Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/B9450EACEDB811EE9D7A8D4DC4F9AE02.roa
File: B9450EACEDB811EE9D7A8D4DC4F9AE02.roa (raw, json)
Hash identifier: PB9dhjRdac5Zzn5tU478nWkrFSkkAqc95pokuOewisQ=
Subject key identifier: E4:68:5A:09:51:36:9B:24:BE:FC:F0:83:05:68:C0:07:9A:EB:83:D3
Certificate issuer: /CN=A911112F/serialNumber=1E57B43F044D4ABA8222A409786614280AA739A1
Certificate serial: 2C
Authority key identifier: 1E:57:B4:3F:04:4D:4A:BA:82:22:A4:09:78:66:14:28:0A:A7:39:A1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hle0PwRNSrqCIqQJeGYUKAqnOaE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/B9450EACEDB811EE9D7A8D4DC4F9AE02.roa
Signing time: Fri 29 Mar 2024 13:08:33 +0000
ROA not before: Fri 29 Mar 2024 13:08:33 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 142297
IP address blocks: 103.167.186.0/24 maxlen: 24
2001:df6:bb80::/64 maxlen: 64
Validation: Failed, certificate revoked on Fri 29 Mar 2024 13:27:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44 (0x2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911112F/serialNumber=1E57B43F044D4ABA8222A409786614280AA739A1
Validity
Not Before: Mar 29 13:08:33 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6606bd51-2eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:93:a9:45:62:57:f4:ff:0f:ad:15:fc:0e:f2:
9f:00:69:dd:5e:25:96:b5:40:bc:fe:79:e2:5f:6e:
c6:6a:da:68:e0:50:42:d7:56:d2:7c:89:b0:81:a8:
e4:ac:95:0e:c0:c5:b5:ea:2c:0a:bd:bd:02:87:5d:
cc:96:fc:65:5d:64:84:09:ba:25:84:af:1d:d6:3b:
16:cb:47:ad:1d:3a:d6:69:ad:ad:b2:d7:c3:12:28:
28:8c:f1:cf:45:97:13:d5:4f:cd:82:07:0c:0e:d8:
d5:a5:35:22:51:7a:22:d6:1d:60:ef:37:19:af:66:
51:8c:af:fc:d9:df:bd:89:89:0d:82:2a:c9:8c:99:
fe:16:e8:2f:72:8f:bf:c1:c6:60:53:8c:a2:31:30:
f9:82:49:e8:ba:5e:48:d6:5e:47:6a:c3:f0:5f:d4:
44:1c:07:eb:bf:13:4d:b1:ae:b6:16:61:cd:00:56:
06:4c:3b:ef:2a:9c:cc:80:79:ea:bc:d9:74:26:ef:
0e:fc:aa:30:18:f6:fe:ed:14:97:ae:48:50:06:53:
f8:e1:62:e2:96:e0:5c:54:2c:76:10:de:eb:73:c9:
60:e4:ec:16:b7:26:21:a0:25:d7:b5:11:a7:45:b3:
39:93:79:a3:71:d1:90:b4:37:59:f5:86:55:bf:9d:
0a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:68:5A:09:51:36:9B:24:BE:FC:F0:83:05:68:C0:07:9A:EB:83:D3
X509v3 Authority Key Identifier:
keyid:1E:57:B4:3F:04:4D:4A:BA:82:22:A4:09:78:66:14:28:0A:A7:39:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/Hle0PwRNSrqCIqQJeGYUKAqnOaE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hle0PwRNSrqCIqQJeGYUKAqnOaE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/B9450EACEDB811EE9D7A8D4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.186.0/24
IPv6:
2001:df6:bb80::/64
Signature Algorithm: sha256WithRSAEncryption
29:2b:03:b9:fb:cb:56:c2:1f:10:49:a7:2d:c2:19:b4:d0:a6:
f8:8e:48:af:70:d0:8a:25:bd:b1:a4:b8:df:78:dd:4d:6f:90:
e2:ae:81:8b:a5:3c:12:58:08:cf:fa:a4:7f:cc:81:95:bf:5e:
4d:0f:f1:ab:e1:39:5b:b8:c5:47:8b:0a:a2:a1:b1:6b:2f:15:
5f:df:9e:89:4b:37:9a:bd:6f:d5:f8:02:70:7d:5c:4d:7b:a0:
6a:bd:72:8e:2d:92:c9:c4:40:1b:b4:f1:04:84:e0:ef:71:a3:
83:8f:a7:f9:71:8f:2e:07:b1:f9:3a:1a:34:0b:db:b7:a8:e0:
28:91:81:39:98:3b:4e:b4:3d:94:73:cf:16:c4:e7:b0:40:80:
56:cd:f5:e7:dd:7a:fd:dc:c7:cf:a7:67:56:e8:66:06:29:a1:
7c:f6:b5:b1:0a:1f:d1:77:f7:47:80:8c:ae:07:b9:c7:bb:f3:
0a:7b:5f:93:fb:0f:07:e2:eb:64:30:5c:25:3e:1b:62:7e:04:
1d:9f:15:3a:2e:f2:d6:c0:97:5c:e5:e3:5c:b5:81:69:73:7d:
ff:44:a3:81:d2:d7:15:a0:ef:91:a5:c9:fe:4b:58:13:85:03:
97:c4:39:90:ef:40:5b:ee:e2:e2:47:cb:da:db:8d:34:53:3c:
34:4b:8e:c3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MTEyRjExMC8GA1UEBRMoMUU1N0I0M0YwNDRENEFCQTgyMjJBNDA5Nzg2NjE0Mjgw
QUE3MzlBMTAeFw0yNDAzMjkxMzA4MzNaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDZiZDUxLTJlYWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYk6lFYlf0/w+tFfwO8p8Aad1eJZa1QLz+eeJfbsZq2mjgUELXVtJ8ibCBqOSs
lQ7AxbXqLAq9vQKHXcyW/GVdZIQJuiWErx3WOxbLR60dOtZpra2y18MSKCiM8c9F
lxPVT82CBwwO2NWlNSJReiLWHWDvNxmvZlGMr/zZ372JiQ2CKsmMmf4W6C9yj7/B
xmBTjKIxMPmCSei6XkjWXkdqw/Bf1EQcB+u/E02xrrYWYc0AVgZMO+8qnMyAeeq8
2XQm7w78qjAY9v7tFJeuSFAGU/jhYuKW4FxULHYQ3utzyWDk7Ba3JiGgJde1EadF
szmTeaNx0ZC0N1n1hlW/nQqNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU5GhaCVE2
myS+/PCDBWjAB5rrg9MwHwYDVR0jBBgwFoAUHle0PwRNSrqCIqQJeGYUKAqnOaEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTExMTJGLzk2NERDNjlBQkE4
RDExRUU4MjhBODk0NkM0RjlBRTAyL0hsZTBQd1JOU3JxQ0lxUUplR1lVS0Fxbk9h
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSGxlMFB3Uk5TcnFDSXFRSmVHWVVLQXFuT2FFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MTEyRi85NjREQzY5QUJBOEQxMUVFODI4QTg5NDZDNEY5QUUwMi9COTQ1MEVBQ0VE
QjgxMUVFOUQ3QThENERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAyBggrBgEFBQcBBwEB/wQj
MCEwDAQCAAEwBgMEAGenujARBAIAAjALAwkAIAEN9ruAAAAwDQYJKoZIhvcNAQEL
BQADggEBACkrA7n7y1bCHxBJpy3CGbTQpviOSK9w0IolvbGkuN943U1vkOKugYul
PBJYCM/6pH/MgZW/Xk0P8avhOVu4xUeLCqKhsWsvFV/fnolLN5q9b9X4AnB9XE17
oGq9co4tksnEQBu08QSE4O9xo4OPp/lxjy4Hsfk6GjQL27eo4CiRgTmYO060PZRz
zxbE57BAgFbN9efdev3cx8+nZ1boZgYpoXz2tbEKH9F390eAjK4Huce78wp7X5P7
Dwfi62QwXCU+G2J+BB2fFTou8tbAl1zl41y1gWlzff9Eo4HS1xWg75Glyf5LWBOF
A5fEOZDvQFvu4uJHy9rbjTRTPDRLjsM=
-----END CERTIFICATE-----
Generated at Fri Mar 29 18:21:10 2024 by rpki-client on console-ams.rpki-client.org