Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/AE2B3BD221BD11ECA88ED95BC4F9AE02.roa
File: AE2B3BD221BD11ECA88ED95BC4F9AE02.roa (raw, json)
Hash identifier: vHMxvWiNmwPKJClre+V4CF2+LpLGBl8+55044XUdeZU=
Subject key identifier: C9:B7:35:88:0D:35:79:2A:F3:3D:58:83:92:39:5D:A4:63:48:87:4A
Certificate issuer: /CN=A91C326F/serialNumber=392F36E0A450053C3DC66D2E3894E10CA733DDA6
Certificate serial: 0658
Authority key identifier: 39:2F:36:E0:A4:50:05:3C:3D:C6:6D:2E:38:94:E1:0C:A7:33:DD:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS824KRQBTw9xm0uOJThDKcz3aY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/AE2B3BD221BD11ECA88ED95BC4F9AE02.roa
Signing time: Sat 31 Aug 2024 00:02:06 +0000
ROA not before: Sat 31 Aug 2024 00:02:06 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 21859
IP address blocks: 103.68.194.0/24 maxlen: 24
103.68.195.0/24 maxlen: 24
121.54.190.0/24 maxlen: 24
121.54.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 11:44:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1624 (0x658)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C326F/serialNumber=392F36E0A450053C3DC66D2E3894E10CA733DDA6
Validity
Not Before: Aug 31 00:02:06 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d25d7e-655f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:42:24:9c:e1:ca:a2:34:82:43:b7:65:2d:5c:
91:fa:62:79:c2:e3:ee:ea:f0:46:a0:f5:48:11:aa:
06:e6:00:9e:44:1c:fc:bd:c2:9f:c2:32:a9:d0:7c:
e3:7b:a8:77:af:b5:b2:73:95:83:d1:6f:5e:36:1e:
dc:eb:13:7e:4b:6a:15:70:5b:d1:27:43:b2:dc:b9:
f4:11:b2:08:14:39:3f:b2:68:d1:ba:cc:af:38:65:
4f:da:a6:80:5e:4c:30:cd:05:5c:16:31:95:fd:02:
eb:6c:d1:98:a9:9c:af:31:a0:12:a5:03:fe:3e:5c:
ae:64:be:c0:74:ad:ac:ee:23:b7:07:ba:48:19:df:
ba:a3:d2:44:ca:35:ba:19:e3:60:b1:75:35:f1:01:
24:92:3d:9d:bd:6f:74:13:ab:6d:9b:cb:86:06:39:
65:24:84:39:0f:2a:17:4c:27:1e:86:52:f2:af:1b:
86:78:62:ba:7f:3e:c9:a9:64:8b:9b:c1:53:f0:4f:
a4:ae:e3:ff:08:dd:93:d2:4f:86:6c:15:b3:a3:56:
a1:b2:54:aa:d0:d5:08:80:fa:50:25:53:5f:9e:57:
9b:50:88:e9:c8:b4:b2:e1:0f:39:e7:26:eb:1f:20:
6d:e5:91:c9:f4:7f:bc:a2:63:5b:6f:ae:f6:e8:3a:
e3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B7:35:88:0D:35:79:2A:F3:3D:58:83:92:39:5D:A4:63:48:87:4A
X509v3 Authority Key Identifier:
keyid:39:2F:36:E0:A4:50:05:3C:3D:C6:6D:2E:38:94:E1:0C:A7:33:DD:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/OS824KRQBTw9xm0uOJThDKcz3aY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS824KRQBTw9xm0uOJThDKcz3aY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/AE2B3BD221BD11ECA88ED95BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.194.0/23
121.54.190.0/23
Signature Algorithm: sha256WithRSAEncryption
72:1c:81:46:24:30:68:5e:f4:35:51:ae:1b:8f:42:ed:9e:da:
f1:4e:70:c5:de:72:39:e1:7f:2e:89:e1:f8:f4:cb:8e:cb:64:
71:dc:29:ea:9a:57:d9:d5:98:00:09:31:ee:ca:56:33:7d:a9:
6a:99:76:76:16:33:c5:51:ff:32:33:90:9d:3d:92:f3:a9:14:
5b:23:0e:ee:71:68:09:fa:b0:dc:8b:d6:d2:f2:b8:22:44:79:
0b:eb:23:46:53:0f:96:72:ed:f4:33:68:b2:ce:b7:b6:27:ff:
a8:32:e6:3a:ee:27:cd:5a:45:6b:63:82:4e:3b:09:6d:ab:70:
35:95:be:d8:19:75:3a:03:26:0a:5f:02:0d:d5:19:c9:08:19:
b9:da:c5:57:5e:78:52:93:ae:bd:08:59:f6:11:cf:e0:ef:db:
2d:0e:92:2e:7f:b0:f5:0c:8b:47:68:cc:5a:b2:23:c5:67:51:
17:14:c1:0a:0a:1c:0f:55:51:cb:6b:f4:af:75:5d:fc:13:4b:
dd:98:11:c3:4e:b2:b3:9b:a5:16:84:d9:ef:e4:57:91:b4:84:
5f:37:42:23:bc:bb:fa:6a:83:d5:3d:19:95:f6:cf:8c:00:7b:
ff:ed:74:77:a1:38:e6:a6:87:ce:f3:c4:e4:fa:b9:0d:ad:f8:
3b:9d:e7:64
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBlgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzMyNkYxMTAvBgNVBAUTKDM5MkYzNkUwQTQ1MDA1M0MzREM2NkQyRTM4OTRFMTBD
QTczM0REQTYwHhcNMjQwODMxMDAwMjA2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQyNWQ3ZS02NTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv0IknOHKojSCQ7dlLVyR+mJ5wuPu6vBGoPVIEaoG5gCeRBz8vcKfwjKp0Hzj
e6h3r7Wyc5WD0W9eNh7c6xN+S2oVcFvRJ0Oy3Ln0EbIIFDk/smjRusyvOGVP2qaA
XkwwzQVcFjGV/QLrbNGYqZyvMaASpQP+PlyuZL7AdK2s7iO3B7pIGd+6o9JEyjW6
GeNgsXU18QEkkj2dvW90E6ttm8uGBjllJIQ5DyoXTCcehlLyrxuGeGK6fz7JqWSL
m8FT8E+kruP/CN2T0k+GbBWzo1ahslSq0NUIgPpQJVNfnlebUIjpyLSy4Q855ybr
HyBt5ZHJ9H+8omNbb6726DrjSwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMm3NYgN
NXkq8z1Yg5I5XaRjSIdKMB8GA1UdIwQYMBaAFDkvNuCkUAU8PcZtLjiU4QynM92m
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzI2Ri83ODY2RjUzMDVG
QzcxMUVCOEE2OTIwMkVDNEY5QUUwMi9PUzgyNEtSUUJUdzl4bTB1T0pUaERLY3oz
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09TODI0S1JRQlR3OXhtMHVPSlRoREtjejNhWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzMyNkYvNzg2NkY1MzA1RkM3MTFFQjhBNjkyMDJFQzRGOUFFMDIvQUUyQjNCRDIy
MUJEMTFFQ0E4OEVEOTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnRMIDBAF5Nr4wDQYJKoZIhvcNAQELBQADggEBAHIcgUYk
MGhe9DVRrhuPQu2e2vFOcMXecjnhfy6J4fj0y47LZHHcKeqaV9nVmAAJMe7KVjN9
qWqZdnYWM8VR/zIzkJ09kvOpFFsjDu5xaAn6sNyL1tLyuCJEeQvrI0ZTD5Zy7fQz
aLLOt7Yn/6gy5jruJ81aRWtjgk47CW2rcDWVvtgZdToDJgpfAg3VGckIGbnaxVde
eFKTrr0IWfYRz+Dv2y0Oki5/sPUMi0dozFqyI8VnURcUwQoKHA9VUctr9K91XfwT
S92YEcNOsrObpRaE2e/kV5G0hF83QiO8u/pqg9U9GZX2z4wAe//tdHehOOamh87z
xOT6uQ2t+Dud52Q=
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:03:38 2024 by rpki-client on console-ams.rpki-client.org