Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918ACB2/9FE760A6B83C11EE8741902EC4F9AE02/67EA8134B84011EEB57E3D51C4F9AE02.roa
File: 67EA8134B84011EEB57E3D51C4F9AE02.roa (raw, json)
Hash identifier: 1kKXhTX5ep+b6aRya4qgKkBAZdunPHP8WnkJhAyDLV8=
Subject key identifier: 27:32:5F:BF:A1:26:B2:7A:C9:17:C1:7F:CC:08:0F:1A:6B:E8:05:62
Certificate issuer: /CN=A918ACB2/serialNumber=E88861FF4A45380267A81B58FA99E489AD001BBD
Certificate serial: 05
Authority key identifier: E8:88:61:FF:4A:45:38:02:67:A8:1B:58:FA:99:E4:89:AD:00:1B:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6Ihh_0pFOAJnqBtY-pnkia0AG70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918ACB2/9FE760A6B83C11EE8741902EC4F9AE02/67EA8134B84011EEB57E3D51C4F9AE02.roa
Signing time: Tue 23 Jan 2024 12:23:09 +0000
ROA not before: Tue 23 Jan 2024 12:23:09 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 142614
IP address blocks: 103.71.222.0/23 maxlen: 23
103.71.222.0/24 maxlen: 24
103.71.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jan 2024 06:44:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918ACB2/serialNumber=E88861FF4A45380267A81B58FA99E489AD001BBD
Validity
Not Before: Jan 23 12:23:09 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65afafad-3d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d4:06:39:c4:61:06:53:15:50:c0:ac:29:3a:
72:a5:33:36:15:27:3d:b9:78:5f:c7:11:4b:78:4c:
2b:6a:53:45:3f:88:d1:04:ce:3c:60:d4:f0:14:9d:
5d:0a:0a:b8:99:aa:ec:6f:ea:ef:ae:98:e7:72:36:
6f:1b:20:da:35:dc:ad:f3:30:d1:8e:27:31:8f:af:
87:61:31:9f:c7:14:b4:5e:e9:39:b4:6d:3d:81:4f:
38:bf:71:e1:60:3b:cf:b3:55:b5:83:32:a4:86:9f:
cd:3f:af:7d:80:bb:58:d9:df:42:66:dc:d9:93:4c:
ef:94:1c:be:c2:16:32:0b:38:e3:8d:cb:f3:31:56:
92:7a:85:58:5c:02:3f:52:5a:f3:6e:bb:d1:a2:3e:
07:56:10:17:a3:4c:b9:9e:c2:98:de:f8:50:21:4e:
50:12:61:e3:6f:63:a6:b8:25:c6:db:d1:ed:4c:c5:
77:c6:59:1d:5f:08:b0:8f:a0:43:be:08:6d:2c:f1:
1b:e4:04:68:89:6a:19:2b:ac:bf:ff:c1:49:5a:8f:
2a:97:b1:29:9c:4c:42:6d:8c:bb:2e:8c:23:7f:32:
68:c8:0d:5f:27:0c:fb:33:d5:37:7d:7e:79:77:3a:
f1:e8:73:a6:f8:0a:f4:b2:cd:fc:e6:7c:fc:89:81:
61:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:32:5F:BF:A1:26:B2:7A:C9:17:C1:7F:CC:08:0F:1A:6B:E8:05:62
X509v3 Authority Key Identifier:
keyid:E8:88:61:FF:4A:45:38:02:67:A8:1B:58:FA:99:E4:89:AD:00:1B:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918ACB2/9FE760A6B83C11EE8741902EC4F9AE02/6Ihh_0pFOAJnqBtY-pnkia0AG70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6Ihh_0pFOAJnqBtY-pnkia0AG70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918ACB2/9FE760A6B83C11EE8741902EC4F9AE02/67EA8134B84011EEB57E3D51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.222.0/23
Signature Algorithm: sha256WithRSAEncryption
23:b0:99:1a:1c:03:16:a9:6b:9a:fd:e8:5b:dd:57:10:98:73:
17:06:4d:17:14:2f:ba:05:b5:0a:7a:86:9e:23:e6:bd:25:60:
bc:4e:d9:eb:e4:07:c0:81:03:35:d8:95:29:79:36:41:5b:d9:
21:e1:43:95:c9:60:9d:73:0d:05:b9:0b:0f:86:d3:6c:91:61:
9e:c9:9d:ff:b9:8c:7e:ea:2e:6e:42:7e:bd:46:79:ea:3c:d2:
cd:26:d5:13:bb:35:0d:05:a8:82:ac:de:71:4b:9c:83:4b:65:
f2:b8:de:b4:d5:45:19:e0:c1:95:68:28:38:28:e3:45:73:d0:
5c:21:19:f2:61:1c:4b:e4:76:54:a1:13:84:c8:df:ed:fd:50:
b9:2b:1a:08:4e:b6:bb:d5:8c:27:bc:c8:06:fe:ea:93:86:d8:
ff:f8:89:08:8d:ad:23:29:1f:a0:5a:58:42:73:96:f7:02:49:
41:4e:2f:90:7d:2e:9a:14:b1:3d:67:3c:3c:fc:e0:48:ae:a8:
1f:61:db:7a:00:88:46:d3:d3:31:cd:5c:a1:a0:88:de:17:34:
38:89:09:d2:01:21:8c:9e:a2:d0:93:ec:a1:cf:d8:8e:1b:91:
4b:7b:e1:67:e8:f9:31:0f:1b:1f:60:b8:d9:c5:98:f7:fe:9c:
00:82:7b:9b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QUNCMjExMC8GA1UEBRMoRTg4ODYxRkY0QTQ1MzgwMjY3QTgxQjU4RkE5OUU0ODlB
RDAwMUJCRDAeFw0yNDAxMjMxMjIzMDlaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YWZhZmFkLTNkNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCo1AY5xGEGUxVQwKwpOnKlMzYVJz25eF/HEUt4TCtqU0U/iNEEzjxg1PAUnV0K
CriZquxv6u+umOdyNm8bINo13K3zMNGOJzGPr4dhMZ/HFLRe6Tm0bT2BTzi/ceFg
O8+zVbWDMqSGn80/r32Au1jZ30Jm3NmTTO+UHL7CFjILOOONy/MxVpJ6hVhcAj9S
WvNuu9GiPgdWEBejTLmewpje+FAhTlASYeNvY6a4Jcbb0e1MxXfGWR1fCLCPoEO+
CG0s8RvkBGiJahkrrL//wUlajyqXsSmcTEJtjLsujCN/MmjIDV8nDPsz1Td9fnl3
OvHoc6b4CvSyzfzmfPyJgWEzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJzJfv6Em
snrJF8F/zAgPGmvoBWIwHwYDVR0jBBgwFoAU6Ihh/0pFOAJnqBtY+pnkia0AG70w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThBQ0IyLzlGRTc2MEE2Qjgz
QzExRUU4NzQxOTAyRUM0RjlBRTAyLzZJaGhfMHBGT0FKbnFCdFktcG5raWEwQUc3
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNkloaF8wcEZPQUpucUJ0WS1wbmtpYTBBRzcwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QUNCMi85RkU3NjBBNkI4M0MxMUVFODc0MTkwMkVDNEY5QUUwMi82N0VBODEzNEI4
NDAxMUVFQjU3RTNENTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdH3jANBgkqhkiG9w0BAQsFAAOCAQEAI7CZGhwDFqlrmv3o
W91XEJhzFwZNFxQvugW1CnqGniPmvSVgvE7Z6+QHwIEDNdiVKXk2QVvZIeFDlclg
nXMNBbkLD4bTbJFhnsmd/7mMfuoubkJ+vUZ56jzSzSbVE7s1DQWogqzecUucg0tl
8rjetNVFGeDBlWgoOCjjRXPQXCEZ8mEcS+R2VKEThMjf7f1QuSsaCE62u9WMJ7zI
Bv7qk4bY//iJCI2tIykfoFpYQnOW9wJJQU4vkH0umhSxPWc8PPzgSK6oH2HbegCI
RtPTMc1coaCI3hc0OIkJ0gEhjJ6i0JPsoc/YjhuRS3vhZ+j5MQ8bH2C42cWY9/6c
AIJ7mw==
-----END CERTIFICATE-----
Generated at Sat Jan 27 10:22:19 2024 by rpki-client on console-ams.rpki-client.org