Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/FC30C80A34EF11EEB8AE456DC4F9AE02.roa
File: FC30C80A34EF11EEB8AE456DC4F9AE02.roa (raw, json)
Hash identifier: lkuZ5QUVhk1syECojOkbyf9dMCD/rACXNLx9aitgvMw=
Subject key identifier: 87:40:53:80:5C:BE:34:7D:A6:03:3B:01:C7:B1:66:0A:BC:84:24:14
Certificate issuer: /CN=A917270F/serialNumber=7E44DCE972F13C80E534B2E685FE1D2A0D761512
Certificate serial: 0240
Authority key identifier: 7E:44:DC:E9:72:F1:3C:80:E5:34:B2:E6:85:FE:1D:2A:0D:76:15:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fkTc6XLxPIDlNLLmhf4dKg12FRI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/FC30C80A34EF11EEB8AE456DC4F9AE02.roa
Signing time: Tue 19 Nov 2024 17:29:25 +0000
ROA not before: Tue 19 Nov 2024 17:29:25 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 139029
IP address blocks: 103.191.163.0/24 maxlen: 24
2400:96e0:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 20 Nov 2024 12:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 576 (0x240)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917270F/serialNumber=7E44DCE972F13C80E534B2E685FE1D2A0D761512
Validity
Not Before: Nov 19 17:29:25 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=673ccaf5-0427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8f:6d:6f:fb:4c:2f:41:1c:f9:96:6d:ad:55:
64:b9:e0:e2:00:24:19:08:03:e9:31:f6:fc:53:36:
5e:2f:9a:fe:ac:f9:51:02:47:2b:63:2e:4f:b8:17:
5d:7f:ad:3a:e4:d2:14:1f:0a:c0:6b:65:3d:73:e1:
c6:28:3b:ac:90:e9:28:73:54:d4:de:1a:9b:e3:23:
2b:ff:d4:08:97:23:4e:a0:b9:1e:7d:a3:30:ff:66:
85:f9:f4:49:78:1f:1f:ab:7b:88:0f:c2:1f:2b:e8:
a7:9f:69:45:0e:9a:4f:46:8f:16:60:c7:df:e0:5e:
48:99:e2:02:91:68:26:a7:80:ed:93:fe:e0:82:f7:
63:f0:76:41:43:d6:2f:45:7e:02:eb:3a:35:50:62:
f5:1c:b2:c7:1d:55:6a:cc:92:2b:81:3e:ff:b3:cb:
99:a9:0b:6d:af:bb:9f:ae:76:c6:7a:4a:87:0c:95:
b1:f1:ea:e3:17:a5:80:5d:31:a3:46:1d:40:a7:fe:
70:8e:86:1d:f6:72:48:e9:69:be:0a:ad:9a:fa:21:
54:30:e3:51:3d:dd:42:9b:e5:4e:c3:f8:c9:33:84:
f8:44:02:70:d3:c7:ca:49:60:fd:4d:63:01:fb:30:
69:75:7c:f0:44:e1:bd:83:8f:d3:d5:ae:38:cb:15:
bf:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:40:53:80:5C:BE:34:7D:A6:03:3B:01:C7:B1:66:0A:BC:84:24:14
X509v3 Authority Key Identifier:
keyid:7E:44:DC:E9:72:F1:3C:80:E5:34:B2:E6:85:FE:1D:2A:0D:76:15:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/fkTc6XLxPIDlNLLmhf4dKg12FRI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fkTc6XLxPIDlNLLmhf4dKg12FRI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/FC30C80A34EF11EEB8AE456DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.191.163.0/24
IPv6:
2400:96e0:6::/48
Signature Algorithm: sha256WithRSAEncryption
9a:0d:e7:a2:55:40:c8:5a:e5:d3:64:54:22:12:3a:35:00:20:
81:ce:d7:ea:f4:0b:ae:c6:78:ac:cf:b1:f1:3e:6e:7e:4a:25:
3b:d9:77:7d:57:0c:5c:ba:ac:d0:02:d3:5f:6e:66:67:ad:0a:
6f:61:1d:bd:13:52:b9:54:aa:24:17:35:9a:f1:45:38:40:e6:
46:39:4a:b8:e9:f3:c9:d6:d2:d5:56:a9:8f:4f:06:0d:9c:35:
e2:73:99:b2:bd:5b:74:75:13:22:4a:e8:12:90:f4:14:c3:48:
b4:d6:d2:bd:ea:f7:77:41:17:4f:4b:9b:05:84:8e:68:60:4f:
68:eb:0b:8e:ea:f9:71:58:23:d6:e7:51:0f:85:b6:6d:83:2b:
ca:ca:03:cc:e7:c4:ce:aa:7d:88:dd:99:51:ba:40:1f:74:28:
af:56:8a:a3:cf:8a:0d:e0:14:3a:37:bc:7e:70:ee:a5:64:db:
1e:60:7c:8f:08:d5:3e:90:b7:e6:10:ad:51:e8:20:19:fb:9d:
f6:bc:89:e9:6a:da:85:a9:23:8a:38:b1:2e:1c:f0:0d:9f:b2:
1f:59:aa:78:ef:d7:74:e7:a8:e7:f7:ee:5b:49:48:1e:01:0d:
19:9a:9d:99:8a:90:45:23:29:a9:01:50:e2:a0:4d:b5:a8:30:
a0:b9:15:ee
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAkAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzI3MEYxMTAvBgNVBAUTKDdFNDREQ0U5NzJGMTNDODBFNTM0QjJFNjg1RkUxRDJB
MEQ3NjE1MTIwHhcNMjQxMTE5MTcyOTI1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNjY2FmNS0wNDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1I9tb/tML0Ec+ZZtrVVkueDiACQZCAPpMfb8UzZeL5r+rPlRAkcrYy5PuBdd
f6065NIUHwrAa2U9c+HGKDuskOkoc1TU3hqb4yMr/9QIlyNOoLkefaMw/2aF+fRJ
eB8fq3uID8IfK+inn2lFDppPRo8WYMff4F5ImeICkWgmp4Dtk/7ggvdj8HZBQ9Yv
RX4C6zo1UGL1HLLHHVVqzJIrgT7/s8uZqQttr7ufrnbGekqHDJWx8erjF6WAXTGj
Rh1Ap/5wjoYd9nJI6Wm+Cq2a+iFUMONRPd1Cm+VOw/jJM4T4RAJw08fKSWD9TWMB
+zBpdXzwROG9g4/T1a44yxW/uwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIdAU4Bc
vjR9pgM7AcexZgq8hCQUMB8GA1UdIwQYMBaAFH5E3Oly8TyA5TSy5oX+HSoNdhUS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjcwRi9EQzVFNzRDQTA4
RTgxMUVEQjlFMUI2MzNDNEY5QUUwMi9ma1RjNlhMeFBJRGxOTExtaGY0ZEtnMTJG
UkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZrVGM2WEx4UElEbE5MTG1oZjRkS2cxMkZSSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzI3MEYvREM1RTc0Q0EwOEU4MTFFREI5RTFCNjMzQzRGOUFFMDIvRkMzMEM4MEEz
NEVGMTFFRUI4QUU0NTZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnv6MwDwQCAAIwCQMHACQAluAABjANBgkqhkiG9w0BAQsF
AAOCAQEAmg3nolVAyFrl02RUIhI6NQAggc7X6vQLrsZ4rM+x8T5ufkolO9l3fVcM
XLqs0ALTX25mZ60Kb2EdvRNSuVSqJBc1mvFFOEDmRjlKuOnzydbS1Vapj08GDZw1
4nOZsr1bdHUTIkroEpD0FMNItNbSver3d0EXT0ubBYSOaGBPaOsLjur5cVgj1udR
D4W2bYMrysoDzOfEzqp9iN2ZUbpAH3Qor1aKo8+KDeAUOje8fnDupWTbHmB8jwjV
PpC35hCtUeggGfud9ryJ6WrahakjijixLhzwDZ+yH1mqeO/XdOeo5/fuW0lIHgEN
GZqdmYqQRSMpqQFQ4qBNtagwoLkV7g==
-----END CERTIFICATE-----
Generated at Wed Nov 20 15:03:35 2024 by rpki-client on console-fra.rpki-client.org