Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/B3D7216869B811EFAF5EF659C4F9AE02.roa
File: B3D7216869B811EFAF5EF659C4F9AE02.roa (raw, json)
Hash identifier: 3CLZdnbVjhsWXlZ8nnXvBSFXXEnTQcsZEmI2FcvWOE0=
Subject key identifier: C0:96:C3:38:A7:28:09:19:7D:2D:A1:BC:EA:1F:F2:C4:76:CE:C7:69
Certificate issuer: /CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
Certificate serial: 215F
Authority key identifier: 01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/B3D7216869B811EFAF5EF659C4F9AE02.roa
Signing time: Tue 03 Sep 2024 05:52:28 +0000
ROA not before: Tue 03 Sep 2024 05:52:28 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 10103
IP address blocks: 103.111.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 15:11:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8543 (0x215f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
Validity
Not Before: Sep 3 05:52:28 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66d6a41c-fb44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ce:14:3b:08:43:da:c5:be:0d:06:1c:03:85:
14:09:7e:8a:c6:fb:54:84:8d:a2:2d:64:68:a1:f6:
6e:f5:47:9b:17:cf:59:eb:f4:bd:b3:ce:57:48:f0:
2d:27:44:e0:71:2f:9d:67:d3:cf:8b:d7:b1:c8:7e:
40:bb:18:21:f6:3a:f0:5b:3f:b0:4c:1d:a9:3e:2d:
fd:6c:3b:f1:a9:8c:0a:26:23:3d:ba:f6:07:63:36:
05:68:76:76:9a:63:fb:e2:85:88:d8:86:7a:b1:a9:
3e:d8:94:14:57:56:2e:28:4c:84:70:9b:86:e0:f1:
6f:d0:a4:59:36:7b:6c:ae:f7:68:ab:14:3b:90:37:
2c:13:d5:bd:8c:21:64:9a:25:de:0a:81:7f:68:ff:
c5:bc:a5:cc:23:cc:90:a5:36:14:0d:63:b8:80:b0:
4a:08:f3:f0:fc:6b:98:08:5f:20:80:f8:21:37:11:
67:1f:e2:9f:38:be:39:83:a1:46:2a:bd:3e:08:40:
fd:f6:d2:c5:cd:1f:8b:38:d0:a7:a3:8d:53:18:ae:
73:f8:2c:c9:33:65:35:02:22:29:16:e7:f5:81:b5:
8e:1d:19:9e:a4:93:50:a9:90:9a:a3:95:86:3b:81:
d6:c8:cf:a4:01:37:a2:0e:10:9d:99:1b:50:11:dc:
2f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:96:C3:38:A7:28:09:19:7D:2D:A1:BC:EA:1F:F2:C4:76:CE:C7:69
X509v3 Authority Key Identifier:
keyid:01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/B3D7216869B811EFAF5EF659C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.89.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:bd:87:75:65:0a:7f:bf:5f:e8:3d:60:5b:48:29:31:37:cf:
d9:9d:20:10:e4:0c:9e:65:9f:b9:c6:2f:79:10:83:c9:83:7e:
bd:33:d5:f9:42:11:c9:6b:5f:39:a3:c1:82:4d:4c:7a:2e:96:
5d:9a:f2:9f:0d:04:6d:dc:63:bf:fc:b5:d8:5a:27:88:df:43:
62:1b:59:cf:12:4c:6c:7f:44:a6:57:ad:ad:8a:46:36:00:18:
ef:62:da:d6:5d:58:de:9c:d1:14:8c:d8:5a:79:93:41:fb:a7:
8c:3b:27:50:be:0d:0a:69:b7:8a:2f:d3:bc:fb:0a:01:c8:7f:
99:6b:cb:5f:f8:55:2d:9a:84:16:6e:72:73:f7:23:b1:1b:5d:
69:c7:0a:69:f6:7d:59:31:4c:a1:ae:a8:ce:76:92:2e:34:68:
5e:a9:b7:27:9a:2e:17:9c:52:5f:89:9d:5e:8d:a2:70:5a:96:
c3:75:d9:55:6f:4d:34:7d:0e:a8:f3:36:98:e4:6d:f8:1a:b2:
e7:2a:ab:99:13:8f:fb:80:a0:9d:68:ca:2d:1a:e6:68:43:89:
e9:38:aa:c0:10:0c:c8:51:1a:17:83:a5:5f:4d:e0:73:65:02:
71:c9:ca:56:d5:f7:a9:5d:01:d9:37:aa:dc:1f:2a:96:0c:b5:
ee:fa:43:dc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICIV8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ4NDUxMTAvBgNVBAUTKDAxQTQxMkVGNDE2Qzg4NEY2RjYzN0YxQkRBODAwRUI2
RUY2N0I2RDYwHhcNMjQwOTAzMDU1MjI4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2YTQxYy1mYjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo84UOwhD2sW+DQYcA4UUCX6KxvtUhI2iLWRoofZu9UebF89Z6/S9s85XSPAt
J0TgcS+dZ9PPi9exyH5Auxgh9jrwWz+wTB2pPi39bDvxqYwKJiM9uvYHYzYFaHZ2
mmP74oWI2IZ6sak+2JQUV1YuKEyEcJuG4PFv0KRZNntsrvdoqxQ7kDcsE9W9jCFk
miXeCoF/aP/FvKXMI8yQpTYUDWO4gLBKCPPw/GuYCF8ggPghNxFnH+KfOL45g6FG
Kr0+CED99tLFzR+LONCno41TGK5z+CzJM2U1AiIpFuf1gbWOHRmepJNQqZCao5WG
O4HWyM+kATeiDhCdmRtQEdwvBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMCWwzin
KAkZfS2hvOof8sR2zsdpMB8GA1UdIwQYMBaAFAGkEu9BbIhPb2N/G9qADrbvZ7bW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDg0NS80MDAxNTNCNkQy
RUIxMUU1QjREMTVBNEVDNEY5QUUwMi9BYVFTNzBGc2lFOXZZMzhiMm9BT3R1OW50
dFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FhUVM3MEZzaUU5dlkzOGIyb0FPdHU5bnR0WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ4NDUvNDAwMTUzQjZEMkVCMTFFNUI0RDE1QTRFQzRGOUFFMDIvQjNENzIxNjg2
OUI4MTFFRkFGNUVGNjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnb1kwDQYJKoZIhvcNAQELBQADggEBAEy9h3VlCn+/X+g9
YFtIKTE3z9mdIBDkDJ5ln7nGL3kQg8mDfr0z1flCEclrXzmjwYJNTHoull2a8p8N
BG3cY7/8tdhaJ4jfQ2IbWc8STGx/RKZXra2KRjYAGO9i2tZdWN6c0RSM2Fp5k0H7
p4w7J1C+DQppt4ov07z7CgHIf5lry1/4VS2ahBZucnP3I7EbXWnHCmn2fVkxTKGu
qM52ki40aF6ptyeaLhecUl+JnV6NonBalsN12VVvTTR9DqjzNpjkbfgasucqq5kT
j/uAoJ1oyi0a5mhDiek4qsAQDMhRGheDpV9N4HNlAnHJylbV96ldAdk3qtwfKpYM
te76Q9w=
-----END CERTIFICATE-----
Generated at Wed Sep 18 19:10:59 2024 by rpki-client on console-fra.rpki-client.org