Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/0AC67204EDD011EE8C553484C4F9AE02.roa
File: 0AC67204EDD011EE8C553484C4F9AE02.roa (raw, json)
Hash identifier: +U/4rblcOkNz/1vzZ0iEgjIGlaKHqKI5rmVILvYE92o=
Subject key identifier: F9:5C:BE:64:11:8E:7D:AD:0C:F1:D1:85:6D:49:D0:C4:5E:37:DA:6C
Certificate issuer: /CN=A911112F/serialNumber=1E57B43F044D4ABA8222A409786614280AA739A1
Certificate serial: 31
Authority key identifier: 1E:57:B4:3F:04:4D:4A:BA:82:22:A4:09:78:66:14:28:0A:A7:39:A1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hle0PwRNSrqCIqQJeGYUKAqnOaE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/0AC67204EDD011EE8C553484C4F9AE02.roa
Signing time: Fri 29 Mar 2024 14:07:55 +0000
ROA not before: Fri 29 Mar 2024 14:07:55 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 142297
IP address blocks: 103.167.186.0/24 maxlen: 24
2001:df6:bb80::/64 maxlen: 64
Validation: Failed, certificate revoked on Fri 29 Mar 2024 18:42:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49 (0x31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911112F/serialNumber=1E57B43F044D4ABA8222A409786614280AA739A1
Validity
Not Before: Mar 29 14:07:55 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6606cb3b-5f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9b:47:da:41:23:c2:8e:54:85:20:18:d5:a2:
5c:02:5c:3e:17:c3:8a:8d:36:21:44:5f:f9:4a:89:
83:b8:e2:87:85:bb:3d:d4:97:6c:af:2d:1f:ef:3f:
3c:57:d6:4e:17:71:74:e7:c7:19:7c:06:21:6f:90:
ab:75:c5:01:80:c1:74:31:1b:51:a5:db:be:5e:6e:
28:52:88:84:11:91:99:fe:60:91:8e:53:bc:d6:34:
7f:ad:5a:10:57:65:a1:b2:86:df:58:75:1b:1d:99:
61:29:04:e5:cd:22:78:4c:24:6e:95:f7:3a:3a:11:
ad:aa:12:d1:28:2a:17:56:b3:9a:0f:a6:06:06:15:
25:c3:e2:5d:14:a6:70:0b:9e:7c:42:3e:98:72:17:
a3:0e:94:68:7c:eb:c1:10:52:d5:10:e7:64:97:f1:
71:38:43:68:b2:72:16:6d:61:d8:97:d3:43:ed:2d:
82:6c:f6:f3:81:e6:c9:a2:ae:bd:1b:cb:fb:73:62:
ff:8b:c1:b5:b1:4c:d4:75:bd:b9:32:10:85:80:09:
c2:ab:d0:11:6c:47:6d:59:79:22:19:0c:87:c4:94:
bc:43:1a:03:46:59:ad:a2:d9:86:9f:1f:48:82:3d:
c8:9b:c5:c1:b8:88:f0:a4:f5:0f:52:0c:2a:ae:fb:
f7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:5C:BE:64:11:8E:7D:AD:0C:F1:D1:85:6D:49:D0:C4:5E:37:DA:6C
X509v3 Authority Key Identifier:
keyid:1E:57:B4:3F:04:4D:4A:BA:82:22:A4:09:78:66:14:28:0A:A7:39:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/Hle0PwRNSrqCIqQJeGYUKAqnOaE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hle0PwRNSrqCIqQJeGYUKAqnOaE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/0AC67204EDD011EE8C553484C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.186.0/24
IPv6:
2001:df6:bb80::/64
Signature Algorithm: sha256WithRSAEncryption
b9:2f:17:d1:5c:05:57:99:9a:5b:d8:5a:25:21:1c:c7:b6:ff:
40:94:8f:d1:55:02:18:da:e2:1d:06:7b:78:c8:72:cd:d1:6a:
09:3b:ed:cd:c3:b2:15:b2:94:b5:6a:62:95:57:70:2d:0d:7b:
d7:de:32:b4:0a:90:20:68:05:3c:68:9a:66:d5:1a:d7:69:44:
28:9a:d2:f8:ad:58:08:39:3b:4f:86:4c:bd:c6:4b:82:1f:c2:
b1:0a:00:a4:01:f2:22:8c:06:ba:c1:9c:00:e2:f0:03:ad:8b:
cd:6e:49:e2:00:63:45:fa:fc:6b:e7:00:9f:b0:85:75:42:77:
8b:7b:54:51:3a:60:9b:24:f0:a7:34:ad:5b:f1:c6:1e:8e:c2:
8d:01:8f:80:e7:4a:b7:6e:8a:5c:b5:bc:f4:f1:53:a1:61:a3:
2b:76:6d:de:45:e8:93:97:d2:83:03:3e:d8:9a:8e:53:f7:b2:
b3:43:76:8d:6f:31:16:3e:c4:fe:03:12:f3:a4:40:25:16:b5:
9a:c4:91:70:eb:9b:bc:fa:c5:c4:d9:5c:78:6c:69:6a:89:46:
1e:53:2c:fb:24:d9:63:19:6c:35:ba:7d:c0:94:be:19:e5:8b:
a9:ae:1f:28:34:ed:a2:f5:1a:e8:44:46:a0:86:31:5b:52:ef:
0a:ae:f1:ff
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBMTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MTEyRjExMC8GA1UEBRMoMUU1N0I0M0YwNDRENEFCQTgyMjJBNDA5Nzg2NjE0Mjgw
QUE3MzlBMTAeFw0yNDAzMjkxNDA3NTVaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDZjYjNiLTVmMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCfm0faQSPCjlSFIBjVolwCXD4Xw4qNNiFEX/lKiYO44oeFuz3Ul2yvLR/vPzxX
1k4XcXTnxxl8BiFvkKt1xQGAwXQxG1Gl275ebihSiIQRkZn+YJGOU7zWNH+tWhBX
ZaGyht9YdRsdmWEpBOXNInhMJG6V9zo6Ea2qEtEoKhdWs5oPpgYGFSXD4l0UpnAL
nnxCPphyF6MOlGh868EQUtUQ52SX8XE4Q2iychZtYdiX00PtLYJs9vOB5smirr0b
y/tzYv+LwbWxTNR1vbkyEIWACcKr0BFsR21ZeSIZDIfElLxDGgNGWa2i2YafH0iC
PcibxcG4iPCk9Q9SDCqu+/e7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU+Vy+ZBGO
fa0M8dGFbUnQxF432mwwHwYDVR0jBBgwFoAUHle0PwRNSrqCIqQJeGYUKAqnOaEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTExMTJGLzk2NERDNjlBQkE4
RDExRUU4MjhBODk0NkM0RjlBRTAyL0hsZTBQd1JOU3JxQ0lxUUplR1lVS0Fxbk9h
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSGxlMFB3Uk5TcnFDSXFRSmVHWVVLQXFuT2FFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MTEyRi85NjREQzY5QUJBOEQxMUVFODI4QTg5NDZDNEY5QUUwMi8wQUM2NzIwNEVE
RDAxMUVFOEM1NTM0ODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAyBggrBgEFBQcBBwEB/wQj
MCEwDAQCAAEwBgMEAGenujARBAIAAjALAwkAIAEN9ruAAAAwDQYJKoZIhvcNAQEL
BQADggEBALkvF9FcBVeZmlvYWiUhHMe2/0CUj9FVAhja4h0Ge3jIcs3Ragk77c3D
shWylLVqYpVXcC0Ne9feMrQKkCBoBTxommbVGtdpRCia0vitWAg5O0+GTL3GS4If
wrEKAKQB8iKMBrrBnADi8AOti81uSeIAY0X6/GvnAJ+whXVCd4t7VFE6YJsk8Kc0
rVvxxh6Owo0Bj4DnSrduily1vPTxU6Fhoyt2bd5F6JOX0oMDPtiajlP3srNDdo1v
MRY+xP4DEvOkQCUWtZrEkXDrm7z6xcTZXHhsaWqJRh5TLPsk2WMZbDW6fcCUvhnl
i6muHyg07aL1GuhERqCGMVtS7wqu8f8=
-----END CERTIFICATE-----
Generated at Fri Mar 29 21:53:01 2024 by rpki-client on console-ams.rpki-client.org