Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA815/8DCD1EA81D9B11E291D2848908B02CD2/65551FEC39FE11EBAD13701CC4F9AE02.roa
File: 65551FEC39FE11EBAD13701CC4F9AE02.roa (raw, json)
Hash identifier: uObxCtCzl/IclZf6SqwHoqzox44MVRKqCM+PqU1iUXw=
Subject key identifier: 7B:EE:C2:4A:4F:40:6A:DB:22:89:4D:4F:77:1B:E2:8D:CE:C2:49:41
Certificate issuer: /CN=A91CA815/serialNumber=2BDD3151116DE9DBC55CFC3D2CDACA58E74B19E6
Certificate serial: 338F
Authority key identifier: 2B:DD:31:51:11:6D:E9:DB:C5:5C:FC:3D:2C:DA:CA:58:E7:4B:19:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K90xURFt6dvFXPw9LNrKWOdLGeY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CA815/8DCD1EA81D9B11E291D2848908B02CD2/65551FEC39FE11EBAD13701CC4F9AE02.roa
Signing time: Thu 28 Dec 2023 15:20:48 +0000
ROA not before: Thu 28 Dec 2023 15:20:48 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 132202
IP address blocks: 103.159.3.0/24 maxlen: 24
2406:cd40::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 02 Feb 2024 21:45:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13199 (0x338f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CA815/serialNumber=2BDD3151116DE9DBC55CFC3D2CDACA58E74B19E6
Validity
Not Before: Dec 28 15:20:48 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=658d9250-a8f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7c:c3:f8:d5:71:7e:3e:fa:e6:7c:54:cd:4a:
7c:1d:56:1b:52:48:1d:50:24:5c:dc:f4:e9:5f:a6:
be:2d:1e:eb:42:32:be:10:69:c0:ef:a7:79:d4:24:
79:98:64:05:18:31:98:e7:49:78:b8:cd:6e:b3:24:
16:06:47:97:34:f9:8e:a0:a7:6c:b1:81:fd:74:17:
9a:35:c6:a3:96:f3:1f:21:37:3b:da:27:76:4c:3c:
ba:c7:c9:f1:ee:ee:08:07:aa:bf:18:43:23:f8:6f:
d1:e9:26:71:24:8e:8a:56:27:4d:68:f3:a6:b5:26:
c3:82:f3:20:e6:44:ea:b0:15:5d:1c:0d:9a:43:2b:
4f:e7:c1:b3:24:59:fb:1d:b6:0a:72:4d:e3:c8:da:
fe:84:af:87:bd:f4:73:9e:5b:6c:95:94:fc:03:a4:
4f:b8:ab:9a:e2:d2:27:75:dc:1c:fb:b5:85:33:59:
a9:bb:32:ba:21:6f:af:d4:b4:7f:f1:ae:38:f9:0d:
87:1e:0a:44:04:b6:c0:d9:ee:68:83:38:e5:0c:f3:
19:3a:55:cb:cc:1c:a9:4c:6d:49:82:44:23:97:ca:
d4:70:22:12:b0:5d:b8:c0:66:98:c2:32:52:19:33:
be:55:5c:e6:83:3e:ab:67:36:27:8f:47:df:17:b4:
9a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:EE:C2:4A:4F:40:6A:DB:22:89:4D:4F:77:1B:E2:8D:CE:C2:49:41
X509v3 Authority Key Identifier:
keyid:2B:DD:31:51:11:6D:E9:DB:C5:5C:FC:3D:2C:DA:CA:58:E7:4B:19:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CA815/8DCD1EA81D9B11E291D2848908B02CD2/K90xURFt6dvFXPw9LNrKWOdLGeY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K90xURFt6dvFXPw9LNrKWOdLGeY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA815/8DCD1EA81D9B11E291D2848908B02CD2/65551FEC39FE11EBAD13701CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.3.0/24
IPv6:
2406:cd40::/32
Signature Algorithm: sha256WithRSAEncryption
7a:df:a0:1c:11:35:f1:93:3e:8f:fb:0a:a3:07:d3:a4:75:97:
99:40:b6:a5:9e:6e:d0:40:b4:ad:0d:74:af:80:3b:f9:35:ac:
ee:ab:c4:c7:e7:36:f0:14:5d:37:66:cf:04:76:26:be:6e:0a:
ea:44:3b:f3:a0:4d:93:4d:ec:07:10:8c:27:66:fd:2e:d1:e9:
17:bd:10:b3:1b:1b:a6:d7:72:cc:3f:0d:8c:6b:85:b5:92:49:
aa:e9:45:6c:01:45:3b:1f:85:c2:84:47:77:c1:50:3c:70:d0:
dd:e2:ff:3e:d2:37:5d:4a:de:37:83:3b:5f:33:3c:93:05:43:
9e:7b:85:3c:46:6a:44:2d:ad:b6:70:94:70:08:c2:ee:2c:d3:
a9:51:dd:a8:b2:a6:fb:78:0b:18:e5:13:93:83:35:62:00:de:
53:9b:72:95:60:6e:85:3d:8c:5a:91:0f:56:78:0c:15:5b:a5:
38:d5:3d:9f:bb:5f:63:05:33:aa:7a:77:e6:bd:3d:01:1a:ff:
05:2a:d8:1d:8c:bb:d2:99:8d:b4:12:26:60:fc:30:92:f1:90:
ee:11:e0:d6:b3:b7:bc:21:21:c4:a8:a9:f9:37:6a:8d:05:a6:
9e:58:18:48:94:27:93:e2:25:9e:8b:66:44:33:69:29:ab:ce:
a1:f4:f1:51
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICM48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0E4MTUxMTAvBgNVBAUTKDJCREQzMTUxMTE2REU5REJDNTVDRkMzRDJDREFDQTU4
RTc0QjE5RTYwHhcNMjMxMjI4MTUyMDQ4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThkOTI1MC1hOGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnzD+NVxfj765nxUzUp8HVYbUkgdUCRc3PTpX6a+LR7rQjK+EGnA76d51CR5
mGQFGDGY50l4uM1usyQWBkeXNPmOoKdssYH9dBeaNcajlvMfITc72id2TDy6x8nx
7u4IB6q/GEMj+G/R6SZxJI6KVidNaPOmtSbDgvMg5kTqsBVdHA2aQytP58GzJFn7
HbYKck3jyNr+hK+HvfRznltslZT8A6RPuKua4tInddwc+7WFM1mpuzK6IW+v1LR/
8a44+Q2HHgpEBLbA2e5ogzjlDPMZOlXLzBypTG1JgkQjl8rUcCISsF24wGaYwjJS
GTO+VVzmgz6rZzYnj0ffF7SaqwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHvuwkpP
QGrbIolNT3cb4o3OwklBMB8GA1UdIwQYMBaAFCvdMVERbenbxVz8PSzayljnSxnm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTgxNS84RENEMUVBODFE
OUIxMUUyOTFEMjg0ODkwOEIwMkNEMi9LOTB4VVJGdDZkdkZYUHc5TE5yS1dPZExH
ZVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0s5MHhVUkZ0NmR2RlhQdzlMTnJLV09kTEdlWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0E4MTUvOERDRDFFQTgxRDlCMTFFMjkxRDI4NDg5MDhCMDJDRDIvNjU1NTFGRUMz
OUZFMTFFQkFEMTM3MDFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnnwMwDQQCAAIwBwMFACQGzUAwDQYJKoZIhvcNAQELBQAD
ggEBAHrfoBwRNfGTPo/7CqMH06R1l5lAtqWebtBAtK0NdK+AO/k1rO6rxMfnNvAU
XTdmzwR2Jr5uCupEO/OgTZNN7AcQjCdm/S7R6Re9ELMbG6bXcsw/DYxrhbWSSarp
RWwBRTsfhcKER3fBUDxw0N3i/z7SN11K3jeDO18zPJMFQ557hTxGakQtrbZwlHAI
wu4s06lR3aiypvt4CxjlE5ODNWIA3lObcpVgboU9jFqRD1Z4DBVbpTjVPZ+7X2MF
M6p6d+a9PQEa/wUq2B2Mu9KZjbQSJmD8MJLxkO4R4Nazt7whIcSoqfk3ao0Fpp5Y
GEiUJ5PiJZ6LZkQzaSmrzqH08VE=
-----END CERTIFICATE-----
Generated at Sat Feb 3 02:09:46 2024 by rpki-client on console-ams.rpki-client.org