Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/7011DB84F33F11EE938CE210C4F9AE02.roa
File: 7011DB84F33F11EE938CE210C4F9AE02.roa (raw, json)
Hash identifier: DVBgx9K4FqoSY0Xi+6cyUF/vxeG0fYZrtrjifVn/Hyk=
Subject key identifier: CD:02:B0:A4:05:7A:0C:93:75:6D:53:86:30:5E:40:F0:77:D0:7E:35
Certificate issuer: /CN=A91C1A4E/serialNumber=A921635C7493F21CD26093D5903510802F4E3586
Certificate serial: 0A96
Authority key identifier: A9:21:63:5C:74:93:F2:1C:D2:60:93:D5:90:35:10:80:2F:4E:35:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/7011DB84F33F11EE938CE210C4F9AE02.roa
Signing time: Fri 05 Apr 2024 11:27:09 +0000
ROA not before: Fri 05 Apr 2024 11:27:09 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 138505
IP address blocks: 103.133.208.0/24 maxlen: 24
103.133.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 05:27:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2710 (0xa96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1A4E/serialNumber=A921635C7493F21CD26093D5903510802F4E3586
Validity
Not Before: Apr 5 11:27:09 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=660fe00c-d62f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:19:f7:6b:2a:61:9e:d5:f4:b1:ce:a4:9a:80:
fd:76:e8:97:88:9d:a6:58:fe:5a:af:94:be:97:ae:
b2:76:0c:aa:7c:47:ad:7d:ee:78:76:be:c6:36:b7:
4c:92:96:96:93:82:04:bf:5f:6e:7f:c6:e2:9b:26:
c8:a1:1a:41:f6:be:51:3d:fd:84:49:66:da:62:87:
43:fe:af:3e:b0:77:4f:7c:f6:c3:d5:c7:a0:99:cd:
68:67:5d:a4:2e:b0:3c:28:9c:4c:00:ae:b8:19:f9:
af:db:43:32:8b:43:cf:ac:0e:77:1b:7b:a2:1c:ae:
cf:90:dd:88:b4:b9:98:45:a0:f5:d3:da:53:cc:fa:
d9:20:f4:87:26:f5:74:47:c6:c9:7b:2a:89:be:f2:
91:82:3f:98:81:76:21:87:f3:77:10:5f:d8:46:5a:
25:45:7c:6f:5b:ed:bb:f8:8e:7a:40:3a:d8:14:55:
49:c8:58:f9:40:ea:c0:2e:26:a2:a2:f1:88:60:3a:
de:28:1f:8b:05:48:59:9a:32:14:ed:93:fb:c3:8e:
eb:24:06:66:6e:40:ca:48:e7:f2:d1:f9:1a:fa:e7:
69:36:44:72:16:49:f0:c2:ea:dc:93:d7:6b:89:53:
9f:43:49:0d:bb:19:4f:d4:ae:15:4d:f7:d5:92:50:
89:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:02:B0:A4:05:7A:0C:93:75:6D:53:86:30:5E:40:F0:77:D0:7E:35
X509v3 Authority Key Identifier:
keyid:A9:21:63:5C:74:93:F2:1C:D2:60:93:D5:90:35:10:80:2F:4E:35:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/qSFjXHST8hzSYJPVkDUQgC9ONYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/7011DB84F33F11EE938CE210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.208.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:2c:ec:1e:8d:66:a2:d5:2b:87:4e:40:a4:cb:b9:3d:a6:b1:
6b:6b:a2:00:6c:8f:7a:10:3d:55:e4:7f:5f:ae:ca:03:eb:4c:
b6:94:9d:a9:73:1f:34:59:6d:c2:0b:73:53:a8:bd:76:61:d1:
53:2d:ba:bf:ce:cf:37:2f:8a:56:d6:54:09:05:cc:5a:dc:83:
01:7e:4b:03:cc:18:fd:63:01:f8:e4:d2:c2:72:60:08:3f:c9:
69:11:c8:8d:83:f9:66:5b:fe:76:ef:b2:db:80:bf:91:8b:6b:
85:63:5b:83:37:b1:1b:ce:43:44:67:76:b7:76:82:b9:a4:a0:
f2:58:d7:3c:df:f7:31:8a:52:00:2d:71:6d:0d:85:4b:9a:d8:
f8:51:27:ce:cb:33:13:bd:80:2f:11:71:98:76:d4:2a:d8:29:
7c:3b:25:72:90:16:1d:d8:ba:52:ba:7a:09:5d:a9:eb:73:74:
d3:c0:11:9e:98:ac:bc:4f:03:7f:56:bd:60:af:a8:68:ee:2d:
1c:45:9f:20:a1:0e:7e:ba:0c:cf:3a:e8:2e:e5:64:d0:4f:9f:
12:10:04:67:29:82:ed:ef:31:fc:8c:df:7b:a7:35:2c:a6:3a:
d3:c3:01:dc:ca:7e:ae:63:c0:c6:8f:57:c6:c4:88:93:07:d8:
62:6b:46:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFBNEUxMTAvBgNVBAUTKEE5MjE2MzVDNzQ5M0YyMUNEMjYwOTNENTkwMzUxMDgw
MkY0RTM1ODYwHhcNMjQwNDA1MTEyNzA5WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBmZTAwYy1kNjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAphn3ayphntX0sc6kmoD9duiXiJ2mWP5ar5S+l66ydgyqfEetfe54dr7GNrdM
kpaWk4IEv19uf8bimybIoRpB9r5RPf2ESWbaYodD/q8+sHdPfPbD1cegmc1oZ12k
LrA8KJxMAK64Gfmv20Myi0PPrA53G3uiHK7PkN2ItLmYRaD109pTzPrZIPSHJvV0
R8bJeyqJvvKRgj+YgXYhh/N3EF/YRlolRXxvW+27+I56QDrYFFVJyFj5QOrALiai
ovGIYDreKB+LBUhZmjIU7ZP7w47rJAZmbkDKSOfy0fka+udpNkRyFknwwurck9dr
iVOfQ0kNuxlP1K4VTffVklCJdQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM0CsKQF
egyTdW1ThjBeQPB30H41MB8GA1UdIwQYMBaAFKkhY1x0k/Ic0mCT1ZA1EIAvTjWG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUE0RS9BNDlCNEQ3NDM3
QzYxMUVBOUQ5NkFFNTFDNEY5QUUwMi9xU0ZqWEhTVDhoelNZSlBWa0RVUWdDOU9O
WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FTRmpYSFNUOGh6U1lKUFZrRFVRZ0M5T05ZWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFBNEUvQTQ5QjRENzQzN0M2MTFFQTlEOTZBRTUxQzRGOUFFMDIvNzAxMURCODRG
MzNGMTFFRTkzOENFMjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnhdAwDQYJKoZIhvcNAQELBQADggEBAMos7B6NZqLVK4dO
QKTLuT2msWtrogBsj3oQPVXkf1+uygPrTLaUnalzHzRZbcILc1OovXZh0VMtur/O
zzcvilbWVAkFzFrcgwF+SwPMGP1jAfjk0sJyYAg/yWkRyI2D+WZb/nbvstuAv5GL
a4VjW4M3sRvOQ0Rndrd2grmkoPJY1zzf9zGKUgAtcW0NhUua2PhRJ87LMxO9gC8R
cZh21CrYKXw7JXKQFh3YulK6egldqetzdNPAEZ6YrLxPA39WvWCvqGjuLRxFnyCh
Dn66DM866C7lZNBPnxIQBGcpgu3vMfyM33unNSymOtPDAdzKfq5jwMaPV8bEiJMH
2GJrRq0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org