Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C33/54265F34668711EEB93D3F6CC4F9AE02/AF149BC0351E11EF9C79DE5CC4F9AE02.roa
File: AF149BC0351E11EF9C79DE5CC4F9AE02.roa (raw, json)
Hash identifier: wAR3ycP8F0QScp55fjIXdshZbljf0gBcK1hgEl/MmKM=
Subject key identifier: 33:72:45:6B:64:6C:43:F9:F2:1E:19:48:9C:A5:B6:CC:E5:C3:58:F4
Certificate issuer: /CN=A91E0C33/serialNumber=80BE930E30649B12ACEE8DC40B575AB7DDE64945
Certificate serial: 97
Authority key identifier: 80:BE:93:0E:30:64:9B:12:AC:EE:8D:C4:0B:57:5A:B7:DD:E6:49:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gL6TDjBkmxKs7o3EC1dat93mSUU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C33/54265F34668711EEB93D3F6CC4F9AE02/AF149BC0351E11EF9C79DE5CC4F9AE02.roa
Signing time: Fri 28 Jun 2024 07:18:57 +0000
ROA not before: Fri 28 Jun 2024 07:18:57 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 24499
IP address blocks: 103.249.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 11:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151 (0x97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E0C33/serialNumber=80BE930E30649B12ACEE8DC40B575AB7DDE64945
Validity
Not Before: Jun 28 07:18:57 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=667e63e1-bf67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b1:0f:49:dd:04:73:c2:1a:c8:8d:2f:5b:d0:
69:7c:44:d0:86:f6:db:ab:47:55:23:8b:ea:d8:f1:
a4:13:94:2c:76:b6:b0:bb:d9:f7:a1:73:d7:de:5a:
d8:89:5b:fd:36:4a:6a:a9:01:48:1a:00:9b:32:7b:
75:0f:a6:15:cd:6d:d8:fd:33:26:9b:3e:a2:e3:dd:
fc:b7:60:c1:8e:24:c7:17:a6:3d:67:c4:a0:04:8f:
31:ee:39:76:5d:d2:78:d0:29:93:b6:ad:ed:25:6c:
13:22:b9:c4:ea:01:77:1c:8d:f9:e0:f6:16:95:10:
c5:22:91:1e:c2:3d:7f:21:83:6d:c0:8d:fe:f0:6e:
68:82:5c:b4:20:0b:7f:f5:fc:04:2b:44:7f:3d:0b:
30:dc:52:eb:50:1c:11:cb:90:f7:c7:7a:df:1c:d2:
55:60:19:37:7e:c3:76:88:fc:cf:9c:27:3f:fe:d9:
de:57:6a:90:e5:38:f6:19:aa:33:0a:81:2a:f7:04:
04:1f:5f:f2:a3:7d:e4:34:2f:b8:57:5d:e7:56:e6:
dd:7a:12:25:14:5e:30:0e:e6:d8:68:a5:df:e1:8d:
c5:9e:6d:3e:e5:40:c1:be:74:4d:de:aa:bb:6b:4d:
6c:02:87:75:f7:20:fd:4e:25:c6:fe:dd:06:aa:6a:
d6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:72:45:6B:64:6C:43:F9:F2:1E:19:48:9C:A5:B6:CC:E5:C3:58:F4
X509v3 Authority Key Identifier:
keyid:80:BE:93:0E:30:64:9B:12:AC:EE:8D:C4:0B:57:5A:B7:DD:E6:49:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E0C33/54265F34668711EEB93D3F6CC4F9AE02/gL6TDjBkmxKs7o3EC1dat93mSUU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gL6TDjBkmxKs7o3EC1dat93mSUU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C33/54265F34668711EEB93D3F6CC4F9AE02/AF149BC0351E11EF9C79DE5CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.249.114.0/24
Signature Algorithm: sha256WithRSAEncryption
44:ad:88:6a:1b:56:f5:21:0a:f9:98:5b:35:52:f1:2d:ab:dd:
25:81:14:66:51:45:60:a0:18:b8:07:d6:13:30:ed:23:fa:e3:
23:2c:a4:3a:af:82:ad:70:88:59:e4:6a:af:2e:f2:fb:66:0c:
00:91:01:6d:ae:53:12:dd:d2:f1:7a:b1:8a:f7:9a:d5:43:47:
9e:49:e0:3e:3b:4d:f5:10:f4:52:17:f5:ef:e2:13:6f:14:6f:
81:3c:50:a3:8f:ab:fd:0e:3f:69:22:f9:97:39:80:aa:26:17:
9d:fc:51:60:a7:c6:7a:73:1d:b3:91:d5:10:67:ad:01:21:63:
6e:cc:b3:1d:8e:f5:03:c9:57:fa:4e:80:5e:eb:10:7d:8d:7c:
3b:68:2b:9c:98:8e:5c:2d:7a:bf:64:9a:b3:7f:6e:0a:28:37:
51:7d:ca:8c:ce:af:75:d1:69:2f:ac:e5:4c:6b:34:25:f5:40:
aa:ca:cc:1c:1d:6a:c5:3c:c4:da:63:37:52:a5:53:49:2c:17:
95:a0:81:14:ad:04:8d:4a:c0:61:29:11:2e:2b:d9:10:b3:47:
fb:55:b0:aa:ab:e7:3d:96:21:61:33:19:f2:a8:db:d1:23:95:
56:b5:1b:8b:c1:02:1f:e3:75:5f:4a:a8:d9:3b:ef:65:b8:60:
9b:16:94:94
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTBDMzMxMTAvBgNVBAUTKDgwQkU5MzBFMzA2NDlCMTJBQ0VFOERDNDBCNTc1QUI3
RERFNjQ5NDUwHhcNMjQwNjI4MDcxODU3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdlNjNlMS1iZjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArrEPSd0Ec8IayI0vW9BpfETQhvbbq0dVI4vq2PGkE5Qsdrawu9n3oXPX3lrY
iVv9NkpqqQFIGgCbMnt1D6YVzW3Y/TMmmz6i4938t2DBjiTHF6Y9Z8SgBI8x7jl2
XdJ40CmTtq3tJWwTIrnE6gF3HI354PYWlRDFIpEewj1/IYNtwI3+8G5ogly0IAt/
9fwEK0R/PQsw3FLrUBwRy5D3x3rfHNJVYBk3fsN2iPzPnCc//tneV2qQ5Tj2Gaoz
CoEq9wQEH1/yo33kNC+4V13nVubdehIlFF4wDubYaKXf4Y3Fnm0+5UDBvnRN3qq7
a01sAod19yD9TiXG/t0GqmrWnwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDNyRWtk
bEP58h4ZSJyltszlw1j0MB8GA1UdIwQYMBaAFIC+kw4wZJsSrO6NxAtXWrfd5klF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEMzMy81NDI2NUYzNDY2
ODcxMUVFQjkzRDNGNkNDNEY5QUUwMi9nTDZURGpCa214S3M3bzNFQzFkYXQ5M21T
VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dMNlREakJrbXhLczdvM0VDMWRhdDkzbVNVVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTBDMzMvNTQyNjVGMzQ2Njg3MTFFRUI5M0QzRjZDQzRGOUFFMDIvQUYxNDlCQzAz
NTFFMTFFRjlDNzlERTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn+XIwDQYJKoZIhvcNAQELBQADggEBAEStiGobVvUhCvmY
WzVS8S2r3SWBFGZRRWCgGLgH1hMw7SP64yMspDqvgq1wiFnkaq8u8vtmDACRAW2u
UxLd0vF6sYr3mtVDR55J4D47TfUQ9FIX9e/iE28Ub4E8UKOPq/0OP2ki+Zc5gKom
F538UWCnxnpzHbOR1RBnrQEhY27Msx2O9QPJV/pOgF7rEH2NfDtoK5yYjlwter9k
mrN/bgooN1F9yozOr3XRaS+s5UxrNCX1QKrKzBwdasU8xNpjN1KlU0ksF5WggRSt
BI1KwGEpES4r2RCzR/tVsKqr5z2WIWEzGfKo29EjlVa1G4vBAh/jdV9KqNk772W4
YJsWlJQ=
-----END CERTIFICATE-----
Generated at Tue Jul 30 13:39:24 2024 by rpki-client on console-fra.rpki-client.org