Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/FEDC5CF28DCF11EEB199167BC4F9AE02.roa
File: FEDC5CF28DCF11EEB199167BC4F9AE02.roa (raw, json)
Hash identifier: P6d3ddwhCGEi0r6Fnhb96qH2ZSSZuRqI0NYUW0Da1WY=
Subject key identifier: 75:13:B4:32:16:BA:2E:9D:EA:81:B4:B4:05:ED:1C:FB:7C:5B:64:DD
Certificate issuer: /CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Certificate serial: EA
Authority key identifier: D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/FEDC5CF28DCF11EEB199167BC4F9AE02.roa
Signing time: Wed 03 Jan 2024 05:25:57 +0000
ROA not before: Wed 03 Jan 2024 05:25:57 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 3356
IP address blocks: 103.73.34.0/24 maxlen: 24
103.73.35.0/24 maxlen: 24
103.99.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 09:23:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234 (0xea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Validity
Not Before: Jan 3 05:25:57 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6594efe5-4a55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:15:3e:86:42:d1:cc:c0:34:ad:84:69:5e:d5:
aa:10:e2:45:3b:11:0c:11:b3:36:93:8b:0f:ba:45:
db:3e:1f:82:3d:89:af:50:3e:9a:4d:ec:44:70:69:
19:59:8e:23:eb:63:18:16:c3:30:76:a4:4d:29:e0:
0d:e2:71:9e:4a:97:63:f7:b4:c7:1c:63:4f:e5:11:
d0:22:c9:d4:18:d7:2e:ff:ff:1e:51:d1:88:c6:9c:
5b:3b:4e:81:91:2b:29:70:66:41:6a:e7:89:9d:7f:
92:eb:a3:20:74:ac:d8:56:ae:16:9e:cf:d1:32:34:
cc:53:95:17:77:d9:d9:d1:bd:95:67:1e:d0:05:ba:
1d:6d:17:25:ab:cb:00:42:2b:6a:99:5a:17:65:3f:
88:26:99:7a:b4:1e:bb:a4:21:be:e7:21:88:db:4b:
fb:d7:43:72:0e:5b:f8:20:d5:ce:bf:22:c6:21:cd:
89:1d:25:ec:7f:57:25:76:0e:62:f6:ee:2a:15:40:
2c:b1:11:67:81:3c:64:3d:4d:a1:7c:48:df:52:8e:
55:48:8b:2a:35:01:f2:19:12:60:79:a7:98:08:f0:
66:c2:ca:73:42:c1:00:7e:fd:6d:9d:24:df:13:70:
9c:e5:bb:3d:51:fb:b5:ba:7e:4e:2f:6c:f9:2b:4c:
ef:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:13:B4:32:16:BA:2E:9D:EA:81:B4:B4:05:ED:1C:FB:7C:5B:64:DD
X509v3 Authority Key Identifier:
keyid:D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/0bjmcZc1WQIPhwPRfc2JJpLmQKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/FEDC5CF28DCF11EEB199167BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.34.0/23
103.99.32.0/24
Signature Algorithm: sha256WithRSAEncryption
38:b4:ca:e5:c6:7c:c4:94:fd:fa:81:f7:e9:e3:09:ac:42:50:
8d:23:1e:4f:9b:26:5e:0d:f4:52:13:bc:bd:b9:68:f0:68:87:
e3:f7:52:bd:5c:15:60:17:47:6b:a6:5f:5e:a9:2b:e3:a7:a7:
55:75:57:e5:4d:ac:eb:77:f9:55:ca:c2:2c:ce:81:f9:13:2a:
47:75:6a:30:9d:1e:e8:a0:77:80:1e:cf:8c:a9:46:87:7a:1a:
55:6d:30:c7:86:00:e4:e4:60:aa:0b:9f:d3:52:27:dc:cb:1c:
44:a5:a7:a9:64:ea:85:c5:f6:7f:6d:67:8b:1e:3f:f7:d8:c4:
80:1d:48:90:5e:9f:98:b7:48:41:31:2b:61:1f:6f:2a:b7:8b:
53:a0:ba:52:ed:1d:87:ab:8e:11:49:3a:e2:5f:2d:dc:0b:61:
91:4a:1e:f5:08:4e:ac:e6:b0:78:ce:73:0d:cd:7e:51:ae:c6:
ed:13:7d:d3:9c:22:43:11:c7:d5:1b:09:81:36:3b:82:0b:e6:
77:ab:09:b4:d7:b0:99:71:e6:ba:f0:11:ad:19:06:c3:36:5c:
00:e7:a4:3e:d7:7d:55:35:5f:9e:a9:e7:3d:82:c9:eb:bf:5d:
ae:c9:64:5f:22:ca:02:36:1f:00:ba:89:a1:66:81:3c:b4:ef:
11:5d:f0:46
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVDMDgxMTAvBgNVBAUTKEQxQjhFNjcxOTczNTU5MDIwRjg3MDNEMTdEQ0Q4OTI2
OTJFNjQwQTIwHhcNMjQwMTAzMDUyNTU3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk0ZWZlNS00YTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtxU+hkLRzMA0rYRpXtWqEOJFOxEMEbM2k4sPukXbPh+CPYmvUD6aTexEcGkZ
WY4j62MYFsMwdqRNKeAN4nGeSpdj97THHGNP5RHQIsnUGNcu//8eUdGIxpxbO06B
kSspcGZBaueJnX+S66MgdKzYVq4Wns/RMjTMU5UXd9nZ0b2VZx7QBbodbRclq8sA
QitqmVoXZT+IJpl6tB67pCG+5yGI20v710NyDlv4INXOvyLGIc2JHSXsf1cldg5i
9u4qFUAssRFngTxkPU2hfEjfUo5VSIsqNQHyGRJgeaeYCPBmwspzQsEAfv1tnSTf
E3Cc5bs9Ufu1un5OL2z5K0zvHwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHUTtDIW
ui6d6oG0tAXtHPt8W2TdMB8GA1UdIwQYMBaAFNG45nGXNVkCD4cD0X3NiSaS5kCi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUMwOC84MTJBMkM1ODdE
M0IxMUVEOThCRjlFNDhDNEY5QUUwMi8wYmptY1pjMVdRSVBod1BSZmMySkpwTG1R
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBiam1jWmMxV1FJUGh3UFJmYzJKSnBMbVFLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVDMDgvODEyQTJDNTg3RDNCMTFFRDk4QkY5RTQ4QzRGOUFFMDIvRkVEQzVDRjI4
RENGMTFFRUIxOTkxNjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnSSIDBABnYyAwDQYJKoZIhvcNAQELBQADggEBADi0yuXG
fMSU/fqB9+njCaxCUI0jHk+bJl4N9FITvL25aPBoh+P3Ur1cFWAXR2umX16pK+On
p1V1V+VNrOt3+VXKwizOgfkTKkd1ajCdHuigd4Aez4ypRod6GlVtMMeGAOTkYKoL
n9NSJ9zLHESlp6lk6oXF9n9tZ4seP/fYxIAdSJBen5i3SEExK2Efbyq3i1OgulLt
HYerjhFJOuJfLdwLYZFKHvUITqzmsHjOcw3NflGuxu0TfdOcIkMRx9UbCYE2O4IL
5nerCbTXsJlx5rrwEa0ZBsM2XADnpD7XfVU1X56p5z2Cyeu/Xa7JZF8iygI2HwC6
iaFmgTy07xFd8EY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org