Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F77AD/CE6C237A20A811EE98637F23C4F9AE02/33EBD86420AC11EEB828E425C4F9AE02.roa
File: 33EBD86420AC11EEB828E425C4F9AE02.roa (raw, json)
Hash identifier: 6TJHiVuUIZYaZwZMltPu9T1ZsZjpDXT9i7A6K+xHUsA=
Subject key identifier: FA:2F:D6:38:54:A9:50:31:C4:4D:D9:95:9B:96:F4:E6:81:99:04:1F
Certificate issuer: /CN=A91F77AD/serialNumber=7C9F72229ED112594C7722D3C21B5105E29FC48A
Certificate serial: 76
Authority key identifier: 7C:9F:72:22:9E:D1:12:59:4C:77:22:D3:C2:1B:51:05:E2:9F:C4:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fJ9yIp7REllMdyLTwhtRBeKfxIo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F77AD/CE6C237A20A811EE98637F23C4F9AE02/33EBD86420AC11EEB828E425C4F9AE02.roa
Signing time: Fri 09 Feb 2024 06:28:01 +0000
ROA not before: Fri 09 Feb 2024 06:28:01 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 800
IP address blocks: 103.68.188.0/22 maxlen: 22
103.147.48.0/23 maxlen: 23
2405:a9c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 30 Apr 2024 12:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118 (0x76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F77AD/serialNumber=7C9F72229ED112594C7722D3C21B5105E29FC48A
Validity
Not Before: Feb 9 06:28:01 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65c5c5f1-43ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ef:5f:7f:60:e4:01:63:9c:7d:30:da:5c:07:
0d:1c:3c:14:24:ee:40:76:6e:4e:3b:ce:12:dc:39:
e9:dc:13:cb:c9:88:e5:92:f2:6e:e3:bb:06:00:b6:
a2:c5:68:b7:9c:37:76:a9:74:44:cf:83:cd:8f:32:
ac:ac:54:1a:28:46:5f:f9:75:a5:8a:65:6e:0a:60:
03:3d:2f:6f:d0:67:32:68:c0:63:9a:85:81:d0:78:
d6:da:b5:3f:96:23:78:65:83:cb:69:e3:25:cb:ee:
03:5d:98:94:2b:46:b9:14:a4:da:2f:46:e5:28:18:
1f:b4:a1:9a:4a:23:31:42:5f:00:18:c9:8e:8a:47:
e3:a3:3a:73:27:bb:04:7a:92:63:29:1f:68:6b:05:
13:df:84:2b:ec:79:7f:db:3a:b7:b6:7f:7c:8c:ad:
11:d3:f5:29:18:5f:f9:df:74:b7:1b:53:f6:f8:b9:
ed:5c:58:8d:35:6c:50:1a:a5:bd:db:51:6f:e3:c2:
01:cd:98:9f:da:b5:ae:85:22:56:7e:44:dc:5d:3b:
e7:e6:8a:02:96:4c:51:c7:8e:fe:8b:a4:ac:5c:c5:
4f:f9:22:02:d0:ad:36:37:e7:2a:a9:21:6d:2d:cf:
17:88:d6:1c:27:00:d7:03:63:75:dd:e9:ff:9e:42:
32:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2F:D6:38:54:A9:50:31:C4:4D:D9:95:9B:96:F4:E6:81:99:04:1F
X509v3 Authority Key Identifier:
keyid:7C:9F:72:22:9E:D1:12:59:4C:77:22:D3:C2:1B:51:05:E2:9F:C4:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F77AD/CE6C237A20A811EE98637F23C4F9AE02/fJ9yIp7REllMdyLTwhtRBeKfxIo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fJ9yIp7REllMdyLTwhtRBeKfxIo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F77AD/CE6C237A20A811EE98637F23C4F9AE02/33EBD86420AC11EEB828E425C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.188.0/22
103.147.48.0/23
IPv6:
2405:a9c0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:3e:7c:e3:a6:03:27:47:6f:dc:49:1e:9d:14:14:71:de:42:
a8:09:bc:dd:b9:f5:98:02:88:fa:79:78:d5:77:94:f3:26:aa:
c2:10:e5:1b:17:78:1e:90:09:bf:e0:32:c5:ea:e8:f0:7a:40:
a6:e2:fd:e2:7b:1a:ff:39:ad:4b:70:e0:06:7c:39:f2:a0:71:
ef:1b:d2:34:be:0d:fb:5b:36:a0:0a:07:ec:00:87:fb:26:63:
62:75:20:c1:1e:a3:47:69:51:46:29:d7:28:d8:53:84:06:33:
f6:ae:04:e0:4d:06:7b:a0:a4:3d:d0:b0:97:79:16:16:ab:e5:
57:6b:e0:d1:db:0f:2b:92:2a:e9:96:26:7b:90:90:8d:7e:b9:
7d:0b:b1:22:95:55:73:22:8d:71:c6:6b:5a:0b:a4:89:7d:8e:
0e:f8:b2:30:9d:1e:cc:6f:6c:ad:01:83:90:42:8b:4e:2e:43:
dc:05:3e:71:ae:a9:4e:58:5a:0a:81:61:fd:d6:9f:ff:ca:8f:
db:fc:94:84:8b:2a:ac:7b:5c:0b:8a:49:ec:3e:18:c7:42:2a:
cc:fd:be:62:cb:44:82:7e:60:87:b7:8f:75:78:bb:e1:f9:bd:
0b:fb:4b:f2:8f:7c:73:c6:0c:76:c5:d0:10:64:15:f0:99:fe:
92:6f:aa:c5
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBdjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
NzdBRDExMC8GA1UEBRMoN0M5RjcyMjI5RUQxMTI1OTRDNzcyMkQzQzIxQjUxMDVF
MjlGQzQ4QTAeFw0yNDAyMDkwNjI4MDFaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YzVjNWYxLTQzZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/719/YOQBY5x9MNpcBw0cPBQk7kB2bk47zhLcOencE8vJiOWS8m7juwYAtqLF
aLecN3apdETPg82PMqysVBooRl/5daWKZW4KYAM9L2/QZzJowGOahYHQeNbatT+W
I3hlg8tp4yXL7gNdmJQrRrkUpNovRuUoGB+0oZpKIzFCXwAYyY6KR+OjOnMnuwR6
kmMpH2hrBRPfhCvseX/bOre2f3yMrRHT9SkYX/nfdLcbU/b4ue1cWI01bFAapb3b
UW/jwgHNmJ/ata6FIlZ+RNxdO+fmigKWTFHHjv6LpKxcxU/5IgLQrTY35yqpIW0t
zxeI1hwnANcDY3Xd6f+eQjJNAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQU+i/WOFSp
UDHETdmVm5b05oGZBB8wHwYDVR0jBBgwFoAUfJ9yIp7REllMdyLTwhtRBeKfxIow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY3N0FEL0NFNkMyMzdBMjBB
ODExRUU5ODYzN0YyM0M0RjlBRTAyL2ZKOXlJcDdSRWxsTWR5TFR3aHRSQmVLZnhJ
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZko5eUlwN1JFbGxNZHlMVHdodFJCZUtmeElvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NzdBRC9DRTZDMjM3QTIwQTgxMUVFOTg2MzdGMjNDNEY5QUUwMi8zM0VCRDg2NDIw
QUMxMUVFQjgyOEU0MjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAmdEvAMEAWeTMDANBAIAAjAHAwUAJAWpwDANBgkqhkiG9w0B
AQsFAAOCAQEAjT5846YDJ0dv3EkenRQUcd5CqAm83bn1mAKI+nl41XeU8yaqwhDl
Gxd4HpAJv+Ayxero8HpApuL94nsa/zmtS3DgBnw58qBx7xvSNL4N+1s2oAoH7ACH
+yZjYnUgwR6jR2lRRinXKNhThAYz9q4E4E0Ge6CkPdCwl3kWFqvlV2vg0dsPK5Iq
6ZYme5CQjX65fQuxIpVVcyKNccZrWgukiX2ODviyMJ0ezG9srQGDkEKLTi5D3AU+
ca6pTlhaCoFh/daf/8qP2/yUhIsqrHtcC4pJ7D4Yx0IqzP2+YstEgn5gh7ePdXi7
4fm9C/tL8o98c8YMdsXQEGQV8Jn+km+qxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:39 2024 by rpki-client on console-ams.rpki-client.org