Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/B223B458F23211EC9A7DB924C4F9AE02.roa
File: B223B458F23211EC9A7DB924C4F9AE02.roa (raw, json)
Hash identifier: MKDzXtpRk6ylkiMU38TcsBd/2eGucxBXgNcHvC84M0o=
Subject key identifier: E3:66:AE:71:40:1F:9F:53:65:03:5B:14:B7:6E:B1:BD:EC:CF:E5:23
Certificate issuer: /CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Certificate serial: 209C
Authority key identifier: BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/B223B458F23211EC9A7DB924C4F9AE02.roa
Signing time: Thu 02 Feb 2023 16:42:47 +0000
ROA not before: Thu 02 Feb 2023 16:42:47 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 133334
IP address blocks: 45.124.56.0/22 maxlen: 24
103.61.220.0/22 maxlen: 22
103.200.32.0/22 maxlen: 24
103.203.52.0/22 maxlen: 22
103.225.136.0/22 maxlen: 24
2401:b80::/32 maxlen: 32
2401:b80::/36 maxlen: 36
2401:b80:1000::/36 maxlen: 36
2401:b80:2000::/36 maxlen: 36
2401:b80:2000:2017::/64 maxlen: 64
2401:b80:3000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8348 (0x209c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Validity
Not Before: Feb 2 16:42:47 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=63dbe806-fcae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bf:f6:ee:4a:48:d7:67:25:c2:5c:7f:4a:2a:
d5:1b:f0:3f:a9:2d:36:63:ca:ec:02:97:60:70:f0:
31:03:76:80:15:71:9e:b3:1a:fd:77:08:30:6c:b5:
32:78:c9:75:7a:2e:b0:5f:46:6b:ee:0f:51:f1:c5:
24:d4:14:8e:51:bd:95:f2:bb:f2:6a:0e:83:7f:b5:
ef:2c:d4:b5:4b:34:ef:f9:b2:49:75:26:25:37:ff:
0d:7d:bc:b0:8e:e5:bc:57:58:ce:79:ad:c4:03:f8:
e9:6e:4d:2c:98:46:2d:22:5c:b4:e7:e3:92:f0:16:
f8:69:20:de:2f:d9:38:35:b0:18:10:09:30:93:65:
b7:c5:e4:d2:8f:09:76:1e:d8:73:16:1b:6b:0c:7e:
ea:b5:78:da:de:fc:c8:1d:d9:2d:ab:96:e7:62:8e:
62:ca:52:b8:f3:66:ff:52:71:00:8d:bf:46:e6:b3:
35:d2:a2:3d:4c:77:72:a5:c5:d9:8f:4c:83:1c:6f:
78:d5:b8:f8:05:0d:0f:db:c3:73:97:b8:25:8a:67:
fb:ca:fd:e0:46:9b:0a:83:60:78:6f:f5:3f:04:8a:
dc:cf:1d:af:d4:32:35:5a:2c:ae:14:a2:70:9c:58:
52:9b:cf:9e:72:49:83:0c:7f:7f:7b:3b:75:7c:3e:
04:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:66:AE:71:40:1F:9F:53:65:03:5B:14:B7:6E:B1:BD:EC:CF:E5:23
X509v3 Authority Key Identifier:
keyid:BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/B223B458F23211EC9A7DB924C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.56.0/22
103.61.220.0/22
103.200.32.0/22
103.203.52.0/22
103.225.136.0/22
IPv6:
2401:b80::/32
Signature Algorithm: sha256WithRSAEncryption
87:9c:b2:9d:1f:b5:70:fb:c1:e9:6a:8d:19:7f:a4:16:94:69:
2b:94:69:77:c4:c6:7e:08:7c:da:c9:f4:8c:46:23:ae:5f:f6:
95:a4:f9:1b:59:d9:2b:a0:32:72:2c:05:20:84:2a:9c:3f:43:
91:f4:1d:96:c7:b6:f8:a7:e1:ba:15:d9:8b:a7:e0:2e:0e:9a:
03:7e:8c:63:ed:b7:f8:a8:66:c6:17:84:3f:4e:7d:32:cb:3d:
81:14:ac:fc:ed:c9:df:a8:c0:9c:cb:94:84:47:20:f5:25:a4:
38:8f:24:e7:98:ac:af:70:0a:7d:e2:69:72:94:02:a8:a3:fc:
ac:8c:0b:3c:15:3f:b5:e5:e2:62:5b:c6:13:1a:b4:50:b1:bc:
d9:c3:d2:07:02:51:3f:3e:03:f4:e0:c3:56:f0:d7:7e:8f:53:
c4:a9:c2:f1:2d:56:8e:ef:9f:b5:f0:39:92:c7:d8:9f:a1:95:
95:fc:04:bc:6a:50:1d:9b:54:28:cc:10:a5:51:20:6b:e2:cc:
27:53:a4:99:65:c2:86:7f:a6:18:2d:99:e4:78:11:35:0b:7c:
8c:82:dd:b5:52:4e:63:49:d8:d8:4e:69:31:b7:bf:bc:bd:7c:
76:df:32:5f:22:33:9b:5e:7a:b9:fd:e0:c2:b4:9d:be:db:b0:
e6:a5:fb:f7
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICIJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURFMEExMTAvBgNVBAUTKEJFNDg4QjRFNjBBQzZBNzNBNjU2RUZEQkM1RkE2N0Ex
QThERTgxMkEwHhcNMjMwMjAyMTY0MjQ3WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RiZTgwNi1mY2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwb/27kpI12clwlx/SirVG/A/qS02Y8rsApdgcPAxA3aAFXGesxr9dwgwbLUy
eMl1ei6wX0Zr7g9R8cUk1BSOUb2V8rvyag6Df7XvLNS1SzTv+bJJdSYlN/8Nfbyw
juW8V1jOea3EA/jpbk0smEYtIly05+OS8Bb4aSDeL9k4NbAYEAkwk2W3xeTSjwl2
HthzFhtrDH7qtXja3vzIHdktq5bnYo5iylK482b/UnEAjb9G5rM10qI9THdypcXZ
j0yDHG941bj4BQ0P28Nzl7glimf7yv3gRpsKg2B4b/U/BIrczx2v1DI1WiyuFKJw
nFhSm8+eckmDDH9/ezt1fD4ErQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFONmrnFA
H59TZQNbFLdusb3sz+UjMB8GA1UdIwQYMBaAFL5Ii05grGpzplbv28X6Z6Go3oEq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREUwQS8zMEQ4MDEyNkMx
MTMxMUU1QjAxQTcyNjlDNEY5QUUwMi92a2lMVG1Dc2FuT21WdV9ieGZwbm9hamVn
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZraUxUbUNzYW5PbVZ1X2J4ZnBub2FqZWdTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURFMEEvMzBEODAxMjZDMTEzMTFFNUIwMUE3MjY5QzRGOUFFMDIvQjIyM0I0NThG
MjMyMTFFQzlBN0RCOTI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAItfDgDBAJnPdwDBAJnyCADBAJnyzQDBAJn4YgwDQQCAAIw
BwMFACQBC4AwDQYJKoZIhvcNAQELBQADggEBAIecsp0ftXD7welqjRl/pBaUaSuU
aXfExn4IfNrJ9IxGI65f9pWk+RtZ2SugMnIsBSCEKpw/Q5H0HZbHtvin4boV2Yun
4C4OmgN+jGPtt/ioZsYXhD9OfTLLPYEUrPztyd+owJzLlIRHIPUlpDiPJOeYrK9w
Cn3iaXKUAqij/KyMCzwVP7Xl4mJbxhMatFCxvNnD0gcCUT8+A/Tgw1bw136PU8Sp
wvEtVo7vn7XwOZLH2J+hlZX8BLxqUB2bVCjMEKVRIGvizCdTpJllwoZ/phgtmeR4
ETULfIyC3bVSTmNJ2NhOaTG3v7y9fHbfMl8iM5teern94MK0nb7bsOal+/c=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:36:09 2023 by rpki-client on console.sobornost.net