Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91193C1/736E3B48059311EC8921ED85C4F9AE02/86CCE406CF2611ED8AA9236BC4F9AE02.roa
File: 86CCE406CF2611ED8AA9236BC4F9AE02.roa (raw, json)
Hash identifier: C3Z+vF7HoXMnTdVUm9DKjUuSYSfQfKGMp1K856t1zp4=
Subject key identifier: 9A:DD:78:39:C5:94:5D:B0:51:BF:E0:F5:E7:93:60:D6:85:4E:19:82
Certificate issuer: /CN=A91193C1/serialNumber=14548E70949E505F8BA8A5391E466E1E99D3B727
Certificate serial: 03E3
Authority key identifier: 14:54:8E:70:94:9E:50:5F:8B:A8:A5:39:1E:46:6E:1E:99:D3:B7:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FFSOcJSeUF-LqKU5HkZuHpnTtyc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91193C1/736E3B48059311EC8921ED85C4F9AE02/86CCE406CF2611ED8AA9236BC4F9AE02.roa
Signing time: Sat 23 Sep 2023 01:02:38 +0000
ROA not before: Sat 23 Sep 2023 01:02:38 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 139901
IP address blocks: 103.172.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Sep 2024 18:06:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 995 (0x3e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91193C1/serialNumber=14548E70949E505F8BA8A5391E466E1E99D3B727
Validity
Not Before: Sep 23 01:02:38 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=650e392e-bf77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c6:83:9e:df:79:89:be:44:7c:db:bb:78:ea:
26:8d:36:34:64:4f:43:b7:18:94:aa:d4:b0:60:f4:
58:5c:36:90:cc:e5:6b:9f:5f:d3:a6:a6:99:ba:89:
0e:e1:05:63:1e:6d:2b:db:1c:0d:aa:e2:90:02:1b:
d8:ab:0f:a7:fb:47:d9:22:34:10:d5:20:90:f2:83:
59:07:29:b9:47:8a:a5:fa:3a:6c:da:1a:d4:72:4e:
3d:6b:ba:da:93:1d:6f:a3:87:03:21:1b:e3:3f:7e:
e4:11:36:a3:fb:75:b8:34:ab:90:9a:c7:c8:21:f0:
e4:6c:15:fb:8c:af:2c:a0:93:57:3d:0c:30:c4:44:
98:57:d3:e9:6f:31:68:e1:7c:ec:c2:fa:94:fe:31:
be:53:e7:66:45:4b:a8:82:01:cf:b7:bd:af:a4:8e:
2e:7e:1e:58:fa:47:99:0e:b0:63:e7:aa:7c:2d:d0:
bc:29:6e:c8:cf:95:ea:48:ce:f2:39:60:a3:02:5c:
ee:4d:a1:71:9c:11:3f:5d:7d:a3:55:a0:7a:6e:d7:
a2:98:9c:06:1c:5b:37:cf:55:34:37:af:6e:2f:d2:
cf:54:50:db:df:6f:26:45:3c:42:67:cb:23:86:ed:
aa:17:5e:9b:80:a6:69:5e:fe:7e:72:f6:87:6a:ed:
6a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:DD:78:39:C5:94:5D:B0:51:BF:E0:F5:E7:93:60:D6:85:4E:19:82
X509v3 Authority Key Identifier:
keyid:14:54:8E:70:94:9E:50:5F:8B:A8:A5:39:1E:46:6E:1E:99:D3:B7:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91193C1/736E3B48059311EC8921ED85C4F9AE02/FFSOcJSeUF-LqKU5HkZuHpnTtyc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FFSOcJSeUF-LqKU5HkZuHpnTtyc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91193C1/736E3B48059311EC8921ED85C4F9AE02/86CCE406CF2611ED8AA9236BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.39.0/24
Signature Algorithm: sha256WithRSAEncryption
21:af:c0:33:0c:a3:2c:50:47:09:81:6f:5f:fc:f1:76:16:57:
9b:80:f6:c7:5d:94:cd:81:61:a5:eb:be:b5:fd:59:35:4a:41:
10:f9:31:c6:e8:84:39:96:e5:8a:62:a6:d3:8f:83:68:5d:cf:
3e:fb:d0:1a:c7:eb:19:08:ce:5b:47:8b:a8:a6:e1:0c:a6:1b:
ba:4b:8e:89:44:b5:7e:47:74:83:e4:0a:cb:0f:e3:63:64:de:
12:26:31:ad:07:39:7a:1b:e5:fe:13:5d:4a:f0:f8:91:1b:65:
2e:e6:35:e0:9e:1e:be:ff:48:53:14:2d:0e:75:df:3f:4c:bb:
6b:86:90:69:e2:5e:92:3f:26:7e:8e:92:c5:c2:f2:62:dc:68:
db:7f:ff:6e:98:3c:69:92:8d:f4:5f:5d:fd:86:67:31:3a:4e:
b5:88:52:86:3c:c2:41:31:d6:08:4f:f7:6e:72:a2:7f:e3:87:
d5:a6:fc:c1:f6:1f:cc:bb:16:23:ed:eb:b0:9c:33:40:36:dd:
55:aa:75:79:a3:d0:18:a9:23:09:c6:f4:1f:97:31:7e:a5:38:
b6:7f:43:34:a1:0a:49:11:f0:d1:57:d0:ec:d6:03:64:ed:99:
18:bf:c6:2d:25:f6:64:7f:dd:2f:dc:7e:40:43:57:f5:79:8c:
1d:78:2a:68
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA+MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTkzQzExMTAvBgNVBAUTKDE0NTQ4RTcwOTQ5RTUwNUY4QkE4QTUzOTFFNDY2RTFF
OTlEM0I3MjcwHhcNMjMwOTIzMDEwMjM4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBlMzkyZS1iZjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApMaDnt95ib5EfNu7eOomjTY0ZE9DtxiUqtSwYPRYXDaQzOVrn1/TpqaZuokO
4QVjHm0r2xwNquKQAhvYqw+n+0fZIjQQ1SCQ8oNZBym5R4ql+jps2hrUck49a7ra
kx1vo4cDIRvjP37kETaj+3W4NKuQmsfIIfDkbBX7jK8soJNXPQwwxESYV9PpbzFo
4XzswvqU/jG+U+dmRUuoggHPt72vpI4ufh5Y+keZDrBj56p8LdC8KW7Iz5XqSM7y
OWCjAlzuTaFxnBE/XX2jVaB6bteimJwGHFs3z1U0N69uL9LPVFDb328mRTxCZ8sj
hu2qF16bgKZpXv5+cvaHau1qxwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJrdeDnF
lF2wUb/g9eeTYNaFThmCMB8GA1UdIwQYMBaAFBRUjnCUnlBfi6ilOR5Gbh6Z07cn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTNDMS83MzZFM0I0ODA1
OTMxMUVDODkyMUVEODVDNEY5QUUwMi9GRlNPY0pTZVVGLUxxS1U1SGtadUhwblR0
eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZGU09jSlNlVUYtTHFLVTVIa1p1SHBuVHR5Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTkzQzEvNzM2RTNCNDgwNTkzMTFFQzg5MjFFRDg1QzRGOUFFMDIvODZDQ0U0MDZD
RjI2MTFFRDhBQTkyMzZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrCcwDQYJKoZIhvcNAQELBQADggEBACGvwDMMoyxQRwmB
b1/88XYWV5uA9sddlM2BYaXrvrX9WTVKQRD5McbohDmW5YpiptOPg2hdzz770BrH
6xkIzltHi6im4QymG7pLjolEtX5HdIPkCssP42Nk3hImMa0HOXob5f4TXUrw+JEb
ZS7mNeCeHr7/SFMULQ513z9Mu2uGkGniXpI/Jn6OksXC8mLcaNt//26YPGmSjfRf
Xf2GZzE6TrWIUoY8wkEx1ghP925yon/jh9Wm/MH2H8y7FiPt67CcM0A23VWqdXmj
0BipIwnG9B+XMX6lOLZ/QzShCkkR8NFX0OzWA2TtmRi/xi0l9mR/3S/cfkBDV/V5
jB14Kmg=
-----END CERTIFICATE-----
Generated at Thu Sep 19 21:35:30 2024 by rpki-client on console-fra.rpki-client.org