Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D8EB08C8F36311EE865C097BC4F9AE02.roa
File: D8EB08C8F36311EE865C097BC4F9AE02.roa (raw, json)
Hash identifier: uXDK/2pi+v6ZC5/IAV6BJ521Bo8Fvmzn0OsjpP82GIE=
Subject key identifier: 7C:C8:5E:18:31:C7:F0:A9:31:CF:6F:3D:5C:40:E9:12:F5:72:09:43
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 427D
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D8EB08C8F36311EE865C097BC4F9AE02.roa
Signing time: Fri 05 Apr 2024 15:49:05 +0000
ROA not before: Fri 05 Apr 2024 15:49:05 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 135990
IP address blocks: 103.143.206.0/23 maxlen: 24
103.171.92.0/24 maxlen: 24
103.171.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 19:13:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17021 (0x427d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Apr 5 15:49:05 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=66101d71-ae22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:60:78:a9:2d:e1:71:7d:59:8e:09:f9:64:21:
39:96:8f:a5:9c:ef:72:e6:ad:a6:0c:b6:7b:e0:ed:
0e:54:95:10:a1:4f:d6:74:b0:fe:2e:a9:af:0c:ac:
4f:2a:71:96:6e:31:d4:5d:fc:e2:95:8a:c5:15:51:
a2:1d:c1:3b:7f:0a:ff:1f:1c:c4:30:ab:8a:d5:b0:
88:af:77:66:c8:49:af:61:fc:79:21:ce:b4:12:b6:
be:68:7a:b3:1e:30:03:46:57:21:59:77:67:63:b7:
30:11:7f:de:e1:88:4b:ff:ab:ab:03:7d:02:2e:0f:
01:48:4a:61:8e:63:9c:00:25:e1:9b:72:9d:ee:38:
eb:b3:17:a8:f7:1f:7c:cf:e1:9e:37:66:03:91:e0:
77:8e:ca:45:72:e5:54:d3:3d:3d:cb:42:63:ff:db:
49:37:55:a3:83:53:c1:c3:b6:6f:ea:c9:3c:61:45:
8f:48:a5:9f:79:88:21:95:b1:e3:76:14:73:ad:63:
ca:37:70:b5:5c:43:48:9b:d1:ee:b5:49:a1:ff:1d:
26:98:fa:03:dd:9d:90:00:d3:1c:ca:64:a6:87:4f:
d7:11:bc:d1:3e:a5:69:0d:fa:7f:62:ad:bb:7c:e3:
9b:61:d7:50:a6:2f:f4:11:58:5b:8d:36:0f:eb:d4:
09:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C8:5E:18:31:C7:F0:A9:31:CF:6F:3D:5C:40:E9:12:F5:72:09:43
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D8EB08C8F36311EE865C097BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.143.206.0/23
103.171.92.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:f3:60:f2:bf:29:12:82:71:ae:64:49:6d:ef:da:06:08:02:
ac:31:cd:57:f4:dc:07:07:55:bd:0a:3f:c7:a1:d2:60:e0:b4:
75:50:50:71:45:a5:19:5e:7b:7c:c7:93:08:57:7a:83:18:8e:
61:b4:ef:35:85:31:f8:6b:36:2f:29:5f:51:08:35:6f:36:ec:
5b:d5:bf:0e:5e:a5:85:a6:5a:16:58:dd:ef:bf:f7:ea:cc:57:
3f:07:da:0d:a7:5a:09:90:1f:72:50:e9:da:f0:d3:71:3d:8a:
cb:84:99:1b:f8:83:3e:e0:64:84:f4:0d:c3:cd:27:3c:e0:9e:
25:24:ac:6b:ca:2a:c7:7c:33:b7:42:ad:95:c8:36:12:98:4c:
71:9d:39:e5:72:c0:d3:dd:53:e9:bf:5a:43:6e:dd:7a:71:a3:
c7:6a:6e:84:90:a4:d6:27:0a:38:0a:ce:21:9b:83:64:3a:56:
2f:35:32:3c:31:e6:fd:49:3e:e7:92:cd:f3:34:6b:16:ea:32:
37:8b:38:24:a7:0c:d2:7b:c4:ee:da:3a:3e:e9:ee:23:f9:1d:
41:15:5a:5c:f7:be:e7:7b:90:f5:00:27:96:d5:b7:a1:4d:fb:
1e:b2:73:83:f3:a6:e8:28:84:97:19:71:3d:e9:bd:86:86:c8:
fe:e7:e9:8e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICQn0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwNDA1MTU0OTA1WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjEwMWQ3MS1hZTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuWB4qS3hcX1Zjgn5ZCE5lo+lnO9y5q2mDLZ74O0OVJUQoU/WdLD+LqmvDKxP
KnGWbjHUXfzilYrFFVGiHcE7fwr/HxzEMKuK1bCIr3dmyEmvYfx5Ic60Era+aHqz
HjADRlchWXdnY7cwEX/e4YhL/6urA30CLg8BSEphjmOcACXhm3Kd7jjrsxeo9x98
z+GeN2YDkeB3jspFcuVU0z09y0Jj/9tJN1Wjg1PBw7Zv6sk8YUWPSKWfeYghlbHj
dhRzrWPKN3C1XENIm9HutUmh/x0mmPoD3Z2QANMcymSmh0/XEbzRPqVpDfp/Yq27
fOObYddQpi/0EVhbjTYP69QJbQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHzIXhgx
x/CpMc9vPVxA6RL1cglDMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRDhFQjA4QzhG
MzYzMTFFRTg2NUMwOTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnj84DBAFnq1wwDQYJKoZIhvcNAQELBQADggEBAD3zYPK/
KRKCca5kSW3v2gYIAqwxzVf03AcHVb0KP8eh0mDgtHVQUHFFpRlee3zHkwhXeoMY
jmG07zWFMfhrNi8pX1EINW827FvVvw5epYWmWhZY3e+/9+rMVz8H2g2nWgmQH3JQ
6drw03E9isuEmRv4gz7gZIT0DcPNJzzgniUkrGvKKsd8M7dCrZXINhKYTHGdOeVy
wNPdU+m/WkNu3Xpxo8dqboSQpNYnCjgKziGbg2Q6Vi81Mjwx5v1JPueSzfM0axbq
MjeLOCSnDNJ7xO7aOj7p7iP5HUEVWlz3vud7kPUAJ5bVt6FN+x6yc4PzpugohJcZ
cT3pvYaGyP7n6Y4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org