Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0C73/215E5D3A365A11EDAD10BA7AC4F9AE02/10967BAC26CF11EE8D69411CC4F9AE02.roa
File: 10967BAC26CF11EE8D69411CC4F9AE02.roa (raw, json)
Hash identifier: Zv5pVYcEsoNUm9CSBzWv5WLPLkpjKRia8Qk8JUr3izg=
Subject key identifier: 4B:92:20:86:FE:B2:A5:B4:12:D1:52:2E:DF:1E:2C:B9:FC:81:E4:0A
Certificate issuer: /CN=A91C0C73/serialNumber=E39369BA9DD8809987B236B477AD78E15C75AB1C
Certificate serial: 0164
Authority key identifier: E3:93:69:BA:9D:D8:80:99:87:B2:36:B4:77:AD:78:E1:5C:75:AB:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45Npup3YgJmHsja0d6144Vx1qxw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0C73/215E5D3A365A11EDAD10BA7AC4F9AE02/10967BAC26CF11EE8D69411CC4F9AE02.roa
Signing time: Wed 29 May 2024 05:40:24 +0000
ROA not before: Wed 29 May 2024 05:40:24 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 139041
IP address blocks: 103.138.226.0/24 maxlen: 24
103.138.227.0/24 maxlen: 24
2401:1c20::/33 maxlen: 33
2401:1c20:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Mon 04 Nov 2024 08:24:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 356 (0x164)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0C73/serialNumber=E39369BA9DD8809987B236B477AD78E15C75AB1C
Validity
Not Before: May 29 05:40:24 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6656bfc8-c175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:57:f2:1b:5b:e9:1d:2e:0e:32:d9:ba:0f:4c:
ed:42:cc:d6:c2:a3:6b:f6:57:23:1d:65:b1:b8:a2:
db:06:cc:14:d0:ad:8a:69:9b:b8:34:65:08:a0:d0:
7b:a3:6c:1c:f7:11:c1:47:c6:b2:6c:e7:72:6b:9f:
9a:0b:d2:78:2a:42:a9:ac:1e:2e:d7:87:d1:5a:e7:
36:fc:a4:37:db:cb:63:e2:bf:59:c5:f1:da:e8:d3:
bf:fe:19:97:5e:7a:3b:e6:09:4e:1c:f3:7c:f7:0a:
8e:7c:9d:76:9c:27:dd:cf:46:16:4d:3d:f9:d4:79:
9c:94:13:05:b4:ed:4a:ae:94:10:b8:92:ac:73:0e:
58:7c:0f:a4:4a:c0:91:12:e3:c0:63:a2:12:d4:df:
3c:68:12:18:92:88:76:e9:af:98:22:ff:34:4b:cd:
78:80:d3:28:bc:a4:cf:9b:c9:3e:bc:81:0e:b5:40:
79:57:2c:d0:97:4c:6d:22:1e:79:c6:18:a5:b0:35:
78:b2:16:e2:79:40:b8:4c:65:e6:10:bb:43:da:16:
d0:75:89:2c:fb:aa:79:23:60:1e:6a:7b:3e:31:e5:
95:08:b4:90:7a:79:0a:d8:ea:86:57:ce:30:4e:a1:
6a:df:0b:02:21:75:a7:cf:bc:4a:e6:6e:88:93:c9:
ea:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:92:20:86:FE:B2:A5:B4:12:D1:52:2E:DF:1E:2C:B9:FC:81:E4:0A
X509v3 Authority Key Identifier:
keyid:E3:93:69:BA:9D:D8:80:99:87:B2:36:B4:77:AD:78:E1:5C:75:AB:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0C73/215E5D3A365A11EDAD10BA7AC4F9AE02/45Npup3YgJmHsja0d6144Vx1qxw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45Npup3YgJmHsja0d6144Vx1qxw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0C73/215E5D3A365A11EDAD10BA7AC4F9AE02/10967BAC26CF11EE8D69411CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.226.0/23
IPv6:
2401:1c20::/32
Signature Algorithm: sha256WithRSAEncryption
67:e0:8e:17:18:3b:b0:35:3f:2e:fa:37:b7:44:cc:37:34:42:
1e:01:92:90:2a:ef:4e:5f:41:15:34:59:e0:e1:02:0e:b7:18:
bb:2f:66:c3:bf:98:8d:64:22:85:41:60:04:6c:d4:d1:22:69:
74:cf:bc:c6:99:f1:e6:de:84:af:00:59:cf:6d:f7:85:eb:28:
2f:57:8f:1a:6a:a1:37:cf:b8:49:65:31:c1:1d:20:b9:82:c0:
37:d6:89:08:d0:3b:45:d2:18:b0:95:c4:62:a9:ef:b4:05:1c:
62:db:d1:ae:e3:5a:4c:05:1b:49:73:69:1c:1b:49:ff:18:51:
a2:9d:f2:c2:a4:c7:35:4f:89:32:41:2a:15:16:ad:ef:4e:cc:
c1:fc:e9:75:4c:1e:02:ff:dc:ad:61:99:46:d3:90:ea:b5:45:
ad:58:fa:e1:bb:1b:a1:43:41:14:e3:30:e1:a6:cd:9c:c0:18:
2e:9b:78:00:e4:10:97:59:5c:df:51:09:84:f2:70:ac:31:3f:
67:08:1c:86:12:46:a2:38:7a:4a:f9:73:6a:09:30:3d:c7:2b:
33:84:7b:5f:74:90:29:f4:2f:6d:de:41:62:c2:77:96:d9:a2:
f5:3a:8f:50:38:28:2f:3b:e6:12:db:f5:f3:a2:57:f7:2e:a3:
9a:13:96:c3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAWQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBDNzMxMTAvBgNVBAUTKEUzOTM2OUJBOUREODgwOTk4N0IyMzZCNDc3QUQ3OEUx
NUM3NUFCMUMwHhcNMjQwNTI5MDU0MDI0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU2YmZjOC1jMTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyFfyG1vpHS4OMtm6D0ztQszWwqNr9lcjHWWxuKLbBswU0K2KaZu4NGUIoNB7
o2wc9xHBR8aybOdya5+aC9J4KkKprB4u14fRWuc2/KQ328tj4r9ZxfHa6NO//hmX
Xno75glOHPN89wqOfJ12nCfdz0YWTT351HmclBMFtO1KrpQQuJKscw5YfA+kSsCR
EuPAY6IS1N88aBIYkoh26a+YIv80S814gNMovKTPm8k+vIEOtUB5VyzQl0xtIh55
xhilsDV4shbieUC4TGXmELtD2hbQdYks+6p5I2Aeans+MeWVCLSQenkK2OqGV84w
TqFq3wsCIXWnz7xK5m6Ik8nq+QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEuSIIb+
sqW0EtFSLt8eLLn8geQKMB8GA1UdIwQYMBaAFOOTabqd2ICZh7I2tHeteOFcdasc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEM3My8yMTVFNUQzQTM2
NUExMUVEQUQxMEJBN0FDNEY5QUUwMi80NU5wdXAzWWdKbUhzamEwZDYxNDRWeDFx
eHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzQ1TnB1cDNZZ0ptSHNqYTBkNjE0NFZ4MXF4dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBDNzMvMjE1RTVEM0EzNjVBMTFFREFEMTBCQTdBQzRGOUFFMDIvMTA5NjdCQUMy
NkNGMTFFRThENjk0MTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFniuIwDQQCAAIwBwMFACQBHCAwDQYJKoZIhvcNAQELBQAD
ggEBAGfgjhcYO7A1Py76N7dEzDc0Qh4BkpAq705fQRU0WeDhAg63GLsvZsO/mI1k
IoVBYARs1NEiaXTPvMaZ8ebehK8AWc9t94XrKC9XjxpqoTfPuEllMcEdILmCwDfW
iQjQO0XSGLCVxGKp77QFHGLb0a7jWkwFG0lzaRwbSf8YUaKd8sKkxzVPiTJBKhUW
re9OzMH86XVMHgL/3K1hmUbTkOq1Ra1Y+uG7G6FDQRTjMOGmzZzAGC6beADkEJdZ
XN9RCYTycKwxP2cIHIYSRqI4ekr5c2oJMD3HKzOEe190kCn0L23eQWLCd5bZovU6
j1A4KC875hLb9fOiV/cuo5oTlsM=
-----END CERTIFICATE-----
Generated at Mon Nov 4 11:00:40 2024 by rpki-client on console-ams.rpki-client.org