Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/29E1D8AAE82511EE9E51342EC4F9AE02.roa
File: 29E1D8AAE82511EE9E51342EC4F9AE02.roa (raw, json)
Hash identifier: V8csm2Ikjq+/lOdjXY5y7sLhjKHzTZep/E3tm4lTIOs=
Subject key identifier: 71:5C:B5:9E:43:58:D8:1B:2A:BD:FA:67:C6:06:8F:F7:D8:D2:C0:EB
Certificate issuer: /CN=A91E96BC/serialNumber=ED11EB4C34804199EA77500EDDBBEEE10B7549AB
Certificate serial: 23
Authority key identifier: ED:11:EB:4C:34:80:41:99:EA:77:50:0E:DD:BB:EE:E1:0B:75:49:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/29E1D8AAE82511EE9E51342EC4F9AE02.roa
Signing time: Thu 11 Apr 2024 07:36:59 +0000
ROA not before: Thu 11 Apr 2024 07:36:59 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 141883
IP address blocks: 103.143.14.0/23 maxlen: 23
103.143.14.0/24 maxlen: 24
103.143.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 02:23:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35 (0x23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E96BC/serialNumber=ED11EB4C34804199EA77500EDDBBEEE10B7549AB
Validity
Not Before: Apr 11 07:36:59 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6617931b-7fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:df:ae:3d:09:76:b5:0e:58:cf:de:01:ad:9e:
27:9b:e4:9e:0b:6d:38:1c:60:f2:e1:6a:1a:13:22:
a2:c0:83:b1:51:2a:0a:38:4b:09:44:7d:30:71:94:
de:c1:fb:45:e0:b0:8f:f4:6b:f1:89:08:f7:b7:4e:
b7:ee:59:b2:27:63:40:51:36:83:2c:ac:75:ea:2d:
28:f6:04:3f:ea:b5:6c:b9:a2:46:84:09:80:c7:03:
28:48:05:f3:73:e7:38:9f:be:f7:90:2b:c4:5d:9f:
17:aa:24:29:02:a6:0b:d3:ad:4c:76:43:6a:55:65:
97:e7:c8:e6:ae:f2:3c:4e:50:ca:3d:9c:29:4e:25:
1b:78:72:79:40:18:6b:fd:cd:4b:70:78:2f:13:73:
83:9e:cf:ea:6b:f9:ce:a1:f6:42:fd:d6:90:a9:f1:
fc:62:91:24:7e:6b:f3:1e:fa:93:73:cf:62:7a:64:
5d:1b:90:48:10:b1:0e:33:38:82:ce:fd:04:f2:ad:
af:1e:f5:a3:a4:29:41:12:70:a0:67:32:75:8a:f2:
22:8c:7d:0d:0d:1c:ff:6d:67:56:6a:96:f9:06:d2:
42:cd:45:d9:79:e0:3a:ce:43:8e:61:0b:5d:c7:aa:
da:d8:36:ac:6f:28:f7:c2:c1:0d:f9:8f:22:d2:72:
57:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:5C:B5:9E:43:58:D8:1B:2A:BD:FA:67:C6:06:8F:F7:D8:D2:C0:EB
X509v3 Authority Key Identifier:
keyid:ED:11:EB:4C:34:80:41:99:EA:77:50:0E:DD:BB:EE:E1:0B:75:49:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/29E1D8AAE82511EE9E51342EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.143.14.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:94:1b:79:b6:47:17:9d:f5:74:cd:fe:07:7e:21:7e:e3:34:
ca:6d:e4:87:19:29:e8:37:06:ca:da:a4:39:d0:71:7e:61:e1:
d1:3d:dd:cc:80:48:7c:7e:4d:47:2a:84:9d:18:90:f8:12:73:
7a:a2:fa:1b:32:5c:d4:b8:42:43:2f:cf:c7:39:44:0f:e7:a0:
ec:ab:95:d4:c4:68:2f:d7:2d:0e:eb:06:c1:ec:75:68:b9:8c:
38:62:96:04:15:b9:44:c4:83:fa:85:5a:a5:15:a2:08:98:0b:
76:9a:d3:40:d2:1f:a5:d9:ce:65:70:67:a9:c4:5b:40:f1:b8:
1c:59:48:73:0d:d1:2d:0b:71:4e:ab:40:14:67:b9:69:ca:41:
bf:9f:0a:6b:7c:79:61:3c:90:ec:a9:06:a6:a5:ab:be:06:13:
6d:c7:cd:e4:93:4d:c2:d5:f8:ff:66:03:6a:bd:48:0e:a5:f5:
69:0b:0c:dd:9c:cf:1f:52:61:cb:89:b7:d1:03:a7:f6:26:b7:
75:bf:9f:f7:d1:40:25:63:7a:d4:e8:24:b6:4a:c9:1f:57:80:
e7:4b:e4:d6:f2:86:2d:f2:95:70:5d:7c:cb:72:30:64:bb:2e:
75:1e:8e:36:66:7c:e4:61:17:dd:5e:90:9a:e4:70:87:f5:81:
61:13:6c:00
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
OTZCQzExMC8GA1UEBRMoRUQxMUVCNEMzNDgwNDE5OUVBNzc1MDBFRERCQkVFRTEw
Qjc1NDlBQjAeFw0yNDA0MTEwNzM2NTlaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTc5MzFiLTdmYTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCu3649CXa1DljP3gGtnieb5J4LbTgcYPLhahoTIqLAg7FRKgo4SwlEfTBxlN7B
+0XgsI/0a/GJCPe3TrfuWbInY0BRNoMsrHXqLSj2BD/qtWy5okaECYDHAyhIBfNz
5zifvveQK8RdnxeqJCkCpgvTrUx2Q2pVZZfnyOau8jxOUMo9nClOJRt4cnlAGGv9
zUtweC8Tc4Oez+pr+c6h9kL91pCp8fxikSR+a/Me+pNzz2J6ZF0bkEgQsQ4zOILO
/QTyra8e9aOkKUEScKBnMnWK8iKMfQ0NHP9tZ1ZqlvkG0kLNRdl54DrOQ45hC13H
qtrYNqxvKPfCwQ35jyLSclc5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUcVy1nkNY
2BsqvfpnxgaP99jSwOswHwYDVR0jBBgwFoAU7RHrTDSAQZnqd1AO3bvu4Qt1Sasw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU5NkJDLzY2ODdFRjIyRDE0
RDExRUU5REI0MTgwRkM0RjlBRTAyLzdSSHJURFNBUVpucWQxQU8zYnZ1NFF0MVNh
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvN1JIclREU0FRWm5xZDFBTzNidnU0UXQxU2FzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OTZCQy82Njg3RUYyMkQxNEQxMUVFOURCNDE4MEZDNEY5QUUwMi8yOUUxRDhBQUU4
MjUxMUVFOUU1MTM0MkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWePDjANBgkqhkiG9w0BAQsFAAOCAQEAC5QbebZHF531dM3+
B34hfuM0ym3khxkp6DcGytqkOdBxfmHh0T3dzIBIfH5NRyqEnRiQ+BJzeqL6GzJc
1LhCQy/PxzlED+eg7KuV1MRoL9ctDusGwex1aLmMOGKWBBW5RMSD+oVapRWiCJgL
dprTQNIfpdnOZXBnqcRbQPG4HFlIcw3RLQtxTqtAFGe5acpBv58Ka3x5YTyQ7KkG
pqWrvgYTbcfN5JNNwtX4/2YDar1IDqX1aQsM3ZzPH1Jhy4m30QOn9ia3db+f99FA
JWN61OgktkrJH1eA50vk1vKGLfKVcF18y3IwZLsudR6ONmZ85GEX3V6QmuRwh/WB
YRNsAA==
-----END CERTIFICATE-----
Generated at Fri Nov 1 05:14:14 2024 by rpki-client on console-fra.rpki-client.org