Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91228BC/0E7D64D6DF0D11EBB1130D81C4F9AE02/71178E2806EC11EFA61C4222C4F9AE02.roa
File: 71178E2806EC11EFA61C4222C4F9AE02.roa (raw, json)
Hash identifier: QGhVg1cneu5OV6M9wX2DiLz4A83QRU4pnN1EU3ymUM0=
Subject key identifier: 48:3B:90:F5:51:51:03:8A:5B:5D:62:5C:DB:6D:C2:DD:A1:CC:A2:1C
Certificate issuer: /CN=A91228BC/serialNumber=98B5C6147618FCB64C214DCCC0777413087E9770
Certificate serial: 0505
Authority key identifier: 98:B5:C6:14:76:18:FC:B6:4C:21:4D:CC:C0:77:74:13:08:7E:97:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mLXGFHYY_LZMIU3MwHd0Ewh-l3A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91228BC/0E7D64D6DF0D11EBB1130D81C4F9AE02/71178E2806EC11EFA61C4222C4F9AE02.roa
Signing time: Tue 20 Aug 2024 09:58:46 +0000
ROA not before: Tue 20 Aug 2024 09:58:46 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 149283
IP address blocks: 103.169.98.0/24 maxlen: 24
103.169.99.0/24 maxlen: 24
2001:df6:f580::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Sep 2024 10:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1285 (0x505)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91228BC/serialNumber=98B5C6147618FCB64C214DCCC0777413087E9770
Validity
Not Before: Aug 20 09:58:46 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c468d6-5e38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d3:26:fb:8e:a3:30:bf:bd:2d:2c:c9:90:ea:
ce:b2:97:55:db:0e:37:b2:d3:6c:30:3e:c6:a4:15:
42:0e:88:f0:8b:6b:54:f9:2d:b8:e8:b6:89:f9:bc:
49:ff:f4:ad:40:f6:ea:93:13:d8:c0:b1:88:85:d4:
df:ad:07:d4:8f:70:a3:fa:97:42:19:57:c1:f8:f9:
06:b0:c3:b4:17:de:dd:68:32:e4:34:ee:f8:e2:8d:
48:19:c5:16:de:e3:26:ba:9e:96:c9:e9:c4:7d:c9:
7e:21:90:dc:2b:3d:14:57:4b:48:9e:c0:e6:37:db:
8b:5a:91:2e:ba:da:72:2f:b7:c2:d0:06:c1:55:c5:
d1:95:96:f2:3d:df:71:f6:86:ce:e6:47:e2:27:8c:
90:dd:da:01:62:5d:27:83:75:03:90:62:9e:b1:42:
a5:1e:c2:62:a4:db:ff:f8:d7:0c:3e:7c:01:ef:d4:
e8:45:7c:6e:40:19:b1:c8:47:82:7c:42:74:23:4c:
d7:3a:7b:3d:09:5f:e3:b5:bc:ec:83:73:e5:f1:61:
a6:94:78:e8:51:16:d3:ec:e7:80:ae:80:fb:3c:ae:
1d:0b:eb:1a:75:ee:8a:9d:e3:98:c3:1a:74:2e:b2:
aa:ed:7c:05:09:e1:a8:73:50:25:20:4b:b7:59:6e:
2d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3B:90:F5:51:51:03:8A:5B:5D:62:5C:DB:6D:C2:DD:A1:CC:A2:1C
X509v3 Authority Key Identifier:
keyid:98:B5:C6:14:76:18:FC:B6:4C:21:4D:CC:C0:77:74:13:08:7E:97:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91228BC/0E7D64D6DF0D11EBB1130D81C4F9AE02/mLXGFHYY_LZMIU3MwHd0Ewh-l3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mLXGFHYY_LZMIU3MwHd0Ewh-l3A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91228BC/0E7D64D6DF0D11EBB1130D81C4F9AE02/71178E2806EC11EFA61C4222C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.169.98.0/23
IPv6:
2001:df6:f580::/48
Signature Algorithm: sha256WithRSAEncryption
91:8c:37:07:ac:f3:a6:da:23:ed:45:37:fe:3c:37:9d:50:8f:
d3:5a:7e:40:0a:5d:06:1b:f1:03:2d:2d:82:da:8f:c8:ea:00:
35:6f:ae:18:13:fa:72:aa:0e:a3:c6:9b:cf:45:d0:9d:02:68:
84:64:b1:b0:94:6d:23:c7:30:06:c9:13:a0:4c:e7:ba:f0:4f:
89:bd:03:47:82:17:33:9a:b7:5e:e1:37:49:36:3c:b0:e4:d8:
c1:92:23:f0:aa:3d:b1:a9:55:7f:96:89:52:bf:e8:0b:75:5d:
27:07:e6:1c:f1:d2:dd:4b:52:90:6d:1c:4b:ff:a2:54:21:16:
d8:cb:6e:b1:b6:85:dd:5e:c0:e7:1d:6f:36:3f:4a:7e:ef:4e:
44:13:89:71:ba:5e:b3:ad:93:ec:a1:15:b7:3e:41:58:e6:bc:
d8:95:bc:3c:84:d0:42:2c:fd:98:5b:f0:7f:4c:7d:81:ab:9e:
26:0f:30:a1:ec:48:37:07:22:5e:a3:e2:94:37:7b:d6:33:8a:
f3:6d:b7:f8:72:61:e2:e6:da:46:c9:69:ff:4d:00:47:6b:c7:
1c:4b:68:76:ba:ab:76:e3:82:d0:51:69:26:ad:be:00:db:4d:
fe:7d:d5:ae:fa:df:7b:9c:ab:16:0e:cd:a5:38:f7:73:8d:4e:
2d:84:3e:0a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBQUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjI4QkMxMTAvBgNVBAUTKDk4QjVDNjE0NzYxOEZDQjY0QzIxNERDQ0MwNzc3NDEz
MDg3RTk3NzAwHhcNMjQwODIwMDk1ODQ2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0NjhkNi01ZTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAndMm+46jML+9LSzJkOrOspdV2w43stNsMD7GpBVCDojwi2tU+S246LaJ+bxJ
//StQPbqkxPYwLGIhdTfrQfUj3Cj+pdCGVfB+PkGsMO0F97daDLkNO744o1IGcUW
3uMmup6WyenEfcl+IZDcKz0UV0tInsDmN9uLWpEuutpyL7fC0AbBVcXRlZbyPd9x
9obO5kfiJ4yQ3doBYl0ng3UDkGKesUKlHsJipNv/+NcMPnwB79ToRXxuQBmxyEeC
fEJ0I0zXOns9CV/jtbzsg3Pl8WGmlHjoURbT7OeAroD7PK4dC+sade6KneOYwxp0
LrKq7XwFCeGoc1AlIEu3WW4tiwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFEg7kPVR
UQOKW11iXNttwt2hzKIcMB8GA1UdIwQYMBaAFJi1xhR2GPy2TCFNzMB3dBMIfpdw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjhCQy8wRTdENjRENkRG
MEQxMUVCQjExMzBEODFDNEY5QUUwMi9tTFhHRkhZWV9MWk1JVTNNd0hkMEV3aC1s
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21MWEdGSFlZX0xaTUlVM013SGQwRXdoLWwzQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjI4QkMvMEU3RDY0RDZERjBEMTFFQkIxMTMwRDgxQzRGOUFFMDIvNzExNzhFMjgw
NkVDMTFFRkE2MUM0MjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnqWIwDwQCAAIwCQMHACABDfb1gDANBgkqhkiG9w0BAQsF
AAOCAQEAkYw3B6zzptoj7UU3/jw3nVCP01p+QApdBhvxAy0tgtqPyOoANW+uGBP6
cqoOo8abz0XQnQJohGSxsJRtI8cwBskToEznuvBPib0DR4IXM5q3XuE3STY8sOTY
wZIj8Ko9salVf5aJUr/oC3VdJwfmHPHS3UtSkG0cS/+iVCEW2MtusbaF3V7A5x1v
Nj9Kfu9ORBOJcbpes62T7KEVtz5BWOa82JW8PITQQiz9mFvwf0x9gaueJg8woexI
NwciXqPilDd71jOK8223+HJh4ubaRslp/00AR2vHHEtodrqrduOC0FFpJq2+ANtN
/n3Vrvrfe5yrFg7NpTj3c41OLYQ+Cg==
-----END CERTIFICATE-----
Generated at Wed Sep 25 13:23:02 2024 by rpki-client on console-ams.rpki-client.org