Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/A9FD446CEF9D11EBB1473214C4F9AE02.roa
File: A9FD446CEF9D11EBB1473214C4F9AE02.roa (raw, json)
Hash identifier: 0NUFZ1QqqAOUU78f8xfttZDSFSyMKDsq2XiGjkv/Ayk=
Subject key identifier: C4:4B:17:07:63:BE:61:FC:8E:75:1D:37:0C:30:AD:91:3A:C0:B8:1D
Certificate issuer: /CN=A91CF285/serialNumber=3E29CE6F6A7DB94B6D09133B73FED52DDEE12DAB
Certificate serial: 0EE6
Authority key identifier: 3E:29:CE:6F:6A:7D:B9:4B:6D:09:13:3B:73:FE:D5:2D:DE:E1:2D:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PinOb2p9uUttCRM7c_7VLd7hLas.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/A9FD446CEF9D11EBB1473214C4F9AE02.roa
Signing time: Thu 04 May 2023 00:55:31 +0000
ROA not before: Thu 04 May 2023 00:55:31 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 38220
IP address blocks: 103.24.132.0/23 maxlen: 23
103.209.4.0/23 maxlen: 23
2406:bf00::/48 maxlen: 48
2406:bf00:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 May 2023 00:55:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3814 (0xee6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CF285/serialNumber=3E29CE6F6A7DB94B6D09133B73FED52DDEE12DAB
Validity
Not Before: May 4 00:55:31 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64530283-6e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fb:a2:c5:81:8b:74:a9:08:af:10:fb:78:2e:
19:b7:ad:65:2d:e9:b0:29:94:54:d9:6d:f6:fd:4b:
38:aa:c3:56:49:6b:e3:b6:c2:7c:40:81:9b:16:6c:
f6:7c:be:e7:11:8f:0f:d1:97:bf:9b:c5:1f:c7:aa:
e1:7f:3c:43:2c:7b:71:f7:5f:24:b1:d6:1e:fb:0e:
69:be:6e:84:09:97:85:53:a8:57:b8:d8:3c:41:95:
fe:1c:da:a2:f6:d4:cf:46:82:22:f6:bf:d1:17:6c:
86:db:c8:0d:04:4f:c8:b9:c8:72:ad:3f:01:54:41:
3a:80:9a:8b:3f:d2:bd:88:9e:81:95:fe:5f:aa:a5:
2b:9e:b6:d5:38:33:71:55:fe:45:40:24:7e:5c:f8:
51:5e:5b:ae:a5:9f:5e:98:4b:d5:bb:a5:14:2a:00:
4e:db:95:49:09:3b:00:42:bf:6d:5b:92:35:f7:4b:
fd:5a:ae:63:ef:22:51:a4:51:e4:5b:6b:67:b3:7b:
93:bf:a7:8f:eb:e0:2d:1a:e7:cd:63:78:93:3d:50:
3a:55:80:17:b5:fa:9d:f4:10:4e:d9:e2:10:2d:04:
d1:d5:77:a7:46:96:a7:c9:40:cd:30:08:23:13:2b:
a9:d8:7e:34:31:be:bd:fa:66:ca:87:5a:18:c2:29:
f0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4B:17:07:63:BE:61:FC:8E:75:1D:37:0C:30:AD:91:3A:C0:B8:1D
X509v3 Authority Key Identifier:
keyid:3E:29:CE:6F:6A:7D:B9:4B:6D:09:13:3B:73:FE:D5:2D:DE:E1:2D:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/PinOb2p9uUttCRM7c_7VLd7hLas.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PinOb2p9uUttCRM7c_7VLd7hLas.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/A9FD446CEF9D11EBB1473214C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.24.132.0/23
103.209.4.0/23
IPv6:
2406:bf00::/47
Signature Algorithm: sha256WithRSAEncryption
a5:e8:67:f7:f0:14:94:86:9c:51:3d:f4:2b:5c:0f:98:60:24:
58:8f:ab:9d:58:c5:46:99:4a:c0:42:43:60:65:70:97:8a:38:
78:5a:b3:0f:b3:78:73:80:52:a2:e2:8a:ce:b4:26:70:82:a9:
cc:5e:09:54:5b:f0:5e:64:5b:10:e1:16:02:8a:c9:c6:8a:40:
54:21:0f:48:7b:33:1e:b9:aa:84:79:db:a4:0f:8f:28:23:af:
09:86:56:30:1e:20:99:2c:a4:6a:41:f0:3f:99:25:41:f1:f5:
1b:04:13:d1:87:95:d2:1c:d1:be:b4:1e:95:64:ca:5f:cf:5f:
7c:5f:25:37:a2:a2:f4:61:d6:7a:02:3e:01:ca:29:81:f8:3a:
53:7a:2e:23:ee:3f:11:37:d1:35:98:6b:20:c0:2d:0c:29:60:
e8:56:a8:f8:84:6f:07:c2:95:95:b3:f8:b9:66:4d:9a:c2:d6:
b0:3e:1d:14:1d:97:dc:18:53:66:bf:48:c3:2d:2e:be:32:85:
5c:88:e5:e5:f8:9a:e7:bd:c7:57:af:18:5b:83:b3:f3:62:12:
b1:f7:4f:1a:59:34:df:5a:bc:c2:bd:1f:d4:6d:72:48:6c:c8:
42:94:7f:e2:45:2d:1c:d9:b9:cc:41:33:a4:3c:e7:c8:85:72:
e9:cb:0e:77
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICDuYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0YyODUxMTAvBgNVBAUTKDNFMjlDRTZGNkE3REI5NEI2RDA5MTMzQjczRkVENTJE
REVFMTJEQUIwHhcNMjMwNTA0MDA1NTMxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUzMDI4My02ZTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApvuixYGLdKkIrxD7eC4Zt61lLemwKZRU2W32/Us4qsNWSWvjtsJ8QIGbFmz2
fL7nEY8P0Ze/m8Ufx6rhfzxDLHtx918ksdYe+w5pvm6ECZeFU6hXuNg8QZX+HNqi
9tTPRoIi9r/RF2yG28gNBE/IuchyrT8BVEE6gJqLP9K9iJ6Blf5fqqUrnrbVODNx
Vf5FQCR+XPhRXluupZ9emEvVu6UUKgBO25VJCTsAQr9tW5I190v9Wq5j7yJRpFHk
W2tns3uTv6eP6+AtGufNY3iTPVA6VYAXtfqd9BBO2eIQLQTR1XenRpanyUDNMAgj
Eyup2H40Mb69+mbKh1oYwinwBQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFMRLFwdj
vmH8jnUdNwwwrZE6wLgdMB8GA1UdIwQYMBaAFD4pzm9qfblLbQkTO3P+1S3e4S2r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjI4NS9GRDY0RjBCODM0
MEMxMUU5OTY2QzVBNzZDNEY5QUUwMi9QaW5PYjJwOXVVdHRDUk03Y183VkxkN2hM
YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Bpbk9iMnA5dVV0dENSTTdjXzdWTGQ3aExhcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0YyODUvRkQ2NEYwQjgzNDBDMTFFOTk2NkM1QTc2QzRGOUFFMDIvQTlGRDQ0NkNF
RjlEMTFFQkIxNDczMjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFnGIQDBAFn0QQwDwQCAAIwCQMHASQGvwAAADANBgkqhkiG
9w0BAQsFAAOCAQEApehn9/AUlIacUT30K1wPmGAkWI+rnVjFRplKwEJDYGVwl4o4
eFqzD7N4c4BSouKKzrQmcIKpzF4JVFvwXmRbEOEWAorJxopAVCEPSHszHrmqhHnb
pA+PKCOvCYZWMB4gmSykakHwP5klQfH1GwQT0YeV0hzRvrQelWTKX89ffF8lN6Ki
9GHWegI+Acopgfg6U3ouI+4/ETfRNZhrIMAtDClg6Fao+IRvB8KVlbP4uWZNmsLW
sD4dFB2X3BhTZr9Iwy0uvjKFXIjl5fia573HV68YW4Oz82ISsfdPGlk031q8wr0f
1G1ySGzIQpR/4kUtHNm5zEEzpDznyIVy6csOdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:27 2024 by rpki-client on console-ams.rpki-client.org