Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/3CE169F660BC11EF8C7CAA5CC4F9AE02.roa
File: 3CE169F660BC11EF8C7CAA5CC4F9AE02.roa (raw, json)
Hash identifier: igp0IwKUH/IY7O9saQWdGlPaCDH9GiKm8nQb317RRGI=
Subject key identifier: 3F:87:12:E9:57:66:A2:F9:8F:66:38:BF:E2:69:5F:37:E3:E4:76:64
Certificate issuer: /CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
Certificate serial: 2156
Authority key identifier: 01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/3CE169F660BC11EF8C7CAA5CC4F9AE02.roa
Signing time: Thu 22 Aug 2024 19:25:07 +0000
ROA not before: Thu 22 Aug 2024 19:25:07 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.111.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 05:51:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8534 (0x2156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
Validity
Not Before: Aug 22 19:25:07 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66c79092-3235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f2:64:cf:c5:74:c1:70:89:ef:d2:f1:60:d7:
d0:2d:c8:b8:4c:25:0d:38:f8:c9:51:42:d4:5c:76:
00:d9:0d:cc:08:75:c5:0c:1f:b4:93:5a:3c:d3:1b:
67:0b:8a:af:3d:c4:93:1e:9a:68:4e:52:1b:b2:db:
bc:11:cf:32:64:02:25:e7:a9:d5:90:b1:ba:e2:8b:
b1:f2:d7:cd:af:7f:66:ff:16:26:e6:e9:12:67:10:
df:bf:0f:8a:27:c9:f6:bc:1b:19:2d:ca:79:b1:70:
58:07:6a:be:2f:d0:6d:61:ed:94:54:c8:bb:6c:1f:
85:08:88:b8:55:f2:54:4e:31:b2:19:ea:40:8e:ec:
17:76:94:03:82:37:ac:24:ca:5e:7a:e3:80:15:37:
10:26:39:72:5a:4b:9c:44:dd:8c:49:93:19:ae:62:
0d:aa:b8:0a:f2:e7:20:42:fd:64:08:aa:5e:58:30:
1c:6a:f0:6b:35:ba:e3:38:bb:5d:3e:c8:79:92:29:
55:33:ee:69:4c:78:fe:2f:cd:f6:b6:4d:8d:35:44:
52:d0:3b:a3:3d:a8:21:0e:56:a7:9f:aa:82:30:aa:
70:7d:9d:73:f8:56:24:7f:38:7b:67:39:cf:71:0e:
94:68:4c:ac:98:4b:3e:85:5d:b6:09:a3:7b:8e:38:
74:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:87:12:E9:57:66:A2:F9:8F:66:38:BF:E2:69:5F:37:E3:E4:76:64
X509v3 Authority Key Identifier:
keyid:01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/3CE169F660BC11EF8C7CAA5CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.89.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:25:3f:07:5b:ac:e1:2e:36:ee:e1:50:95:fe:5a:a8:0b:fd:
05:95:9b:10:d1:46:55:ed:8d:ee:2e:b0:13:59:af:cb:b3:9b:
f2:64:53:df:3a:11:9c:1e:0b:d7:b3:39:26:c7:1f:f7:b2:93:
c1:cf:4a:eb:eb:c4:74:bf:5d:2d:5f:4f:09:73:96:0f:3f:f8:
f9:d3:3a:a1:a0:96:52:49:81:a3:bd:25:c7:aa:f0:34:bc:c0:
b9:81:eb:fb:1d:ef:b1:77:22:3b:7c:f8:10:56:b8:fb:fa:84:
0b:07:01:52:5d:a5:07:2d:40:07:2c:bc:62:15:76:72:58:d7:
2e:b8:cd:2b:19:bf:29:e5:94:83:aa:7c:67:aa:94:94:a0:9b:
7c:aa:6b:1c:2e:3c:13:f8:f5:cc:03:e8:91:68:86:a9:fa:87:
30:26:37:31:8f:3e:40:a0:3d:46:1c:c0:1e:26:2d:40:f6:db:
96:3a:bd:d3:0f:b7:51:57:27:f1:fc:3c:ad:99:b9:b3:fc:be:
c1:bc:7a:80:92:d4:eb:52:f5:cd:4b:4d:d5:3c:be:0c:e0:26:
30:72:8d:80:0a:67:79:6a:8e:cc:95:f0:dc:aa:c8:82:d7:72:
41:1a:4e:8e:b6:06:2d:3f:d1:75:c9:65:d0:a1:46:a6:99:11:
25:06:54:2e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICIVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ4NDUxMTAvBgNVBAUTKDAxQTQxMkVGNDE2Qzg4NEY2RjYzN0YxQkRBODAwRUI2
RUY2N0I2RDYwHhcNMjQwODIyMTkyNTA3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM3OTA5Mi0zMjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2/Jkz8V0wXCJ79LxYNfQLci4TCUNOPjJUULUXHYA2Q3MCHXFDB+0k1o80xtn
C4qvPcSTHppoTlIbstu8Ec8yZAIl56nVkLG64oux8tfNr39m/xYm5ukSZxDfvw+K
J8n2vBsZLcp5sXBYB2q+L9BtYe2UVMi7bB+FCIi4VfJUTjGyGepAjuwXdpQDgjes
JMpeeuOAFTcQJjlyWkucRN2MSZMZrmINqrgK8ucgQv1kCKpeWDAcavBrNbrjOLtd
Psh5kilVM+5pTHj+L832tk2NNURS0DujPaghDlann6qCMKpwfZ1z+FYkfzh7ZznP
cQ6UaEysmEs+hV22CaN7jjh0zQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD+HEulX
ZqL5j2Y4v+JpXzfj5HZkMB8GA1UdIwQYMBaAFAGkEu9BbIhPb2N/G9qADrbvZ7bW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDg0NS80MDAxNTNCNkQy
RUIxMUU1QjREMTVBNEVDNEY5QUUwMi9BYVFTNzBGc2lFOXZZMzhiMm9BT3R1OW50
dFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FhUVM3MEZzaUU5dlkzOGIyb0FPdHU5bnR0WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ4NDUvNDAwMTUzQjZEMkVCMTFFNUI0RDE1QTRFQzRGOUFFMDIvM0NFMTY5RjY2
MEJDMTFFRjhDN0NBQTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnb1kwDQYJKoZIhvcNAQELBQADggEBAD8lPwdbrOEuNu7h
UJX+WqgL/QWVmxDRRlXtje4usBNZr8uzm/JkU986EZweC9ezOSbHH/eyk8HPSuvr
xHS/XS1fTwlzlg8/+PnTOqGgllJJgaO9Jceq8DS8wLmB6/sd77F3Ijt8+BBWuPv6
hAsHAVJdpQctQAcsvGIVdnJY1y64zSsZvynllIOqfGeqlJSgm3yqaxwuPBP49cwD
6JFohqn6hzAmNzGPPkCgPUYcwB4mLUD225Y6vdMPt1FXJ/H8PK2ZubP8vsG8eoCS
1OtS9c1LTdU8vgzgJjByjYAKZ3lqjsyV8NyqyILXckEaTo62Bi0/0XXJZdChRqaZ
ESUGVC4=
-----END CERTIFICATE-----
Generated at Tue Sep 3 08:22:49 2024 by rpki-client on console-ams.rpki-client.org