Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/39432932A2F911EE86499E34C4F9AE02.roa
File: 39432932A2F911EE86499E34C4F9AE02.roa (raw, json)
Hash identifier: EYLVN68dHMVhkB2V4mDIRCJnqwNAnGurelUWZdUySyM=
Subject key identifier: BD:65:19:B2:1A:0A:03:1F:07:02:52:E9:CB:7D:BD:DC:4A:1C:9C:05
Certificate issuer: /CN=A91A4D1F/serialNumber=7AF34A260E6A29E9D7BC8AB1AC2656E147B88A22
Certificate serial: F4
Authority key identifier: 7A:F3:4A:26:0E:6A:29:E9:D7:BC:8A:B1:AC:26:56:E1:47:B8:8A:22
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/evNKJg5qKenXvIqxrCZW4Ue4iiI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/39432932A2F911EE86499E34C4F9AE02.roa
Signing time: Fri 19 Jan 2024 04:45:50 +0000
ROA not before: Fri 19 Jan 2024 04:45:50 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 151080
IP address blocks: 103.41.94.0/23 maxlen: 23
103.41.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 12:21:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 244 (0xf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4D1F/serialNumber=7AF34A260E6A29E9D7BC8AB1AC2656E147B88A22
Validity
Not Before: Jan 19 04:45:50 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65a9fe7e-a629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a2:d8:bf:cd:74:9f:21:99:d2:52:be:b5:61:
65:17:ef:cf:90:a1:3a:57:7e:5b:c7:98:42:09:97:
bd:93:f8:8b:f1:4a:37:d2:3e:23:3b:bf:2f:0e:bf:
c5:53:de:8a:ca:1b:fd:df:e2:e7:c6:de:c3:87:cf:
94:da:dd:d8:cc:42:6e:51:2c:51:41:af:ae:61:b7:
02:19:b7:30:ea:2a:ff:8f:eb:1d:e5:46:ec:f2:7c:
ef:ee:cd:86:b9:c2:65:f9:1c:ee:60:b8:26:eb:d5:
05:47:05:3b:83:31:73:d1:de:8b:d2:59:00:a8:0c:
c2:07:ab:ce:52:49:37:39:ce:68:eb:74:dc:9c:01:
da:fd:5a:8e:f4:a4:68:8e:06:81:31:28:a0:61:60:
a7:d4:4c:26:08:00:70:c7:c2:ab:f3:80:a5:40:f0:
2b:fd:84:20:a1:6f:ca:d5:43:d1:a9:32:14:03:6b:
62:77:eb:4f:f6:17:12:bd:56:93:2b:f3:54:7f:de:
93:e2:e3:78:20:c8:ef:06:4f:fa:8f:e2:3d:20:77:
67:a1:e2:d2:fb:b3:db:e1:be:9a:7a:91:09:5d:c9:
69:6c:45:e6:f0:c2:d6:ab:54:a2:67:d6:9b:c0:bd:
4f:3b:f6:ce:7f:c6:49:06:26:f9:92:b3:74:c1:17:
13:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:65:19:B2:1A:0A:03:1F:07:02:52:E9:CB:7D:BD:DC:4A:1C:9C:05
X509v3 Authority Key Identifier:
keyid:7A:F3:4A:26:0E:6A:29:E9:D7:BC:8A:B1:AC:26:56:E1:47:B8:8A:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/evNKJg5qKenXvIqxrCZW4Ue4iiI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/evNKJg5qKenXvIqxrCZW4Ue4iiI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/39432932A2F911EE86499E34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.41.94.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:67:d6:4d:da:66:0c:73:59:0e:89:4a:a5:ba:71:8e:8a:93:
f5:f1:d6:d0:99:e0:cf:77:88:68:5e:89:11:8c:e6:67:84:02:
6d:c9:c3:8f:e9:51:82:7d:ee:7c:34:38:50:6d:c6:61:d0:f7:
12:51:22:4e:e0:c4:83:fc:2c:96:03:f0:9d:cb:ff:45:7e:77:
d8:7d:c4:41:d8:e5:08:e5:dc:10:ef:0a:ba:2b:fe:e4:ff:5d:
f9:a8:f7:ac:91:7f:11:2a:4d:ff:cb:3b:d1:d3:f0:21:35:e7:
2d:7a:ff:df:d8:7a:fd:e9:77:0d:26:33:44:07:a3:3c:08:97:
ba:5c:60:67:67:f9:0f:40:62:6f:92:d3:e8:3c:36:fb:01:36:
a3:08:d3:7f:1f:40:3a:b0:87:ee:9d:a9:52:25:f5:a7:7a:78:
ed:ec:a2:8f:3c:3d:41:8d:86:d2:9f:95:4f:16:10:07:76:24:
6c:46:c0:1d:32:34:47:53:0d:ab:3f:04:d0:94:3c:2e:30:13:
b2:4a:76:c7:de:bd:c1:9e:7e:39:06:8e:10:fa:9e:1f:c9:e3:
4d:97:91:e2:97:43:50:29:18:33:f9:86:6d:04:85:15:d5:f4:
e8:ae:5b:74:e8:18:6b:7c:bd:c7:38:a1:94:01:06:c3:3c:5f:
f1:69:f8:0a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTREMUYxMTAvBgNVBAUTKDdBRjM0QTI2MEU2QTI5RTlEN0JDOEFCMUFDMjY1NkUx
NDdCODhBMjIwHhcNMjQwMTE5MDQ0NTUwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE5ZmU3ZS1hNjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtKLYv810nyGZ0lK+tWFlF+/PkKE6V35bx5hCCZe9k/iL8Uo30j4jO78vDr/F
U96Kyhv93+Lnxt7Dh8+U2t3YzEJuUSxRQa+uYbcCGbcw6ir/j+sd5Ubs8nzv7s2G
ucJl+RzuYLgm69UFRwU7gzFz0d6L0lkAqAzCB6vOUkk3Oc5o63TcnAHa/VqO9KRo
jgaBMSigYWCn1EwmCABwx8Kr84ClQPAr/YQgoW/K1UPRqTIUA2tid+tP9hcSvVaT
K/NUf96T4uN4IMjvBk/6j+I9IHdnoeLS+7Pb4b6aepEJXclpbEXm8MLWq1SiZ9ab
wL1PO/bOf8ZJBib5krN0wRcTlQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL1lGbIa
CgMfBwJS6ct9vdxKHJwFMB8GA1UdIwQYMBaAFHrzSiYOainp17yKsawmVuFHuIoi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEQxRi80OTE1MkE0NDY4
MDQxMUVEQTJEMkJEM0NDNEY5QUUwMi9ldk5LSmc1cUtlblh2SXF4ckNaVzRVZTRp
aUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V2TktKZzVxS2VuWHZJcXhyQ1pXNFVlNGlpSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTREMUYvNDkxNTJBNDQ2ODA0MTFFREEyRDJCRDNDQzRGOUFFMDIvMzk0MzI5MzJB
MkY5MTFFRTg2NDk5RTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnKV4wDQYJKoZIhvcNAQELBQADggEBALxn1k3aZgxzWQ6J
SqW6cY6Kk/Xx1tCZ4M93iGheiRGM5meEAm3Jw4/pUYJ97nw0OFBtxmHQ9xJRIk7g
xIP8LJYD8J3L/0V+d9h9xEHY5Qjl3BDvCror/uT/Xfmo96yRfxEqTf/LO9HT8CE1
5y16/9/Yev3pdw0mM0QHozwIl7pcYGdn+Q9AYm+S0+g8NvsBNqMI038fQDqwh+6d
qVIl9ad6eO3soo88PUGNhtKflU8WEAd2JGxGwB0yNEdTDas/BNCUPC4wE7JKdsfe
vcGefjkGjhD6nh/J402XkeKXQ1ApGDP5hm0EhRXV9OiuW3ToGGt8vcc4oZQBBsM8
X/Fp+Ao=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org