Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/2B96A18867EE11EEAC50B63FC4F9AE02.roa
File: 2B96A18867EE11EEAC50B63FC4F9AE02.roa (raw, json)
Hash identifier: uLMqRbyspwQ5TG6R/rO5zOub7JB8R607EPG5Tht0Qxw=
Subject key identifier: 3F:10:11:10:EF:4F:BC:15:92:5C:0C:EC:6E:55:C0:3E:0A:2C:AF:F0
Certificate issuer: /CN=A91C326F/serialNumber=392F36E0A450053C3DC66D2E3894E10CA733DDA6
Certificate serial: 0655
Authority key identifier: 39:2F:36:E0:A4:50:05:3C:3D:C6:6D:2E:38:94:E1:0C:A7:33:DD:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS824KRQBTw9xm0uOJThDKcz3aY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/2B96A18867EE11EEAC50B63FC4F9AE02.roa
Signing time: Sat 31 Aug 2024 00:02:01 +0000
ROA not before: Sat 31 Aug 2024 00:02:01 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 137547
IP address blocks: 103.68.192.0/24 maxlen: 24
103.68.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 11:46:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1621 (0x655)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C326F/serialNumber=392F36E0A450053C3DC66D2E3894E10CA733DDA6
Validity
Not Before: Aug 31 00:02:01 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d25d79-99ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:04:5f:7f:79:d9:bb:56:4b:d3:21:be:13:e4:
c4:12:62:5d:f4:98:32:a3:4e:fd:2e:7d:e3:33:28:
42:58:b1:69:b8:16:17:5d:bc:55:81:e8:5c:46:9a:
36:45:42:15:7e:4e:8c:5f:d5:38:54:88:8f:95:39:
d4:9d:1e:c7:a7:f7:15:9b:f9:53:fa:d2:3d:c3:53:
55:d6:ce:31:2b:ae:43:c3:7e:6f:d7:d8:00:40:37:
e7:9c:85:d6:67:d6:15:9c:35:99:57:d0:db:be:95:
b4:cd:a9:09:dc:f0:d8:bd:70:61:91:6b:62:49:ff:
43:6a:99:db:ba:a8:77:7d:65:bc:df:77:0e:c8:48:
18:dd:3f:9c:7d:60:63:e7:e2:83:3f:c7:02:f7:80:
8f:6a:7d:c3:d1:39:7c:4f:af:87:1c:93:d6:d9:65:
02:e1:87:68:16:6d:28:14:0e:d5:2f:9e:8d:24:a0:
1c:fe:10:1b:64:c9:3c:b4:a9:d5:77:ac:41:a7:5a:
9d:e5:4d:b9:50:45:cf:02:23:fd:34:6f:9b:53:b1:
36:c8:6d:f8:0c:7c:fe:89:37:d5:46:91:2d:2b:3c:
a1:10:6d:c7:4a:26:c5:94:13:96:3e:9b:c6:fa:33:
ce:1f:c3:0b:b4:81:2b:18:7b:d7:70:38:02:a4:c5:
84:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:10:11:10:EF:4F:BC:15:92:5C:0C:EC:6E:55:C0:3E:0A:2C:AF:F0
X509v3 Authority Key Identifier:
keyid:39:2F:36:E0:A4:50:05:3C:3D:C6:6D:2E:38:94:E1:0C:A7:33:DD:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/OS824KRQBTw9xm0uOJThDKcz3aY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS824KRQBTw9xm0uOJThDKcz3aY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/2B96A18867EE11EEAC50B63FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.192.0/23
Signature Algorithm: sha256WithRSAEncryption
12:33:d9:b7:89:1e:bf:0a:08:9c:93:85:5d:8c:81:55:69:69:
7b:00:3e:f4:a3:f0:cc:28:11:63:a2:79:1c:39:30:ee:fc:34:
9d:a9:a9:84:31:70:88:ec:6f:93:cb:ed:a3:b6:17:39:69:08:
e2:33:35:46:c9:cf:2b:64:cf:2c:99:17:30:1e:58:1e:85:8b:
74:ef:9b:65:a0:a2:0f:56:6e:2d:dc:99:e2:c7:ed:83:da:9d:
cf:10:b6:b7:02:b5:c7:4e:e0:c2:3e:77:82:9f:4e:17:5f:25:
17:74:c3:33:b8:fe:e3:71:76:b8:33:66:96:14:6c:49:70:99:
3c:82:f6:9c:db:d9:3f:3c:82:bb:b4:ac:ab:89:9c:21:40:71:
cd:04:fb:9c:19:6f:29:84:2f:0a:f7:71:73:b3:21:25:84:24:
56:fb:56:30:67:d3:46:eb:56:22:6c:aa:bb:e4:f8:b5:f0:4b:
17:5b:e5:70:01:6e:2e:a9:52:e7:dd:3f:e5:34:17:85:ea:a6:
e2:12:2e:ae:e6:83:11:4b:d9:11:d9:89:30:1b:d4:b4:1d:a5:
a1:9f:db:af:e3:2d:c9:e0:23:fc:4f:ed:58:05:c3:8a:da:fb:
86:ef:37:cc:77:1e:f0:8d:c1:ee:7a:29:84:02:29:54:f6:af:
ae:f1:dc:f2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzMyNkYxMTAvBgNVBAUTKDM5MkYzNkUwQTQ1MDA1M0MzREM2NkQyRTM4OTRFMTBD
QTczM0REQTYwHhcNMjQwODMxMDAwMjAxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQyNWQ3OS05OWZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvQRff3nZu1ZL0yG+E+TEEmJd9Jgyo079Ln3jMyhCWLFpuBYXXbxVgehcRpo2
RUIVfk6MX9U4VIiPlTnUnR7Hp/cVm/lT+tI9w1NV1s4xK65Dw35v19gAQDfnnIXW
Z9YVnDWZV9DbvpW0zakJ3PDYvXBhkWtiSf9Dapnbuqh3fWW833cOyEgY3T+cfWBj
5+KDP8cC94CPan3D0Tl8T6+HHJPW2WUC4YdoFm0oFA7VL56NJKAc/hAbZMk8tKnV
d6xBp1qd5U25UEXPAiP9NG+bU7E2yG34DHz+iTfVRpEtKzyhEG3HSibFlBOWPpvG
+jPOH8MLtIErGHvXcDgCpMWE8QIDAQABo4IClTCCApEwHQYDVR0OBBYEFD8QERDv
T7wVklwM7G5VwD4KLK/wMB8GA1UdIwQYMBaAFDkvNuCkUAU8PcZtLjiU4QynM92m
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzI2Ri83ODY2RjUzMDVG
QzcxMUVCOEE2OTIwMkVDNEY5QUUwMi9PUzgyNEtSUUJUdzl4bTB1T0pUaERLY3oz
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09TODI0S1JRQlR3OXhtMHVPSlRoREtjejNhWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzMyNkYvNzg2NkY1MzA1RkM3MTFFQjhBNjkyMDJFQzRGOUFFMDIvMkI5NkExODg2
N0VFMTFFRUFDNTBCNjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnRMAwDQYJKoZIhvcNAQELBQADggEBABIz2beJHr8KCJyT
hV2MgVVpaXsAPvSj8MwoEWOieRw5MO78NJ2pqYQxcIjsb5PL7aO2FzlpCOIzNUbJ
zytkzyyZFzAeWB6Fi3Tvm2Wgog9Wbi3cmeLH7YPanc8QtrcCtcdO4MI+d4KfThdf
JRd0wzO4/uNxdrgzZpYUbElwmTyC9pzb2T88gru0rKuJnCFAcc0E+5wZbymELwr3
cXOzISWEJFb7VjBn00brViJsqrvk+LXwSxdb5XABbi6pUufdP+U0F4XqpuISLq7m
gxFL2RHZiTAb1LQdpaGf26/jLcngI/xP7VgFw4ra+4bvN8x3HvCNwe56KYQCKVT2
r67x3PI=
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:03:38 2024 by rpki-client on console-ams.rpki-client.org