Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/EBA74768866F11ED8EDFC568C4F9AE02.roa
File: EBA74768866F11ED8EDFC568C4F9AE02.roa (raw, json)
Hash identifier: DLtD4dV39tz9VOQ4+hRoiZS4dHMmPFB1sBzJiFkObTI=
Subject key identifier: AC:E5:C7:FD:FE:29:2F:22:E3:9C:E3:F7:73:BF:0D:C0:05:82:D8:0D
Certificate issuer: /CN=A911486F/serialNumber=E632D38C5A32C217C6EE71D52DEF9F38CA166C51
Certificate serial: 02
Authority key identifier: E6:32:D3:8C:5A:32:C2:17:C6:EE:71:D5:2D:EF:9F:38:CA:16:6C:51
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5jLTjFoywhfG7nHVLe-fOMoWbFE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/EBA74768866F11ED8EDFC568C4F9AE02.roa
Signing time: Wed 28 Dec 2022 05:24:37 +0000
ROA not before: Wed 28 Dec 2022 05:24:37 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 150696
IP address blocks: 103.60.204.0/23 maxlen: 24
2400:cf60::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 20 Feb 2024 07:28:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911486F/serialNumber=E632D38C5A32C217C6EE71D52DEF9F38CA166C51
Validity
Not Before: Dec 28 05:24:37 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63abd315-e59a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5e:f6:fd:0d:1b:0d:de:27:c6:2e:bb:a5:52:
20:d8:7d:1a:58:fa:4b:4b:8c:1b:6f:ea:c7:46:56:
db:38:11:a3:c7:a5:cc:0b:ff:59:2f:21:75:3d:a9:
b3:7f:7b:83:27:65:bb:59:20:1f:b6:31:2b:a7:b5:
52:50:dc:b1:3d:ca:7d:09:89:a1:51:3b:80:58:89:
d7:74:3d:46:b9:81:e1:95:62:94:76:a4:05:04:30:
f0:2f:33:af:b1:97:12:27:f0:3a:9e:2d:7d:1c:ce:
e3:23:7f:5d:7d:47:f6:87:0c:f2:2d:e2:ca:d5:48:
24:ab:d1:b1:d3:3f:c7:fd:7e:17:33:6f:42:5a:20:
d7:2a:d7:36:4b:f0:2b:7d:41:13:1d:c4:68:65:33:
e0:fd:43:bc:41:bf:df:08:7f:1b:ba:0b:dc:68:58:
8d:29:84:49:c5:d7:cd:5c:11:1a:7d:4f:bc:3b:54:
4d:7f:9f:ba:0d:f8:8b:14:5d:8a:3a:26:5a:69:6a:
72:86:ea:93:1d:2f:65:d1:e5:17:64:0b:18:ff:d0:
a0:e2:12:28:b2:da:d1:14:de:93:0c:1a:42:dc:23:
32:bd:53:ea:67:22:3f:7b:a4:b2:7d:ff:51:f0:e3:
f2:bb:73:dd:e0:b0:c6:ad:16:50:02:da:5f:e7:0b:
07:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E5:C7:FD:FE:29:2F:22:E3:9C:E3:F7:73:BF:0D:C0:05:82:D8:0D
X509v3 Authority Key Identifier:
keyid:E6:32:D3:8C:5A:32:C2:17:C6:EE:71:D5:2D:EF:9F:38:CA:16:6C:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/5jLTjFoywhfG7nHVLe-fOMoWbFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5jLTjFoywhfG7nHVLe-fOMoWbFE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911486F/22CF3448866C11EDAFA5A471C4F9AE02/EBA74768866F11ED8EDFC568C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.60.204.0/23
IPv6:
2400:cf60::/32
Signature Algorithm: sha256WithRSAEncryption
93:bc:1a:1b:b8:5f:64:7c:59:17:38:eb:95:29:0c:03:71:bf:
73:15:aa:b4:b9:a8:ed:8e:9d:e3:fb:e1:7d:31:31:9b:c6:a5:
81:e9:ae:25:6c:bd:4d:a8:cb:c2:4d:84:98:bd:ea:b2:c4:94:
f7:fe:e2:27:f2:68:9e:c4:8a:31:68:68:cb:64:fe:2f:5a:41:
18:c2:f4:04:32:94:75:2c:5c:de:30:8c:c8:f1:3d:82:00:34:
9d:22:56:0b:1f:44:af:66:88:8c:d9:db:ec:1e:be:4f:5f:7d:
02:32:bd:30:a5:91:5f:40:43:1c:51:55:da:4c:62:cc:50:2f:
51:52:23:b8:50:a1:8d:f7:91:da:32:84:b5:9b:03:11:6f:3c:
e2:96:ab:d1:99:1a:7c:ea:93:ff:f8:cb:76:16:08:1f:e5:c0:
ad:93:53:8b:c0:13:ce:ca:98:84:9e:28:34:25:0a:f8:25:ec:
e0:6e:07:d2:24:42:c3:d6:3d:07:a2:be:9b:89:d5:1e:3a:82:
21:02:1d:e7:06:d1:1e:fa:38:f4:c3:d3:69:64:7a:14:0a:2c:
aa:30:38:86:84:68:2d:0e:cc:b5:4e:94:a1:de:07:6b:0a:5f:
53:1e:60:9d:7c:e2:b4:ce:75:cc:61:38:8f:7d:38:c7:7f:75:
da:d0:a3:0f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
NDg2RjExMC8GA1UEBRMoRTYzMkQzOEM1QTMyQzIxN0M2RUU3MUQ1MkRFRjlGMzhD
QTE2NkM1MTAeFw0yMjEyMjgwNTI0MzdaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYWJkMzE1LWU1OWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDoXvb9DRsN3ifGLrulUiDYfRpY+ktLjBtv6sdGVts4EaPHpcwL/1kvIXU9qbN/
e4MnZbtZIB+2MSuntVJQ3LE9yn0JiaFRO4BYidd0PUa5geGVYpR2pAUEMPAvM6+x
lxIn8DqeLX0czuMjf119R/aHDPIt4srVSCSr0bHTP8f9fhczb0JaINcq1zZL8Ct9
QRMdxGhlM+D9Q7xBv98Ifxu6C9xoWI0phEnF181cERp9T7w7VE1/n7oN+IsUXYo6
JlppanKG6pMdL2XR5RdkCxj/0KDiEiiy2tEU3pMMGkLcIzK9U+pnIj97pLJ9/1Hw
4/K7c93gsMatFlAC2l/nCwchAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUrOXH/f4p
LyLjnOP3c78NwAWC2A0wHwYDVR0jBBgwFoAU5jLTjFoywhfG7nHVLe+fOMoWbFEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE0ODZGLzIyQ0YzNDQ4ODY2
QzExRURBRkE1QTQ3MUM0RjlBRTAyLzVqTFRqRm95d2hmRzduSFZMZS1mT01vV2JG
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNWpMVGpGb3l3aGZHN25IVkxlLWZPTW9XYkZFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
NDg2Ri8yMkNGMzQ0ODg2NkMxMUVEQUZBNUE0NzFDNEY5QUUwMi9FQkE3NDc2ODg2
NkYxMUVEOEVERkM1NjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWc8zDANBAIAAjAHAwUAJADPYDANBgkqhkiG9w0BAQsFAAOC
AQEAk7waG7hfZHxZFzjrlSkMA3G/cxWqtLmo7Y6d4/vhfTExm8algemuJWy9TajL
wk2EmL3qssSU9/7iJ/JonsSKMWhoy2T+L1pBGML0BDKUdSxc3jCMyPE9ggA0nSJW
Cx9Er2aIjNnb7B6+T199AjK9MKWRX0BDHFFV2kxizFAvUVIjuFChjfeR2jKEtZsD
EW884par0ZkafOqT//jLdhYIH+XArZNTi8ATzsqYhJ4oNCUK+CXs4G4H0iRCw9Y9
B6K+m4nVHjqCIQId5wbRHvo49MPTaWR6FAosqjA4hoRoLQ7MtU6Uod4HawpfUx5g
nXzitM51zGE4j304x3912tCjDw==
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:01 2024 by rpki-client on console.sobornost.net