Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7D85/62CED48E33E211EAA4932884C4F9AE02/DDA375B433E911EA818BA21BC4F9AE02.roa
File: DDA375B433E911EA818BA21BC4F9AE02.roa (raw, json)
Hash identifier: lb4O0ElAJF8eHvdtIFi4RUsPNDjb8P93m1wSp6yBmLQ=
Subject key identifier: 3A:8B:F3:98:DE:CC:9E:E6:B7:45:28:4F:ED:04:76:E7:8F:A3:12:55
Certificate issuer: /CN=A91A7D85/serialNumber=5827E4BD870277EDF0EB10563A9B41C1E4BE7C81
Certificate serial: 0AC1
Authority key identifier: 58:27:E4:BD:87:02:77:ED:F0:EB:10:56:3A:9B:41:C1:E4:BE:7C:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WCfkvYcCd-3w6xBWOptBweS-fIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7D85/62CED48E33E211EAA4932884C4F9AE02/DDA375B433E911EA818BA21BC4F9AE02.roa
Signing time: Wed 10 Jul 2024 19:57:31 +0000
ROA not before: Wed 10 Jul 2024 19:57:31 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 136469
IP address blocks: 103.20.245.0/24 maxlen: 24
203.24.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 15:09:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2753 (0xac1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7D85/serialNumber=5827E4BD870277EDF0EB10563A9B41C1E4BE7C81
Validity
Not Before: Jul 10 19:57:31 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=668ee7ab-bca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:21:e2:4b:10:6d:38:5d:3c:d1:79:a9:87:0a:
60:27:a7:99:fe:67:4e:b1:89:49:fc:00:47:5e:a0:
72:b3:17:42:ef:7f:a8:9d:d5:9d:59:fb:8d:d8:bf:
53:e9:7c:e3:00:ea:6f:9d:a2:d5:63:b2:5e:76:b8:
5b:cf:e0:5d:f3:3a:d2:8c:7d:98:0e:b1:97:30:dc:
76:79:7e:7a:12:46:cd:ba:2c:de:10:6c:f4:2c:93:
93:72:31:38:0c:ea:68:0b:82:e5:b3:c7:71:fa:c4:
ff:fb:0a:e2:52:13:b9:df:93:20:8e:b6:ef:5b:c1:
89:db:ed:1c:dd:ff:44:86:f2:fc:6a:f6:be:b8:76:
0d:1d:40:56:0c:20:c5:8d:8a:f3:6b:13:aa:3b:54:
11:41:f2:e4:21:86:31:97:41:29:2e:fe:6a:7d:18:
75:1f:27:5c:2f:e1:b9:0c:0a:7c:aa:18:27:43:0a:
ef:fd:38:51:e6:71:37:15:5a:fe:7f:46:1a:d0:7b:
b2:77:fe:e0:54:60:bd:b3:61:77:f3:a3:d7:2e:44:
27:cd:1c:34:d1:2d:d5:c3:58:4f:8f:33:c9:4e:99:
ef:bf:8b:94:e6:f1:4a:49:89:36:b2:73:bf:51:de:
b4:61:26:98:3e:db:87:11:cc:18:47:82:16:de:cd:
de:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8B:F3:98:DE:CC:9E:E6:B7:45:28:4F:ED:04:76:E7:8F:A3:12:55
X509v3 Authority Key Identifier:
keyid:58:27:E4:BD:87:02:77:ED:F0:EB:10:56:3A:9B:41:C1:E4:BE:7C:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7D85/62CED48E33E211EAA4932884C4F9AE02/WCfkvYcCd-3w6xBWOptBweS-fIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WCfkvYcCd-3w6xBWOptBweS-fIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7D85/62CED48E33E211EAA4932884C4F9AE02/DDA375B433E911EA818BA21BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.245.0/24
203.24.149.0/24
Signature Algorithm: sha256WithRSAEncryption
78:19:1d:9f:47:96:46:9d:0b:21:c2:2e:20:bf:d4:66:a1:62:
71:d4:70:8e:ea:79:7f:fb:40:b5:d6:0d:0e:6e:e8:66:5a:5e:
1b:5f:0a:46:cf:85:f4:17:af:c2:14:89:54:93:33:0b:1d:13:
5f:60:b3:fb:62:c9:29:77:d5:f4:da:02:2f:50:18:dc:61:2c:
b2:77:9a:20:26:2b:bb:ae:a6:91:e3:2d:e8:22:0f:cb:1e:8f:
e2:f1:af:09:af:93:79:af:a9:ae:84:b2:d4:00:40:79:1c:48:
bb:c1:64:70:ac:02:be:66:24:e4:b1:4e:58:68:a4:b3:7e:74:
02:9c:85:ae:ae:0f:cc:f2:98:b1:de:eb:96:cb:49:92:3c:b5:
81:37:d6:d0:c0:c4:d3:1a:34:41:7e:92:30:ad:9a:5c:b7:8f:
cc:d9:d2:e3:27:1f:dc:a3:3b:a7:90:e5:6c:da:9c:4a:bf:0d:
68:ab:71:68:02:fc:be:9b:9d:0d:ca:1a:4e:4e:53:6f:a2:2b:
2e:4b:2f:17:87:14:20:42:93:5a:e6:3c:6a:9f:5a:71:20:ba:
90:11:a6:f4:96:43:9c:21:c8:40:cd:ad:ff:08:0c:5e:09:5e:
1d:72:c1:84:c3:81:be:83:16:19:f3:53:20:d4:73:71:5a:42:
6d:88:7c:7d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTdEODUxMTAvBgNVBAUTKDU4MjdFNEJEODcwMjc3RURGMEVCMTA1NjNBOUI0MUMx
RTRCRTdDODEwHhcNMjQwNzEwMTk1NzMxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhlZTdhYi1iY2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1iHiSxBtOF080XmphwpgJ6eZ/mdOsYlJ/ABHXqBysxdC73+ondWdWfuN2L9T
6XzjAOpvnaLVY7Jedrhbz+Bd8zrSjH2YDrGXMNx2eX56EkbNuizeEGz0LJOTcjE4
DOpoC4Lls8dx+sT/+wriUhO535MgjrbvW8GJ2+0c3f9EhvL8ava+uHYNHUBWDCDF
jYrzaxOqO1QRQfLkIYYxl0EpLv5qfRh1HydcL+G5DAp8qhgnQwrv/ThR5nE3FVr+
f0Ya0Huyd/7gVGC9s2F386PXLkQnzRw00S3Vw1hPjzPJTpnvv4uU5vFKSYk2snO/
Ud60YSaYPtuHEcwYR4IW3s3eawIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDqL85je
zJ7mt0UoT+0EduePoxJVMB8GA1UdIwQYMBaAFFgn5L2HAnft8OsQVjqbQcHkvnyB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0Q4NS82MkNFRDQ4RTMz
RTIxMUVBQTQ5MzI4ODRDNEY5QUUwMi9XQ2ZrdlljQ2QtM3c2eEJXT3B0QndlUy1m
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dDZmt2WWNDZC0zdzZ4QldPcHRCd2VTLWZJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTdEODUvNjJDRUQ0OEUzM0UyMTFFQUE0OTMyODg0QzRGOUFFMDIvRERBMzc1QjQz
M0U5MTFFQTgxOEJBMjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnFPUDBADLGJUwDQYJKoZIhvcNAQELBQADggEBAHgZHZ9H
lkadCyHCLiC/1GahYnHUcI7qeX/7QLXWDQ5u6GZaXhtfCkbPhfQXr8IUiVSTMwsd
E19gs/tiySl31fTaAi9QGNxhLLJ3miAmK7uuppHjLegiD8sej+Lxrwmvk3mvqa6E
stQAQHkcSLvBZHCsAr5mJOSxTlhopLN+dAKcha6uD8zymLHe65bLSZI8tYE31tDA
xNMaNEF+kjCtmly3j8zZ0uMnH9yjO6eQ5WzanEq/DWircWgC/L6bnQ3KGk5OU2+i
Ky5LLxeHFCBCk1rmPGqfWnEgupARpvSWQ5whyEDNrf8IDF4JXh1ywYTDgb6DFhnz
UyDUc3FaQm2IfH0=
-----END CERTIFICATE-----
Generated at Tue Sep 17 19:07:42 2024 by rpki-client on console-fra.rpki-client.org