Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A822F/5842D304F7F011EE98C8C92BC4F9AE02/D3ADEFE2F7F011EEB3618A2CC4F9AE02.roa
File: D3ADEFE2F7F011EEB3618A2CC4F9AE02.roa (raw, json)
Hash identifier: W2Z0TL/1HC8+aj77AxzpaO0eIUfZzfdghUr4klZBZ40=
Subject key identifier: 2B:5E:4F:D7:8B:3B:81:75:DB:ED:30:85:37:C9:0B:9D:B9:A8:3C:27
Certificate issuer: /CN=A91A822F/serialNumber=D9872C193E18DC151FE3EF9E29AFE83121B24D10
Certificate serial: 02
Authority key identifier: D9:87:2C:19:3E:18:DC:15:1F:E3:EF:9E:29:AF:E8:31:21:B2:4D:10
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YcsGT4Y3BUf4--eKa_oMSGyTRA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A822F/5842D304F7F011EE98C8C92BC4F9AE02/D3ADEFE2F7F011EEB3618A2CC4F9AE02.roa
Signing time: Thu 11 Apr 2024 10:47:01 +0000
ROA not before: Thu 11 Apr 2024 10:47:01 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152689
IP address blocks: 103.6.160.0/24 maxlen: 24
103.6.161.0/24 maxlen: 24
2001:df3:aa40::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 27 May 2024 14:25:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A822F/serialNumber=D9872C193E18DC151FE3EF9E29AFE83121B24D10
Validity
Not Before: Apr 11 10:47:01 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6617bfa5-8aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c2:27:19:8c:e2:c5:f0:28:21:71:a3:4f:2e:
7a:28:30:11:a6:15:08:72:67:a9:94:eb:ed:98:45:
45:1a:9f:66:cf:38:bf:e6:52:f7:9a:87:4e:e0:e4:
3e:c6:e7:36:dc:96:c0:98:ab:50:03:86:ba:bb:83:
91:3c:1b:95:50:e2:f9:68:91:a4:d1:e7:22:cf:34:
f2:4c:c4:60:44:ec:56:18:77:88:49:d8:20:09:5a:
0d:32:b9:ee:e4:ce:9c:35:ef:1d:33:b1:1b:3b:4c:
51:9a:a4:69:78:d0:71:3b:16:26:a5:0b:d0:b3:1f:
b5:ea:9c:36:7e:33:07:47:5f:31:c7:aa:fc:f7:94:
7b:2f:93:95:40:18:eb:1a:1b:08:08:e6:70:32:bc:
dd:38:64:ba:92:a4:5e:db:2e:5a:01:e8:67:6a:91:
40:94:10:aa:7c:db:91:b4:b0:4d:be:0c:51:b6:c5:
28:bd:84:9a:a2:a6:14:5c:65:76:d0:b6:91:11:c0:
21:b5:c1:3d:46:20:31:c6:bd:af:76:06:3b:de:de:
0a:09:6c:da:86:45:2f:81:e5:2f:cc:04:1b:7f:3d:
bd:d6:0c:78:cd:86:8c:04:b5:01:65:f6:00:04:a2:
0c:80:39:02:08:1d:b4:57:27:f3:a1:4b:ee:ae:29:
db:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5E:4F:D7:8B:3B:81:75:DB:ED:30:85:37:C9:0B:9D:B9:A8:3C:27
X509v3 Authority Key Identifier:
keyid:D9:87:2C:19:3E:18:DC:15:1F:E3:EF:9E:29:AF:E8:31:21:B2:4D:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A822F/5842D304F7F011EE98C8C92BC4F9AE02/2YcsGT4Y3BUf4--eKa_oMSGyTRA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YcsGT4Y3BUf4--eKa_oMSGyTRA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A822F/5842D304F7F011EE98C8C92BC4F9AE02/D3ADEFE2F7F011EEB3618A2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.160.0/23
IPv6:
2001:df3:aa40::/48
Signature Algorithm: sha256WithRSAEncryption
9f:8e:ba:89:a7:8d:50:b5:55:00:a9:68:bc:8e:fb:20:66:00:
07:6f:20:a2:28:59:95:12:d3:e6:25:fb:c7:bf:53:6e:d7:2e:
64:2c:82:e7:d9:04:fd:0c:27:23:5e:0b:16:11:b9:36:12:9f:
72:f3:4b:c0:b8:83:fc:94:89:31:97:7e:2c:ae:7b:fc:a4:a4:
f7:2d:14:b3:e9:b4:d6:9c:16:80:c6:46:8f:ee:e4:62:9a:7e:
ae:56:1c:ed:38:13:90:71:25:8a:37:07:7c:06:55:7e:6f:03:
42:a1:b5:5f:c0:de:c1:9b:2b:fb:d5:db:99:1b:99:56:a4:3f:
f4:54:3e:38:a2:55:b3:db:b5:3d:a6:92:88:d2:91:1b:8b:7c:
a4:24:d3:64:93:2a:22:4c:73:33:61:b1:08:e8:15:a8:50:7e:
c2:f8:84:8b:8d:04:73:a9:f7:23:d6:62:a3:cd:7a:55:23:c9:
69:fc:67:c4:fd:7f:9d:98:f9:a2:52:34:18:07:1a:9f:40:b1:
dc:31:15:10:c0:ef:03:2d:69:6a:02:56:a0:34:b5:9c:a7:2a:
4c:46:eb:cd:1c:67:a4:6d:61:fd:02:2a:b6:30:06:50:0d:fd:
92:12:8e:dd:f5:5f:40:78:cc:fa:2a:cb:8d:9a:09:b8:da:49:
ad:29:bb:04
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
ODIyRjExMC8GA1UEBRMoRDk4NzJDMTkzRTE4REMxNTFGRTNFRjlFMjlBRkU4MzEy
MUIyNEQxMDAeFw0yNDA0MTExMDQ3MDFaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTdiZmE1LThhYTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDnwicZjOLF8CghcaNPLnooMBGmFQhyZ6mU6+2YRUUan2bPOL/mUveah07g5D7G
5zbclsCYq1ADhrq7g5E8G5VQ4vlokaTR5yLPNPJMxGBE7FYYd4hJ2CAJWg0yue7k
zpw17x0zsRs7TFGapGl40HE7FialC9CzH7XqnDZ+MwdHXzHHqvz3lHsvk5VAGOsa
GwgI5nAyvN04ZLqSpF7bLloB6GdqkUCUEKp825G0sE2+DFG2xSi9hJqiphRcZXbQ
tpERwCG1wT1GIDHGva92Bjve3goJbNqGRS+B5S/MBBt/Pb3WDHjNhowEtQFl9gAE
ogyAOQIIHbRXJ/OhS+6uKdvlAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUK15P14s7
gXXb7TCFN8kLnbmoPCcwHwYDVR0jBBgwFoAU2YcsGT4Y3BUf4++eKa/oMSGyTRAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE4MjJGLzU4NDJEMzA0RjdG
MDExRUU5OEM4QzkyQkM0RjlBRTAyLzJZY3NHVDRZM0JVZjQtLWVLYV9vTVNHeVRS
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMlljc0dUNFkzQlVmNC0tZUthX29NU0d5VFJBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
ODIyRi81ODQyRDMwNEY3RjAxMUVFOThDOEM5MkJDNEY5QUUwMi9EM0FERUZFMkY3
RjAxMUVFQjM2MThBMkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWcGoDAPBAIAAjAJAwcAIAEN86pAMA0GCSqGSIb3DQEBCwUA
A4IBAQCfjrqJp41QtVUAqWi8jvsgZgAHbyCiKFmVEtPmJfvHv1Nu1y5kLILn2QT9
DCcjXgsWEbk2Ep9y80vAuIP8lIkxl34srnv8pKT3LRSz6bTWnBaAxkaP7uRimn6u
VhztOBOQcSWKNwd8BlV+bwNCobVfwN7Bmyv71duZG5lWpD/0VD44olWz27U9ppKI
0pEbi3ykJNNkkyoiTHMzYbEI6BWoUH7C+ISLjQRzqfcj1mKjzXpVI8lp/GfE/X+d
mPmiUjQYBxqfQLHcMRUQwO8DLWlqAlagNLWcpypMRuvNHGekbWH9Aiq2MAZQDf2S
Eo7d9V9AeMz6KsuNmgm42kmtKbsE
-----END CERTIFICATE-----
Generated at Mon May 27 21:49:30 2024 by rpki-client on console-ams.rpki-client.org