Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/CB721004BFC311ECA367B151C4F9AE02.roa
File: CB721004BFC311ECA367B151C4F9AE02.roa (raw, json)
Hash identifier: 6iwngJGGQi8vcxj/ZyFCxMN7dYsn1ELzJAokj8xLib0=
Subject key identifier: 3C:DB:65:A7:76:24:ED:7D:76:D3:30:1D:73:F8:E0:31:85:0B:C0:5E
Certificate issuer: /CN=A918A96A/serialNumber=F02245353FC1F194A9022A4AC01977DE5FDE36F9
Certificate serial: 0281
Authority key identifier: F0:22:45:35:3F:C1:F1:94:A9:02:2A:4A:C0:19:77:DE:5F:DE:36:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8CJFNT_B8ZSpAipKwBl33l_eNvk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/CB721004BFC311ECA367B151C4F9AE02.roa
Signing time: Wed 03 Apr 2024 04:06:28 +0000
ROA not before: Wed 03 Apr 2024 04:06:28 +0000
ROA not after: Thu 01 Aug 2024 00:00:00 +0000
asID: 136520
IP address blocks: 103.91.194.0/24 maxlen: 24
103.123.238.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 May 2024 04:07:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 641 (0x281)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A96A/serialNumber=F02245353FC1F194A9022A4AC01977DE5FDE36F9
Validity
Not Before: Apr 3 04:06:28 2024 GMT
Not After : Aug 1 00:00:00 2024 GMT
Subject: CN=660cd5c3-7228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:39:01:a0:07:8c:0f:0b:a8:a3:32:02:66:45:
a4:04:80:ba:4e:64:77:a8:7a:1c:f3:73:92:b0:5d:
3e:a0:dd:6a:1e:d7:b6:fb:d1:5c:a1:b8:83:ac:d0:
9b:9c:a3:20:d0:34:ef:a7:99:16:50:4d:06:e2:b2:
22:26:3c:ec:08:f6:1d:77:0d:5c:b8:a4:bf:ff:e3:
95:37:d6:d4:03:39:89:51:72:ab:62:45:4c:1e:23:
65:cc:e9:82:fa:dc:93:7e:78:46:27:c6:79:11:3e:
18:06:f8:a8:e9:a0:f8:b3:71:2b:5c:1e:4e:31:6c:
86:29:d5:60:94:90:da:70:b7:db:be:4d:be:51:df:
9c:aa:1e:ab:22:aa:25:e1:54:2e:f0:db:6a:c3:d0:
aa:c5:3b:d4:1c:87:69:fc:1b:45:32:0a:1c:78:25:
ec:de:45:bc:8a:ab:09:f3:b6:bb:85:f9:08:70:5c:
6b:64:7f:7e:71:ee:85:76:58:d7:b7:72:2c:46:33:
8e:72:0a:54:d0:d3:18:15:2e:90:6f:96:be:26:9d:
82:06:6f:52:be:b8:b5:b4:bf:e4:4e:ec:2f:ac:f4:
30:d6:ec:ed:8c:da:c6:bb:90:e8:32:14:82:76:26:
7d:ea:e7:1b:ff:d5:2d:e9:cf:17:eb:8a:b7:ab:59:
c4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DB:65:A7:76:24:ED:7D:76:D3:30:1D:73:F8:E0:31:85:0B:C0:5E
X509v3 Authority Key Identifier:
keyid:F0:22:45:35:3F:C1:F1:94:A9:02:2A:4A:C0:19:77:DE:5F:DE:36:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8CJFNT_B8ZSpAipKwBl33l_eNvk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/CB721004BFC311ECA367B151C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.194.0/24
103.123.238.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:f2:18:45:f1:cb:5a:f5:d5:a4:26:00:fd:be:df:c7:d8:82:
f6:60:23:92:11:30:5d:ba:91:93:2c:46:ac:18:57:a1:67:14:
ed:61:85:fb:3b:e8:07:ce:f6:33:37:0d:0d:5e:7f:1c:15:af:
79:ee:27:98:94:24:81:e5:64:63:4c:b8:b4:2b:e3:3f:e4:51:
d8:bb:37:c4:89:46:2a:0f:f7:a2:fb:c4:fe:42:51:c1:53:c3:
42:d8:79:ed:ab:4a:60:b2:8c:a4:51:3c:c0:53:1e:ca:62:b3:
88:a0:c8:55:ee:a0:99:b5:3c:78:d1:bf:0f:5d:5f:c1:70:d9:
57:2d:7b:9f:9e:65:b7:6d:59:df:07:f1:32:08:33:cd:4c:4e:
78:7f:f1:0b:0c:be:3c:03:90:5a:0e:60:cb:76:d4:ec:26:47:
74:3d:a7:bb:e3:6d:74:b9:ba:c8:0a:e7:84:a4:d8:02:5a:53:
78:fc:77:0a:ca:10:21:1e:12:c5:55:a5:62:89:4a:4d:19:e6:
eb:f1:ea:71:c9:02:a2:b3:7a:69:34:7a:a6:50:ea:e5:60:32:
61:a8:cd:2a:1c:1c:76:56:e3:dd:f0:cb:89:ee:f5:3d:af:b1:
e1:98:22:98:4a:8b:0b:5c:37:a2:41:d9:b5:52:9b:5f:e3:16:
35:20:40:da
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAoEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEE5NkExMTAvBgNVBAUTKEYwMjI0NTM1M0ZDMUYxOTRBOTAyMkE0QUMwMTk3N0RF
NUZERTM2RjkwHhcNMjQwNDAzMDQwNjI4WhcNMjQwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjZDVjMy03MjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwzkBoAeMDwuoozICZkWkBIC6TmR3qHoc83OSsF0+oN1qHte2+9FcobiDrNCb
nKMg0DTvp5kWUE0G4rIiJjzsCPYddw1cuKS//+OVN9bUAzmJUXKrYkVMHiNlzOmC
+tyTfnhGJ8Z5ET4YBvio6aD4s3ErXB5OMWyGKdVglJDacLfbvk2+Ud+cqh6rIqol
4VQu8Ntqw9CqxTvUHIdp/BtFMgoceCXs3kW8iqsJ87a7hfkIcFxrZH9+ce6FdljX
t3IsRjOOcgpU0NMYFS6Qb5a+Jp2CBm9Svri1tL/kTuwvrPQw1uztjNrGu5DoMhSC
diZ96ucb/9Ut6c8X64q3q1nEjQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDzbZad2
JO19dtMwHXP44DGFC8BeMB8GA1UdIwQYMBaAFPAiRTU/wfGUqQIqSsAZd95f3jb5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTk2QS8yODc4NUY2MEJG
QkYxMUVDQUVENDhDNzFDNEY5QUUwMi84Q0pGTlRfQjhaU3BBaXBLd0JsMzNsX2VO
dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhDSkZOVF9COFpTcEFpcEt3QmwzM2xfZU52ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEE5NkEvMjg3ODVGNjBCRkJGMTFFQ0FFRDQ4QzcxQzRGOUFFMDIvQ0I3MjEwMDRC
RkMzMTFFQ0EzNjdCMTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnW8IDBAFne+4wDQYJKoZIhvcNAQELBQADggEBADryGEXx
y1r11aQmAP2+38fYgvZgI5IRMF26kZMsRqwYV6FnFO1hhfs76AfO9jM3DQ1efxwV
r3nuJ5iUJIHlZGNMuLQr4z/kUdi7N8SJRioP96L7xP5CUcFTw0LYee2rSmCyjKRR
PMBTHspis4igyFXuoJm1PHjRvw9dX8Fw2Vcte5+eZbdtWd8H8TIIM81MTnh/8QsM
vjwDkFoOYMt21OwmR3Q9p7vjbXS5usgK54Sk2AJaU3j8dwrKECEeEsVVpWKJSk0Z
5uvx6nHJAqKzemk0eqZQ6uVgMmGozSocHHZW493wy4nu9T2vseGYIphKiwtcN6JB
2bVSm1/jFjUgQNo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org