8f:e4:da:8f:f0:01:30:90:9b:ab:4b:b6:ba:
02:2e:22:67:4d:04:dd:14:af:ee:e9:50:72:c0:2a:34:a1:b1:
42:dc:93:0d:57:3a:49:2f:f5:0e:91:67:e7:38:fe:ec:66:25:
c2:eb:d5:8c:59:9b:fa:41:a1:e3:fd:5b:02:a6:99:68:d8:2a:
a3:5d:70:ee:07:a2:61:97:df:80:cc:29:8a:f9:81:dd:55:f8:
e7:ac:f6:c4:14:38:fe:f3:30:1b:cc:bb:6a:da:34:c0:a0:5b:
3c:61:07:5a:9a:72:ca:77:45:be:70:9d:0e:9f:52:3e:6f:37:
2f:87:9c:a1:f9:c1:c9:65:86:60:d1:34:d8:bd:52:8d:1b:c9:
2e:2a:37:9e:08:ef:92:62:5a:95:9f:67:33:90:68:dd:2e:2f:
44:d7:7e:a8:0b:06:e2:55:fd:eb:93:9b:11:d3:b9:21:77:6b:
77:fc:c4:e9:a8:03:9e:80:8a:cd:b5:f9:02:9b:e4:41:68:0e:
21:2d:e0:fd:a2:72:df:0c:bd:2d:76:e0:98:89:0c:f0:e5:f3:
b5:59:aa:e1:39:78:51:e7:3f:82:f0:f8:40:ba:53:8f:e0:01:
2f:fc:b4:5a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBuAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVBRjkxMTAvBgNVBAUTKERFQkQyODUzN0E5MkVCMTNEQTgwRjc5ODg0QUVGQjdG
NTE2OUE4NzkwHhcNMjMxMjA2MjIyOTUzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcwZjVlMS00NmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtXdzQNsPQr7is9sSDHhNbOIY+8XWGBUtkCMJ7iHrQHP5pWvqeFC1wbGX2wCu
PjhyHoNl91+7G6VuUWLfLZDOBjqT1JD1xtRIJm5uhRNyzI9qV5Zo8Wo+25jinGta
5WFKO5HN5liKxbtSKiLOEe/J0vj5LT6xS/0EVtWZa+GBngJO0MhiULdb4o2quXxd
ryWp6TMd1b21PRBY+fHvt8K4tSCcFqiv/fiQL6SF+AdMY1oV55YNQ+IYxMqEhFjc
Ey4xjP6nr0BHo/OVTnYHTx8a6Kt30SYSsnfok0qllB9AjiVAG21BcMWGVSt3Hz7g
IWpfP1TT97bDjbgM9b+YRClPTwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDgoEuzm
W8gCz0W7ed1f3fXKXTjJMB8GA1UdIwQYMBaAFN69KFN6kusT2oD3mISu+39Raah5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUFGOS9FNjFFN0Q1Q0U5
MDAxMUVBQjU5RjY5NzFDNEY5QUUwMi8zcjBvVTNxUzZ4UGFnUGVZaEs3N2YxRnBx
SGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNyMG9VM3FTNnhQYWdQZVloSzc3ZjFGcHFIay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVBRjkvRTYxRTdENUNFOTAwMTFFQUI1OUY2OTcxQzRGOUFFMDIvNTc3ODdGNENF
OTAyMTFFQTkwNTA4MjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn/LgwDQYJKoZIhvcNAQELBQADggEBAAGiXFul1oASobV0
17eDjen0MZr8++zIj+Taj/ABMJCbq0u2ugIuImdNBN0Ur+7pUHLAKjShsULckw1X
Okkv9Q6RZ+c4/uxmJcLr1YxZm/pBoeP9WwKmmWjYKqNdcO4HomGX34DMKYr5gd1V
+Oes9sQUOP7zMBvMu2raNMCgWzxhB1qacsp3Rb5wnQ6fUj5vNy+HnKH5wcllhmDR
NNi9Uo0byS4qN54I75JiWpWfZzOQaN0uL0TXfqgLBuJV/euTmxHTuSF3a3f8xOmo
A56Ais21+QKb5EFoDiEt4P2ict8MvS124JiJDPDl87VZquE5eFHnP4Lw+EC6U4/g
AS/8tFo=
-----END CERTIFICATE-----
Generated at Tue Oct 22 08:44:36 2024 by rpki-client on console-ams.rpki-client.org