Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C33/956CB086981B11EEAB0FC922C4F9AE02/EEF1367C981B11EEB65A4123C4F9AE02.roa
File: EEF1367C981B11EEB65A4123C4F9AE02.roa (raw, json)
Hash identifier: OIRBBLZIdrrrdEXVrj7e5/EFzlaESe6ZZCj/ZYHw5YM=
Subject key identifier: 03:9E:63:2B:42:00:90:56:CF:FB:E9:46:39:A4:AB:F6:47:8E:F5:DB
Certificate issuer: /CN=A9128C33/serialNumber=AF2EE04412356ABFD8E19AE2C1B22A737CDF5E9E
Certificate serial: 21
Authority key identifier: AF:2E:E0:44:12:35:6A:BF:D8:E1:9A:E2:C1:B2:2A:73:7C:DF:5E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ry7gRBI1ar_Y4ZriwbIqc3zfXp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9128C33/956CB086981B11EEAB0FC922C4F9AE02/EEF1367C981B11EEB65A4123C4F9AE02.roa
Signing time: Thu 01 Feb 2024 11:23:36 +0000
ROA not before: Thu 01 Feb 2024 11:23:36 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 151671
IP address blocks: 103.255.96.0/23 maxlen: 23
103.255.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 06:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33 (0x21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9128C33/serialNumber=AF2EE04412356ABFD8E19AE2C1B22A737CDF5E9E
Validity
Not Before: Feb 1 11:23:36 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65bb7f38-3238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b9:b2:36:24:23:f6:7b:1d:45:e2:9a:7b:02:
03:c4:7c:db:c6:25:ae:e6:de:c3:dc:35:f0:2a:f4:
a5:74:d2:4e:71:da:b1:96:96:6e:13:96:f7:c2:57:
54:92:1b:01:04:0c:33:8c:25:48:c4:4a:4f:9d:e8:
74:b1:fc:d2:31:ca:a5:15:42:3a:16:46:7c:e8:92:
d7:60:51:0b:6d:b7:af:50:e0:60:6b:45:ba:42:c1:
43:41:a5:23:11:03:8d:fb:99:d4:12:52:38:cd:9f:
13:a9:4c:ea:c7:13:d8:c5:2c:dd:df:19:cc:da:23:
20:ba:9b:78:1a:11:13:0b:27:d9:e2:d7:97:c9:22:
3d:a1:46:51:5f:61:4b:74:ee:3e:ef:6f:2f:5e:b2:
85:b2:82:77:2d:d8:d0:bf:d1:5b:c8:0f:89:73:33:
3d:e4:3e:1c:01:3a:57:61:2b:f1:b1:a1:ef:83:95:
a2:37:c0:20:b3:fe:7e:f3:e4:08:c9:6d:1a:75:0e:
99:28:67:40:ba:4c:a6:fd:0b:40:1a:d5:63:fa:48:
d0:78:d0:b2:01:d8:77:fc:86:d5:b8:a0:f4:5b:85:
9b:76:0a:99:64:38:7c:ea:47:f5:50:ec:54:e1:a1:
82:0e:16:4b:8e:0c:9b:fd:73:65:83:f8:5d:e2:d1:
fb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:9E:63:2B:42:00:90:56:CF:FB:E9:46:39:A4:AB:F6:47:8E:F5:DB
X509v3 Authority Key Identifier:
keyid:AF:2E:E0:44:12:35:6A:BF:D8:E1:9A:E2:C1:B2:2A:73:7C:DF:5E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9128C33/956CB086981B11EEAB0FC922C4F9AE02/ry7gRBI1ar_Y4ZriwbIqc3zfXp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ry7gRBI1ar_Y4ZriwbIqc3zfXp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C33/956CB086981B11EEAB0FC922C4F9AE02/EEF1367C981B11EEB65A4123C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.96.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:65:ef:f3:1b:a2:6c:4a:86:d9:a2:3e:ec:42:c8:c8:a6:f8:
16:00:9a:58:12:48:ad:06:3a:52:7d:45:4c:9f:89:ca:bf:b5:
ce:8d:8c:af:6e:00:d8:db:64:f2:cf:b6:a9:f2:ac:cf:48:32:
d0:13:22:8a:ca:07:cb:83:7e:5f:7a:d3:95:1a:58:9c:01:a0:
4d:89:7d:03:95:9d:55:34:7a:1b:6d:93:24:b8:56:79:9e:08:
d6:6f:74:7d:ad:97:b4:30:19:14:7d:c0:c0:43:43:5c:cd:34:
21:9d:a3:5f:ee:b8:dc:f2:39:52:72:bb:10:d0:ce:02:25:87:
0a:66:52:89:5e:54:85:3f:b2:84:56:a6:1e:4d:c5:fc:9a:db:
84:ca:5b:1a:9b:08:7f:a3:63:81:42:23:7c:3a:1d:83:9c:71:
fc:22:94:28:e5:3d:79:3e:a6:e5:fd:7e:9e:5c:50:b0:47:3a:
ce:58:6e:3a:c6:18:7d:9d:78:2a:ac:70:4b:14:5a:ee:03:3d:
81:a2:4e:90:43:a5:fe:7d:f9:93:88:bf:bc:a9:13:c9:78:6d:
73:b0:c8:f4:6b:2f:1b:17:92:d2:b1:2e:ea:d5:d3:1f:10:b2:
e9:ce:da:99:85:99:7f:2d:39:e2:aa:0c:97:c8:85:cb:5c:f2:
89:75:33:0f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
OEMzMzExMC8GA1UEBRMoQUYyRUUwNDQxMjM1NkFCRkQ4RTE5QUUyQzFCMjJBNzM3
Q0RGNUU5RTAeFw0yNDAyMDExMTIzMzZaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YmI3ZjM4LTMyMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYubI2JCP2ex1F4pp7AgPEfNvGJa7m3sPcNfAq9KV00k5x2rGWlm4TlvfCV1SS
GwEEDDOMJUjESk+d6HSx/NIxyqUVQjoWRnzoktdgUQttt69Q4GBrRbpCwUNBpSMR
A437mdQSUjjNnxOpTOrHE9jFLN3fGczaIyC6m3gaERMLJ9ni15fJIj2hRlFfYUt0
7j7vby9esoWygnct2NC/0VvID4lzMz3kPhwBOldhK/Gxoe+DlaI3wCCz/n7z5AjJ
bRp1DpkoZ0C6TKb9C0Aa1WP6SNB40LIB2Hf8htW4oPRbhZt2CplkOHzqR/VQ7FTh
oYIOFkuODJv9c2WD+F3i0fsfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUA55jK0IA
kFbP++lGOaSr9keO9dswHwYDVR0jBBgwFoAUry7gRBI1ar/Y4ZriwbIqc3zfXp4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4QzMzLzk1NkNCMDg2OTgx
QjExRUVBQjBGQzkyMkM0RjlBRTAyL3J5N2dSQkkxYXJfWTRacml3YklxYzN6Zlhw
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcnk3Z1JCSTFhcl9ZNFpyaXdiSXFjM3pmWHA0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
OEMzMy85NTZDQjA4Njk4MUIxMUVFQUIwRkM5MjJDNEY5QUUwMi9FRUYxMzY3Qzk4
MUIxMUVFQjY1QTQxMjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWf/YDANBgkqhkiG9w0BAQsFAAOCAQEAsmXv8xuibEqG2aI+
7ELIyKb4FgCaWBJIrQY6Un1FTJ+Jyr+1zo2Mr24A2Ntk8s+2qfKsz0gy0BMiisoH
y4N+X3rTlRpYnAGgTYl9A5WdVTR6G22TJLhWeZ4I1m90fa2XtDAZFH3AwENDXM00
IZ2jX+643PI5UnK7ENDOAiWHCmZSiV5UhT+yhFamHk3F/JrbhMpbGpsIf6NjgUIj
fDodg5xx/CKUKOU9eT6m5f1+nlxQsEc6zlhuOsYYfZ14KqxwSxRa7gM9gaJOkEOl
/n35k4i/vKkTyXhtc7DI9GsvGxeS0rEu6tXTHxCy6c7amYWZfy054qoMl8iFy1zy
iXUzDw==
-----END CERTIFICATE-----
Generated at Fri Feb 2 06:51:45 2024 by rpki-client on console-ams.rpki-client.org