Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91776C9/18C3C7682A9D11EEAAB5C953C4F9AE02/6AA1772E2A9D11EEA9539254C4F9AE02.roa
File: 6AA1772E2A9D11EEA9539254C4F9AE02.roa (raw, json)
Hash identifier: dd18KJ7rZU8ey/Wz0ALDVc9szRM2CjEfiq2LoRM1R4E=
Subject key identifier: 51:B5:AD:B1:83:47:FA:CD:84:89:A2:42:FB:06:C7:84:52:A5:AC:3E
Certificate issuer: /CN=A91776C9/serialNumber=9B94CE6E35550A7425BB44162DF37CBFBE053C25
Certificate serial: D9
Authority key identifier: 9B:94:CE:6E:35:55:0A:74:25:BB:44:16:2D:F3:7C:BF:BE:05:3C:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5TObjVVCnQlu0QWLfN8v74FPCU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91776C9/18C3C7682A9D11EEAAB5C953C4F9AE02/6AA1772E2A9D11EEA9539254C4F9AE02.roa
Signing time: Tue 03 Sep 2024 05:48:21 +0000
ROA not before: Tue 03 Sep 2024 05:48:21 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 17823
IP address blocks: 103.155.66.0/24 maxlen: 24
103.206.25.0/24 maxlen: 24
2001:df4:b880::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 217 (0xd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91776C9/serialNumber=9B94CE6E35550A7425BB44162DF37CBFBE053C25
Validity
Not Before: Sep 3 05:48:21 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66d6a324-f803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b2:d6:52:64:16:3e:ad:f3:f8:86:53:9e:d3:
35:67:ab:52:3f:61:14:33:5b:57:6a:17:39:7b:92:
99:62:75:10:be:98:1d:e8:3a:5d:c0:38:ad:02:70:
17:e3:c6:0d:b3:74:04:48:a0:62:53:64:bd:bb:24:
04:55:2e:5b:b2:e7:07:07:ad:08:20:77:14:3b:43:
f6:99:92:9f:bd:b7:d4:bb:80:1a:06:fd:bc:3e:e9:
12:2f:c5:68:a9:00:20:47:4e:56:70:19:10:79:2a:
c6:03:c7:a1:db:17:fc:e1:0c:ee:ff:1f:0e:c9:c3:
10:6c:9e:c0:8b:20:f0:f9:67:d6:18:84:c8:40:2b:
d8:d9:08:29:e6:fc:13:f0:67:40:5d:14:24:3d:8d:
61:ff:70:ca:25:32:b9:93:ac:cf:d4:ad:d9:9a:34:
55:9e:54:71:8f:f0:b5:d5:44:cc:1b:cb:37:61:0e:
d0:27:51:27:03:f4:29:0a:e9:33:02:ec:05:f8:24:
7c:7d:81:6a:69:9b:07:3c:b0:74:97:db:12:25:ee:
24:70:5c:15:32:4f:c5:6f:d0:50:fd:4f:9d:13:e7:
d4:fc:56:d7:e9:d0:87:f6:92:39:5b:df:9e:7b:86:
fd:5f:b1:f9:53:66:57:6c:87:59:80:59:4c:4d:61:
56:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B5:AD:B1:83:47:FA:CD:84:89:A2:42:FB:06:C7:84:52:A5:AC:3E
X509v3 Authority Key Identifier:
keyid:9B:94:CE:6E:35:55:0A:74:25:BB:44:16:2D:F3:7C:BF:BE:05:3C:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91776C9/18C3C7682A9D11EEAAB5C953C4F9AE02/m5TObjVVCnQlu0QWLfN8v74FPCU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5TObjVVCnQlu0QWLfN8v74FPCU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91776C9/18C3C7682A9D11EEAAB5C953C4F9AE02/6AA1772E2A9D11EEA9539254C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.155.66.0/24
103.206.25.0/24
IPv6:
2001:df4:b880::/48
Signature Algorithm: sha256WithRSAEncryption
12:f8:e3:aa:7a:f7:46:3d:44:21:80:60:ae:bb:3d:0b:6b:0e:
1e:96:8a:98:3e:a3:a6:69:f3:b4:96:e8:4c:21:b0:25:ab:73:
5c:0e:7d:66:71:ea:b8:49:bf:db:6e:4e:d3:67:41:e4:c4:8b:
fa:5b:1f:d8:83:61:d1:e8:75:b8:81:09:40:51:3b:82:1c:2c:
56:13:38:e3:27:a3:d6:78:53:b4:4c:0b:ac:9e:51:53:9a:e7:
25:0c:ec:3e:4d:a5:1a:2e:14:ac:fc:81:6f:32:a6:6f:12:d5:
f1:bb:73:4b:fb:5f:16:e7:80:aa:da:7c:f4:0e:e0:ea:08:8b:
b2:14:3c:6f:54:ce:ec:1e:14:bb:22:71:e2:58:23:38:c8:b2:
fc:e2:8b:e1:b8:40:90:36:f7:24:20:cc:fa:d7:31:a9:c6:c4:
59:fa:bb:f5:63:77:1a:49:25:f2:04:46:4d:fc:04:34:4f:6c:
75:5b:31:07:2c:f0:47:0f:4c:cc:88:e7:c7:2f:ea:7c:92:f1:
74:d7:ff:e6:6a:2d:89:b7:fd:1b:c9:be:b5:bf:ac:dc:ce:6c:
4a:95:fc:15:a7:b5:cd:7e:82:fe:6e:db:5b:01:f1:9d:a6:b7:
3d:20:58:58:f5:a2:01:de:29:22:f5:9c:d9:cb:96:4e:e9:d1:
4b:69:2f:68
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICANkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc2QzkxMTAvBgNVBAUTKDlCOTRDRTZFMzU1NTBBNzQyNUJCNDQxNjJERjM3Q0JG
QkUwNTNDMjUwHhcNMjQwOTAzMDU0ODIxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2YTMyNC1mODAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA87LWUmQWPq3z+IZTntM1Z6tSP2EUM1tXahc5e5KZYnUQvpgd6DpdwDitAnAX
48YNs3QESKBiU2S9uyQEVS5bsucHB60IIHcUO0P2mZKfvbfUu4AaBv28PukSL8Vo
qQAgR05WcBkQeSrGA8eh2xf84Qzu/x8OycMQbJ7AiyDw+WfWGITIQCvY2Qgp5vwT
8GdAXRQkPY1h/3DKJTK5k6zP1K3ZmjRVnlRxj/C11UTMG8s3YQ7QJ1EnA/QpCukz
AuwF+CR8fYFqaZsHPLB0l9sSJe4kcFwVMk/Fb9BQ/U+dE+fU/FbX6dCH9pI5W9+e
e4b9X7H5U2ZXbIdZgFlMTWFWjQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFFG1rbGD
R/rNhImiQvsGx4RSpaw+MB8GA1UdIwQYMBaAFJuUzm41VQp0JbtEFi3zfL++BTwl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzZDOS8xOEMzQzc2ODJB
OUQxMUVFQUFCNUM5NTNDNEY5QUUwMi9tNVRPYmpWVkNuUWx1MFFXTGZOOHY3NEZQ
Q1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL201VE9ialZWQ25RbHUwUVdMZk44djc0RlBDVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc2QzkvMThDM0M3NjgyQTlEMTFFRUFBQjVDOTUzQzRGOUFFMDIvNkFBMTc3MkUy
QTlEMTFFRUE5NTM5MjU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnm0IDBABnzhkwDwQCAAIwCQMHACABDfS4gDANBgkqhkiG
9w0BAQsFAAOCAQEAEvjjqnr3Rj1EIYBgrrs9C2sOHpaKmD6jpmnztJboTCGwJatz
XA59ZnHquEm/225O02dB5MSL+lsf2INh0eh1uIEJQFE7ghwsVhM44yej1nhTtEwL
rJ5RU5rnJQzsPk2lGi4UrPyBbzKmbxLV8btzS/tfFueAqtp89A7g6giLshQ8b1TO
7B4UuyJx4lgjOMiy/OKL4bhAkDb3JCDM+tcxqcbEWfq79WN3Gkkl8gRGTfwENE9s
dVsxByzwRw9MzIjnxy/qfJLxdNf/5motibf9G8m+tb+s3M5sSpX8Fae1zX6C/m7b
WwHxnaa3PSBYWPWiAd4pIvWc2cuWTunRS2kvaA==
-----END CERTIFICATE-----
Generated at Wed Sep 11 18:35:54 2024 by rpki-client on console-ams.rpki-client.org