Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/773923C097F211E993B5EA82C4F9AE02.roa
File: 773923C097F211E993B5EA82C4F9AE02.roa (raw, json)
Hash identifier: aM1AdGGZUfIbkbzPUtfFFHVeChFZ82zXEjvo16Q+RD0=
Subject key identifier: 3D:24:F4:55:0A:7A:1C:9B:F7:8D:AE:0C:B9:4B:63:23:81:40:E1:42
Certificate issuer: /CN=A91E4668/serialNumber=3D0556D193BC92A21EA747F958C697A97EC5D5D6
Certificate serial: 0D14
Authority key identifier: 3D:05:56:D1:93:BC:92:A2:1E:A7:47:F9:58:C6:97:A9:7E:C5:D5:D6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PQVW0ZO8kqIep0f5WMaXqX7F1dY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/773923C097F211E993B5EA82C4F9AE02.roa
Signing time: Tue 18 Jul 2023 18:15:51 +0000
ROA not before: Tue 18 Jul 2023 18:15:51 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 136617
IP address blocks: 103.94.68.0/22 maxlen: 22
103.94.68.0/24 maxlen: 24
103.94.69.0/24 maxlen: 24
103.94.70.0/24 maxlen: 24
103.94.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 May 2024 07:06:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3348 (0xd14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4668/serialNumber=3D0556D193BC92A21EA747F958C697A97EC5D5D6
Validity
Not Before: Jul 18 18:15:51 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64b6d6d7-f44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8e:93:f5:e5:5e:ea:7a:b4:06:78:c9:37:e6:
86:2b:2e:5d:0a:fd:d0:7d:3e:21:91:8c:5e:09:54:
43:ba:9a:ff:b7:0b:a5:30:90:b6:ae:c5:7a:9a:1f:
3e:cd:be:2d:49:79:b5:d8:08:fc:68:a7:32:7c:9f:
6d:a0:c3:3a:ec:9d:05:92:a4:11:e9:91:e2:39:70:
eb:59:f5:67:54:f1:3d:6a:d6:3c:df:0b:33:76:4f:
09:ac:17:cb:ae:00:12:e0:0b:28:7e:2e:13:20:99:
9a:0a:3c:d5:5b:a6:8a:68:ac:ba:86:7d:0d:c3:28:
54:b2:44:ca:a4:f8:a3:07:99:9c:35:98:a3:1c:24:
5a:35:42:b0:ea:29:41:7f:ca:d7:1e:0a:80:fd:5e:
59:8f:5f:5e:f3:dd:9d:9f:b0:b5:c1:e0:8d:d8:9a:
c7:e0:4c:0e:d6:b3:86:2c:6d:2d:e8:d5:b9:88:08:
fa:98:38:17:1f:dd:33:ef:06:57:ad:47:34:1b:be:
c7:05:bb:f8:af:fe:11:b3:8e:90:37:2a:a1:ae:02:
6f:56:5a:ed:94:61:54:99:5b:18:ec:e9:08:1a:a8:
90:ce:7a:fb:9d:03:35:2b:50:bd:5a:73:d6:34:14:
4d:9e:41:50:30:b6:a3:3a:e2:a4:1d:9c:bf:71:4c:
2c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:24:F4:55:0A:7A:1C:9B:F7:8D:AE:0C:B9:4B:63:23:81:40:E1:42
X509v3 Authority Key Identifier:
keyid:3D:05:56:D1:93:BC:92:A2:1E:A7:47:F9:58:C6:97:A9:7E:C5:D5:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/PQVW0ZO8kqIep0f5WMaXqX7F1dY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PQVW0ZO8kqIep0f5WMaXqX7F1dY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/773923C097F211E993B5EA82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.94.68.0/22
Signature Algorithm: sha256WithRSAEncryption
20:e4:14:fe:a2:cb:8d:c0:6a:d8:8b:0c:29:bb:76:d7:66:2b:
77:c1:c2:b0:70:66:8a:11:2d:b6:99:6c:92:f8:3e:20:e9:4e:
b0:5c:0e:77:b4:65:6c:36:d1:47:2e:84:6d:52:a9:cd:20:f6:
c4:fb:9b:89:7b:05:69:3d:24:a9:b4:29:78:31:36:b3:6f:47:
1d:b4:f2:bf:11:b7:4b:b6:ef:8f:4c:e5:fa:92:0a:88:61:b7:
56:01:7c:cd:31:54:77:e0:d0:b9:ba:38:0d:9a:b3:47:d0:66:
f8:60:69:b3:87:7e:98:61:c0:44:fb:24:88:af:dd:d8:46:fb:
b0:4e:24:d1:a0:7e:b4:8a:3e:d7:fa:7f:26:71:75:04:ed:b3:
d0:51:4b:f9:cd:73:93:ff:20:31:9f:0a:a3:56:32:c4:6e:65:
70:25:50:5c:20:e5:bf:4e:03:8a:74:a3:d9:e4:9e:6f:31:37:
ac:27:27:7a:e9:e4:04:81:bd:ce:27:72:96:5d:7a:3c:b9:22:
73:1c:cb:3a:85:99:85:0d:2b:cd:34:e3:94:f5:7a:3c:cf:54:
bd:fd:2b:6f:de:2b:51:d6:a1:c7:99:96:a1:a9:5a:84:62:43:
30:a5:64:1b:0f:da:c1:c1:11:2b:3f:c9:68:44:4d:80:17:66:
fc:a1:5c:79
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDRQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ2NjgxMTAvBgNVBAUTKDNEMDU1NkQxOTNCQzkyQTIxRUE3NDdGOTU4QzY5N0E5
N0VDNUQ1RDYwHhcNMjMwNzE4MTgxNTUxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGI2ZDZkNy1mNDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzo6T9eVe6nq0BnjJN+aGKy5dCv3QfT4hkYxeCVRDupr/twulMJC2rsV6mh8+
zb4tSXm12Aj8aKcyfJ9toMM67J0FkqQR6ZHiOXDrWfVnVPE9atY83wszdk8JrBfL
rgAS4Asofi4TIJmaCjzVW6aKaKy6hn0NwyhUskTKpPijB5mcNZijHCRaNUKw6ilB
f8rXHgqA/V5Zj19e892dn7C1weCN2JrH4EwO1rOGLG0t6NW5iAj6mDgXH90z7wZX
rUc0G77HBbv4r/4Rs46QNyqhrgJvVlrtlGFUmVsY7OkIGqiQznr7nQM1K1C9WnPW
NBRNnkFQMLajOuKkHZy/cUwsqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD0k9FUK
ehyb942uDLlLYyOBQOFCMB8GA1UdIwQYMBaAFD0FVtGTvJKiHqdH+VjGl6l+xdXW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDY2OC83QzkwMDlBQzk3
RjExMUU5QTJFNTE5ODFDNEY5QUUwMi9QUVZXMFpPOGtxSWVwMGY1V01hWHFYN0Yx
ZFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BRVlcwWk84a3FJZXAwZjVXTWFYcVg3RjFkWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ2NjgvN0M5MDA5QUM5N0YxMTFFOUEyRTUxOTgxQzRGOUFFMDIvNzczOTIzQzA5
N0YyMTFFOTkzQjVFQTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnXkQwDQYJKoZIhvcNAQELBQADggEBACDkFP6iy43AatiL
DCm7dtdmK3fBwrBwZooRLbaZbJL4PiDpTrBcDne0ZWw20UcuhG1Sqc0g9sT7m4l7
BWk9JKm0KXgxNrNvRx208r8Rt0u2749M5fqSCohht1YBfM0xVHfg0Lm6OA2as0fQ
ZvhgabOHfphhwET7JIiv3dhG+7BOJNGgfrSKPtf6fyZxdQTts9BRS/nNc5P/IDGf
CqNWMsRuZXAlUFwg5b9OA4p0o9nknm8xN6wnJ3rp5ASBvc4ncpZdejy5InMcyzqF
mYUNK80045T1ejzPVL39K2/eK1HWoceZlqGpWoRiQzClZBsP2sHBESs/yWhETYAX
ZvyhXHk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org