Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/F91C0FF2999411EA9A003F30C4F9AE02.roa
File: F91C0FF2999411EA9A003F30C4F9AE02.roa (raw, json)
Hash identifier: j2bPK60ZfDT1+ydVchjH4uOviLQNEKN8RlHVGRUiNM8=
Subject key identifier: EE:9D:A5:D6:F1:A9:94:0A:AF:C9:C2:3A:F6:6F:76:47:D2:50:EA:AA
Certificate issuer: /CN=A91B67D1/serialNumber=767872BDD0EF826A6495D8126A139FC40493800F
Certificate serial: 0F1F
Authority key identifier: 76:78:72:BD:D0:EF:82:6A:64:95:D8:12:6A:13:9F:C4:04:93:80:0F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/F91C0FF2999411EA9A003F30C4F9AE02.roa
Signing time: Mon 02 Sep 2024 18:26:02 +0000
ROA not before: Mon 02 Sep 2024 18:26:02 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 59033
IP address blocks: 45.114.236.0/22 maxlen: 24
103.71.24.0/24 maxlen: 24
103.90.51.0/24 maxlen: 24
103.90.56.0/23 maxlen: 24
2401:d640::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 06 Nov 2024 02:53:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3871 (0xf1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B67D1/serialNumber=767872BDD0EF826A6495D8126A139FC40493800F
Validity
Not Before: Sep 2 18:26:02 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66d60339-72c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:07:5b:7e:f4:11:f3:e0:36:3e:cb:82:b2:0e:
6b:c2:b5:49:0b:6f:ba:ba:42:26:da:84:c2:dd:5f:
c6:72:5c:1d:0a:5d:9c:d9:5e:87:39:df:ab:15:e7:
c8:b2:85:d5:0f:bd:23:c4:7c:e3:89:57:38:a4:a6:
2e:06:1b:f5:e6:7e:bd:28:16:82:f9:a4:1c:c7:49:
9d:b2:5e:ad:34:99:67:72:78:e2:59:a1:f8:01:7a:
92:5f:07:be:96:6c:42:47:d3:66:a2:a3:9f:8a:ee:
82:6c:63:dd:36:07:83:03:ba:b8:f8:de:e2:a7:b7:
79:0c:d9:82:15:e3:e9:f2:78:0f:06:0b:6b:41:f5:
53:90:a3:e0:4e:aa:23:87:94:7b:d2:57:5f:3d:20:
83:6f:05:f2:1c:78:8b:ca:8b:68:2f:cf:35:ba:b9:
85:ed:6c:70:fb:c4:19:5a:58:1b:19:6d:fb:20:4c:
2f:d6:85:e7:88:77:7c:ba:ae:78:2f:09:63:6a:bc:
00:1c:f9:99:38:75:8f:5a:e6:f1:a1:fb:aa:05:34:
46:ca:ea:bd:f4:bc:5e:be:2e:17:11:10:3e:17:3f:
ff:66:96:64:bb:98:9f:62:d9:e9:bc:4d:f0:56:43:
66:1c:c8:30:4b:63:eb:2b:de:22:0e:ee:fe:1a:08:
40:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9D:A5:D6:F1:A9:94:0A:AF:C9:C2:3A:F6:6F:76:47:D2:50:EA:AA
X509v3 Authority Key Identifier:
keyid:76:78:72:BD:D0:EF:82:6A:64:95:D8:12:6A:13:9F:C4:04:93:80:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/dnhyvdDvgmpkldgSahOfxASTgA8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/F91C0FF2999411EA9A003F30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.236.0/22
103.71.24.0/24
103.90.51.0/24
103.90.56.0/23
IPv6:
2401:d640::/32
Signature Algorithm: sha256WithRSAEncryption
64:fc:dd:9d:a0:29:36:8d:69:46:60:28:28:36:6c:88:3e:b3:
8f:88:20:43:ec:80:f9:0b:48:f7:8a:8f:6a:b5:32:d1:fe:5e:
73:af:4e:2b:a0:a3:8a:fe:72:47:c1:7c:89:f5:0b:81:e9:76:
ec:7d:f7:58:73:a5:58:c0:5e:32:1b:08:8d:d2:4a:cf:ed:b5:
b7:93:66:1a:d6:a1:cd:eb:3f:9e:aa:bf:8e:41:88:4f:54:d5:
a8:d3:13:3c:66:6f:3e:85:e8:9c:a1:e9:10:ea:5f:87:2a:02:
29:97:b7:7b:94:eb:30:22:2c:a0:fc:e4:c6:5e:0f:ad:cd:d2:
d2:10:f8:ce:04:f3:e1:84:30:77:fc:d0:2d:b5:eb:3c:29:db:
58:40:e2:28:d2:33:cd:7a:21:40:db:a4:fb:36:bf:f3:0b:fa:
a4:07:65:c9:69:32:4f:b6:78:e1:61:63:7e:5f:98:b6:ef:cf:
62:fb:70:1a:65:e0:32:4f:89:3b:c9:5b:88:25:a4:82:a8:de:
d9:4a:43:1f:9b:c2:50:a4:18:3a:fd:3b:15:71:60:c9:61:08:
ba:53:9b:b8:15:bc:c7:5b:45:f0:00:31:41:ee:50:81:bb:70:
a9:1c:aa:5a:0d:7d:57:cc:c9:f2:8c:2c:45:ab:19:56:30:9d:
d7:d9:b6:46
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICDx8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY3RDExMTAvBgNVBAUTKDc2Nzg3MkJERDBFRjgyNkE2NDk1RDgxMjZBMTM5RkM0
MDQ5MzgwMEYwHhcNMjQwOTAyMTgyNjAyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2MDMzOS03MmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzgdbfvQR8+A2PsuCsg5rwrVJC2+6ukIm2oTC3V/GclwdCl2c2V6HOd+rFefI
soXVD70jxHzjiVc4pKYuBhv15n69KBaC+aQcx0mdsl6tNJlncnjiWaH4AXqSXwe+
lmxCR9NmoqOfiu6CbGPdNgeDA7q4+N7ip7d5DNmCFePp8ngPBgtrQfVTkKPgTqoj
h5R70ldfPSCDbwXyHHiLyotoL881urmF7Wxw+8QZWlgbGW37IEwv1oXniHd8uq54
LwljarwAHPmZOHWPWubxofuqBTRGyuq99Lxevi4XERA+Fz//ZpZku5ifYtnpvE3w
VkNmHMgwS2PrK94iDu7+GghAewIDAQABo4ICtjCCArIwHQYDVR0OBBYEFO6dpdbx
qZQKr8nCOvZvdkfSUOqqMB8GA1UdIwQYMBaAFHZ4cr3Q74JqZJXYEmoTn8QEk4AP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjdEMS82Q0JDOUI0MDYx
MUQxMUU5QjAxMkRCMzdDNEY5QUUwMi9kbmh5dmREdmdtcGtsZGdTYWhPZnhBU1Rn
QTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RuaHl2ZER2Z21wa2xkZ1NhaE9meEFTVGdBOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY3RDEvNkNCQzlCNDA2MTFEMTFFOUIwMTJEQjM3QzRGOUFFMDIvRjkxQzBGRjI5
OTk0MTFFQTlBMDAzRjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAItcuwDBABnRxgDBABnWjMDBAFnWjgwDQQCAAIwBwMFACQB
1kAwDQYJKoZIhvcNAQELBQADggEBAGT83Z2gKTaNaUZgKCg2bIg+s4+IIEPsgPkL
SPeKj2q1MtH+XnOvTiugo4r+ckfBfIn1C4Hpdux991hzpVjAXjIbCI3SSs/ttbeT
ZhrWoc3rP56qv45BiE9U1ajTEzxmbz6F6Jyh6RDqX4cqAimXt3uU6zAiLKD85MZe
D63N0tIQ+M4E8+GEMHf80C216zwp21hA4ijSM816IUDbpPs2v/ML+qQHZclpMk+2
eOFhY35fmLbvz2L7cBpl4DJPiTvJW4glpIKo3tlKQx+bwlCkGDr9OxVxYMlhCLpT
m7gVvMdbRfAAMUHuUIG7cKkcqloNfVfMyfKMLEWrGVYwndfZtkY=
-----END CERTIFICATE-----
Generated at Wed Nov 6 06:16:59 2024 by rpki-client on console-ams.rpki-client.org